mirror of https://github.com/BOINC/boinc.git
188 lines
4.6 KiB
PHP
188 lines
4.6 KiB
PHP
<?php
|
|
|
|
require_once('../inc/util.inc');
|
|
|
|
// database-related functions.
|
|
// Presentation code (HTML) shouldn't be here
|
|
|
|
function db_init_aux($try_replica=false) {
|
|
$config = get_config();
|
|
$user = parse_config($config, "<db_user>");
|
|
$pass = parse_config($config, "<db_passwd>");
|
|
$host = null;
|
|
if ($try_replica == true) {
|
|
$host = parse_config($config, "<replica_db_host>");
|
|
}
|
|
if ($host == null) {
|
|
$host = parse_config($config, "<db_host>");
|
|
}
|
|
if ($host == null) {
|
|
$host = "localhost";
|
|
}
|
|
$link = mysql_pconnect($host, $user, $pass);
|
|
if (!$link) {
|
|
return 1;
|
|
}
|
|
$db_name = parse_config($config, "<db_name>");
|
|
if (!mysql_select_db($db_name, $link)) {
|
|
echo "selecting $db_name\n";
|
|
return 2;
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
function lookup_user_auth($auth) {
|
|
$result = mysql_query("select * from user where authenticator='$auth'");
|
|
if ($result) {
|
|
$user = mysql_fetch_object($result);
|
|
mysql_free_result($result);
|
|
return $user;
|
|
}
|
|
return null;
|
|
}
|
|
|
|
function lookup_user_id($id) {
|
|
$result = mysql_query("select * from user where id=$id");
|
|
if ($result) {
|
|
$user = mysql_fetch_object($result);
|
|
mysql_free_result($result);
|
|
return $user;
|
|
}
|
|
return null;
|
|
}
|
|
|
|
function lookup_user_email_addr($email_addr) {
|
|
$result = mysql_query("select * from user where email_addr='$email_addr'");
|
|
if ($result) {
|
|
$user = mysql_fetch_object($result);
|
|
mysql_free_result($result);
|
|
return $user;
|
|
}
|
|
return null;
|
|
}
|
|
|
|
function lookup_user_name($name) {
|
|
$result = mysql_query("SELECT * FROM user WHERE name='".mysql_real_escape_string($name)."'");
|
|
if ($result) {
|
|
if (mysql_num_rows($result) == 1) {
|
|
return mysql_fetch_object($result);
|
|
} elseif (mysql_num_rows($result) == 0) {
|
|
return null;
|
|
} else {
|
|
return -1; // Non-unique username
|
|
}
|
|
}
|
|
return null;
|
|
}
|
|
|
|
function lookup_host($id) {
|
|
$result = mysql_query("select * from host where id=$id");
|
|
if ($result) {
|
|
$host = mysql_fetch_object($result);
|
|
mysql_free_result($result);
|
|
return $host;
|
|
}
|
|
return null;
|
|
}
|
|
|
|
function lookup_team($id) {
|
|
$result = mysql_query("select * from team where id=$id");
|
|
if ($result) {
|
|
$team = mysql_fetch_object($result);
|
|
mysql_free_result($result);
|
|
return $team;
|
|
}
|
|
return null;
|
|
}
|
|
|
|
function lookup_team_founder($id) {
|
|
$result = mysql_query("select * from team where userid=$id");
|
|
return $result;
|
|
}
|
|
|
|
function lookup_team_name($name) {
|
|
$name = mysql_real_escape_string($name);
|
|
$result = mysql_query("select * from team where name='$name'");
|
|
if ($result) {
|
|
$team = mysql_fetch_object($result);
|
|
mysql_free_result($result);
|
|
return $team;
|
|
}
|
|
return null;
|
|
}
|
|
|
|
function lookup_wu($id) {
|
|
$result = mysql_query("select * from workunit where id=$id");
|
|
if ($result) {
|
|
$wu = mysql_fetch_object($result);
|
|
mysql_free_result($result);
|
|
return $wu;
|
|
}
|
|
return null;
|
|
}
|
|
|
|
function lookup_result($id) {
|
|
$result = mysql_query("select * from result where id=$id");
|
|
if ($result) {
|
|
$r = mysql_fetch_object($result);
|
|
mysql_free_result($result);
|
|
return $r;
|
|
}
|
|
return null;
|
|
}
|
|
|
|
function lookup_app($id) {
|
|
$result = mysql_query("select * from app where id=$id");
|
|
if ($result) {
|
|
$app = mysql_fetch_object($result);
|
|
mysql_free_result($result);
|
|
return $app;
|
|
}
|
|
return null;
|
|
}
|
|
|
|
function lookup_tentative_user($nonce) {
|
|
$result = mysql_query("select * from tentative_user where nonce='$nonce'");
|
|
if ($result) {
|
|
$tu = mysql_fetch_object($result);
|
|
mysql_free_result($result);
|
|
return $tu;
|
|
}
|
|
return null;
|
|
}
|
|
|
|
// apply this to any user-supplied strings used in queries
|
|
//
|
|
function boinc_real_escape_string($x) {
|
|
if (version_compare(phpversion(),"4.3.0")>=0) {
|
|
return mysql_real_escape_string($x);
|
|
} else {
|
|
$x = str_replace("'", "\'", $x);
|
|
$x = str_replace("\"", "\\\"", $x);
|
|
return $x;
|
|
}
|
|
}
|
|
|
|
// Process user-supplied text prior to using in query;
|
|
// trims whitespace and escapes quotes.
|
|
// Does NOT remove HTML tags.
|
|
//
|
|
function process_user_text($value) {
|
|
$value = trim($value);
|
|
if (get_magic_quotes_gpc()) {
|
|
$value = stripslashes($value);
|
|
}
|
|
return boinc_real_escape_string($value);
|
|
}
|
|
|
|
// escape a string for MySQL "like"
|
|
//
|
|
function escape_pattern($str) {
|
|
$str = str_replace('_', '\\\\_', $str);
|
|
$str = str_replace('%', '\\\\%', $str);
|
|
return $str;
|
|
}
|
|
|
|
?>
|