aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBrian Evans <grknight@gentoo.org>2018-01-30 09:53:01 -0500
committerBrian Evans <grknight@gentoo.org>2018-01-30 09:53:01 -0500
commit0184aecdf36ab398ef3696e5211aff53b7239772 (patch)
treeae27c917659a9451c24031f47222b0d4b5dc5cab
parentMore database typo fixes (diff)
downloadbouncer-0184aecdf36ab398ef3696e5211aff53b7239772.tar.gz
bouncer-0184aecdf36ab398ef3696e5211aff53b7239772.tar.bz2
bouncer-0184aecdf36ab398ef3696e5211aff53b7239772.zip
Fix query errors and missing indexes; add error handling for user facing
-rw-r--r--php/admin/mirror-list.php2
-rw-r--r--php/index-list.php16
-rw-r--r--php/index.php23
-rw-r--r--php/lib/auth.php2
4 files changed, 30 insertions, 13 deletions
diff --git a/php/admin/mirror-list.php b/php/admin/mirror-list.php
index e0876d4..29f6e9b 100644
--- a/php/admin/mirror-list.php
+++ b/php/admin/mirror-list.php
@@ -40,7 +40,7 @@ if (!empty($_GET['os_id'])&&!empty($_GET['product_id'])) {
mirror_locations.product_id = ? AND
mirror_location_mirror_map.location_active = '1' AND
mirror_mirrors.mirror_active = '1'
- ", PDO::FETCH_ASSOC, [$os_id, $product_id]);
+ ", PDO::FETCH_ASSOC, null, [$os_id, $product_id]);
header("Content-type: text/plain;");
foreach ($mirrors as $mirror) {
diff --git a/php/index-list.php b/php/index-list.php
index 1b158b7..861ba95 100644
--- a/php/index-list.php
+++ b/php/index-list.php
@@ -7,7 +7,9 @@
require_once('./cfg/init.php');
require_once(LIB.'/auth.php'); // auth functions
require_once(LIB.'/forms.php'); // form library
-error_reporting(E_GET);
+ob_start();
+
+try{
if (!empty($_GET['os'])&&!empty($_GET['product'])) {
// clean in os and product strings
@@ -44,7 +46,7 @@ if (!empty($os_id)&&!empty($product_id)) {
mirror_mirrors.mirror_active = '1'
ORDER BY
mirror_rating DESC, mirror_baseurl
- ", PDO::FETCH_ASSOC, [$os_id, $product_id]);
+ ", PDO::FETCH_ASSOC, null, [$os_id, $product_id]);
header("Content-type: text/plain;");
foreach ($mirrors as $mirror) {
@@ -68,15 +70,21 @@ if (!empty($os_id)&&!empty($product_id)) {
echo '<div>';
form_label('Product', 'product','label-small');
form_select('product_id','product','',Mirror::get_products_select(),$_GET['product_id']);
- echo ' [<a href="./products.php">edit products</a>]';
+ echo ' [<a href="admin/products.php">edit products</a>]';
echo '</div><br />';
echo '<div>';
form_label('OS', 'os','label-small');
form_select('os_id','os','',Mirror::get_oss_select(),$_GET['os_id']);
- echo ' [<a href="./os.php">edit operating systems</a>]';
+ echo ' [<a href="admin/os.php">edit operating systems</a>]';
echo '</div><br />';
form_submit('submit','','button1','Update');
form_end();
require_once(FOOTER);
}
+
+} catch (Exception $ex) {
+ header("Status: 500", true, 500);
+ echo "An unexpected error has occurred.";
+ trigger_error($ex->getMessage() . ' ' . $ex->getTraceAsString(), E_USER_WARNING);
+}
diff --git a/php/index.php b/php/index.php
index 28b29b8..aeb7128 100644
--- a/php/index.php
+++ b/php/index.php
@@ -4,14 +4,14 @@
* @package mirror
* @subpackage pub
*/
-error_reporting(0); // hide all errors
+ob_start();
require_once('./cfg/config.php'); // config file that defines constants
// if we don't have an os, make it windows, playing the odds
if (empty($_GET['os'])) {
$_GET['os'] = 'Any';
}
-
+try{
// do we even have an os or product?
