aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--php/admin/index.php13
-rw-r--r--php/admin/locations.php10
-rw-r--r--php/admin/login.php4
-rw-r--r--php/admin/logout.php4
-rw-r--r--php/admin/mirror-list.php25
-rw-r--r--php/admin/mstats.php3
-rw-r--r--php/admin/os.php10
-rw-r--r--php/admin/products.php10
-rw-r--r--php/admin/pstats.php3
-rw-r--r--php/admin/regions.php11
-rw-r--r--php/admin/users.php10
-rw-r--r--php/cfg/admin_init.php5
-rw-r--r--php/cfg/init.php4
-rw-r--r--php/inc/forms/location.php6
-rw-r--r--php/inc/forms/mirror.php3
-rw-r--r--php/index-list.php25
-rw-r--r--php/index.php43
-rw-r--r--php/lib/auth.php60
-rw-r--r--php/lib/csv.php4
-rw-r--r--php/lib/db.php249
-rw-r--r--php/lib/mirror.php205
-rw-r--r--php/rss/download-counts.php6
22 files changed, 293 insertions, 420 deletions
diff --git a/php/admin/index.php b/php/admin/index.php
index 8c3db5c..e8feaec 100644
--- a/php/admin/index.php
+++ b/php/admin/index.php
@@ -9,7 +9,7 @@ require_once('../cfg/init.php');
// add mirror
if (!empty($_POST['add-submit'])) {
- if (mirror_insert_mirror($_POST['mirror_name'],$_POST['region_id'],$_POST['mirror_baseurl'],$_POST['mirror_rating'])) {
+ if (Mirror::insert_mirror($_POST['mirror_name'],$_POST['region_id'],$_POST['mirror_baseurl'],$_POST['mirror_rating'])) {
set_msg('Mirror added successfully.');
header('Location: http://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/');
exit;
@@ -24,7 +24,7 @@ if (!empty($_POST['submit'])) {
switch($_POST['action']) {
case 'edit':
if (!empty($_POST['doit'])) {
- if (mirror_update_mirror($_POST['mirror_id'],$_POST['mirror_name'],$_POST['region_id'],$_POST['mirror_baseurl'],$_POST['mirror_rating'])) {
+ if (Mirror::update_mirror($_POST['mirror_id'],$_POST['mirror_name'],$_POST['region_id'],$_POST['mirror_baseurl'],$_POST['mirror_rating'])) {
set_msg('Mirror updated successfully.');
header('Location: http://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/');
exit;
@@ -36,7 +36,7 @@ if (!empty($_POST['submit'])) {
$nav = INC.'/admin_nav.php';
require_once(HEADER);
echo '<h2>Edit Mirror</h2>';
- $posts = mirror_get_one_mirror($_POST['mirror_id']);
+ $posts = Mirror::get_one_mirror($_POST['mirror_id']);
form_start();
include_once(INC.'/forms/mirror.php');
form_hidden('doit','1');
@@ -49,14 +49,14 @@ if (!empty($_POST['submit'])) {
}
break;
case 'delete':
- if (mirror_delete_mirror($_POST['mirror_id'])) {
+ if (Mirror::delete_mirror($_POST['mirror_id'])) {
set_msg('Mirror deleted successfully.');
} else {
set_error('Mirror could not be deleted.');
}
break;
case 'toggle':
- if (mirror_toggle($_POST['mirror_id'])) {
+ if (Mirror::toggle($_POST['mirror_id'])) {
set_msg('Mirror enabled/disabled.');
} else {
set_error('Mirror could not be enabled/disabled.');
@@ -75,7 +75,7 @@ echo '<h2>Mirrors</h2>';
show_error();
show_msg();
-$mirrors = mirror_get_mirrors();
+$mirrors = Mirror::get_mirrors();
$_GET['sort']=(!empty($_GET['sort']))?$_GET['sort']:'mirror_active';
$_GET['order']=(!empty($_GET['order']))?$_GET['order']:'ASC';
@@ -108,4 +108,3 @@ form_submit('add-submit','','button1','Add Mirror');
form_end();
require_once(FOOTER);
-?>
diff --git a/php/admin/locations.php b/php/admin/locations.php
index f1bb456..e868d1a 100644
--- a/php/admin/locations.php
+++ b/php/admin/locations.php
@@ -9,7 +9,7 @@ require_once('../cfg/init.php');
// add mirror
if (!empty($_POST['add-submit'])&&!empty($_POST['location_path'])) {
- if (mirror_insert_location($_POST['product_id'],$_POST['os_id'],$_POST['location_path'])) {
+ if (Mirror::insert_location($_POST['product_id'],$_POST['os_id'],$_POST['location_path'])) {
set_msg('Location added successfully.');
header('Location: http://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/locations.php');
exit;
@@ -24,7 +24,7 @@ if (!empty($_POST['submit'])) {
switch($_POST['action']) {
case 'edit':
if (!empty($_POST['doit'])) {
- if (mirror_update_location($_POST['location_id'],$_POST['product_id'],$_POST['os_id'],$_POST['location_path'])) {
+ if (Mirror::update_location($_POST['location_id'],$_POST['product_id'],$_POST['os_id'],$_POST['location_path'])) {
set_msg('Location updated successfully.');
header('Location: http://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/locations.php');
exit;
@@ -36,7 +36,7 @@ if (!empty($_POST['submit'])) {
$nav = INC.'/admin_nav.php';
require_once(HEADER);
echo '<h2>Edit Location</h2>';
- $posts = mirror_get_one_location($_POST['location_id']);
+ $posts = Mirror::get_one_location($_POST['location_id']);
form_start();
include_once(INC.'/forms/location.php');
form_hidden('doit','1');
@@ -49,7 +49,7 @@ if (!empty($_POST['submit'])) {
}
break;
case 'delete':
- if (mirror_delete_location($_POST['location_id'])) {
+ if (Mirror::delete_location($_POST['location_id'])) {
set_msg('Location deleted successfully.');
} else {
set_error('Location could not be deleted.');
@@ -68,7 +68,7 @@ echo '<h2>Locations</h2>';
show_error();
show_msg();
-$locations = mirror_get_locations();
+$locations = Mirror::get_locations();
$_GET['sort'] = (!empty($_GET['sort']))?$_GET['sort']:'product_name';
$_GET['order'] = (!empty($_GET['order']))?$_GET['order']:'ASC';
diff --git a/php/admin/login.php b/php/admin/login.php
index 5e9d4c3..455c556 100644
--- a/php/admin/login.php
+++ b/php/admin/login.php
@@ -9,8 +9,8 @@ require_once(LIB.'/auth.php');
// authenticate
if (!empty($_POST['submit'])) {
- if ($auth = auth_mysql($_POST['username'],$_POST['password'])) {
- auth_create_session($auth);
+ if ($auth = Auth::query($_POST['username'],$_POST['password'])) {
+ Auth::create_session($auth);
header('Location: http://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/');
exit;
} else {
diff --git a/php/admin/logout.php b/php/admin/logout.php
index d980d9d..f876efe 100644
--- a/php/admin/logout.php
+++ b/php/admin/logout.php
@@ -6,7 +6,5 @@
*/
require_once('../cfg/init.php');
require_once(LIB.'/auth.php');
-auth_logout();
+Auth::logout();
header('Location: http://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/login.php');
-exit;
-?>
diff --git a/php/admin/mirror-list.php b/php/admin/mirror-list.php
index c161efd..e0876d4 100644
--- a/php/admin/mirror-list.php
+++ b/php/admin/mirror-list.php
@@ -9,20 +9,20 @@ require_once('../cfg/init.php');
if (!empty($_GET['os'])&&!empty($_GET['product'])) {
// clean in os and product strings
- $os_name = mysql_real_escape_string(trim(strtolower($_GET['os'])));
- $product_name = mysql_real_escape_string(trim(strtolower($_GET['product'])));
+ $os_name = trim(strtolower(filter_input(INPUT_GET,'os')));
+ $product_name = trim(strtolower(filter_input(INPUT_GET,'product')));
// get os and product IDs
- $os_id = db_name_to_id('mirror_os','os_id','os_name',$os_name);
- $product_id = db_name_to_id('mirror_products','product_id','product_name',$product_name);
+ $os_id = DB::name_to_id('mirror_os','os_id','os_name',$os_name);
+ $product_id = DB::name_to_id('mirror_products','product_id','product_name',$product_name);
}
if (!empty($_GET['os_id'])&&!empty($_GET['product_id'])) {
- $os_id = intval($_GET['os_id']);
- $product_id = intval($_GET['product_id']);
+ $os_id = intval(filter_input(INPUT_GET,'os_id',FILTER_SANITIZE_NUMBER_INT));
+ $product_id = intval(filter_input(INPUT_GET,'product_id',FILTER_SANITIZE_NUMBER_INT));
- $mirrors = db_get("
+ $mirrors = DB::get("
SELECT DISTINCT
mirror_baseurl
FROM
@@ -36,11 +36,11 @@ if (!empty($_GET['os_id'])&&!empty($_GET['product_id'])) {
ON
mirror_location_mirror_map.location_id = mirror_locations.location_id
WHERE
- mirror_locations.os_id = {$os_id} AND
- mirror_locations.product_id = {$product_id} AND
+ mirror_locations.os_id = ? AND
+ mirror_locations.product_id = ? AND
mirror_location_mirror_map.location_active = '1' AND
mirror_mirrors.mirror_active = '1'
- ");
+ ", PDO::FETCH_ASSOC, [$os_id, $product_id]);
header("Content-type: text/plain;");
foreach ($mirrors as $mirror) {
@@ -58,17 +58,16 @@ if (!empty($_GET['os_id'])&&!empty($_GET['product_id'])) {
form_start('list','list','get','./mirror-list.php');
echo '<div>';
