From b4e6c2f9bba754093e01c0d5771a6f99be1412b3 Mon Sep 17 00:00:00 2001 From: Thomas Weinhold Date: Fri, 25 Sep 2020 23:38:55 +0200 Subject: [PATCH] fixing database accesses --- includes/mysql.php | 8 +++---- includes/user.php | 12 +++++------ pages/consistency_check_databse.php | 20 ++++++++--------- pages/edit_types.php | 33 ++++++++++++++++------------- pages/edit_vendors.php | 4 ++-- 5 files changed, 40 insertions(+), 37 deletions(-) diff --git a/includes/mysql.php b/includes/mysql.php index 7a6755e..7edbc5a 100755 --- a/includes/mysql.php +++ b/includes/mysql.php @@ -6,8 +6,8 @@ if (!$GlobalMysqlHandler) { $err_msg = "Cannot connect to mysql database \"$GlobalMysqlHost\" as \"$GlobalMysqlUser\"!"; - $err_msg += "\nErrno: " . mysqli_connect_errno(); - $err_msg += "\nError: " . mysqli_connect_error(); + $err_msg .= "\nErrno: " . mysqli_connect_errno(); + $err_msg .= "\nError: " . mysqli_connect_error(); ErrorLog($err_msg); $MysqlErrorsArePresent = 1; } @@ -16,8 +16,8 @@ if (!mysqli_select_db($GlobalMysqlHandler, $GlobalMysqlDatabase)) { $err_msg = "Cannot select mysql database \"$GlobalMysqlDatabase\"!"; - $err_msg += "\nErrno: " . mysqli_connect_errno(); - $err_msg += "\nError: " . mysqli_connect_error(); + $err_msg .= "\nErrno: " . mysqli_connect_errno(); + $err_msg .= "\nError: " . mysqli_connect_error(); ErrorLog($err_msg); $MysqlErrorsArePresent = 2; } diff --git a/includes/user.php b/includes/user.php index 0874dc4..609862c 100755 --- a/includes/user.php +++ b/includes/user.php @@ -6,11 +6,11 @@ if ($ToDo=="Login") { $Login = (isset($_POST['Login'])) ? $_POST['Login'] :""; $Password = (isset($_POST['Password'])) ? md5($_POST['Password']):""; - + if ($Login=="root") { global $CfgRootPassword; - + if ($Password==$CfgRootPassword) { MessageSuccess(LangSpell('ScentenceLoginSucceeded')."\n"); @@ -24,7 +24,7 @@ if ($ToDo=="Login") $_SESSION['Id']=0; $_SESSION['Login']=""; $_SESSION['Time']=0; - } + } } else if ($Login) { @@ -47,7 +47,7 @@ if ($ToDo=="Login") $_SESSION['Id']=0; $_SESSION['Login']=""; $_SESSION['Time']=0; - } + } } else { @@ -149,10 +149,10 @@ function UserLoadSettings() global $GlobalTemplate; global $CfgStdTemplate; - + global $GlobalLanguage; global $CfgStdLanguage; - + if (isset($_SESSION['Id']) && $_SESSION['Id']>0) { $LoadQuery="SELECT `Template` , `Language` FROM `User` WHERE `Id` =".$_SESSION['Id']; diff --git a/pages/consistency_check_databse.php b/pages/consistency_check_databse.php index c998888..98a5a2d 100755 --- a/pages/consistency_check_databse.php +++ b/pages/consistency_check_databse.php @@ -85,16 +85,16 @@ if (UserGetLogin()=="root") mysqli_query($CheckHandler, 'ALTER TABLE `Types` DROP PRIMARY KEY , ADD PRIMARY KEY ( `Id` )'); mysqli_query($CheckHandler, 'ALTER TABLE `Types` CHANGE `Id` `Id` INT( 11 ) NOT NULL AUTO_INCREMENT '); mysqli_query($CheckHandler, 'ALTER TABLE `Types` ADD `Name` varchar(100) COLLATE utf8_unicode_ci NOT NULL'); - mysqli_query($CheckHandler, 'ALTER TABLE `Types` ADD `ShortName` varchar(10) COLLATE utf8_unicode_ci NOT NULL'); - mysqli_query($CheckHandler, 'ALTER TABLE `Types` ADD `NameValue1` varchar(50) COLLATE utf8_unicode_ci NOT NULL'); - mysqli_query($CheckHandler, 'ALTER TABLE `Types` ADD `UnitValue1` varchar(20) COLLATE utf8_unicode_ci NOT NULL'); - mysqli_query($CheckHandler, 'ALTER TABLE `Types` ADD `NameValue2` varchar(50) COLLATE utf8_unicode_ci NOT NULL'); - mysqli_query($CheckHandler, 'ALTER TABLE `Types` ADD `UnitValue2` varchar(20) COLLATE utf8_unicode_ci NOT NULL'); - mysqli_query($CheckHandler, 'ALTER TABLE `Types` ADD `NameValue3` varchar(50) COLLATE utf8_unicode_ci NOT NULL'); - mysqli_query($CheckHandler, 'ALTER TABLE `Types` ADD `UnitValue3` varchar(20) COLLATE utf8_unicode_ci NOT NULL'); - mysqli_query($CheckHandler, 'ALTER TABLE `Types` ADD `ParentId` int(11) NOT NULL'); - mysqli_query($CheckHandler, 'ALTER TABLE `Types` ADD `LockId` int(11) NOT NULL'); - mysqli_query($CheckHandler, 'ALTER TABLE `Types` ADD `LockTime` int(11) NOT NULL'); + mysqli_query($CheckHandler, "ALTER TABLE `Types` ADD `ShortName` varchar(10) COLLATE utf8_unicode_ci NOT NULL DEFAULT ''"); + mysqli_query($CheckHandler, "ALTER TABLE `Types` ADD `NameValue1` varchar(50) COLLATE utf8_unicode_ci NOT NULL DEFAULT ''"); + mysqli_query($CheckHandler, "ALTER TABLE `Types` ADD `UnitValue1` varchar(20) COLLATE utf8_unicode_ci NOT NULL DEFAULT ''"); + mysqli_query($CheckHandler, "ALTER TABLE `Types` ADD `NameValue2` varchar(50) COLLATE utf8_unicode_ci NOT NULL DEFAULT ''"); + mysqli_query($CheckHandler, "ALTER TABLE `Types` ADD `UnitValue2` varchar(20) COLLATE utf8_unicode_ci NOT NULL DEFAULT ''"); + mysqli_query($CheckHandler, "ALTER TABLE `Types` ADD `NameValue3` varchar(50) COLLATE utf8_unicode_ci NOT NULL DEFAULT ''"); + mysqli_query($CheckHandler, "ALTER TABLE `Types` ADD `UnitValue3` varchar(20) COLLATE utf8_unicode_ci NOT NULL DEFAULT ''"); + mysqli_query($CheckHandler, "ALTER TABLE `Types` ADD `ParentId` int(11) NOT NULL"); + mysqli_query($CheckHandler, "ALTER TABLE `Types` ADD `LockId` int(11) NOT NULL DEFAULT '0'"); + mysqli_query($CheckHandler, "ALTER TABLE `Types` ADD `LockTime` int(11) NOT NULL DEFAULT '0'"); //User mysqli_query($CheckHandler, 'CREATE TABLE IF NOT EXISTS `User` ( `Id` int(11) NOT NULL AUTO_INCREMENT, PRIMARY KEY (`Id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; '); mysqli_query($CheckHandler, 'ALTER TABLE `User` ADD `Id` int(11) NOT NULL AUTO_INCREMENT'); diff --git a/pages/edit_types.php b/pages/edit_types.php index b2c6ec9..eb7bb59 100755 --- a/pages/edit_types.php +++ b/pages/edit_types.php @@ -8,14 +8,14 @@ function WriteTypeList($ParentId, $ParentIsLocked) global $GlobalContent; global $GlobalTemplate; global $EditTypesEditId; - + $ListQuery="SELECT * FROM `Types` WHERE `ParentId` =$ParentId"; $ListQuery=mysqli_query($GlobalMysqlHandler, $ListQuery); if (!$ParentId || NestedListVisibilityIsSet($ParentId, 'EditTypes')) - $GlobalContent .= "