| 1 |
commit: 0184aecdf36ab398ef3696e5211aff53b7239772 |
| 2 |
Author: Brian Evans <grknight <AT> gentoo <DOT> org> |
| 3 |
AuthorDate: Tue Jan 30 14:53:01 2018 +0000 |
| 4 |
Commit: Brian Evans <grknight <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Tue Jan 30 14:53:01 2018 +0000 |
| 6 |
URL: https://gitweb.gentoo.org/proj/bouncer.git/commit/?id=0184aecd |
| 7 |
|
| 8 |
Fix query errors and missing indexes; add error handling for user facing |
| 9 |
|
| 10 |
php/admin/mirror-list.php | 2 +- |
| 11 |
php/index-list.php | 16 ++++++++++++---- |
| 12 |
php/index.php | 23 ++++++++++++++++------- |
| 13 |
php/lib/auth.php | 2 +- |
| 14 |
4 files changed, 30 insertions(+), 13 deletions(-) |
| 15 |
|
| 16 |
diff --git a/php/admin/mirror-list.php b/php/admin/mirror-list.php |
| 17 |
index e0876d4..29f6e9b 100644 |
| 18 |
--- a/php/admin/mirror-list.php |
| 19 |
+++ b/php/admin/mirror-list.php |
| 20 |
@@ -40,7 +40,7 @@ if (!empty($_GET['os_id'])&&!empty($_GET['product_id'])) { |
| 21 |
mirror_locations.product_id = ? AND |
| 22 |
mirror_location_mirror_map.location_active = '1' AND |
| 23 |
mirror_mirrors.mirror_active = '1' |
| 24 |
- ", PDO::FETCH_ASSOC, [$os_id, $product_id]); |
| 25 |
+ ", PDO::FETCH_ASSOC, null, [$os_id, $product_id]); |
| 26 |
|
| 27 |
header("Content-type: text/plain;"); |
| 28 |
foreach ($mirrors as $mirror) { |
| 29 |
|
| 30 |
diff --git a/php/index-list.php b/php/index-list.php |
| 31 |
index 1b158b7..861ba95 100644 |
| 32 |
--- a/php/index-list.php |
| 33 |
+++ b/php/index-list.php |
| 34 |
@@ -7,7 +7,9 @@ |
| 35 |
require_once('./cfg/init.php'); |
| 36 |
require_once(LIB.'/auth.php'); // auth functions |
| 37 |
require_once(LIB.'/forms.php'); // form library |
| 38 |
-error_reporting(E_GET); |
| 39 |
+ob_start(); |
| 40 |
+ |
| 41 |
+try{ |
| 42 |
|
| 43 |
if (!empty($_GET['os'])&&!empty($_GET['product'])) { |
| 44 |
// clean in os and product strings |
| 45 |
@@ -44,7 +46,7 @@ if (!empty($os_id)&&!empty($product_id)) { |
| 46 |
mirror_mirrors.mirror_active = '1' |
| 47 |
ORDER BY |
| 48 |
mirror_rating DESC, mirror_baseurl |
| 49 |
- ", PDO::FETCH_ASSOC, [$os_id, $product_id]); |
| 50 |
+ ", PDO::FETCH_ASSOC, null, [$os_id, $product_id]); |
| 51 |
|
| 52 |
header("Content-type: text/plain;"); |
| 53 |
foreach ($mirrors as $mirror) { |
| 54 |
@@ -68,15 +70,21 @@ if (!empty($os_id)&&!empty($product_id)) { |
| 55 |
echo '<div>'; |
| 56 |
form_label('Product', 'product','label-small'); |
| 57 |
form_select('product_id','product','',Mirror::get_products_select(),$_GET['product_id']); |
| 58 |
- echo ' [<a href="./products.php">edit products</a>]'; |
| 59 |
+ echo ' [<a href="admin/products.php">edit products</a>]'; |
| 60 |
echo '</div><br />'; |
| 61 |
|
| 62 |
echo '<div>'; |
| 63 |
form_label('OS', 'os','label-small'); |
| 64 |
form_select('os_id','os','',Mirror::get_oss_select(),$_GET['os_id']); |
| 65 |
- echo ' [<a href="./os.php">edit operating systems</a>]'; |
| 66 |
+ echo ' [<a href="admin/os.php">edit operating systems</a>]'; |
| 67 |
echo '</div><br />'; |
| 68 |
form_submit('submit','','button1','Update'); |
| 69 |
form_end(); |
| 70 |
require_once(FOOTER); |
| 71 |
} |
| 72 |
+ |
| 73 |
+} catch (Exception $ex) { |
| 74 |
+ header("Status: 500", true, 500); |
| 75 |
+ echo "An unexpected error has occurred."; |
| 76 |
+ trigger_error($ex->getMessage() . ' ' . $ex->getTraceAsString(), E_USER_WARNING); |
| 77 |
+} |
| 78 |
|
| 79 |
diff --git a/php/index.php b/php/index.php |
| 80 |
index 28b29b8..aeb7128 100644 |
| 81 |
--- a/php/index.php |
| 82 |
+++ b/php/index.php |
| 83 |
@@ -4,14 +4,14 @@ |
| 84 |
* @package mirror |
| 85 |
* @subpackage pub |
| 86 |
*/ |
| 87 |
-error_reporting(0); // hide all errors |
| 88 |
+ob_start(); |
| 89 |
require_once('./cfg/config.php'); // config file that defines constants |
| 90 |
|
| 91 |
// if we don't have an os, make it windows, playing the odds |
| 92 |
if (empty($_GET['os'])) { |
| 93 |
$_GET['os'] = 'Any'; |
| 94 |
} |
| 95 |
- |
| 96 |
+try{ |
| 97 |
// do we even have an os or product? |
| 98 |