form_label('Product', 'product','label-small');
- form_select('product_id','product','',mirror_get_products_select(),$posts['product_id']);
+ form_select('product_id','product','',Mirror::get_products_select(),$posts['product_id']);
echo ' [<a href="./products.php">edit products</a>]';
echo '</div><br />';
echo '<div>';
form_label('OS', 'os','label-small');
- form_select('os_id','os','',mirror_get_oss_select(),$posts['os_id']);
+ form_select('os_id','os','',Mirror::get_oss_select(),$posts['os_id']);
echo ' [<a href="./os.php">edit operating systems</a>]';
echo '</div><br />';
form_submit('submit','','button1','Update');
form_end();
require_once(FOOTER);
}
-?>
diff --git a/php/admin/mstats.php b/php/admin/mstats.php
index 5778d16..284dcf4 100644
--- a/php/admin/mstats.php
+++ b/php/admin/mstats.php
@@ -12,7 +12,7 @@ $nav = INC.'/admin_nav.php';
require_once(HEADER);
echo '<h2>Mirror Statistics</h2>';
-$stats = mirror_get_mirror_stats();
+$stats = Mirror::get_mirror_stats();
$_GET['sort']=(!empty($_GET['sort']))?$_GET['sort']:'count';
$_GET['order']=(!empty($_GET['order']))?$_GET['order']:'DESC';
@@ -29,4 +29,3 @@ $headers = array(
show_list($stats,$headers,'simple');
require_once(FOOTER);
-?>
diff --git a/php/admin/os.php b/php/admin/os.php
index b150245..72bb383 100644
--- a/php/admin/os.php
+++ b/php/admin/os.php
@@ -9,7 +9,7 @@ require_once('../cfg/init.php');
// add os
if (!empty($_POST['add-submit'])&&!empty($_POST['os_name'])) {
- if (mirror_insert_os($_POST['os_name'],$_POST['os_priority'])) {
+ if (Mirror::insert_os($_POST['os_name'],$_POST['os_priority'])) {
set_msg('OS added successfully.');
header('Location: http://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/os.php');
exit;
@@ -24,7 +24,7 @@ if (!empty($_POST['submit'])) {
switch($_POST['action']) {
case 'edit':
if (!empty($_POST['doit'])) {
- if (mirror_update_os($_POST['os_id'],$_POST['os_name'],$_POST['os_priority'])) {
+ if (Mirror::update_os($_POST['os_id'],$_POST['os_name'],$_POST['os_priority'])) {
set_msg('OS updated successfully.');
header('Location: http://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/os.php');
exit;
@@ -36,7 +36,7 @@ if (!empty($_POST['submit'])) {
$nav = INC.'/admin_nav.php';
require_once(HEADER);
echo '<h2>Edit OS</h2>';
- $posts = mirror_get_one_os($_POST['os_id']);
+ $posts = Mirror::get_one_os($_POST['os_id']);
form_start();
include_once(INC.'/forms/os.php');
form_hidden('doit','1');
@@ -49,7 +49,7 @@ if (!empty($_POST['submit'])) {
}
break;
case 'delete':
- if (!record_exists('mirror_locations','os_id',$_POST['os_id'])&&mirror_delete_os($_POST['os_id'])) {
+ if (!record_exists('mirror_locations','os_id',$_POST['os_id'])&&Mirror::delete_os($_POST['os_id'])) {
set_msg('OS deleted successfully.');
} else {
set_error('OS cannot be deleted because it is being used by a file location.');
@@ -69,7 +69,7 @@ echo '<h2>Operating Systems</h1>';
show_error();
show_msg();
-$oss = mirror_get_oss();
+$oss = Mirror::get_oss();
$_GET['sort']=(!empty($_GET['sort']))?$_GET['sort']:'os_name';
$_GET['order']=(!empty($_GET['order']))?$_GET['order']:'ASC';
diff --git a/php/admin/products.php b/php/admin/products.php
index e93686f..a0d5187 100644
--- a/php/admin/products.php
+++ b/php/admin/products.php
@@ -9,7 +9,7 @@ require_once('../cfg/init.php');
// add product
if (!empty($_POST['add-submit'])&&!empty($_POST['product_name'])) {
- if (mirror_insert_product($_POST['product_name'],$_POST['product_priority'])) {
+ if (Mirror::insert_product($_POST['product_name'],$_POST['product_priority'])) {
set_msg('Product added successfully.');
header('Location: http://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/products.php');
exit;
@@ -24,7 +24,7 @@ if (!empty($_POST['submit'])) {
switch($_POST['action']) {
case 'edit':
if (!empty($_POST['doit'])) {
- if (mirror_update_product($_POST['product_id'],$_POST['product_name'],$_POST['product_priority'])) {
+ if (Mirror::update_product($_POST['product_id'],$_POST['product_name'],$_POST['product_priority'])) {
set_msg('Product updated successfully.');
header('Location: http://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/products.php');
exit;
@@ -36,7 +36,7 @@ if (!empty($_POST['submit'])) {
$nav = INC.'/admin_nav.php';
require_once(HEADER);
echo '<h2>Edit Product</h2>';
- $posts = mirror_get_one_product($_POST['product_id']);
+ $posts = Mirror::get_one_product($_POST['product_id']);
form_start();
include_once(INC.'/forms/product.php');
form_hidden('doit','1');
@@ -49,7 +49,7 @@ if (!empty($_POST['submit'])) {
}
break;
case 'delete':
- if (!record_exists('mirror_locations','product_id',$_POST['product_id'])&&mirror_delete_product($_POST['product_id'])) {
+ if (!record_exists('mirror_locations','product_id',$_POST['product_id'])&&Mirror::delete_product($_POST['product_id'])) {
set_msg('Product deleted successfully.');
} else {
set_error('Product cannot be deleted because it is being used by a file location.');
@@ -69,7 +69,7 @@ echo '<h2>Products</h1>';
show_error();
show_msg();
-$products = mirror_get_products();
+$products = Mirror::get_products();
$_GET['sort']=(!empty($_GET['sort']))?$_GET['sort']:'product_name';
$_GET['order']=(!empty($_GET['order']))?$_GET['order']:'ASC';
diff --git a/php/admin/pstats.php b/php/admin/pstats.php
index e0b4aff..ef887bd 100644
--- a/php/admin/pstats.php
+++ b/php/admin/pstats.php
@@ -12,7 +12,7 @@ $nav = INC.'/admin_nav.php';
require_once(HEADER);
echo '<h2>Product Statistics</h2>';
-$stats = mirror_get_product_stats();
+$stats = Mirror::get_product_stats();
$_GET['sort']=(!empty($_GET['sort']))?$_GET['sort']:'count';
$_GET['order']=(!empty($_GET['order']))?$_GET['order']:'DESC';
@@ -26,4 +26,3 @@ $headers = array(
show_list($stats,$headers,'simple');
require_once(FOOTER);
-?>
diff --git a/php/admin/regions.php b/php/admin/regions.php
index f42c0da..0709e43 100644
--- a/php/admin/regions.php
+++ b/php/admin/regions.php
@@ -9,7 +9,7 @@ require_once('../cfg/init.php');
// add region
if (!empty($_POST['add-submit'])&&!empty($_POST['region_name'])) {
- if (mirror_insert_region($_POST['region_name'],$_POST['region_priority'])) {
+ if (Mirror::insert_region($_POST['region_name'],$_POST['region_priority'])) {
set_msg('Region added successfully.');
header('Location: http://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/regions.php');
exit;
@@ -24,7 +24,7 @@ if (!empty($_POST['submit'])) {
switch($_POST['action']) {
case 'edit':
if (!empty($_POST['doit'])) {
- if (mirror_update_region($_POST['region_id'],$_POST['region_name'],$_POST['region_priority'])) {
+ if (Mirror::update_region($_POST['region_id'],$_POST['region_name'],$_POST['region_priority'])) {
set_msg('Region updated successfully.');
header('Location: http://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/regions.php');
exit;
@@ -36,7 +36,7 @@ if (!empty($_POST['submit'])) {
$nav = INC.'/admin_nav.php';
require_once(HEADER);
echo '<h2>Edit Region</h2>';
- $posts = mirror_get_one_region($_POST['region_id']);
+ $posts = Mirror::get_one_region($_POST['region_id']);
form_start();
include_once(INC.'/forms/region.php');
form_hidden('doit','1');
@@ -49,7 +49,7 @@ if (!empty($_POST['submit'])) {
}
break;
case 'delete':
- if (!record_exists('mirror_mirror_region_map','region_id',$_POST['region_id'])&&mirror_delete_region($_POST['region_id'])) {
+ if (!record_exists('mirror_mirror_region_map','region_id',$_POST['region_id'])&&Mirror::delete_region($_POST['region_id'])) {
set_msg('Region deleted successfully.');
} else {
set_error('Region cannot be deleted because it is linked to a mirror.');
@@ -69,7 +69,7 @@ echo '<h2>Regions</h2>';
show_error();
show_msg();
-$regions = mirror_get_regions();
+$regions = Mirror::get_regions();
$_GET['sort']=(!empty($_GET['sort']))?$_GET['sort']:'region_name';
$_GET['order']=(!empty($_GET['order']))?$_GET['order']:'ASC';
@@ -98,4 +98,3 @@ form_submit('add-submit','','button1','Add Region');
form_end();
require_once(FOOTER);
-?>
diff --git a/php/admin/users.php b/php/admin/users.php
index 3017c49..4926117 100644
--- a/php/admin/users.php
