Browse code

sql-abfragen abstrahiert

git-svn-id: https://svn.schokokeks.org/repos/tools/webinterface/trunk@512 87cf0b9e-d624-0410-a070-f6ee81989793

bernd authored on18/06/2007 08:19:16
Showing7 changed files
... ...
@@ -2,6 +2,21 @@
2 2
 
3 3
 require_once('inc/db_connect.php');
4 4
 
5
+
6
+function db_query($query)
7
+{
8
+  DEBUG($query);
9
+  $result = @mysql_query($query);
10
+  if (mysql_error())
11
+  {
12
+    $error = mysql_error();
13
+    logger("inc/base.php", "dberror", "mysql error: {$error}");
14
+    system_failure('Beim Datenbankzugriff ist ein Fehler aufgetreten. Sollte dies wiederholt vorkommen, senden Sie bitte die Fehlermeldung ('.$error.') an einen Administrator.');
15
+  }
16
+  return $result; 
17
+}
18
+
19
+
5 20
 function logger($scriptname, $scope, $message)
6 21
 {
7 22
   $user = 'NULL';
... ...
@@ -16,12 +31,7 @@ function logger($scriptname, $scope, $message)
16 31
   $scope = mysql_real_escape_string($scope);
17 32
   $message = mysql_real_escape_string($message);
18 33
 
19
-  $query = "INSERT INTO misc.scriptlog (remote, user,scriptname,scope,message) VALUES ('{$remote}', {$user}, '{$scriptname}', '{$scope}', '{$message}');";
20
-  DEBUG($query);
21
-  @mysql_query($query);
22
-  if (mysql_error())
23
-    system_failure(mysql_error());
24
-
34
+  db_query("INSERT INTO misc.scriptlog (remote, user,scriptname,scope,message) VALUES ('{$remote}', {$user}, '{$scriptname}', '{$scope}', '{$message}');");
25 35
 }
26 36
 
27 37
 
... ...
@@ -16,12 +16,7 @@ function get_domain_names($customerno, $uid = NULL)
16 16
   {
17 17
     $query .= " kunde={$customerno};";
18 18
   }
19
-  DEBUG('Datenbank-Query (get_domain_names): '.$query."<br />\n");
20
-
21
-  $result = @mysql_query($query);
22
-  if (@mysql_error())
23
-    system_failure('Die Domains zu Ihrem Account konnten nicht ermittelt werden. Bitte melden Sie diesen Fehler an einen Administrator. Die Fehlermeldung der Datenbank ist: '.mysql_error());
24
-
19
+  $result = db_query($query);
25 20
   $domains = array();
26 21
   DEBUG('Result set is '.mysql_num_rows($result)." rows.<br />\n");
27 22
   if (mysql_num_rows($result) > 0)
... ...
@@ -43,9 +38,7 @@ function get_domain_name($domid)
43 38
   $domid = (int) $domid;
44 39
   static $domainlist = array();
45 40
 
46
-  $query = "SELECT CONCAT_WS('.', domainname, tld) AS domainname FROM kundendaten.domains WHERE id=$domid;";
47
-  DEBUG($query);
48
-  $result = mysql_query($query);
41
+  $result = db_query("SELECT CONCAT_WS('.', domainname, tld) AS domainname FROM kundendaten.domains WHERE id=$domid;");
49 42
   if (@mysql_num_rows($result) > 0)
50 43
     return mysql_fetch_object($result)->domainname;
51 44
   else
... ...
@@ -58,9 +51,7 @@ function get_jabberable_domains()
58 51
 {
59 52
   require_role(ROLE_CUSTOMER);
60 53
   $customerno = (int) $_SESSION['customerinfo']['customerno'];
61
-  $query = "SELECT id, CONCAT_WS('.', domainname, tld) AS name FROM kundendaten.domains WHERE jabber=1 AND kunde={$customerno}";
62
-  DEBUG($query);
63
-  $result = mysql_query($query);
54
+  $result = db_query("SELECT id, CONCAT_WS('.', domainname, tld) AS name FROM kundendaten.domains WHERE jabber=1 AND kunde={$customerno}");
64 55
   
65 56
   $domains = array(array('id' => 0, 'name' => 'schokokeks.org'));
66 57
   if (mysql_num_rows($result) > 0)
... ...
@@ -72,30 +63,4 @@ function get_jabberable_domains()
72 63
 
