From fc4511f389be3335bbcf6e621da25f93fc0abb0c Mon Sep 17 00:00:00 2001 From: Andre Lorbach Date: Tue, 8 Oct 2013 16:12:44 +0200 Subject: [PATCH] Added changelog entries and fixed some SQL Queries from last commits --- ChangeLog | 9 +++++ src/include/functions_common.php | 4 +-- src/include/functions_config.php | 58 ++++++++++++++++---------------- src/include/functions_users.php | 4 +-- 4 files changed, 42 insertions(+), 33 deletions(-) diff --git a/ChangeLog b/ChangeLog index 10f5ac0..78a43f6 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,13 @@ --------------------------------------------------------------------------- +Version 3.6.5 (stable), 2013-10-08 +- LogStreamDB Driver: Added backticks arround tablenames + in all SQL Statements. +- LogStreamPDO Driver: Added backticks arround tablenames + in all SQL Statements +- LogStreamPDO Driver: Fixed hardcoded tablename in trigger + create statement +- UserDB: Added backticks arround tablenames in all SQL Statements +--------------------------------------------------------------------------- Version 3.6.4 (stable), 2013-08-16 - Added MYSQL hint in install script when enabling User Database System. - Using default header encoding in GetStringWithHTMLCodes() function now. diff --git a/src/include/functions_common.php b/src/include/functions_common.php index 4c8305e..05aad4a 100644 --- a/src/include/functions_common.php +++ b/src/include/functions_common.php @@ -66,7 +66,7 @@ $LANG_EN = "en"; // Used for fallback $LANG = "en"; // Default language // Default Template vars -$content['BUILDNUMBER'] = "3.6.4"; +$content['BUILDNUMBER'] = "3.6.5"; $content['UPDATEURL'] = "http://loganalyzer.adiscon.com/files/version.txt"; $content['TITLE'] = "Adiscon LogAnalyzer :: Release " . $content['BUILDNUMBER']; // Default page title $content['BASEPATH'] = $gl_root_path; @@ -1932,7 +1932,7 @@ function GetErrorMessage($errorCode) case ERROR_DB_CANNOTSELECTDB: return $content['LN_ERROR_DB_CANNOTSELECTDB']; case ERROR_DB_QUERYFAILED: - return $content['LN_ERROR_DB_QUERYFAILED']; + return isset($content['LN_ERROR_DB_QUERYFAILED']) ? $content['LN_ERROR_DB_QUERYFAILED'] : $errorCode; case ERROR_DB_NOPROPERTIES: return $content['LN_ERROR_DB_NOPROPERTIES']; case ERROR_DB_INVALIDDBMAPPING: diff --git a/src/include/functions_config.php b/src/include/functions_config.php index 7844f7f..f581b81 100644 --- a/src/include/functions_config.php +++ b/src/include/functions_config.php @@ -405,8 +405,8 @@ function InitReportModules($szRootPath = "") DB_SAVEDREPORTS . ".outputTargetDetails, " . DB_SAVEDREPORTS . ".scheduleSettings " . " FROM `" . DB_SAVEDREPORTS . "`" . - " WHERE `" . DB_SAVEDREPORTS . ".reportid` = '" . $myReportID . "' " . - " ORDER BY `" . DB_SAVEDREPORTS . ".customTitle`"; + " WHERE `" . DB_SAVEDREPORTS . "`.reportid = '" . $myReportID . "' " . + " ORDER BY `" . DB_SAVEDREPORTS . "`.customTitle"; // Get Views from DB now! $result = DB_Query($sqlquery); @@ -683,7 +683,7 @@ function LoadDBMappingsFromDatabase() DB_MAPPINGS . ".DisplayName, " . DB_MAPPINGS . ".Mappings " . " FROM `" . DB_MAPPINGS . "`" . - " ORDER BY `" . DB_MAPPINGS . ".DisplayName`"; + " ORDER BY `" . DB_MAPPINGS . "`.DisplayName"; // Get Views from DB now! $result = DB_Query($sqlquery); @@ -765,7 +765,7 @@ function LoadFieldsFromDatabase() DB_FIELDS . ".Trunscate, " . DB_FIELDS . ".Sortable " . " FROM `" . DB_FIELDS . "`" . - " ORDER BY `" . DB_FIELDS . ".FieldCaption`"; + " ORDER BY `" . DB_FIELDS . "`.FieldCaption"; // --- // Get Searches from DB now! @@ -818,12 +818,12 @@ function LoadSearchesFromDatabase() // --- Create SQL Query // Create Where for USERID if ( isset($content['SESSION_LOGGEDIN']) && $content['SESSION_LOGGEDIN'] ) - $szWhereUser = " OR `" . DB_SEARCHES . ".userid` = " . $content['SESSION_USERID'] . " "; + $szWhereUser = " OR `" . DB_SEARCHES . "`.userid = " . $content['SESSION_USERID'] . " "; else $szWhereUser = ""; if ( isset($content['SESSION_GROUPIDS']) ) - $szGroupWhere = " OR `" . DB_SEARCHES . ".groupid` IN (" . $content['SESSION_GROUPIDS'] . ")"; + $szGroupWhere = " OR `" . DB_SEARCHES . "`.groupid IN (" . $content['SESSION_GROUPIDS'] . ")"; else $szGroupWhere = ""; $sqlquery = " SELECT " . @@ -835,12 +835,12 @@ function LoadSearchesFromDatabase() DB_USERS . ".username, " . DB_GROUPS . ".groupname " . " FROM `" . DB_SEARCHES . "`" . - " LEFT OUTER JOIN (`" . DB_USERS . "`) ON (`" . DB_SEARCHES . ".userid`=`" . DB_USERS . ".ID` ) " . - " LEFT OUTER JOIN (`" . DB_GROUPS . "`) ON (`" . DB_SEARCHES . ".groupid`=`" . DB_GROUPS . ".ID` ) " . - " WHERE (`" . DB_SEARCHES . ".userid` IS NULL AND `" . DB_SEARCHES . ".groupid` IS NULL) " . + " LEFT OUTER JOIN (`" . DB_USERS . "`) ON (`" . DB_SEARCHES . "`.userid=`" . DB_USERS . "`.ID ) " . + " LEFT OUTER JOIN (`" . DB_GROUPS . "`) ON (`" . DB_SEARCHES . "`.groupid=`" . DB_GROUPS . "`.ID ) " . + " WHERE (`" . DB_SEARCHES . "`.userid IS NULL AND `" . DB_SEARCHES . "`.groupid IS NULL) " . $szWhereUser . $szGroupWhere . - " ORDER BY `" . DB_SEARCHES . ".userid`, `" . DB_SEARCHES . ".groupid`, `" . DB_SEARCHES . ".DisplayName`"; + " ORDER BY `" . DB_SEARCHES . "`.userid, `" . DB_SEARCHES . "`.groupid, `" . DB_SEARCHES . "`.DisplayName"; // --- // Get Searches from DB now! @@ -884,12 +884,12 @@ function LoadChartsFromDatabase() // --- Create SQL Query // Create Where for USERID if ( isset($content['SESSION_LOGGEDIN']) && $content['SESSION_LOGGEDIN'] ) - $szWhereUser = " OR `" . DB_CHARTS . ".userid` = " . $content['SESSION_USERID'] . " "; + $szWhereUser = " OR `" . DB_CHARTS . "`.userid = " . $content['SESSION_USERID'] . " "; else $szWhereUser = ""; if ( isset($content['SESSION_GROUPIDS']) ) - $szGroupWhere = " OR `" . DB_CHARTS . ".groupid` IN (" . $content['SESSION_GROUPIDS'] . ")"; + $szGroupWhere = " OR `" . DB_CHARTS . "`.groupid IN (" . $content['SESSION_GROUPIDS'] . ")"; else $szGroupWhere = ""; $sqlquery = " SELECT " . @@ -907,12 +907,12 @@ function LoadChartsFromDatabase() DB_USERS . ".username, " . DB_GROUPS . ".groupname " . " FROM `" . DB_CHARTS . "`" . - " LEFT OUTER JOIN (`" . DB_USERS . "`) ON (`" . DB_CHARTS . ".userid`=`" . DB_USERS . ".ID` ) " . - " LEFT OUTER JOIN (`" . DB_GROUPS . "`) ON (`" . DB_CHARTS . ".groupid`=`" . DB_GROUPS . ".ID` ) " . - " WHERE (`" . DB_CHARTS . ".userid` IS NULL AND `" . DB_CHARTS . ".groupid` IS NULL) " . + " LEFT OUTER JOIN (`" . DB_USERS . "`) ON (`" . DB_CHARTS . "`.userid=`" . DB_USERS . "`.ID ) " . + " LEFT OUTER JOIN (`" . DB_GROUPS . "`) ON (`" . DB_CHARTS . "`.groupid=`" . DB_GROUPS . "`.ID ) " . + " WHERE (`" . DB_CHARTS . "`.userid IS NULL AND `" . DB_CHARTS . "`.groupid IS NULL) " . $szWhereUser . $szGroupWhere . - " ORDER BY `" . DB_CHARTS . ".userid`, `" . DB_CHARTS . ".groupid`, `" . DB_CHARTS . ".DisplayName`"; + " ORDER BY `" . DB_CHARTS . "`.userid, `" . DB_CHARTS . "`.groupid, `" . DB_CHARTS . "`.DisplayName"; // --- // Get Searches from DB now! @@ -944,12 +944,12 @@ function LoadViewsFromDatabase() // --- Create SQL Query // Create Where for USERID if ( isset($content['SESSION_LOGGEDIN']) && $content['SESSION_LOGGEDIN'] ) - $szWhereUser = " OR `" . DB_VIEWS . ".userid` = " . $content['SESSION_USERID'] . " "; + $szWhereUser = " OR `" . DB_VIEWS . "`.userid = " . $content['SESSION_USERID'] . " "; else $szWhereUser = ""; if ( isset($content['SESSION_GROUPIDS']) ) - $szGroupWhere = " OR `" . DB_VIEWS . ".groupid` IN (" . $content['SESSION_GROUPIDS'] . ")"; + $szGroupWhere = " OR `" . DB_VIEWS . "`.groupid IN (" . $content['SESSION_GROUPIDS'] . ")"; else $szGroupWhere = ""; $sqlquery = " SELECT " . @@ -960,13 +960,13 @@ function LoadViewsFromDatabase() DB_VIEWS . ".groupid, " . DB_USERS . ".username, " . DB_GROUPS . ".groupname " . - " FROM `" . DB_VIEWS . - " LEFT OUTER JOIN (`" . DB_USERS . "`) ON (`" . DB_VIEWS . ".userid`=`" . DB_USERS . ".ID` ) " . - " LEFT OUTER JOIN (`" . DB_GROUPS . "`) ON (`" . DB_VIEWS . ".groupid`=`" . DB_GROUPS . ".ID` ) " . - " WHERE (`" . DB_VIEWS . ".userid` IS NULL AND `" . DB_VIEWS . ".groupid` IS NULL) " . + " FROM `" . DB_VIEWS . "`" . + " LEFT OUTER JOIN (`" . DB_USERS . "`) ON (`" . DB_VIEWS . "`.userid=`" . DB_USERS . "`.ID ) " . + " LEFT OUTER JOIN (`" . DB_GROUPS . "`) ON (`" . DB_VIEWS . "`.groupid=`" . DB_GROUPS . "`.ID ) " . + " WHERE (`" . DB_VIEWS . "`.userid IS NULL AND `" . DB_VIEWS . "`.groupid IS NULL) " . $szWhereUser . $szGroupWhere . - " ORDER BY `" . DB_VIEWS . ".userid`, `" . DB_VIEWS . ".groupid`, `" . DB_VIEWS . ".DisplayName`"; + " ORDER BY `" . DB_VIEWS . "`.userid, `" . DB_VIEWS . "`.groupid, `" . DB_VIEWS . "`.DisplayName"; // --- // Get Views from DB now! @@ -1008,12 +1008,12 @@ function LoadSourcesFromDatabase() // --- Create SQL Query // Create Where for USERID if ( isset($content['SESSION_LOGGEDIN']) && $content['SESSION_LOGGEDIN'] ) - $szWhereUser = " OR `" . DB_SOURCES . ".userid` = " . $content['SESSION_USERID'] . " "; + $szWhereUser = " OR `" . DB_SOURCES . "`.userid = " . $content['SESSION_USERID'] . " "; else $szWhereUser = ""; if ( isset($content['SESSION_GROUPIDS']) ) - $szGroupWhere = " OR `" . DB_SOURCES . ".groupid` IN (" . $content['SESSION_GROUPIDS'] . ")"; + $szGroupWhere = " OR `" . DB_SOURCES . "`.groupid IN (" . $content['SESSION_GROUPIDS'] . ")"; else $szGroupWhere = ""; $sqlquery = " SELECT " . @@ -1021,12 +1021,12 @@ function LoadSourcesFromDatabase() DB_USERS . ".username, " . DB_GROUPS . ".groupname " . " FROM `" . DB_SOURCES . "`" . - " LEFT OUTER JOIN (`" . DB_USERS . "`) ON (`" . DB_SOURCES . ".userid`=`" . DB_USERS . ".ID` ) " . - " LEFT OUTER JOIN (`" . DB_GROUPS . "`) ON (`" . DB_SOURCES . ".groupid`=`" . DB_GROUPS . ".ID` ) " . - " WHERE (`" . DB_SOURCES . ".userid` IS NULL AND `" . DB_SOURCES . ".groupid` IS NULL) " . + " LEFT OUTER JOIN (`" . DB_USERS . "`) ON (`" . DB_SOURCES . "`.userid=`" . DB_USERS . "`.ID ) " . + " LEFT OUTER JOIN (`" . DB_GROUPS . "`) ON (`" . DB_SOURCES . "`.groupid=`" . DB_GROUPS . "`.ID ) " . + " WHERE (`" . DB_SOURCES . "`.userid IS NULL AND `" . DB_SOURCES . "`.groupid IS NULL) " . $szWhereUser . $szGroupWhere . - " ORDER BY `" . DB_SOURCES . ".userid`, `" . DB_SOURCES . ".groupid`, `" . DB_SOURCES . ".Name`"; + " ORDER BY `" . DB_SOURCES . "`.userid, `" . DB_SOURCES . "`.groupid, `" . DB_SOURCES . "`.Name"; // --- // Get Sources from DB now! $result = DB_Query($sqlquery); diff --git a/src/include/functions_users.php b/src/include/functions_users.php index 24cf5a5..41996fa 100644 --- a/src/include/functions_users.php +++ b/src/include/functions_users.php @@ -201,7 +201,7 @@ function CheckUserLogin( $username, $password ) $sqlquery = "SELECT " . DB_GROUPMEMBERS . ".groupid, " . DB_GROUPMEMBERS . ".is_member " . - "FROM `" . DB_GROUPMEMBERS . "` WHERE userid = " . $content['SESSION_USERID'] . " AND `" . DB_GROUPMEMBERS . ".is_member` = 1"; + "FROM `" . DB_GROUPMEMBERS . "` WHERE userid = " . $content['SESSION_USERID'] . " AND `" . DB_GROUPMEMBERS . "`.is_member = 1"; $result = DB_Query($sqlquery); $myrows = DB_GetAllRows($result, true); if ( isset($myrows ) && count($myrows) > 0 ) @@ -488,7 +488,7 @@ function GetGroupsForSelectfield() DB_GROUPS . ".ID as mygroupid, " . DB_GROUPS . ".groupname " . "FROM `" . DB_GROUPS . "`" . - " ORDER BY `" . DB_GROUPS . ".groupname`"; + " ORDER BY `" . DB_GROUPS . "`.groupname"; $result = DB_Query($sqlquery); $mygroups = DB_GetAllRows($result, true); if ( isset($mygroups) && count($mygroups) > 0 )