+++ b/php/admin/users.php
@@ -9,7 +9,7 @@ require_once('../cfg/init.php');
// add user
if (!empty($_POST['add-submit'])&&!empty($_POST['username'])&&!empty($_POST['password'])&&!empty($_POST['rpassword'])) {
- if (mirror_insert_user($_POST['username'],$_POST['password'],$_POST['rpassword'],$_POST['user_firstname'],$_POST['user_lastname'],$_POST['user_email'])) {
+ if (Mirror::insert_user($_POST['username'],$_POST['password'],$_POST['rpassword'],$_POST['user_firstname'],$_POST['user_lastname'],$_POST['user_email'])) {
set_msg('User added successfully.');
header('Location: http://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/users.php');
exit;
@@ -24,7 +24,7 @@ if (!empty($_POST['submit'])) {
switch($_POST['action']) {
case 'edit':
if (!empty($_POST['doit'])) {
- if (mirror_update_user($_POST['user_id'],$_POST['username'],$_POST['password'],$_POST['rpassword'],$_POST['user_firstname'],$_POST['user_lastname'],$_POST['user_email'])) {
+ if (Mirror::update_user($_POST['user_id'],$_POST['username'],$_POST['password'],$_POST['rpassword'],$_POST['user_firstname'],$_POST['user_lastname'],$_POST['user_email'])) {
set_msg('User updated successfully.');
header('Location: http://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/users.php');
exit;
@@ -36,7 +36,7 @@ if (!empty($_POST['submit'])) {
$nav = INC.'/admin_nav.php';
require_once(HEADER);
echo '<h2>Edit User</h2>';
- $posts = mirror_get_one_user($_POST['user_id']);
+ $posts = Mirror::get_one_user($_POST['user_id']);
form_start();
include_once(INC.'/forms/user.php');
form_hidden('doit','1');
@@ -51,7 +51,7 @@ if (!empty($_POST['submit'])) {
case 'delete':
if ($_POST['user_id']==$_SESSION['user']['user_id']) {
set_error('You cannot delete yourself.');
- } elseif (mirror_delete_user($_POST['user_id'])) {
+ } elseif (Mirror::delete_user($_POST['user_id'])) {
set_msg('User deleted successfully.');
} else {
set_error('User could not be deleted because of an error.');
@@ -71,7 +71,7 @@ echo '<h2>Users</h2>';
show_error();
show_msg();
-$users = mirror_get_users();
+$users = Mirror::get_users();
$_GET['sort'] = (!empty($_GET['sort']))?$_GET['sort']:'user_lastname';
$_GET['order'] = (!empty($_GET['order']))?$_GET['order']:'ASC';
diff --git a/php/cfg/admin_init.php b/php/cfg/admin_init.php
index 7d22ab3..68f3063 100644
--- a/php/cfg/admin_init.php
+++ b/php/cfg/admin_init.php
@@ -6,10 +6,9 @@
*/
require_once(LIB.'/auth.php'); // auth functions
require_once(LIB.'/forms.php'); // form library
-require_once(LIB.'/list.php'); // list library
-if (!auth_is_valid_session()) {
+if (!Auth::is_valid_session()) {
header('Location: http://'.$_SERVER['HTTP_HOST'].WEBPATH.'/admin/login.php');
exit;
}
-?>
+
diff --git a/php/cfg/init.php b/php/cfg/init.php
index 4eb6ed0..3e8f6fb 100644
--- a/php/cfg/init.php
+++ b/php/cfg/init.php
@@ -10,9 +10,7 @@ require_once(LIB.'/csv.php'); // util file for random functions (no SQL here)
$start = microtime_float(); // start timer
require_once(LIB.'/mirror.php'); // user and admin functions for the mirror app (some SQL)
require_once(LIB.'/db.php'); // core mysql wrappers used in mirror functions
-db_connect(DBHOST,DBUSER,DBPASS); // open persistent connection to db
-db_select(DBNAME); // select db
+DB::connect(DBHOST,DBUSER,DBPASS,DBNAME); // open persistent connection to db
if (!empty($protect)) {
require_once('admin_init.php');
}
-?>
diff --git a/php/inc/forms/location.php b/php/inc/forms/location.php
index 60e35cb..0d48d2d 100644
--- a/php/inc/forms/location.php
+++ b/php/inc/forms/location.php
@@ -6,13 +6,13 @@
*/
echo '<div>';
form_label('Product', 'product','label-small');
-form_select('product_id','product','',mirror_get_products_select(),$posts['product_id']);
+form_select('product_id','product','',Mirror::get_products_select(),$posts['product_id']);
echo ' [<a href="./products.php">edit products</a>]';
echo '</div><br />';
echo '<div>';
form_label('OS', 'os','label-small');
-form_select('os_id','os','',mirror_get_oss_select(),$posts['os_id']);
+form_select('os_id','os','',Mirror::get_oss_select(),$posts['os_id']);
echo ' [<a href="./os.php">edit operating systems</a>]';
echo '</div><br />';
@@ -20,4 +20,4 @@ echo '<div>';
form_label('File Location', 'floc','label-small');
form_text('location_path', 'floc', '', $posts['location_path'], 30, 100);
echo '</div><br />';
-?>
+
diff --git a/php/inc/forms/mirror.php b/php/inc/forms/mirror.php
index c1e7dcb..35a3ed7 100644
--- a/php/inc/forms/mirror.php
+++ b/php/inc/forms/mirror.php
@@ -11,7 +11,7 @@ echo '</div><br />';
echo '<div>';
form_label('Region', 'mregion','label-small');
-form_select('region_id','mregion','',mirror_get_regions_select(),$posts['region_id']);
+form_select('region_id','mregion','',Mirror::get_regions_select(),$posts['region_id']);
echo ' [<a href="./regions.php">edit regions</a>]';
echo '</div><br />';
@@ -24,4 +24,3 @@ echo '<div>';
form_label('Rating', 'mrating','label-small');
form_text('mirror_rating', 'mrating', '', $posts['mirror_rating'], 30, 100);
echo '</div><br />';
-?>
diff --git a/php/index-list.php b/php/index-list.php
index 1705ee6..1b158b7 100644
--- a/php/index-list.php
+++ b/php/index-list.php
@@ -7,25 +7,24 @@
require_once('./cfg/init.php');
require_once(LIB.'/auth.php'); // auth functions
require_once(LIB.'/forms.php'); // form library
-require_once(LIB.'/list.php'); // list library
error_reporting(E_GET);
if (!empty($_GET['os'])&&!empty($_GET['product'])) {
// clean in os and product strings
- $os_name = mysql_real_escape_string(trim(strtolower($_GET['os'])));
- $product_name = mysql_real_escape_string(trim(strtolower($_GET['product'])));
+ $os_name = trim(strtolower(filter_input(INPUT_GET,'os')));
+ $product_name = trim(strtolower(filter_input(INPUT_GET,'product')));
// get os and product IDs
- $os_id = db_name_to_id('mirror_os','os_id','os_name',$os_name);
- $product_id = db_name_to_id('mirror_products','product_id','product_name',$product_name);
+ $os_id = DB::name_to_id('mirror_os','os_id','os_name',$os_name);
+ $product_id = DB::name_to_id('mirror_products','product_id','product_name',$product_name);
}
if (!empty($_GET['os_id'])&&!empty($_GET['product_id'])) {
- $os_id = intval($_GET['os_id']);
- $product_id = intval($_GET['product_id']);
+ $os_id = intval(filter_input(INPUT_GET, 'os_id', FILTER_SANITIZE_NUMBER_INT));
+ $product_id = intval(filter_input(INPUT_GET, 'product_id', FILTER_SANITIZE_NUMBER_INT));
}
if (!empty($os_id)&&!empty($product_id)) {
- $mirrors = db_get("
+ $mirrors = DB::get("
SELECT DISTINCT
mirror_baseurl, location_path
FROM
@@ -39,13 +38,13 @@ if (!empty($os_id)&&!empty($product_id)) {
ON
mirror_location_mirror_map.location_id = mirror_locations.location_id
WHERE
- mirror_locations.os_id = {$os_id} AND
- mirror_locations.product_id = {$product_id} AND
+ mirror_locations.os_id = ? AND
+ mirror_locations.product_id = ? AND
mirror_location_mirror_map.location_active = '1' AND
mirror_mirrors.mirror_active = '1'
ORDER BY
mirror_rating DESC, mirror_baseurl
- ");
+ ", PDO::FETCH_ASSOC, [$os_id, $product_id]);
header("Content-type: text/plain;");
foreach ($mirrors as $mirror) {
@@ -68,13 +67,13 @@ if (!empty($os_id)&&!empty($product_id)) {
form_start('list','list','get','./index-list.php');
echo '<div>';
form_label('Product', 'product','label-small');
- form_select('product_id','product','',mirror_get_products_select(),$_GET['product_id']);
+ form_select('product_id','product','',Mirror::get_products_select(),$_GET['product_id']);
echo ' [<a href="./products.php">edit products</a>]';
echo '</div><br />';
echo '<div>';
form_label('OS', 'os','label-small');
- form_select('os_id','os','',mirror_get_oss_select(),$_GET['os_id']);
+ form_select('os_id','os','',Mirror::get_oss_select(),$_GET['os_id']);
echo ' [<a href="./os.php">edit operating systems</a>]';
echo '</div><br />';
form_submit('submit','','button1','Update');
diff --git a/php/index.php b/php/index.php
index eacb99e..28b29b8 100644
--- a/php/index.php
+++ b/php/index.php
@@ -15,45 +15,44 @@ if (empty($_GET['os'])) {
// do we even have an os or product?