73 64
 }
74 65
 
75
-
76
-
77
-/*
78
-function get_mail_virtualdomain($domain)
79
-{
80
-	$config = array();
81
-	$lines = file('/home/webadmin/cache/virtualdomains');
82
-	foreach ($lines as $line)
83
-	{
84
-		$line = chop($line);
85
-		$fields = explode(':', $line, 3);
86
-		if ($fields[0] == $domain)
87
-			array_push($config, array('subdomain' => '', 
88
-						'user' => $fields[1],
89
-						'prefix' => $fields[2]));
90
-		if (ereg('^.*\.'.$domain, $fields[0]))
91
-			array_push($config, array('subdomain' => ereg_replace('^(.*)\.'.$domain, '\1', $fields[0]),
92
-						'user' => $fields[1],
93
-						'prefix' => $fields[2]));
94
-	}
95
-	return $config;
96
-}
97
-*/
98
-
99
-
100
-
101 66
 ?>
... ...
@@ -7,11 +7,7 @@ require_once('inc/base.php');
7 7
 function mailaccounts($uid)
8 8
 {
9 9
   $uid = (int) $uid;
10
-  $query = "SELECT m.id,concat_ws('@',`m`.`local`,if(isnull(`m`.`domain`),_utf8'schokokeks.org',`d`.`domainname`)) AS `account`, `m`.`password` AS `cryptpass`,`m`.`maildir` AS `maildir`,aktiv from (`mail`.`mailaccounts` `m` left join `mail`.`v_domains` `d` on((`d`.`id` = `m`.`domain`))) WHERE m.uid=$uid";
11
-  DEBUG("SQL-Query: {$query}");
12
-  $result = @mysql_query($query);
13
-  if (mysql_error())
14
-    system_failure(mysql_error());
10
+  $result = db_query("SELECT m.id,concat_ws('@',`m`.`local`,if(isnull(`m`.`domain`),_utf8'schokokeks.org',`d`.`domainname`)) AS `account`, `m`.`password` AS `cryptpass`,`m`.`maildir` AS `maildir`,aktiv from (`mail`.`mailaccounts` `m` left join `mail`.`v_domains` `d` on((`d`.`id` = `m`.`domain`))) WHERE m.uid=$uid");
15 11
   DEBUG("Found ".@mysql_num_rows($result)." rows!");
16 12
   $accounts = array();
17 13
   if (@mysql_num_rows($result) > 0)
... ...
@@ -23,8 +19,7 @@ function mailaccounts($uid)
23 19
 function get_mailaccount($id)
24 20
 {
25 21
   $uid = (int) $uid;
26
-  $query = "SELECT concat_ws('@',`m`.`local`,if(isnull(`m`.`domain`),_utf8'schokokeks.org',`d`.`domainname`)) AS `account`, `m`.`password` AS `cryptpass`,`m`.`maildir` AS `maildir`,aktiv from (`mail`.`mailaccounts` `m` left join `mail`.`v_domains` `d` on((`d`.`id` = `m`.`domain`))) WHERE m.id=$id";
27
-  $result = mysql_query($query);
22
+  $result = db_query("SELECT concat_ws('@',`m`.`local`,if(isnull(`m`.`domain`),_utf8'schokokeks.org',`d`.`domainname`)) AS `account`, `m`.`password` AS `cryptpass`,`m`.`maildir` AS `maildir`,aktiv from (`mail`.`mailaccounts` `m` left join `mail`.`v_domains` `d` on((`d`.`id` = `m`.`domain`))) WHERE m.id=$id");
28 23
   DEBUG("Found ".mysql_num_rows($result)." rows!");
29 24
   $acc = mysql_fetch_object($result);
30 25
   $ret = array('account' => $acc->account, 'mailbox' => $acc->maildir,  'enabled' => ($acc->aktiv == 1));
... ...
@@ -46,7 +41,7 @@ function encrypt_mail_password($pw)
46 41
 function get_domain_id($domain) 
47 42
 {
48 43
   $domain = mysql_real_escape_string($domain);
49
-  $result = mysql_query("SELECT id FROM mail.v_domains WHERE domainname = '{$domain}';");
44
+  $result = db_query("SELECT id FROM mail.v_domains WHERE domainname = '{$domain}';");
50 45
   if (mysql_num_rows($result) == 0)
51 46
     return NULL;
52 47
   return mysql_fetch_object($result)->id;
... ...
@@ -82,12 +77,7 @@ function change_mailaccount($id, $arr)
82 77
     array_push($conditions, "`aktiv`=".($arr['enabled'] == 'Y' ? "1" : "0"));
83 78
 