if (!empty($_GET['os'])&&!empty($_GET['product'])) { |
| 99 |
require_once(LIB.'/db.php'); // core mysql wrappers |
| 100 |
@@ -27,19 +27,19 @@ if (!empty($_GET['os'])&&!empty($_GET['product'])) { |
| 101 |
|
| 102 |
// do we have a valid os and product? |
| 103 |
if (!empty($os_id)&&!empty($product_id)) { |
| 104 |
- $location = DB::get_one("SELECT location_id,location_path FROM mirror_locations WHERE product_id={$product_id} AND os_id={$os_id}"); |
| 105 |
+ $location = DB::get_one("SELECT location_id,location_path FROM mirror_locations WHERE product_id=? AND os_id=?", PDO::FETCH_ASSOC, [$product_id, $os_id]); |
| 106 |
|
| 107 |
// did we get a valid location? |
| 108 |
if (!empty($location)) { |
| 109 |
- $mirror = DB::get_one("SELECT mirror_mirrors.mirror_id,mirror_baseurl FROM mirror_mirrors, mirror_location_mirror_map WHERE mirror_mirrors.mirror_id = mirror_location_mirror_map.mirror_id AND mirror_location_mirror_map.location_id = {$location['location_id']} AND mirror_active='1' AND location_active ='1' ORDER BY rand()*(1/mirror_rating)"); |
| 110 |
+ $mirror = DB::get_one("SELECT mirror_mirrors.mirror_id,mirror_baseurl FROM mirror_mirrors JOIN mirror_location_mirror_map ON mirror_mirrors.mirror_id = mirror_location_mirror_map.mirror_id WHERE mirror_location_mirror_map.location_id = ? AND mirror_active='1' AND location_active ='1' ORDER BY rand()*(1/mirror_rating)", PDO::FETCH_ASSOC, [$location['location_id']]); |
| 111 |
|
| 112 |
// did we get a valid mirror? |
| 113 |
if (!empty($mirror)) { |
| 114 |
|
| 115 |
// if logging is enabled, insert log |
| 116 |
if (LOGGING) { |
| 117 |
- DB::query("UPDATE mirror_mirrors SET mirror_count=mirror_count+1 WHERE mirror_id={$mirror['mirror_id']}"); |
| 118 |
- DB::query("UPDATE mirror_products SET product_count=product_count+1 WHERE product_id={$product_id}"); |
| 119 |
+ DB::query("UPDATE mirror_mirrors SET mirror_count=mirror_count+1 WHERE mirror_id=?", [$mirror['mirror_id']]); |
| 120 |
+ DB::query("UPDATE mirror_products SET product_count=product_count+1 WHERE product_id=?", [$product_id]); |
| 121 |
} |
| 122 |
|
| 123 |
// LANGUAGE HACK |
| 124 |
@@ -51,7 +51,7 @@ if (!empty($_GET['os'])&&!empty($_GET['product'])) { |
| 125 |
// BitTorrent HACK - robbat2 |
| 126 |
if (!empty($_GET['extra'])) { |
| 127 |
$extra = $_GET['extra']; |
| 128 |
- $location['location_path'] .= ereg_replace('\?.*|&.*','',$extra); |
| 129 |
+ $location['location_path'] .= preg_replace('/\?.*|&.*/','',$extra); |
| 130 |
} |
| 131 |
|
| 132 |
// if we are just testing, then just print and exit. |
| 133 |
@@ -62,11 +62,20 @@ if (!empty($_GET['os'])&&!empty($_GET['product'])) { |
| 134 |
|
| 135 |
// otherwise, by default, redirect them and exit |
| 136 |
header('Location: '.$mirror['mirror_baseurl'].$location['location_path']); |
| 137 |
+ var_dump($mirror); |
| 138 |
exit; |
| 139 |
} |
| 140 |
} |
| 141 |
} |
| 142 |
} |
| 143 |
+} |
| 144 |
+catch (Exception $ex) { |
| 145 |
+ header("Status: 500", true, 500); |
| 146 |
+ echo "An unexpected error has occurred."; |
| 147 |
+ trigger_error($ex->getMessage() . ' ' . $ex->getTraceAsString(), E_USER_WARNING); |
| 148 |
+ exit(); |
| 149 |
+} |
| 150 |
+ |
| 151 |
|
| 152 |
// if we get here, the request was invalid; redirect to Gentoo home |
| 153 |
header('Location: http://www.gentoo.org/'); |
| 154 |
|
| 155 |
diff --git a/php/lib/auth.php b/php/lib/auth.php |
| 156 |
index eb6319c..68bf91a 100644 |
| 157 |
--- a/php/lib/auth.php |
| 158 |
+++ b/php/lib/auth.php |
| 159 |
@@ -62,7 +62,7 @@ public static function query($username,$password) |
| 160 |
|
| 161 |
private static function password_upgrade($userrow, $username, $password) { |
| 162 |
require_once(LIB.'/mirror.php'); //Upgrade password security |
| 163 |
- Mirror::update_user($userrow['user_id'],$username,$password,$password,$userrow['firstname'],$userrow['lastname'],$userrow['email']); |
| 164 |
+ Mirror::update_user($userrow['user_id'],$username,$password,$password,$userrow['user_firstname'],$userrow['user_lastname'],$userrow['user_email']); |
| 165 |
} |
| 166 |
|
| 167 |
/** |
Archives