if (!empty($_GET['os'])&&!empty($_GET['product'])) {
require_once(LIB.'/db.php'); // core mysql wrappers
- db_connect(DBHOST,DBUSER,DBPASS); // open persistent connection to db
- db_select(DBNAME); // select db
+ DB::connect(DBHOST,DBUSER,DBPASS,DBNAME); // open persistent connection to db
// clean in os and product strings
- $os_name = mysql_real_escape_string(trim(strtolower($_GET['os'])));
- $product_name = mysql_real_escape_string(trim(strtolower($_GET['product'])));
+ $os_name = trim(strtolower($_GET['os']));
+ $product_name = trim(strtolower($_GET['product']));
// get os and product IDs
- $os_id = db_name_to_id('mirror_os','os_id','os_name',$os_name);
- $product_id = db_name_to_id('mirror_products','product_id','product_name',$product_name);
+ $os_id = DB::name_to_id('mirror_os','os_id','os_name',$os_name);
+ $product_id = DB::name_to_id('mirror_products','product_id','product_name',$product_name);
// do we have a valid os and product?
if (!empty($os_id)&&!empty($product_id)) {
- $location = db_get_one("SELECT location_id,location_path FROM mirror_locations WHERE product_id={$product_id} AND os_id={$os_id}");
+ $location = DB::get_one("SELECT location_id,location_path FROM mirror_locations WHERE product_id={$product_id} AND os_id={$os_id}");
// did we get a valid location?
if (!empty($location)) {
- $mirror = db_get_one("SELECT mirror_mirrors.mirror_id,mirror_baseurl FROM mirror_mirrors, mirror_location_mirror_map WHERE mirror_mirrors.mirror_id = mirror_location_mirror_map.mirror_id AND mirror_location_mirror_map.location_id = {$location['location_id']} AND mirror_active='1' AND location_active ='1' ORDER BY rand()*(1/mirror_rating)");
+ $mirror = DB::get_one("SELECT mirror_mirrors.mirror_id,mirror_baseurl FROM mirror_mirrors, mirror_location_mirror_map WHERE mirror_mirrors.mirror_id = mirror_location_mirror_map.mirror_id AND mirror_location_mirror_map.location_id = {$location['location_id']} AND mirror_active='1' AND location_active ='1' ORDER BY rand()*(1/mirror_rating)");
// did we get a valid mirror?
if (!empty($mirror)) {
// if logging is enabled, insert log
if (LOGGING) {
- db_query("UPDATE mirror_mirrors SET mirror_count=mirror_count+1 WHERE mirror_id={$mirror['mirror_id']}");
- db_query("UPDATE mirror_products SET product_count=product_count+1 WHERE product_id={$product_id}");
+ DB::query("UPDATE mirror_mirrors SET mirror_count=mirror_count+1 WHERE mirror_id={$mirror['mirror_id']}");
+ DB::query("UPDATE mirror_products SET product_count=product_count+1 WHERE product_id={$product_id}");
}
-
+
// LANGUAGE HACK
- if (!empty($_GET['lang'])) {
+ if (!empty($_GET['lang'])) {
//// $location['location_path'] = str_replace('x86',$_GET['lang'],$location['location_path']);
- $location['location_path'] = str_replace('en-US',$_GET['lang'],$location['location_path']);
- }
-
- // BitTorrent HACK - robbat2
- if (!empty($_GET['extra'])) {
- $extra = $_GET['extra'];
- $location['location_path'] .= ereg_replace('\?.*|&.*','',$extra);
- }
+ $location['location_path'] = str_replace('en-US',$_GET['lang'],$location['location_path']);
+ }
+
+ // BitTorrent HACK - robbat2
+ if (!empty($_GET['extra'])) {
+ $extra = $_GET['extra'];
+ $location['location_path'] .= ereg_replace('\?.*|&.*','',$extra);
+ }
// if we are just testing, then just print and exit.
if (!empty($_GET['print'])) {
@@ -69,7 +68,5 @@ if (!empty($_GET['os'])&&!empty($_GET['product'])) {
}
}
-// if we get here, the request was invalid; redirect to mozilla home
+// if we get here, the request was invalid; redirect to Gentoo home
header('Location: http://www.gentoo.org/');
-exit;
-?>
diff --git a/php/lib/auth.php b/php/lib/auth.php
index f03db32..eb6319c 100644
--- a/php/lib/auth.php
+++ b/php/lib/auth.php
@@ -1,4 +1,6 @@
<?php
+
+class Auth {
/**
* Home-cooked auth libraries - because PEAR is fat.
* @package mirror
@@ -10,17 +12,18 @@
* Check admin session against sessions table in database.
* @return bool
*/
-function auth_is_valid_session()
+public static function is_valid_session()
{
- if (!empty($_COOKIE['mozilla-mirror-admin'])) { // check cookie
- $res = db_query("SELECT * FROM mirror_sessions WHERE session_id = '{$_COOKIE['mozilla-mirror-admin']}'"); // check db for id
- if ($res && db_numrows($res)>0) {
- $buf = db_fetch($res,MYSQL_ASSOC);
+ $cookieAdmin = filter_input(INPUT_COOKIE, 'mozilla-mirror-admin');
+ if (!empty($cookieAdmin)) { // check cookie
+ $res = DB::query("SELECT * FROM mirror_sessions WHERE session_id = ?", [$cookieAdmin]); // check db for id
+ if ($res && DB::numrows($res)>0) {
+ $buf = DB::fetch($res,PDO::FETCH_ASSOC);
// comment line below to disable gc and allow multiple sessions per username
- db_query("DELETE FROM mirror_sessions WHERE username='{$buf['username']}' AND session_id != '{$_COOKIE['mozilla-mirror-admin']}'"); // garbage collection
- $user = db_fetch(db_query("SELECT * FROM mirror_users WHERE username='{$buf['username']}'"),MYSQL_ASSOC);
+ DB::query("DELETE FROM mirror_sessions WHERE username=? AND session_id != ?", [$buf['username'], $cookieAdmin]); // garbage collection
+ $user = DB::fetch(DB::query("SELECT * FROM mirror_users WHERE username=?", [$buf['username']]),PDO::FETCH_ASSOC);
if (empty($_SESSION)) {
- auth_create_session($user); // if session isn't started, create it and push user data
+ static::create_session($user); // if session isn't started, create it and push user data
}
return true;
}
@@ -34,42 +37,57 @@ function auth_is_valid_session()
* @param string $password
* @return array|bool array containing user data or false on failure
*/
-function auth_mysql($username,$password)
+public static function query($username,$password)
{
if (empty($username)||empty($password)) {
return false;
- }
- $username = trim(strip_tags(addslashes($username)));
- $password = trim(strip_tags(addslashes($password)));
- $res = db_query("SELECT * FROM mirror_users WHERE username='{$username}' AND password=MD5('{$password}')");
- if ($res && db_numrows($res)>0) {
- return db_fetch($res,MYSQL_ASSOC);
+ }
+ $username = trim(strip_tags($username));
+ $password = trim(strip_tags($password));
+ $res = DB::query("SELECT * FROM mirror_users WHERE username=?", [$username]);
+ if ($res && DB::numrows($res)>0) {
+ $userrow = DB::fetch($res,PDO::FETCH_ASSOC);
+ if (!password_verify($password, $userrow['password'])) {
+ if ($userrow['password'] !== md5($password))
+ return false;
+ static::password_upgrade($userrow, $username, $password);
+ }
+ if (password_needs_rehash($userrow['password'], PASSWORD_DEFAULT))
+ static::password_upgrade($userrow, $username, $password);
+ return $userrow;
} else {
return false;
}
}
+private static function password_upgrade($userrow, $username, $password) {
+ require_once(LIB.'/mirror.php'); //Upgrade password security
+ Mirror::update_user($userrow['user_id'],$username,$password,$password,$userrow['firstname'],$userrow['lastname'],$userrow['email']);
+}
+
/**
* Start a valid session.
* @param array $user array containing user information.
