moparisthebest/user_sql
1
0
Fork 0
mirror of https://github.com/moparisthebest/user_sql synced 2025-02-17 15:30:13 -05:00
Code Issues Releases Wiki Activity

Check if tables and columns exist before saving them. This fixes T18.

Browse Source
This commit is contained in:
Andreas Boehler 2016-09-10 12:11:16 +02:00
parent 540df33173
commit 493654af74
2 changed files with 205 additions and 85 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

193
ajax/settings.php
View File

@ -61,53 +61,89 @@ if(isset($_POST['appname']) && ($_POST['appname'] === 'user_sql') && isset($_POS
{ {
// Save the settings for the given domain to the database // Save the settings for the given domain to the database
case 'saveSettings': case 'saveSettings':
foreach($params as $param) $parameters = array('host' => $_POST['sql_hostname'],
'password' => $_POST['sql_password'],
'user' => $_POST['sql_username'],
'dbname' => $_POST['sql_database'],
'tablePrefix' => ''
);
// Check if the table exists
if(!$helper->verifyTable($parameters, $_POST['sql_driver'], $_POST['sql_table']))
{
$response->setData(array('status' => 'error',
'data' => array('message' => $l -> t('The selected SQL table '.$_POST['sql_table'].' does not exist!'))));
break;
}
// Retrieve all column settings
$columns = array();
foreach($params as $param)
{
if(strpos($param, 'col_') === 0)
{ {
// Special handling for checkbox fields if(isset($_POST[$param]) && $_POST[$param] !== '')
if(isset($_POST[$param])) $columns[] = $_POST[$param];
}
}
// Check if the columns exist
$status = $helper->verifyColumns($parameters, $_POST['sql_driver'], $_POST['sql_table'], $columns);
if($status !== true)
{
$response->setData(array('status' => 'error',
'data' => array('message' => $l -> t('The selected SQL column(s) do(es) not exist: '.$status))));
break;
}
// If we reach this point, all settings have been verified
foreach($params as $param)
{
// Special handling for checkbox fields
if(isset($_POST[$param]))
{
if($param === 'set_strip_domain')
{ {
if($param === 'set_strip_domain') \OC::$server->getConfig()->setAppValue('user_sql', 'set_strip_domain_'.$domain, 'true');
{ }
\OC::$server->getConfig()->setAppValue('user_sql', 'set_strip_domain_'.$domain, 'true'); elseif($param === 'set_allow_pwchange')
}
elseif($param === 'set_allow_pwchange')
{
\OC::$server->getConfig()->setAppValue('user_sql', 'set_allow_pwchange_'.$domain, 'true');
}
elseif($param === 'set_active_invert')
{
\OC::$server->getConfig()->setAppValue('user_sql', 'set_active_invert_'.$domain, 'true');
}
elseif($param === 'set_enable_gethome')
{
\OC::$server->getConfig()->setAppValue('user_sql', 'set_enable_gethome_'.$domain, 'true');
}
else
{
\OC::$server->getConfig()->setAppValue('user_sql', $param.'_'.$domain, $_POST[$param]);
}
} else
{ {
if($param === 'set_strip_domain') \OC::$server->getConfig()->setAppValue('user_sql', 'set_allow_pwchange_'.$domain, 'true');
{ }
\OC::$server->getConfig()->setAppValue('user_sql', 'set_strip_domain_'.$domain, 'false'); elseif($param === 'set_active_invert')
} {
elseif($param === 'set_allow_pwchange') \OC::$server->getConfig()->setAppValue('user_sql', 'set_active_invert_'.$domain, 'true');
{ }
\OC::$server->getConfig()->setAppValue('user_sql', 'set_allow_pwchange_'.$domain, 'false'); elseif($param === 'set_enable_gethome')
} {
elseif($param === 'set_active_invert') \OC::$server->getConfig()->setAppValue('user_sql', 'set_enable_gethome_'.$domain, 'true');
{ }
\OC::$server->getConfig()->setAppValue('user_sql', 'set_active_invert_'.$domain, 'false'); else
} {
elseif($param === 'set_enable_gethome') \OC::$server->getConfig()->setAppValue('user_sql', $param.'_'.$domain, $_POST[$param]);
{ }
\OC::$server->getConfig()->setAppValue('user_sql', 'set_enable_gethome_'.$domain, 'false'); } else
} {
if($param === 'set_strip_domain')
{
\OC::$server->getConfig()->setAppValue('user_sql', 'set_strip_domain_'.$domain, 'false');
}
elseif($param === 'set_allow_pwchange')
{
\OC::$server->getConfig()->setAppValue('user_sql', 'set_allow_pwchange_'.$domain, 'false');
}
elseif($param === 'set_active_invert')
{
\OC::$server->getConfig()->setAppValue('user_sql', 'set_active_invert_'.$domain, 'false');
}
elseif($param === 'set_enable_gethome')
{
\OC::$server->getConfig()->setAppValue('user_sql', 'set_enable_gethome_'.$domain, 'false');
} }
} }
$response->setData(array('status' => 'success', }
'data' => array('message' => $l -> t('Application settings successfully stored.')))); $response->setData(array('status' => 'success',
'data' => array('message' => $l -> t('Application settings successfully stored.'))));
break; break;
// Load the settings for a given domain // Load the settings for a given domain
@ -160,69 +196,56 @@ if(isset($_POST['appname']) && ($_POST['appname'] === 'user_sql') && isset($_POS
// Get the autocompletion values for a column // Get the autocompletion values for a column
case 'getColumnAutocomplete': case 'getColumnAutocomplete':
$cm = new \OC\DB\ConnectionFactory();
$search = $_POST['request'];
$table = $_POST['sql_table'];
$parameters = array('host' => $_POST['sql_hostname'], $parameters = array('host' => $_POST['sql_hostname'],
'password' => $_POST['sql_password'], 'password' => $_POST['sql_password'],
'user' => $_POST['sql_username'], 'user' => $_POST['sql_username'],
'dbname' => $_POST['sql_database'], 'dbname' => $_POST['sql_database'],
'tablePrefix' => '' 'tablePrefix' => ''
); );
try {
$conn = $cm -> getConnection($_POST['sql_driver'], $parameters); if($helper->verifyTable($parameters, $_POST['sql_driver'], $_POST['sql_table']))
$platform = $conn -> getDatabasePlatform(); $columns = $helper->getColumns($parameters, $_POST['sql_driver'], $_POST['sql_table']);
$query = $platform -> getListTableColumnsSQL($table); else
$result = $conn -> executeQuery($query); $columns = array();
$ret = array();
while($row = $result -> fetch()) $search = $_POST['request'];
{ $ret = array();
$name = $row['Field'];
if(($search === '') || ($search === 'search') || (strpos($name, $search) === 0)) foreach($columns as $name)
{
$ret[] = array('label' => $name,
'value' => $name);
}
}
$response -> setData($ret);
}
catch(\Exception $e)
{ {
$response->setData(array()); if(($search === '') || ($search === 'search') || (strpos($name, $search) === 0))
{
$ret[] = array('label' => $name,
'value' => $name);
}
} }
$response -> setData($ret);
break; break;
// Get the autocompletion values for a table // Get the autocompletion values for a table
case 'getTableAutocomplete': case 'getTableAutocomplete':
$cm = new \OC\DB\ConnectionFactory();
$search = $_POST['request'];
$parameters = array('host' => $_POST['sql_hostname'], $parameters = array('host' => $_POST['sql_hostname'],
'password' => $_POST['sql_password'], 'password' => $_POST['sql_password'],
'user' => $_POST['sql_username'], 'user' => $_POST['sql_username'],
'dbname' => $_POST['sql_database'], 'dbname' => $_POST['sql_database'],
'tablePrefix' => '' 'tablePrefix' => ''
); );
try {
$conn = $cm -> getConnection($_POST['sql_driver'], $parameters); $tables = $helper->getTables($parameters, $_POST['sql_driver']);
$platform = $conn -> getDatabasePlatform();
$query = $platform -> getListTablesSQL(); $search = $_POST['request'];
$result = $conn -> executeQuery($query); $ret = array();
$ret = array(); foreach($tables as $name)
while($row = $result -> fetch())
{
$name = $row['Tables_in_'.$_POST['sql_database']];
if(($search === '') || ($search === 'search') || (strpos($name, $search) === 0))
{
$ret[] = array('label' => $name,
'value' => $name);
}
}
$response -> setData($ret);
}
catch(\Exception $e)
{ {
$response->setData(array()); if(($search === '') || ($search === 'search') || (strpos($name, $search) === 0))
{
$ret[] = array('label' => $name,
'value' => $name);
}
} }
$response -> setData($ret);
break; break;
} }