84 79
 
85
-  $query = "UPDATE mail.mailaccounts SET ".implode(",", $conditions)." WHERE id='$id' LIMIT 1";
86
-  DEBUG("Query: ".$query);
87
-
88
-  mysql_query($query);
89
-  if (mysql_error())
90
-    system_failure('Beim &Auml;ndern der Account-Daten ist ein Fehler aufgetreten. Sollte dies wiederholt vorkommen, senden Sie bitte die Fehlermeldung ('.mysql_error().') an einen Administrator.');
80
+  db_query("UPDATE mail.mailaccounts SET ".implode(",", $conditions)." WHERE id='$id' LIMIT 1");
91 81
   logger("modules/imap/include/mailaccounts.php", "imap", "updated account »{$arr['account']}«");
92 82
 
93 83
 }
... ...
@@ -124,12 +114,7 @@ function create_mailaccount($arr)
124 114
     $values['aktiv'] = ($arr['enabled'] == 'Y' ? "1" : "0" );
125 115
 
126 116
 
127
-  $query = "INSERT INTO mail.mailaccounts (".implode(',', array_keys($values)).") VALUES (".implode(",", array_values($values)).")";
128
-  DEBUG("Query: ".$query);
129
-
130
-  mysql_query($query);
131
-  if (mysql_error())
132
-    system_failure('Beim Anlegen des Kontos ist ein Fehler aufgetreten. Sollte dies wiederholt vorkommen, senden Sie bitte die Fehlermeldung ('.mysql_error().') an einen Administrator.');
117
+  db_query("INSERT INTO mail.mailaccounts (".implode(',', array_keys($values)).") VALUES (".implode(",", array_values($values)).")");
133 118
   logger("modules/imap/include/mailaccounts.php", "imap", "created account »{$arr['account']}«");
134 119
 
135 120
 }
... ...
@@ -138,10 +123,7 @@ function create_mailaccount($arr)
138 123
 function delete_mailaccount($id)
139 124
 {
140 125
   $id = (int) $id;
141
-  $query = "DELETE FROM mail.mailaccounts WHERE id=".$id." LIMIT 1";
142
-  mysql_query($query);
143
-  if (mysql_error())
144
-    system_failure('Beim L&ouml;schen des Kontos ist ein Fehler aufgetreten. Sollte dies wiederholt vorkommen, senden Sie bitte die Fehlermeldung ('.mysql_error().') an einen Administrator.');
126
+  db_query("DELETE FROM mail.mailaccounts WHERE id=".$id." LIMIT 1");
145 127
   logger("modules/imap/include/mailaccounts.php", "imap", "deleted account »{$id}«");
146 128
 }
147 129
 
... ...
@@ -7,10 +7,7 @@ function customer_has_email($customerno, $email)
7 7
 {
8 8
   $customerno = (int) $customerno;
9 9
   $email = mysql_real_escape_string($email);
10
-  $query = "SELECT NULL FROM kundendaten.kundenkontakt WHERE kundennr=".$customerno." AND wert='".$email."';";
11
-  $result = @mysql_query($query);
12
-  if (mysql_error())
13
-    system_failure(mysql_error());
10
+  $result = db_query("SELECT NULL FROM kundendaten.kundenkontakt WHERE kundennr=".$customerno." AND wert='".$email."';");
14 11
   return (mysql_num_rows($result) > 0);
15 12
 }
16 13
 
... ...
@@ -20,9 +17,7 @@ function validate_token($customerno, $token)
20 17
   expire_tokens();
21 18
   $customerno = (int) $customerno;
22 19
   $token = mysql_real_escape_string($token);
23
-  $result = @mysql_query("SELECT NULL FROM kundendaten.kunden WHERE id={$customerno} AND token='{$token}';");
24
-  if (mysql_error())
25
-    system_failure(mysql_error());
20
+  $result = db_query("SELECT NULL FROM kundendaten.kunden WHERE id={$customerno} AND token='{$token}';");
26 21
   return (mysql_num_rows($result) > 0);
27 22
 }
28 23
 
... ...
@@ -30,20 +25,20 @@ function validate_token($customerno, $token)
30 25
 function expire_tokens()
31 26
 {
32 27
   $expire = "1 DAY";
33
-  @mysql_query("UPDATE kundendaten.kunden SET token=NULL, token_create=NULL WHERE token_create < NOW() - INTERVAL {$expire};");
28
+  db_query("UPDATE kundendaten.kunden SET token=NULL, token_create=NULL WHERE token_create < NOW() - INTERVAL {$expire};");
34 29
 }
35 30
 