*/
-function auth_create_session($user,$secure=0)
+public static function create_session($user,$secure=0)
{
session_name('mozilla-mirror-admin');
session_set_cookie_params(0,'/',$_SERVER['HTTP_HOST'],$secure);
session_start();
- db_query("INSERT INTO mirror_sessions(session_id,username) VALUES('".session_id()."','{$user['username']}')");
+ DB::query("INSERT INTO mirror_sessions(session_id,username) VALUES(?,?)", [session_id(), $user['username']]);
$_SESSION['user']=$user;
}
/**
* Logout.
*/
-function auth_logout()
+public static function logout()
{
// comment line below to keep gc from deleting other sessions for this user
- db_query("DELETE FROM mirror_sessions WHERE session_id='{$_COOKIE['mozilla-mirror-admin']}' OR username='{$_SESSION['user']['username']}'");
- $_COOKIE = array();
+ $cookieAdmin = filter_input(INPUT_COOKIE, 'mozilla-mirror-admin');
+ DB::query("DELETE FROM mirror_sessions WHERE session_id=? OR username=?", [$cookieAdmin, $_SESSION['user']['username']]);
+ $_COOKIE = array();
$_SESSION = array();
}
-?>
+
+}
diff --git a/php/lib/csv.php b/php/lib/csv.php
index e98d37c..12dff67 100644
--- a/php/lib/csv.php
+++ b/php/lib/csv.php
@@ -5,7 +5,7 @@
* <code>
* if ($_GET['csv'])
* {
- * $res=db_query("SELECT * FROM fic_courses");
+ * $res=DB::query("SELECT * FROM fic_courses");
* csv_send_csv($res);
* exit;
* }
@@ -24,7 +24,7 @@
function csv_export_to_csv($res)
{
// parse all results, format for CSV
- while ( $buf=db_fetch($res,MYSQL_ASSOC) )
+ while ( $buf=DB::fetch($res,PDO::FETCH_ASSOC) )
{
// get the keys (headers), if not already done
if ( empty($heads) )
diff --git a/php/lib/db.php b/php/lib/db.php
index 3f9435f..6882064 100644
--- a/php/lib/db.php
+++ b/php/lib/db.php
@@ -5,60 +5,51 @@
* @subpackage lib
*/
+class DB {
+
+ private $dsn;
+ private $result;
/**
* Connect to a MySQL database server.
* @param string $host db server, defaults to localhost
* @param string $user db username
- * @param string $password db password
- * @return resource dbh
+ * @param string $password db password
+ * @return PDO dbh
*/
-function db_connect($host='localhost',$user=null,$password=null)
+public static function connect($host='localhost',$user=null,$password=null,$database=null)
{
- static $dbh = null;
if (!empty($host) && isset($user) && isset($password)) {
- $dbh = @mysql_connect($host,$user,$password);
- }
- if (is_resource($dbh)) {
- return $dbh;
+ $dsn = "mysql:host={$host}";
+ if(!empty($database)) $dsn .= ";database={$database}";
+ $options = [PDO::ATTR_EMULATE_PREPARES => false, PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION];
+ static::$dbh = new PDO($dsn, $user, $password, $options);
}
- else die("Unable to create database connection in db_connect()");
-}
-
-/**
- * Select database.
- * @param string $database name of the database to select
- * @param resource $dbh valid dbh, null if not defined
- * @return bool success of command
- */
-function db_select($database,$dbh=null)
-{
- if(is_resource($dbh)){
- return @mysql_select_db($database);
- }else{
- return @mysql_select_db($database, db_connect());
+ if (static::$dbh instanceof PDO) {
+ return static::$dbh;
}
-
+ die("Unable to create database connection in DB::connect()");
}
/**
* Execute a MySQL query.
* @param string $qry MySQL query
- * @param resource $dbh valid dbh
*/
-function db_query($qry=null,$dbh=null)
+public static function query($qry=null, $parameters=[])
{
- static $result = null;
- if(!is_resource($dbh)) $dbh = db_connect();
+ if(!(static::$dbh instanceof PDO)) static::$dbh = static::connect();
if(is_null($qry))
{
- if(is_resource($result)) return $result;
+ if(static::$result instanceof PDOStatement) return static::$result;
else return false;
}
- else
- {
- $result = @mysql_query($qry,$dbh);
- return $result;
+ if(!empty($parameters)) {
+ static::$result = static::$dbh->prepare($query);
+ static::$result->execute($parameters);
}
+ else {
+ static::$result = static::$dbh->query($qry);
+ }
+ return static::$result;
}
/**
@@ -66,198 +57,90 @@ function db_query($qry=null,$dbh=null)
* @param string $result (default to null)
* @return array
*/
-function db_fetch($result=null,$type=MYSQL_BOTH)
+public static function fetch($result=null,$type=PDO::FETCH_BOTH)
{
- return (!is_resource($result))? @mysql_fetch_array(db_query()) : @mysql_fetch_array($result,$type);
+ if (is_null($result) && static::$result instanceof PDOStatement)
+ $result = static::$result;
+ if (!$result instanceof PDOStatement)
+ throw new InvalidArgumentException("Fetch called before query issued");
+ return $result->fetch($type);
}
/**
- * Fetch an array based on a query.
+ * Fetch an array based on a query.
* @param string $query database query
* @param int $type result type
* @param string $col_id if passed it, the values of this column in the result set will be used as the array keys in the returned array
* @return array $list array of database rows
* Example of returned array:
* <code>
- * db_get("SELECT * FROM table",MYSQL_ASSOC);
+ * DB::get("SELECT * FROM table",PDO::FETCH_ASSOC);
* returns...
* Array
* (
* [0] => Array
* (
* [id] => 1
- * [field1] => data1
+ * [field1] => data1
* [field2] => data2
* )
*
* )
* </code>
*/
-function db_get($query,$type=MYSQL_BOTH,$col_id=NULL)
+public static function get($query,$type=PDO::FETCH_BOTH,$col_id=NULL,$parameters=[])
{
- $res = db_query($query);
- $list = array();
- if (is_resource($res) && !is_null($col_id) && ($type == MYSQL_BOTH || $type == MYSQL_ASSOC) && @mysql_num_rows($res) !== 0) {
- $col_test = db_fetch($res,$type);
- @mysql_data_seek($res, 0);
+ $res = static::query($query, $parameters);
+ $list = [];
+ if ($res instanceof PDOStatement && !is_null($col_id) && ($type === PDO::FETCH_BOTH || $type == PDO::FETCH_ASSOC) && $res->rowCount() !== 0) {
+ $col_test = static::fetch($res,$type);
if (array_key_exists($col_id,$col_test)) {
- while ( $buf = db_fetch($res,$type) ) {
+ $list[$col_test[$col_id]] = $col_test;
+ while ( $buf = static::fetch($res,$type) ) {
$list[$buf[$col_id]] = $buf;
}
return $list;
}
}
- while ( $buf = db_fetch($res,$type) ) {
- $list[] = $buf;
+ if ($res instanceof PDOStatement) {
+ $list = $res->fetchAll($type);
}
return $list;
}
/**
- * Get all of the fieldnames for the specified table.
- * @param string $table name of table to describe
- * @return array array of column names, must be an array
- */
-function db_fieldnames($table)
-{
- $dbh = db_connect();
- $results = db_query("DESCRIBE $table");
- if (is_resource($results))
- {
- while ($buf=db_fetch($results))
- {
- $field_names[] = $buf[0];
- }
- }
- else
- {
- $field_names[] = 0;
- }
- return $field_names;
-}
-
-/**
- * Create a MySQL INSERT statement based on $_POST array generated by form submission.
- * <ul>
- * <li>does not work with mysql functions (PASSWORD, etc.) because there are forced double quotes</li>
- * <li>do not use clean_in() before this, or you'll have double the slashes</li>
- * <li>use the function only when it saves you time, not _always_</li>
- * <li>form items not set will not be processed (unchecked radios, checkboxes) - handle these manually, or don't use the func</li>
- * </ul>
- * @param array $vars array of posts
- * @param string $table name of the table that fields will be inserted into
- * @return string $query resulting MySQL insert string
- */
-function db_makeinsert($vars,$table)
-{
- $dbh = db_connect();
- $fields = db_fieldnames($table);
- foreach ($fields as $field)
- {
- if (get_magic_quotes_gpc) $vars[$field] = stripslashes($vars[$field]);
- $vars[$field] = addslashes($vars[$field]);
- if (isset($vars[$field]))
- {
- isset($q1)?$q1 .= ','.$field:$q1='INSERT INTO '.$table.'('.$field;
- isset($q2)?$q2 .= ",'$vars[$field]'":$q2=" VALUES('$vars[$field]'";
- }
- }
- $q1 .= ')';
- $q2 .= ')';
- $query = $q1.$q2;
- return $query;
-}
-
-/**
- * Create a MySQL REPLACE statement based on $_POST array generated by form submission.
