webcraftmedia/system
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ms/pg compatibility for api and security

Browse Source
This commit is contained in:
Ulf Gebhardt 2013-07-05 20:56:21 +02:00
parent 03a4c784f4
commit d72046c163
2 changed files with 30 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
api/Api.php
View File

@ -139,7 +139,11 @@ class Api {
private function getApiTree(){
$con = new \SYSTEM\DB\Connection($this->m_dbinfo);
$res = $con->query('SELECT * FROM '.(\SYSTEM\system::isSystemDbInfoPG() ? \SYSTEM\DBD\APITable::NAME_PG : \SYSTEM\DBD\APITable::NAME_MYS).' ORDER BY "'.\SYSTEM\DBD\APITable::FIELD_ID.'"');
if(\SYSTEM\system::isSystemDbInfoPG()){
$res = $con->query('SELECT * FROM '.\SYSTEM\DBD\APITable::NAME_PG.' ORDER BY "'.\SYSTEM\DBD\APITable::FIELD_ID.'"');
} else {
$res = $con->query('SELECT * FROM '.\SYSTEM\DBD\APITable::NAME_MYS.' ORDER BY '.\SYSTEM\DBD\APITable::FIELD_ID);
}
unset($con);
if(!$res){

36
security/Security.php
View File

@ -178,11 +178,19 @@ class Security {
return false;}
$con = new \SYSTEM\DB\Connection($dbinfo);
$res = $con->prepare( 'security_check',
'SELECT COUNT(*) as count FROM '.(\SYSTEM\system::isSystemDbInfoPG() ? \SYSTEM\DBD\UserRightsTable::NAME_PG : \SYSTEM\DBD\UserRightsTable::NAME_MYS).
' WHERE "'.\SYSTEM\DBD\UserRightsTable::FIELD_USERID.'" = $1'.
' AND "'.\SYSTEM\DBD\UserRightsTable::FIELD_RIGHTID.'" = $2;',
array($user->id, $rightid));
if(\SYSTEM\system::isSystemDbInfoPG()){
$res = $con->prepare( 'security_check',
'SELECT COUNT(*) as count FROM '.\SYSTEM\DBD\UserRightsTable::NAME_PG.
' WHERE "'.\SYSTEM\DBD\UserRightsTable::FIELD_USERID.'" = $1'.
' AND "'.\SYSTEM\DBD\UserRightsTable::FIELD_RIGHTID.'" = $2;',
array($user->id, $rightid));
} else {
$res = $con->prepare( 'security_check',
'SELECT COUNT(*) as count FROM '.\SYSTEM\DBD\UserRightsTable::NAME_MYS.
' WHERE '.\SYSTEM\DBD\UserRightsTable::FIELD_USERID.' = ?'.
' AND '.\SYSTEM\DBD\UserRightsTable::FIELD_RIGHTID.' = ?;',
array($user->id, $rightid));
}
if(!($res = $res->next())){
throw new \SYSTEM\LOG\ERROR("Cannot determine if you have the required rights!");}
@ -224,11 +232,17 @@ class Security {
throw new \SYSTEM\LOG\ERROR("You need to be logged in");}
$con = new \SYSTEM\DB\Connection($dbinfo);
$res = $con->prepare( 'updateUserLocaleStmt',
'UPDATE '.(\SYSTEM\system::isSystemDbInfoPG() ? \SYSTEM\DBD\UserTable::NAME_PG : \SYSTEM\DBD\UserTable::NAME_MYS).' SET '.\SYSTEM\DBD\UserTable::FIELD_LOCALE.' = $1 '.
'WHERE '.\SYSTEM\DBD\UserTable::FIELD_ID.' = $2'.' RETURNING '.\SYSTEM\DBD\UserTable::FIELD_LOCALE.';',
array($lang, $user->id));
if(!$res->next()){
throw new \SYSTEM\LOG\ERROR("Problem updating the User!");}
if(\SYSTEM\system::isSystemDbInfoPG()){
$res = $con->prepare( 'updateUserLocaleStmt',
'UPDATE '.\SYSTEM\DBD\UserTable::NAME_PG.' SET '.\SYSTEM\DBD\UserTable::FIELD_LOCALE.' = $1 '.
'WHERE '.\SYSTEM\DBD\UserTable::FIELD_ID.' = $2'.' RETURNING '.\SYSTEM\DBD\UserTable::FIELD_LOCALE.';',
array($lang, $user->id));
}else{
$res = $con->prepare( 'updateUserLocaleStmt',
'UPDATE '.\SYSTEM\DBD\UserTable::NAME_MYS.' SET '.\SYSTEM\DBD\UserTable::FIELD_LOCALE.' = ? '.
'WHERE '.\SYSTEM\DBD\UserTable::FIELD_ID.' = ?;',
array($lang, $user->id));
}
return true;
}
}