36 31
 function invalidate_customer_token($customerno)
37 32
 {
38 33
   $customerno = (int) $customerno;
39
-  @mysql_query("UPDATE kundendaten.kunden SET token=NULL, token_create=NULL WHERE id={$customerno} LIMIT 1;");
34
+  db_query("UPDATE kundendaten.kunden SET token=NULL, token_create=NULL WHERE id={$customerno} LIMIT 1;");
40 35
 }
41 36
  
42 37
 function create_token($customerno)
43 38
 {
44 39
   $customerno = (int) $customerno;
45 40
   expire_tokens();
46
-  $result = @mysql_query("SELECT token_create FROM kundendaten.kunden WHERE id={$customerno} AND token_create IS NOT NULL;");
41
+  $result = db_query("SELECT token_create FROM kundendaten.kunden WHERE id={$customerno} AND token_create IS NOT NULL;");
47 42
   if (mysql_num_rows($result) > 0)
48 43
   {
49 44
     $res = mysql_fetch_object($result)->token_create;
... ...
@@ -51,10 +46,7 @@ function create_token($customerno)
51 46
     return false;
52 47
   }
53 48
   $token = random_string(10);
54
-  $query = "UPDATE kundendaten.kunden SET token='{$token}', token_create=now() WHERE id={$customerno} LIMIT 1;";
55
-  @mysql_query($query);
56
-  if (mysql_error())
57
-    system_failure(mysql_error());
49
+  db_query("UPDATE kundendaten.kunden SET token='{$token}', token_create=now() WHERE id={$customerno} LIMIT 1;");
58 50
   return true;
59 51
 }
60 52
 
... ...
@@ -63,9 +55,7 @@ function get_customer_token($customerno)
63 55
 {
64 56
   $customerno = (int) $customerno;
65 57
   expire_tokens();
66
-  $result = @mysql_query("SELECT token FROM kundendaten.kunden WHERE id={$customerno} AND token IS NOT NULL;");
67
-  if (mysql_error())
68
-    system_failure(mysql_error());
58
+  $result = db_query("SELECT token FROM kundendaten.kunden WHERE id={$customerno} AND token IS NOT NULL;");
69 59
   if (mysql_num_rows($result) < 1)
70 60
     system_failure("Kann das Token nicht auslesen!");
71 61
   return mysql_fetch_object($result)->token;
... ...
@@ -8,9 +8,7 @@ require_once("inc/security.php");
8 8
 function get_jabber_accounts() {
9 9
   require_role(ROLE_CUSTOMER);
10 10
   $customerno = (int) $_SESSION['customerinfo']['customerno'];
11
-  $query = "SELECT id, created, local, domain FROM jabber.accounts WHERE customerno='$customerno' AND `delete`=0;";
12
-  DEBUG($query);
13
-  $result = mysql_query($query);
11
+  $result = db_query("SELECT id, created, local, domain FROM jabber.accounts WHERE customerno='$customerno' AND `delete`=0;");
14 12
   $accounts = array();
15 13
   if (@mysql_num_rows($result) > 0)
16 14
     while ($acc = @mysql_fetch_object($result))
... ...
@@ -27,9 +25,7 @@ function get_jabberaccount_details($id)
27 25
 
28 26
   $id = (int) $id;
29 27
 
30
-  $query = "SELECT id, local, domain FROM jabber.accounts WHERE customerno={$customerno} AND id={$id} LIMIT 1";
31
-  DEBUG($query);
32
-  $result = mysql_query($query);
28
+  $result = db_query("SELECT id, local, domain FROM jabber.accounts WHERE customerno={$customerno} AND id={$id} LIMIT 1");
33 29
   if (mysql_num_rows($result) != 1)
34 30
     system_failure("Invalid account");
35 31
   $data = mysql_fetch_assoc($result);
... ...
@@ -50,9 +46,7 @@ function create_jabber_account($local, $domain, $password)
50 46
   