97
lib/helper.php
View File

@ -247,5 +247,102 @@ class Helper {
} }
} }
/**
* Check if all of the given columns exist
* @param array $parameters The connection parameters
* @param string $sql_driver The SQL driver to use
* @param string $table The table name to check
* @param array $cols The columns to check
* @param array True if found, otherwise false
*/
public function verifyColumns($parameters, $sql_driver, $table, $cols)
{
$columns = $this->getColumns($parameters, $sql_driver, $table);
$res = true;
$err = '';
foreach($cols as $col)
{
if(!in_array($col, $columns, true))
{
$res = false;
$err .= $col.' ';
}
}
if($res)
return true;
else
return $err;
}
/**
* Check if a given table exists
* @param array $parameters The connection parameters
* @param string $sql_driver The SQL driver to use
* @param string $table The table name to check
* @param array True if found, otherwise false
*/
public function verifyTable($parameters, $sql_driver, $table)
{
$tables = $this->getTables($parameters, $sql_driver);
return in_array($table, $tables, true);
}
/**
* Retrieve a list of tables for the given connection parameters
* @param array $parameters The connection parameters
* @param string $sql_driver The SQL driver to use
* @return array The found tables, empty if an error occured
*/
public function getTables($parameters, $sql_driver)
{
$cm = new \OC\DB\ConnectionFactory();
try {
$conn = $cm -> getConnection($sql_driver, $parameters);
$platform = $conn -> getDatabasePlatform();
$query = $platform -> getListTablesSQL();
$result = $conn -> executeQuery($query);
$ret = array();
while($row = $result -> fetch())
{
$name = $row['Tables_in_'.$parameters['dbname']];
$ret[] = $name;
}
return $ret;
}
catch(\Exception $e)
{
return array();
}
}
/**
* Retrieve a list of columns for the given connection parameters
* @param array $parameters The connection parameters
* @param string $sql_driver The SQL driver to use
* @param string $table The SQL table to work with
* @return array The found column, empty if an error occured
*/
public function getColumns($parameters, $sql_driver, $table)
{
$cm = new \OC\DB\ConnectionFactory();
try {
$conn = $cm -> getConnection($sql_driver, $parameters);
$platform = $conn -> getDatabasePlatform();
$query = $platform -> getListTableColumnsSQL($table);
$result = $conn -> executeQuery($query);
$ret = array();
while($row = $result -> fetch())
{
$name = $row['Field'];
$ret[] = $name;
}
return $ret;
}
catch(\Exception $e)
{
return array();
}
}
} }