Changeset 20048 for trunk/FACT++


Ignore:
Timestamp:
03/24/21 22:03:31 (4 years ago)
Author:
tbretz
Message:
Replaced mysql_ with ->; check if the log file is writable; added ldap:// to ldap_connect
File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/FACT++/www/shift/calendar.php

    r16813 r20048  
    77    if (!file_exists("log/"))
    88        mkdir("log/", 0777, true);
     9
     10    if (!is_writable("log/mysql.log"))
     11        return header('HTTP/1.0 500 Unable to write log');
    912
    1013    $file = fopen("log/mysql.log", "a");
     
    2427    $password = $_SERVER['PHP_AUTH_PW'];
    2528
    26     $con = @ldap_connect($ldaphost);
     29    $con = @ldap_connect("ldap://".$ldaphost);
    2730    if (!$con)
    2831        return "ldap_connect failed to ".$ldaphost;
     
    6164    $srData = @ldap_get_entries($con, $sr);
    6265    if ($srData["count"]==0)
    63         return "No results returned by ldap_get_entries for dn=".$dn.".";
     66        return "No results returned by ldap_get_entries for dn='".$dn."'.";
    6467
    6568    @ldap_unbind($con);
    6669
    6770    $found = false;
    68     foreach ($srData[0]['member'] as $member)
    69         if (strpos($member, "cn=".$userCommonName.",")===0)
     71    foreach ($srData[0]['member'] as $member) {
     72        if (strpos($member, "cn=".$userCommonName.",")===0) {
    7073            return "";
     74        }
     75    }
    7176
    72     return "Sorry, your credentials don't match!";
     77    return "You need to be in the Operations group to access this page";
    7378}
    7479
    7580if (isset($_GET['logout']))
    7681{
    77     Header( "HTTP/1.0 401 Logout successfull!");
    78     exit();
     82    header( "HTTP/1.0 401 Logout successfull!");
     83    return;
    7984}
    8085
     
    8590$m = $_GET['m'];
    8691
    87 if (!mysql_connect($dbhost, $dbuser, $dbpass))
    88     return log_sql_error("connect: ".$dbhost."[".$dbuser."]", mysql_error());
     92$sql = new mysqli($dbhost, $dbuser, $dbpass);
    8993
    90 if (!mysql_select_db($dbname))
    91     return log_sql_error("select_db: ".$dbname, mysql_error());
     94if ($sql->connect_error)
     95    return log_sql_error("connect: ".$dbhost."[".$dbuser."]", $sql->connect_error);
     96
     97if (!$sql->select_db($dbname))
     98    return log_sql_error("select_db: ".$dbname, $sql->error);
    9299
    93100if (isset($_GET['comment']))
     
    97104        $query .= " AND d=".$_GET['d'];
    98105
    99     $result = mysql_query($query);
     106    $result = $sql->query($query);
    100107    if (!$result)
    101         return log_sql_error($query, mysql_error());
     108        return log_sql_error($query, $sql->error);
    102109
    103110    if (isset($_GET['d']))
    104111    {
    105         $row = mysql_fetch_array($result, MYSQL_NUM);
    106         print($row[1]);
     112        $row = $result->fetch_array();
     113        if ($row)
     114           print($row[1]);
    107115        return;
    108116    }
    109117
    110     while ($row = mysql_fetch_array($result, MYSQL_NUM))
     118    while ($row = $result->fetch_array())
    111119    {
    112120        printf("%04d%02d%s", strlen($row[1]), $row[0], $row[1]);
     
    139147
    140148        $query = "DELETE FROM Comments WHERE y=".$y." AND m=".$m." AND d=".$d;
    141         if (!mysql_query($query))
    142             return log_sql_error($query, mysql_error());
     149        if (!$sql->query($query))
     150            return log_sql_error($query, $sql->error);
    143151
    144152        if (strlen($c)<=0)
     
    146154
    147155        $query = "INSERT Comments SET y=".$y.", m=".$m.", d=".$d.", c='".$c."'";
    148         if (!mysql_query($query))
    149             return log_sql_error($query, mysql_error());
     156        if (!$sql->query($query))
     157            return log_sql_error($query, $sql->error);
    150158
    151159        return;
     
    155163
    156164    $query = "DELETE FROM Data WHERE y=".$y." AND m=".$m." AND d=".$d." AND u='".$u."'";
    157     if (!mysql_query($query))
    158         return log_sql_error($query, mysql_error());
     165    if (!$sql->query($query))
     166        return log_sql_error($query, $sql->error);
    159167
    160     if (mysql_affected_rows()==0)
     168    if ($sql->affected_rows==0)
    161169    {
    162170        $x = $_GET['x'];
    163171
    164172        $query = "INSERT Data SET y=".$y.", m=".$m.", d=".$d.", x=".$x.", u='".$u."'";
    165         if (!mysql_query($query))
    166             return log_sql_error($query, mysql_error());
     173        if (!$sql->query($query))
     174            return log_sql_error($query, $sql->error);
    167175    }
    168176}
     
    172180    $query .= " AND d=".$_GET['d'];
    173181
    174 $result = mysql_query($query);
     182$result = $sql->query($query);
    175183if (!$result)
    176     if (!mysql_query($query))
    177         return log_sql_error($query, mysql_error());
     184    if (!$sql->query($query))
     185        return log_sql_error($query, $sql->error);
    178186
    179 while ($row = mysql_fetch_array($result, MYSQL_NUM))
     187while ($row = $result->fetch_array())
    180188    print($row[0]."\t".$row[1]."\t".$row[2]."\n");
    181189?>
Note: See TracChangeset for help on using the changeset viewer.