51 47
   if ($domain > 0)
52 48
   {
53
-    $query = "SELECT id FROM kundendaten.domains WHERE kunde={$customerno} AND jabber=1 AND id={$domain};";
54
-    DEBUG($query);
55
-    $result = mysql_query($query);
49
+    $result = db_query("SELECT id FROM kundendaten.domains WHERE kunde={$customerno} AND jabber=1 AND id={$domain};");
56 50
     if (mysql_num_rows($result) == 0)
57 51
     {
58 52
       logger("modules/jabber/include/jabberaccounts.php", "jabber", "attempt to create account for invalid domain »{$domain}«");
... ...
@@ -66,18 +60,14 @@ function create_jabber_account($local, $domain, $password)
66 60
     $domain = 'NULL';
67 61
     $domainquery = 'domain IS NULL'; 
68 62
   }
69
-  $query = "SELECT id FROM jabber.accounts WHERE local='{$local}' AND {$domainquery}";
70
-  DEBUG($query);
71
-  $result = mysql_query($query);
63
+  $result = db_query("SELECT id FROM jabber.accounts WHERE local='{$local}' AND {$domainquery}");
72 64
   if (mysql_num_rows($result) > 0)
73 65
   {
74 66
     logger("modules/jabber/include/jabberaccounts.php", "jabber", "attempt to create already existing account »{$local}@{$domain}«");
75 67
     system_failure("Diesen Account gibt es bereits!");
76 68
   }
77 69
 
78
-  $query = "INSERT INTO jabber.accounts (customerno,local,domain,password) VALUES ({$customerno}, '{$local}', {$domain}, '{$password}');";
79
-  DEBUG($query);
80
-  mysql_query($query);
70
+  db_query("INSERT INTO jabber.accounts (customerno,local,domain,password) VALUES ({$customerno}, '{$local}', {$domain}, '{$password}');");
81 71
   logger("modules/jabber/include/jabberaccounts.php", "jabber", "created account »{$local}@{$domain}«");
82 72
 }
83 73
 
... ...
@@ -90,9 +80,7 @@ function change_jabber_password($id, $newpass)
90 80
   $id = (int) $id;
91 81
   $newpass = mysql_real_escape_string( filter_shell( $newpass ) );
92 82
   
93
-  $query = "UPDATE jabber.accounts SET password='{$newpass}' WHERE customerno={$customerno} AND id={$id} LIMIT 1";
94
-  DEBUG($query);
95
-  mysql_query($query);
83
+  db_query("UPDATE jabber.accounts SET password='{$newpass}' WHERE customerno={$customerno} AND id={$id} LIMIT 1");
96 84
   logger("modules/jabber/include/jabberaccounts.php", "jabber", "changed password for account  »{$id}«");
97 85
 }
98 86
 
... ...
@@ -105,9 +93,7 @@ function delete_jabber_account($id)
105 93
 
106 94
   $id = (int) $id;
107 95
 
108
-  $query = "UPDATE jabber.accounts SET `delete`=1 WHERE customerno={$customerno} AND id={$id} LIMIT 1";
109
-  DEBUG($query);
110
-  mysql_query($query);
96
+  db_query("UPDATE jabber.accounts SET `delete`=1 WHERE customerno={$customerno} AND id={$id} LIMIT 1");
111 97
   logger("modules/jabber/include/jabberaccounts.php", "jabber", "deleted account »{$id}«");
112 98
 }
113 99
 
... ...
@@ -3,7 +3,7 @@
3 3
 function get_mysql_accounts($UID)
4 4
 {
5 5
   $UID = (int) $UID;
6
-  $result = mysql_query("SELECT username FROM misc.mysql_accounts WHERE useraccount=$UID");
6
+  $result = db_query("SELECT username FROM misc.mysql_accounts WHERE useraccount=$UID");
7 7
   if (mysql_num_rows($result) == 0)
8 8
     return array();
9 9
   $list = array();
... ...
@@ -17,7 +17,7 @@ function get_mysql_accounts($UID)
17 17
 function get_mysql_databases($UID)
18 18
 {
19 19
   $UID = (int) $UID;
20
-  $result = mysql_query("SELECT name FROM misc.mysql_database WHERE useraccount=$UID");
20
+  $result = db_query("SELECT name FROM misc.mysql_database WHERE useraccount=$UID");
21 21
   if (mysql_num_rows($result) == 0)
22 22
     return array();
23 23
   $list = array();
... ...
@@ -36,7 +36,7 @@ function get_mysql_access($db, $account)
36 36
   if (!is_array($mysql_access))
37 37
   {
38 38
     $mysql_access = array();
39
-    $result = mysql_query("SELECT db.name AS db, acc.username AS user FROM misc.mysql_access AS access LEFT JOIN misc.mysql_database AS db ON (db.id=access.database) LEFT JOIN misc.mysql_accounts AS acc ON (acc.id = access.user) WHERE acc.useraccount={$uid} OR db.useraccount={$uid};");
39
+    $result = db_query("SELECT db.name AS db, acc.username AS user FROM misc.mysql_access AS access LEFT JOIN misc.mysql_database AS db ON (db.id=access.database) LEFT JOIN misc.mysql_accounts AS acc ON (acc.id = access.user) WHERE acc.useraccount={$uid} OR db.useraccount={$uid};");
40 40
     if (mysql_num_rows($result) == 0)
41 41
       return false;
42 42
     while ($line = mysql_fetch_object($result))
... ...
@@ -66,10 +66,7 @@ function set_mysql_access($db, $account, $status)
66 66
     $query = "DELETE FROM misc.mysql_access WHERE `database`=(SELECT id FROM misc.mysql_database WHERE name='{$db}' AND useraccount={$uid} LIMIT 1) AND user=(SELECT id FROM misc.mysql_accounts WHERE username='{$account}' AND useraccount={$uid});";
67 67
     logger("modules/mysql/include/mysql.php", "mysql", "revoking access on »{$db}« from »{$account}«");
68 68
   }
69
-  DEBUG($query);
70
-  mysql_query($query);
71
-  if (mysql_error())
72
-    system_failure(mysql_error());
69
+  db_query($query);
73 70
 }
74 71
 
