From 365f34a43a0c57a4d27d6f5710f511e414132f56 Mon Sep 17 00:00:00 2001 From: Christian Boltz Date: Fri, 21 Aug 2009 12:10:54 +0000 Subject: [PATCH] model/*.php: - fix unquoted boolean values in sql queries which probably caused postgresql errors git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@712 a1433add-5e2c-0410-b055-b7f2511e0802 --- model/AliasHandler.php | 2 +- model/UserHandler.php | 4 ++-- model/VacationHandler.php | 6 +++--- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/model/AliasHandler.php b/model/AliasHandler.php index e3bb1c31..c9e75df4 100644 --- a/model/AliasHandler.php +++ b/model/AliasHandler.php @@ -145,7 +145,7 @@ class AliasHandler { } if($this->hasAliasRecord() == false) { $true = db_get_boolean(True); - $sql = "INSERT INTO $table_alias (address, goto, domain, created, modified, active) VALUES ('$username', '$goto', '$domain', NOW(), NOW(), $true)"; + $sql = "INSERT INTO $table_alias (address, goto, domain, created, modified, active) VALUES ('$username', '$goto', '$domain', NOW(), NOW(), '$true')"; } else { $sql = "UPDATE $table_alias SET goto = '$goto', modified = NOW() WHERE address = '$username'"; diff --git a/model/UserHandler.php b/model/UserHandler.php index d6250b71..486742e1 100644 --- a/model/UserHandler.php +++ b/model/UserHandler.php @@ -30,7 +30,7 @@ class UserHandler { $table_mailbox = table_by_key('mailbox'); $active = db_get_boolean(True); - $result = db_query("SELECT * FROM $table_mailbox WHERE username='$username' AND active=$active"); + $result = db_query("SELECT * FROM $table_mailbox WHERE username='$username' AND active='$active'"); $new_db_password = escape_string(pacrypt($new_password)); $result = db_query ("UPDATE $table_mailbox SET password='$new_db_password',modified=NOW() WHERE username='$username'"); @@ -51,7 +51,7 @@ class UserHandler { $table_mailbox = table_by_key('mailbox'); $active = db_get_boolean(True); - $query = "SELECT password FROM $table_mailbox WHERE username='$username' AND active=$active"; + $query = "SELECT password FROM $table_mailbox WHERE username='$username' AND active='$active'"; $result = db_query ($query); if ($result['rows'] == 1) diff --git a/model/VacationHandler.php b/model/VacationHandler.php index 063b5c14..98299707 100644 --- a/model/VacationHandler.php +++ b/model/VacationHandler.php @@ -29,7 +29,7 @@ class VacationHandler { // tidy up vacation table. $active = db_get_boolean(False); $username = escape_string($this->username); - $result = db_query("UPDATE $table_vacation SET active = $active WHERE email='$username'"); + $result = db_query("UPDATE $table_vacation SET active = '$active' WHERE email='$username'"); $result = db_query("DELETE FROM $table_vacation_notification WHERE on_vacation='$username'"); /* crap error handling; oh for exceptions... */ return true; @@ -95,12 +95,12 @@ class VacationHandler { $active = db_get_boolean(True); // check if the user has a vacation entry already, if so just update it if($result['rows'] == 1) { - $result = db_query("UPDATE $table_vacation SET active = $active, body = '$body', subject = '$subject', created = NOW() WHERE email = '$username'"); + $result = db_query("UPDATE $table_vacation SET active = '$active', body = '$body', subject = '$subject', created = NOW() WHERE email = '$username'"); } else { $tmp = preg_split ('/@/', $username); $domain = escape_string($tmp[1]); - $result = db_query ("INSERT INTO $table_vacation (email,subject,body,domain,created,active) VALUES ('$username','$subject','$body','$domain',NOW(),$active)"); + $result = db_query ("INSERT INTO $table_vacation (email,subject,body,domain,created,active) VALUES ('$username','$subject','$body','$domain',NOW(),'$active')"); } $ah = new AliasHandler($this->username);