- * <ul>
- * <li>does not work with mysql functions (PASSWORD, etc.) because there are forced double quotes</li>
- * <li>do not use clean_in() before this, or you'll have double the slashes</li>
- * <li>use the function only when it saves you time, not _always_</li>
- * <li>form items not set will not be processed (unchecked radios, checkboxes) - handle these manually, or don't use the func</li>
- * </ul>
- * @param array $vars array of posts
- * @param string $table name of the table that fields will be inserted into
- * @return string $query resulting MySQL insert string
- */
-function db_makereplace($vars,$table)
-{
- $dbh = db_connect();
- $fields = db_fieldnames($table);
- foreach ($fields as $field)
- {
- if (get_magic_quotes_gpc) $vars[$field] = stripslashes($vars[$field]);
- $vars[$field] = addslashes($vars[$field]);
- if (isset($vars[$field]))
- {
- isset($q1)?$q1 .= ','.$field:$q1='REPLACE INTO '.$table.'('.$field;
- isset($q2)?$q2 .= ",'$vars[$field]'":$q2=" VALUES('$vars[$field]'";
- }
- }
- $q1 .= ')';
- $q2 .= ')';
- $query = $q1.$q2;
- return $query;
-}
-
-/**
- * Create a MySQL UPDATE statement based on $_POST array generated by form submission.
- * <ul>
- * <li>does not work with mysql functions (PASSWORD, etc.) because there are forced double quotes</li>
- * <li>do not use clean_in() before this, or you'll have double the slashes</li>
- * <li>use the function only when it saves you time, not _always_</li>
- * <li>form items not set will not be processed (unchecked radios, checkboxes) - handle these manually, or don't use the func</li>
- * </ul>
- * @param array $vars array of posts
- * @param string $table name of the table that fields will be inserted into
- * @param string $where where clause, describing which records are to be updated
- */
-function db_makeupdate($vars,$table,$where)
-{
- $dbh = db_connect();
- $fields = db_fieldnames($table);
- foreach ($fields as $field)
- {
- if (isset($vars[$field]))
- {
- if (get_magic_quotes_gpc()) $vars[$field] = stripslashes($vars[$field]);
- $vars[$field]=addslashes($vars[$field]);
- $q1 = isset($q1)?$q1 .= ' ,'.$field."='$vars[$field]'":'UPDATE '.$table.' set '.$field."='$vars[$field]'";
- }
- }
- $query = $q1.' '.$where;
- return $query;
-}
-
-/**
* Since PHP's mysql_insert_id() sometimes throws an error, this is the replacement
- * @param resource $dbh optional dbh to get the last inserted id from
+ * @param PDO $dbh optional dbh to get the last inserted id from
* @return int the return value of MySQL's last_insert_id()
*/
-function db_insert_id($dbh=null)
+public static function insert_id($dbh=null)
{
- if(!is_resource($dbh)) $dbh = db_connect();
- $buf = db_fetch(db_query("SELECT LAST_INSERT_ID()", $dbh));
- return empty($buf[0]) ? false : $buf[0];
+ if(!($dbh instanceof PDO)) $dbh = static::connect();
+ $buf = $dbh->lastInsertId();
+ return empty($buf) ? false : $buf;
}
/**
* Determine number of rows in result.
- * @param resource $result mysql result
+ * @param PDOStatement $result mysql result
* @return int number of rows in query result
*/
-function db_numrows($result=null)
+function numrows($result=null)
{
- return (!is_resource($result))? @mysql_num_rows(db_query()) : @mysql_num_rows($result);
+ if (is_null($result) && static::$result instanceof PDOStatement)
+ $result = static::$result;
+ if (!$result instanceof PDOStatement)
+ throw new InvalidArgumentException("numrows called before query issued");
+ return $result->rowCount();
}
/**
* Close the db connection. If a dbh is not specified, assume the last opened link.
* @param resource $dbh optional dbh to close
*/
-function db_close($dbh=null)
+public static function close($dbh=null)
{
- return is_resource($dbh)?@mysql_close($dbh):@mysql_close();
+ return ($dbh instanceof PDO)?$dbh=null:static::$dbh=null;
}
/**
@@ -265,8 +148,8 @@ function db_close($dbh=null)
* @param string $query query
* @param int $type result type
*/
-function db_get_one($query,$type=MYSQL_ASSOC) {
- $buf = db_get($query.' LIMIT 1',$type);
+public static function get_one($query,$type=PDO::FETCH_ASSOC,$parameters=[]) {
+ $buf = static::get($query.' LIMIT 1',$type,$parameters);
return $buf[0];
}
@@ -277,22 +160,10 @@ function db_get_one($query,$type=MYSQL_ASSOC) {
* @param string $name_col
* @param string $name
*/
-function db_name_to_id($table,$id_col,$name_col,$name)
+public static function name_to_id($table,$id_col,$name_col,$name)
{
- $buf = db_get_one("SELECT {$id_col} FROM {$table} WHERE {$name_col} = '{$name}'", MYSQL_NUM);
+ $buf = static::get_one("SELECT {$id_col} FROM {$table} WHERE {$name_col} = :name", PDO::FETCH_NUM, [':name' => $name]);
return $buf[0];
}
-/**
- * Sets enum booleans to their opposite
- * @param string $table
- * @param string $pri
- * @param string $col
- * @param array $id
- * @return int
- */
-function db_toggle_bool($table, $pri, $col, $id)
-{
- return db_query("UPDATE {$table} SET {$col} = IF({$col} = '1', '0', '1') WHERE {$pri} = {$id}");
}
-?>
diff --git a/php/lib/mirror.php b/php/lib/mirror.php
index a618a86..ac3e904 100644
--- a/php/lib/mirror.php
+++ b/php/lib/mirror.php
@@ -6,13 +6,15 @@
* @todo add transactions once innodb table types are in place
*/
+class Mirror {
+
/**
* Get an alpha-list of regions for select list.
* @return array $regions
*/
-function mirror_get_regions_select()
+public static function get_regions_select()
{
- $regions = db_get("SELECT region_id,region_name FROM mirror_regions ORDER BY region_name ASC",MYSQL_ASSOC);
+ $regions = DB::get("SELECT region_id,region_name FROM mirror_regions ORDER BY region_name ASC",PDO::FETCH_ASSOC);
foreach ($regions as $region) {
$retval[$region['region_id']]=$region['region_name'];
}
@@ -23,9 +25,9 @@ function mirror_get_regions_select()
* Get an priority-list of regions for select list.
* @return array $regions
*/
-function mirror_get_regions_select_priority()
+public static function get_regions_select_priority()
{
- $regions = db_get("SELECT region_id,region_name FROM mirror_regions ORDER BY region_priority ASC",MYSQL_ASSOC);
+ $regions = DB::get("SELECT region_id,region_name FROM mirror_regions ORDER BY region_priority ASC",PDO::FETCH_ASSOC);
foreach ($regions as $region) {
$retval[$region['region_id']]=$region['region_name'];
}
@@ -37,10 +39,10 @@ function mirror_get_regions_select_priority()
* @param string $name
* @param int $priority
* @return bool
- */
-function mirror_insert_region($name,$priority)
+ */
+public static function insert_region($name,$priority)
{
- return db_query("INSERT INTO mirror_regions(region_name,region_priority) VALUES('{$name}',{$priority})");
+ return DB::query("INSERT INTO mirror_regions(region_name,region_priority) VALUES(?,?)", [$name, $priority]);
}
/**
@@ -49,10 +51,10 @@ function mirror_insert_region($name,$priority)
* @param string $name
* @param int $priority
* @return bool
- */
-function mirror_update_region($id,$name,$priority)
+ */
+public static function update_region($id,$name,$priority)
{
- return db_query("UPDATE mirror_regions SET region_name='{$name}',region_priority={$priority} WHERE region_id={$id}");
+ return DB::query("UPDATE mirror_regions SET region_name=?,region_priority=? WHERE region_id=?", [$name, $priority, $id]);
}
/**
@@ -60,9 +62,9 @@ function mirror_update_region($id,$name,$priority)
* @param int $id
* @return array
*/
-function mirror_get_one_region($id)
+public static function get_one_region($id)
{
- return db_get_one("SELECT * FROM mirror_regions WHERE region_id = {$id}");
+ return DB::get_one("SELECT * FROM mirror_regions WHERE region_id = ?", PDO::FETCH_ASSOC, [$id]);
}
/**
@@ -70,18 +72,18 @@ function mirror_get_one_region($id)
* @param int $id
* @return bool
*/
-function mirror_delete_region($id)
+public static function delete_region($id)
{
- return db_query("DELETE FROM mirror_regions WHERE region_id={$id}");
+ return DB::query("DELETE FROM mirror_regions WHERE region_id=?", [$id]);
}
/**
* Get an alpha-list of mirrors for select list.
* @return array $mirrors
*/
-function mirror_get_mirrors_select()
+public static function get_mirrors_select()
{
- $mirrors = db_get("SELECT mirror_id,mirror_name FROM mirror_mirrors ORDER BY mirror_name ASC",MYSQL_ASSOC);
+ $mirrors = DB::get("SELECT mirror_id,mirror_name FROM mirror_mirrors ORDER BY mirror_name ASC",PDO::FETCH_ASSOC);
foreach ($mirrors as $mirror) {
$retval[$mirror['mirror_id']]=$mirror['mirror_name'];
}
@@ -92,21 +94,21 @@ function mirror_get_mirrors_select()
* Get regions.