75 72
 
... ...
@@ -84,9 +81,7 @@ function create_mysql_account($username)
84 81
   $uid = $_SESSION['userinfo']['uid'];
85 82
   $username = mysql_real_escape_string($username);
86 83
   logger("modules/mysql/include/mysql.php", "mysql", "creating user »{$username}«");
87
-  mysql_query("INSERT INTO misc.mysql_accounts (username, password, useraccount) VALUES ('$username', '!', $uid);");
88
-  if (mysql_error())
89
-    system_failure(mysql_error());
84
+  db_query("INSERT INTO misc.mysql_accounts (username, password, useraccount) VALUES ('$username', '!', $uid);");
90 85
 }
91 86
 
92 87
 
... ...
@@ -95,9 +90,7 @@ function delete_mysql_account($username)
95 90
   $username = mysql_real_escape_string($username);
96 91
   $uid = $_SESSION['userinfo']['uid'];
97 92
   logger("modules/mysql/include/mysql.php", "mysql", "deleting user »{$username}«");
98
-  mysql_query("DELETE FROM misc.mysql_accounts WHERE username='{$username}' AND useraccount='{$uid}' LIMIT 1;");
99
-  if (mysql_error())
100
-    system_failure(mysql_error());
93
+  db_query("DELETE FROM misc.mysql_accounts WHERE username='{$username}' AND useraccount='{$uid}' LIMIT 1;");
101 94
 }
102 95
 
103 96
 
... ...
@@ -112,9 +105,7 @@ function create_mysql_database($dbname)
112 105
   $dbname = mysql_real_escape_string($dbname);
113 106
   $uid = $_SESSION['userinfo']['uid'];
114 107
   logger("modules/mysql/include/mysql.php", "mysql", "creating database »{$dbname}«");
115
-  mysql_query("INSERT INTO misc.mysql_database (name, useraccount) VALUES ('$dbname', $uid);");
116
-  if (mysql_error())
117
-    system_failure(mysql_error());
108
+  db_query("INSERT INTO misc.mysql_database (name, useraccount) VALUES ('$dbname', $uid);");
118 109
 }
119 110
 
120 111
 
... ...
@@ -123,9 +114,7 @@ function delete_mysql_database($dbname)
123 114
   $dbname = mysql_real_escape_string($dbname);
124 115
   $uid = $_SESSION['userinfo']['uid'];
125 116
   logger("modules/mysql/include/mysql.php", "mysql", "removing database »{$dbname}«");
126
-  mysql_query("DELETE FROM misc.mysql_database WHERE name='{$dbname}' AND useraccount='{$uid}' LIMIT 1;");
127
-  if (mysql_error())
128
-    system_failure(mysql_error());
117
+  db_query("DELETE FROM misc.mysql_database WHERE name='{$dbname}' AND useraccount='{$uid}' LIMIT 1;");
129 118
 }
130 119
 