if (!empty($_GET['os'])&&!empty($_GET['product'])) {
require_once(LIB.'/db.php'); // core mysql wrappers
@@ -27,19 +27,19 @@ if (!empty($_GET['os'])&&!empty($_GET['product'])) {
// do we have a valid os and product?
if (!empty($os_id)&&!empty($product_id)) {
- $location = DB::get_one("SELECT location_id,location_path FROM mirror_locations WHERE product_id={$product_id} AND os_id={$os_id}");
+ $location = DB::get_one("SELECT location_id,location_path FROM mirror_locations WHERE product_id=? AND os_id=?", PDO::FETCH_ASSOC, [$product_id, $os_id]);
// did we get a valid location?
if (!empty($location)) {
- $mirror = DB::get_one("SELECT mirror_mirrors.mirror_id,mirror_baseurl FROM mirror_mirrors, mirror_location_mirror_map WHERE mirror_mirrors.mirror_id = mirror_location_mirror_map.mirror_id AND mirror_location_mirror_map.location_id = {$location['location_id']} AND mirror_active='1' AND location_active ='1' ORDER BY rand()*(1/mirror_rating)");
+ $mirror = DB::get_one("SELECT mirror_mirrors.mirror_id,mirror_baseurl FROM mirror_mirrors JOIN mirror_location_mirror_map ON mirror_mirrors.mirror_id = mirror_location_mirror_map.mirror_id WHERE mirror_location_mirror_map.location_id = ? AND mirror_active='1' AND location_active ='1' ORDER BY rand()*(1/mirror_rating)", PDO::FETCH_ASSOC, [$location['location_id']]);
// did we get a valid mirror?
if (!empty($mirror)) {
// if logging is enabled, insert log
if (LOGGING) {
- DB::query("UPDATE mirror_mirrors SET mirror_count=mirror_count+1 WHERE mirror_id={$mirror['mirror_id']}");
- DB::query("UPDATE mirror_products SET product_count=product_count+1 WHERE product_id={$product_id}");
+ DB::query("UPDATE mirror_mirrors SET mirror_count=mirror_count+1 WHERE mirror_id=?", [$mirror['mirror_id']]);
+ DB::query("UPDATE mirror_products SET product_count=product_count+1 WHERE product_id=?", [$product_id]);
}
// LANGUAGE HACK
@@ -51,7 +51,7 @@ if (!empty($_GET['os'])&&!empty($_GET['product'])) {
// BitTorrent HACK - robbat2
if (!empty($_GET['extra'])) {
$extra = $_GET['extra'];
- $location['location_path'] .= ereg_replace('\?.*|&.*','',$extra);
+ $location['location_path'] .= preg_replace('/\?.*|&.*/','',$extra);
}
// if we are just testing, then just print and exit.
@@ -62,11 +62,20 @@ if (!empty($_GET['os'])&&!empty($_GET['product'])) {
// otherwise, by default, redirect them and exit
header('Location: '.$mirror['mirror_baseurl'].$location['location_path']);
+ var_dump($mirror);
exit;
}
}
}
}
+}
+catch (Exception $ex) {
+ header("Status: 500", true, 500);
+ echo "An unexpected error has occurred.";
+ trigger_error($ex->getMessage() . ' ' . $ex->getTraceAsString(), E_USER_WARNING);
+ exit();
+}
+
// if we get here, the request was invalid; redirect to Gentoo home
header('Location: http://www.gentoo.org/');
diff --git a/php/lib/auth.php b/php/lib/auth.php
index eb6319c..68bf91a 100644
--- a/php/lib/auth.php
+++ b/php/lib/auth.php
@@ -62,7 +62,7 @@ public static function query($username,$password)
private static function password_upgrade($userrow, $username, $password) {
require_once(LIB.'/mirror.php'); //Upgrade password security
- Mirror::update_user($userrow['user_id'],$username,$password,$password,$userrow['firstname'],$userrow['lastname'],$userrow['email']);
+ Mirror::update_user($userrow['user_id'],$username,$password,$password,$userrow['user_firstname'],$userrow['user_lastname'],$userrow['user_email']);
}
/**