* @return array
*/
-function mirror_get_regions()
+public static function get_regions()
{
- return db_get("
- SELECT
+ return DB::get("
+ SELECT
mirror_regions.*,
COUNT(mirror_id) as mirrors
- FROM
+ FROM
mirror_regions
LEFT JOIN
mirror_mirror_region_map
ON
mirror_regions.region_id = mirror_mirror_region_map.region_id
GROUP BY
- mirror_regions.region_id
- ",MYSQL_ASSOC);
+ mirror_regions.region_id
+ ",PDO::FETCH_ASSOC);
}
/**
@@ -117,9 +119,10 @@ function mirror_get_regions()
* @param int $rating
* @return bool
*/
-function mirror_insert_mirror($name,$region_id,$baseurl,$rating)
+public static function insert_mirror($name,$region_id,$baseurl,$rating)
{
- return (db_query("INSERT INTO mirror_mirrors(mirror_name,mirror_baseurl,mirror_rating) VALUES('{$name}','{$baseurl}','{$rating}')") && db_query("INSERT INTO mirror_mirror_region_map(mirror_id,region_id) VALUES('".db_insert_id()."','$region_id')"))?true:false;
+ return (DB::query("INSERT INTO mirror_mirrors(mirror_name,mirror_baseurl,mirror_rating) VALUES(?,?,?)", [$name, $baseurl, $rating]) &&
+ DB::query("INSERT INTO mirror_mirror_region_map(mirror_id,region_id) VALUES(?,?)", [DB::insert_id(), $region_id]))?true:false;
}
/**
@@ -130,18 +133,20 @@ function mirror_insert_mirror($name,$region_id,$baseurl,$rating)
* @param int $rating
* @return bool
*/
-function mirror_update_mirror($id,$name,$region_id,$baseurl,$rating)
+public static function update_mirror($id,$name,$region_id,$baseurl,$rating)
{
- return (db_query("UPDATE mirror_mirrors SET mirror_name='{$name}',mirror_baseurl='{$baseurl}',mirror_rating='{$rating}' WHERE mirror_id={$id}") && db_query("UPDATE mirror_mirror_region_map SET region_id={$region_id} WHERE mirror_id={$id}"))?true:false;
+ return (DB::query("UPDATE mirror_mirrors SET mirror_name=?,mirror_baseurl=?,mirror_rating=? WHERE mirror_id=?", [$name, $baseurl, $rating, $id])
+ && DB::query("UPDATE mirror_mirror_region_map SET region_id=? WHERE mirror_id=?", [$region_id, $id]))?true:false;
}
/**
* Delete mirror.
* @return bool
*/
-function mirror_delete_mirror($mirror_id)
+public static function delete_mirror($mirror_id)
{
- return (db_query("DELETE FROM mirror_mirrors WHERE mirror_id={$mirror_id}")&&db_query("DELETE FROM mirror_mirror_region_map WHERE mirror_id={$mirror_id}"))?true:false;
+ return (DB::query("DELETE FROM mirror_mirrors WHERE mirror_id=?", [$mirror_id])
+ && DB::query("DELETE FROM mirror_mirror_region_map WHERE mirror_id=?", [$mirror_id]))?true:false;
}
/**
@@ -149,18 +154,18 @@ function mirror_delete_mirror($mirror_id)
* @param int $mirror_id
* @return array mirror information
*/
-function mirror_get_one_mirror($mirror_id)
+public static function get_one_mirror($mirror_id)
{
- return db_get_one("SELECT mirror_mirrors.*,region_id FROM mirror_mirrors,mirror_mirror_region_map WHERE mirror_mirrors.mirror_id={$mirror_id} AND mirror_mirrors.mirror_id=mirror_mirror_region_map.mirror_id");
+ return DB::get_one("SELECT mirror_mirrors.*,region_id FROM mirror_mirrors JOIN mirror_mirror_region_map USING(mirror_id) WHERE mirror_mirrors.mirror_id=?", PDO::FETCH_ASSOC, [$mirror_id]);
}
/**
* Get list of mirrors.
* @return array
*/
-function mirror_get_mirrors()
+public static function get_mirrors()
{
- return db_get("
+ return DB::get("
SELECT
mirror_mirrors.*,
IF(mirror_mirrors.mirror_active='0','DISABLED','ok') as mirror_active,
@@ -172,7 +177,7 @@ function mirror_get_mirrors()
WHERE
mirror_regions.region_id = mirror_mirror_region_map.region_id AND
mirror_mirrors.mirror_id = mirror_mirror_region_map.mirror_id
- ",MYSQL_ASSOC);
+ ",PDO::FETCH_ASSOC);
}
/**
@@ -181,9 +186,9 @@ function mirror_get_mirrors()
* @param int $priority
* @return bool
*/
-function mirror_insert_product($name,$priority)
+public static function insert_product($name,$priority)
{
- return db_query("INSERT INTO mirror_products(product_name,product_priority) VALUES('{$name}',{$priority})");
+ return DB::query("INSERT INTO mirror_products(product_name,product_priority) VALUES(?,?)", [$name, $priority]);
}
/**
@@ -193,9 +198,9 @@ function mirror_insert_product($name,$priority)
* @param int $priority
* @return bool
*/
-function mirror_update_product($id,$name,$priority)
+public static function update_product($id,$name,$priority)
{
- return db_query("UPDATE mirror_products SET product_name='{$name}',product_priority={$priority} WHERE product_id={$id}");
+ return DB::query("UPDATE mirror_products SET product_name=?,product_priority=? WHERE product_id=?", [$name, $priority, $id]);
}
/**
@@ -203,9 +208,9 @@ function mirror_update_product($id,$name,$priority)
* @param int $id
* @return array
*/
-function mirror_get_one_product($id)
+public static function get_one_product($id)
{
- return db_get_one("SELECT * FROM mirror_products WHERE product_id = {$id}");
+ return DB::get_one("SELECT * FROM mirror_products WHERE product_id = ?", PDO::FETCH_ASSOC ,[$id]);
}
/**
@@ -213,23 +218,18 @@ function mirror_get_one_product($id)
* @param int $id
* @return bool
*/
-function mirror_delete_product($id)
+public static function delete_product($id)
{
- return db_query("DELETE FROM mirror_products WHERE product_id={$id}");
+ return DB::query("DELETE FROM mirror_products WHERE product_id=?", [$id]);
}
/**
* Get products.
* @return array
*/
-function mirror_get_products()
+public static function get_products()
{
- return db_get("
- SELECT
- *
- FROM
- mirror_products
- ",MYSQL_ASSOC);
+ return DB::get("SELECT * FROM mirror_products",PDO::FETCH_ASSOC);
}
/**
@@ -237,10 +237,10 @@ function mirror_get_products()
* @param string $name
* @param int $priority
* @return bool
- */
-function mirror_insert_os($name,$priority)
+ */
+public static function insert_os($name,$priority)
{
- return db_query("INSERT INTO mirror_os(os_name,os_priority) VALUES('{$name}',{$priority})");
+ return DB::query("INSERT INTO mirror_os(os_name,os_priority) VALUES(?,?)", [$name, $priority]);
}
/**
@@ -249,10 +249,10 @@ function mirror_insert_os($name,$priority)
* @param string $name
* @param int $priority
* @return bool
- */
-function mirror_update_os($id,$name,$priority)
+ */
+public static function update_os($id,$name,$priority)
{
- return db_query("UPDATE mirror_os SET os_name='{$name}',os_priority={$priority} WHERE os_id={$id}");
+ return DB::query("UPDATE mirror_os SET os_name=?,os_priority=? WHERE os_id=?", [$name, $priority, $id]);
}
/**
@@ -260,9 +260,9 @@ function mirror_update_os($id,$name,$priority)
* @param int $id
* @return array
*/
-function mirror_get_one_os($id)
+public static function get_one_os($id)
{
- return db_get_one("SELECT * FROM mirror_os WHERE os_id = {$id}");
+ return DB::get_one("SELECT * FROM mirror_os WHERE os_id = ?", PDO::FETCH_ASSOC, [$id]);
}
/**
@@ -270,32 +270,27 @@ function mirror_get_one_os($id)
* @param int $id
* @return bool
*/
-function mirror_delete_os($id)
+public static function delete_os($id)
{
- return db_query("DELETE FROM mirror_os WHERE os_id={$id}");
+ return DB::query("DELETE FROM mirror_os WHERE os_id=?", [$id]);
}
/**
* Get operating systems.
* @return array
*/
-function mirror_get_oss()
+public static function get_oss()
{
- return db_get("
- SELECT
- *
- FROM
- mirror_os
- ",MYSQL_ASSOC);
+ return DB::get("SELECT * FROM mirror_os",PDO::FETCH_ASSOC);
}
/**
* Get an alpha-list of operating systems for select list.
* @return array $oss
*/
-function mirror_get_oss_select()
+public static function get_oss_select()
{
- $oss = db_get("SELECT os_id,os_name FROM mirror_os ORDER BY os_name ASC",MYSQL_ASSOC);
+ $oss = DB::get("SELECT os_id,os_name FROM mirror_os ORDER BY os_name ASC",PDO::FETCH_ASSOC);
foreach ($oss as $os) {
$retval[$os['os_id']]=$os['os_name'];
}
@@ -306,9 +301,9 @@ function mirror_get_oss_select()
* Get an priority-list of operating systems for select list.