131 120
 
... ...
@@ -150,12 +139,7 @@ function set_mysql_password($username, $password)
150 139
   $password = mysql_real_escape_string($password);
151 140
   $uid = $_SESSION['userinfo']['uid'];
152 141
   logger("modules/mysql/include/mysql.php", "mysql", "updating password for »{$username}«");
153
-  $query = "UPDATE misc.mysql_accounts SET password=PASSWORD('$password') WHERE username='$username' AND useraccount=$uid;";
154
-  DEBUG($query);
155
-  mysql_query($query);
156
-  if (mysql_error())
157
-    system_failure(mysql_error());
158
-  
142
+  db_query("UPDATE misc.mysql_accounts SET password=PASSWORD('$password') WHERE username='$username' AND useraccount=$uid;");
159 143
 }
160 144
 
161 145
 
... ...
@@ -23,9 +23,7 @@ function find_role($login, $password)
23 23
   $uid = (int) $login;
24 24
   if ($uid == 0)
25 25
     $uid = 'NULL';
26
-  $result = @mysql_query("SELECT passwort AS password FROM system.v_useraccounts LEFT JOIN system.passwoerter USING (uid) WHERE uid={$uid} OR username='{$login}' LIMIT 1;");
27
-  if (mysql_error())
28
-    system_failure(mysql_error());
26
+  $result = db_query("SELECT passwort AS password FROM system.v_useraccounts LEFT JOIN system.passwoerter USING (uid) WHERE uid={$uid} OR username='{$login}' LIMIT 1;");
29 27
   if (@mysql_num_rows($result) > 0)
30 28
   {
31 29
     $db_password = mysql_fetch_object($result)->password;
... ...
@@ -37,9 +35,7 @@ function find_role($login, $password)
37 35
   // Customer?
38 36
   $customerno = (int) $login;
39 37
   $pass = sha1($password);
40
-  $result = @mysql_query("SELECT passwort AS password FROM kundendaten.kunden WHERE status=0 AND id={$customerno} AND passwort='{$pass}';");
41
-  if (mysql_error())
42
-    system_failure(mysql_error());
38
+  $result = db_query("SELECT passwort AS password FROM kundendaten.kunden WHERE status=0 AND id={$customerno} AND passwort='{$pass}';");
43 39
   if (@mysql_num_rows($result) > 0)
44 40
   {
45 41
     return ROLE_CUSTOMER;
... ...
@@ -54,10 +50,7 @@ function get_customer_info($customerno)
54 50
 {
55 51
   $ret = array();
56 52
   $customerno = (int) $customerno;
57
-  $query = "SELECT id, anrede, firma, CONCAT_WS(' ', vorname, nachname) AS name FROM kundendaten.kunden WHERE id={$customerno} LIMIT 1;";
58
-  $result = @mysql_query($query);
59
-  if (mysql_error())
60
-    system_failure(mysql_error());
53
+  $result = db_query("SELECT id, anrede, firma, CONCAT_WS(' ', vorname, nachname) AS name FROM kundendaten.kunden WHERE id={$customerno} LIMIT 1;");
61 54
   if (@mysql_num_rows($result) == 0)
62 55
     system_failure("Konnte Kundendaten nicht auslesen!");
63 56
   $data = mysql_fetch_object($result);
... ...
@@ -74,10 +67,7 @@ function get_customer_info($customerno)
74 67
 function get_customer_email($customerno)
75 68
 {
76 69
   $customerno = (int) $customerno;
77
-  $query = "SELECT wert FROM kundendaten.kundenkontakt WHERE kundennr={$customerno} AND typ='email' LIMIT 1;";
78
-  $result = @mysql_query($query);
79
-  if (mysql_error())
80
-    system_failure(mysql_error());
70
+  $result = db_query("SELECT wert FROM kundendaten.kundenkontakt WHERE kundennr={$customerno} AND typ='email' LIMIT 1;");
81 71
   if (@mysql_num_rows($result) == 0)
82 72
     system_failure("Konnte keine E-Mail-Adresse finden!");
83 73
   return mysql_fetch_object($result)->wert;
... ...
@@ -88,11 +78,8 @@ function get_customer_email($customerno)
88 78
 function get_user_info($username)
89 79
 {
90 80
   $username = mysql_real_escape_string($username);
91
-  $query = "SELECT kunde AS customerno, username, uid, homedir, name
92
-            FROM system.v_useraccounts WHERE username='{$username}' OR uid='{$username}' LIMIT 1";
93
-  $result = @mysql_query($query);
94
-  if (mysql_error())
95
-    system_failure('Beim Datenbankzugriff ist ein Fehler aufgetreten. Sollte dies wiederholt vorkommen, senden Sie bitte die Fehlermeldung ('.mysql_error().') an einen Administrator.');
81
+  $result = db_query("SELECT kunde AS customerno, username, uid, homedir, name
82
+                      FROM system.v_useraccounts WHERE username='{$username}' OR uid='{$username}' LIMIT 1");
96 83
   if (mysql_num_rows($result) < 1)
97 84
     system_failure('Das Auslesen Ihrer Benutzerdaten ist fehlgeschlagen. Bitte melden Sie dies einem Administrator');
98 85
   $val = @mysql_fetch_object($result);
... ...
@@ -109,13 +96,7 @@ function set_customer_password($customerno, $newpass)
109 96
 {
110 97
   $customerno = (int) $customerno;
111 98
   $newpass = sha1($newpass);
112
-  $query = "UPDATE kundendaten.kunden SET passwort='$newpass' WHERE id='".$customerno."' LIMIT 1";
113
-  @mysql_query($query);
114
-  if (mysql_error())
115
-  {
116
-    logger("session/checkuser.php", "dberror", "error while changing customer's password. Query was: »$query«");
117
-    system_failure('Beim Datenbankzugriff ist ein Fehler aufgetreten. Sollte dies wiederholt vorkommen, senden Sie bitte die Fehlermeldung ('.mysql_error().') an einen Administrator.');
118
-  }
99
+  db_query("UPDATE kundendaten.kunden SET passwort='$newpass' WHERE id='".$customerno."' LIMIT 1");
119 100
   logger("session/checkuser.php", "pwchange", "changed customer's password.");
120 101
 }
121 102
 
... ...
@@ -126,50 +107,8 @@ function set_systemuser_password($uid, $newpass)
126 107
   require_once('inc/base.php');
127 108
   $salt = random_string(8);
128 109
   $newpass = crypt($newpass, "\$1\${$salt}\$");
129
-  $query = "UPDATE system.passwoerter SET passwort='$newpass' WHERE uid='".$uid."' LIMIT 1";
130
-  @mysql_query($query);
131
-  if (mysql_error())
132
-  {
133
-    logger("session/checkuser.php", "dberror", "error while changing user's password. Query was: »$query«");
134
-    system_failure('Beim Datenbankzugriff ist ein Fehler aufgetreten. Sollte dies wiederholt vorkommen, senden Sie bitte die Fehlermeldung ('.mysql_error().') an einen Administrator.');
135
-  }
110
+  db_query("UPDATE system.passwoerter SET passwort='$newpass' WHERE uid='".$uid."' LIMIT 1");
136 111
   logger("session/checkuser.php", "pwchange", "changed user's password.");
137 112
 }
138 113
 
139
-
140
-/*
141
-function save_userdata($arr)
142
-{
143
-  global $user;
144
-
145
-  $rules = array();
146
-
147
-  if (isset($arr['email'])) {
148
-    if (!preg_match('/[a-zA-Z0-9=+._%@-]+@[a-zA-Z0-9.-]+\.[a-z]{2,6}/', $arr['email'])) {
149
-      input_error('Ihre eMail-Adresse enth&auml;lt Syntax-Fehler!');
150
-      return false;
151
-    }
152
-    array_push($rules, "`email`='".$arr['email']."'");
153
-  }
154
-
155
-  if (isset($arr['emergency_email'])) {
156
-    if ($arr['emergency_email'] == '') {
157
-      warning("Sie k&ouml;nnen zwar Ihre Notfall-eMail-Adresse l&ouml;schen, allerdings werden Sie dann bei St&ouml;rungen <strong>nicht</strong> mehr benachrichtigt!");
158
-    }
159
-    elseif (!preg_match('/[a-zA-Z0-9=+._%@-]+@[a-zA-Z0-9.-]+\.[a-z]{2,6}/', $arr['emergency_email'])) {
160
-      input_error('Ihre eMail-Adresse enth&auml;lt Syntax-Fehler!');
161
-      return false;
162
-    }
163
-    array_push($rules, "`emergency_email`='".$arr['emergency_email']."'");
164
-  }
165
-
166
-  $query = "UPDATE customers SET ".implode(',', $rules)." WHERE id='".$user['customerno']."'";
167
-  mysql_query($query);
168
-  if (mysql_error())
169
-    system_failure('Beim Datenbankzugriff ist ein Fehler aufgetreten. Sollte dies wiederholt vorkommen, senden Sie bitte die Fehlermeldung ('.mysql_error().') an einen Administrator.');
170
-  return true;
171
-}
172
-
173
-*/
174
-
175 114
 ?>