* @return array $oss
*/
-function mirror_get_oss_select_priority()
+public static function get_oss_select_priority()
{
- $oss = db_get("SELECT os_id,os_name FROM mirror_os ORDER BY os_priority ASC",MYSQL_ASSOC);
+ $oss = DB::get("SELECT os_id,os_name FROM mirror_os ORDER BY os_priority ASC",PDO::FETCH_ASSOC);
foreach ($oss as $os) {
$retval[$os['os_id']]=$os['os_name'];
}
@@ -319,9 +314,9 @@ function mirror_get_oss_select_priority()
* Get an alpha-list of products for select list.
* @return array $products
*/
-function mirror_get_products_select()
+public static function get_products_select()
{
- $products = db_get("SELECT product_id,product_name FROM mirror_products ORDER BY product_name ASC",MYSQL_ASSOC);
+ $products = DB::get("SELECT product_id,product_name FROM mirror_products ORDER BY product_name ASC",PDO::FETCH_ASSOC);
foreach ($products as $product) {
$retval[$product['product_id']]=$product['product_name'];
}
@@ -332,9 +327,9 @@ function mirror_get_products_select()
* Get an priority-list of operating systems for select list.
* @return array $oss
*/
-function mirror_get_products_select_priority()
+public static function get_products_select_priority()
{
- $products = db_get("SELECT product_id,product_name FROM mirror_products ORDER BY product_priority ASC",MYSQL_ASSOC);
+ $products = DB::get("SELECT product_id,product_name FROM mirror_products ORDER BY product_priority ASC",PDO::FETCH_ASSOC);
foreach ($products as $product) {
$retval[$product['product_id']]=$product['product_name'];
}
@@ -348,9 +343,9 @@ function mirror_get_products_select_priority()
* @param string $path
* @return bool
*/
-function mirror_insert_location($product,$os,$path)
+public static function insert_location($product,$os,$path)
{
- return db_query("INSERT INTO mirror_locations(product_id,os_id,location_path) VALUES({$product},{$os},'{$path}')");
+ return DB::query("INSERT INTO mirror_locations(product_id,os_id,location_path) VALUES(?,?,?)", [$product, $os, $path]);
}
/**
@@ -361,9 +356,9 @@ function mirror_insert_location($product,$os,$path)
* @param string $path
* @return bool
*/
-function mirror_update_location($location,$product,$os,$path)
+public static function update_location($location,$product,$os,$path)
{
- return db_query("UPDATE mirror_locations SET product_id={$product},os_id={$os},location_path='{$path}' WHERE location_id={$location}");
+ return DB::query("UPDATE mirror_locations SET product_id=?,os_id=?,location_path=? WHERE location_id=?", [$product, $os, $path, $location]);
}
/**
@@ -371,18 +366,18 @@ function mirror_update_location($location,$product,$os,$path)
* @param int $id
* @return bool
*/
-function mirror_delete_location($id)
+public static function delete_location($id)
{
- return db_query("DELETE FROM mirror_locations WHERE location_id={$id}");
+ return DB::query("DELETE FROM mirror_locations WHERE location_id=?", [$id]);
}
/**
* Get locations.
* @return array $locations array containing all location information.
*/
-function mirror_get_locations()
+public static function get_locations()
{
- return db_get("
+ return DB::get("
SELECT
location_id,
product_name,
@@ -395,7 +390,7 @@ function mirror_get_locations()
WHERE
mirror_locations.product_id = mirror_products.product_id AND
mirror_locations.os_id = mirror_os.os_id
- ");
+ ");
}
/**
@@ -403,9 +398,9 @@ function mirror_get_locations()
* @param int $id
* @return array
*/
-function mirror_get_one_location($id)
+public static function get_one_location($id)
{
- return db_get_one("SELECT * FROM mirror_locations WHERE location_id = {$id}");
+ return DB::get_one("SELECT * FROM mirror_locations WHERE location_id = ?", PDO::FETCH_ASSOC, [$id]);
}
/**
@@ -418,10 +413,12 @@ function mirror_get_one_location($id)
* @param string $email
* @return bool
*/
-function mirror_insert_user($username,$password,$rpassword,$firstname,$lastname,$email)
+public static function insert_user($username,$password,$rpassword,$firstname,$lastname,$email)
{
if ($password==$rpassword) {
- return db_query("INSERT INTO mirror_users(username,password,user_firstname,user_lastname,user_email) VALUES('{$username}',MD5('{$password}'),'{$firstname}','{$lastname}','{$email}')");
+ $passwordHash = password_hash($password, PASSWORD_DEFAULT);
+ return DB::query("INSERT INTO mirror_users(username,password,user_firstname,user_lastname,user_email) VALUES(?,?,?,?,?)",
+ [$username, $passwordHash, $firstname, $lastname, $email]);
} else {
set_error('User could not be added because passwords did not match.');
}
@@ -438,10 +435,15 @@ function mirror_insert_user($username,$password,$rpassword,$firstname,$lastname,
* @param string $email
* @return bool
*/
-function mirror_update_user($user,$username,$password,$rpassword,$firstname,$lastname,$email)
+public static function update_user($user,$username,$password,$rpassword,$firstname,$lastname,$email)
{
- $query = ($password==$rpassword&&!empty($password))?"UPDATE mirror_users SET username='{$username}',password=MD5('{$password}'),user_firstname='{$firstname}',user_lastname='{$lastname}',user_email='{$email}' WHERE user_id={$user}":"UPDATE mirror_users SET username='{$username}',user_firstname='{$firstname}',user_lastname='{$lastname}',user_email='{$email}' WHERE user_id={$user}";
- return db_query($query);
+ if($password==$rpassword&&!empty($password)) {
+ $passwordHash = password_hash($password, PASSWORD_DEFAULT);
+ return DB::query("UPDATE mirror_users SET username=?,password=?,user_firstname=?,user_lastname=?,user_email=? WHERE user_id=?",
+ [$username, $passwordHash, $firstname, $lastname, $email, $user]);
+ }
+ return DB::query("UPDATE mirror_users SET username=?,user_firstname=?,user_lastname=?,user_email=? WHERE user_id=?",
+ [$username, $firstname, $lastname, $email, $user]);
}
/**
@@ -449,18 +451,18 @@ function mirror_update_user($user,$username,$password,$rpassword,$firstname,$las
* @param int $id
* @return bool
*/
-function mirror_delete_user($id)
+public static function delete_user($id)
{
- return db_query("DELETE FROM mirror_users WHERE user_id={$id}");
+ return DB::query("DELETE FROM mirror_users WHERE user_id=?", [$id]);
}
/**
* Get users.
* @return array $users array containing all user information.
*/
-function mirror_get_users()
+public static function get_users()
{
- return db_get("SELECT * FROM mirror_users");
+ return DB::get("SELECT * FROM mirror_users");
}
/**
@@ -468,9 +470,9 @@ function mirror_get_users()
* @param int $id
* @return array
*/
-function mirror_get_one_user($id)
+public static function get_one_user($id)
{
- return db_get_one("SELECT * FROM mirror_users WHERE user_id = {$id}");
+ return DB::get_one("SELECT * FROM mirror_users WHERE user_id = ?", PDO::FETCH_ASSOC, [$id]);
}
/**
@@ -478,18 +480,18 @@ function mirror_get_one_user($id)
* @param int $mirror
* @return bool
*/
-function mirror_toggle($mirror)
+public static function toggle($mirror)
{
- return (db_toggle_bool('mirror_mirrors','mirror_id','mirror_active',$mirror))?true:false;
+ return (DB::query("UPDATE mirror_mirrors SET mirror_active = IF(mirror_active = '1', '0', '1') WHERE mirror_id = ?", [$mirror]))?true:false;
}
/**
* Get mirror statistics.
* @return array $stats
*/
-function mirror_get_mirror_stats()
+public static function get_mirror_stats()
{
- return db_get("
+ return DB::get("
SELECT
*,
COUNT(mirror_log.mirror_id) as count
@@ -511,9 +513,9 @@ function mirror_get_mirror_stats()
* Get product statistics.
* @return array $stats
*/
-function mirror_get_product_stats()
+public static function get_product_stats()
{
- return db_get("
+ return DB::get("
SELECT
*,
COUNT(mirror_locations.product_id) as count
@@ -528,4 +530,3 @@ function mirror_get_product_stats()
mirror_locations.product_id
");
}
-?>
diff --git a/php/rss/download-counts.php b/php/rss/download-counts.php
index 4559647..94d96dc 100644
--- a/php/rss/download-counts.php
+++ b/php/rss/download-counts.php
@@ -8,11 +8,10 @@
require_once('../cfg/config.php'); // config file
require_once(LIB.'/db.php'); // core mysql wrappers
-db_connect(DBHOST,DBUSER,DBPASS); // open persistent connection to db
-db_select(DBNAME); // select db
+DB::connect(DBHOST,DBUSER,DBPASS,DBNAME); // open persistent connection to db
// get download counts per product
-$data = db_get("SELECT * FROM mirror_products ORDER BY product_name");
+$data = DB::get("SELECT * FROM mirror_products ORDER BY product_name");
// time to go at the end of each item
$now = date('G',time());
@@ -52,4 +51,3 @@ foreach ($data as $product) {
}
echo "\n".'</rdf:RDF>';
-?>