diff options
| author |   Brian Evans <grknight@gentoo.org> | 2018-01-30 09:53:01 -0500 |
|---|---|---|
| committer | Brian Evans <grknight@gentoo.org> | 2018-01-30 09:53:01 -0500 |
| commit | 0184aecdf36ab398ef3696e5211aff53b7239772 (patch) | |
| tree | ae27c917659a9451c24031f47222b0d4b5dc5cab | |
| parent | More database typo fixes (diff) | |
| download | bouncer-0184aecd.tar.gz bouncer-0184aecd.tar.bz2 bouncer-0184aecd.zip | |
Fix query errors and missing indexes; add error handling for user facing
| -rw-r--r-- | php/admin/mirror-list.php | 2 | ||||
| -rw-r--r-- | php/index-list.php | 16 | ||||
| -rw-r--r-- | php/index.php | 23 | ||||
| -rw-r--r-- | php/lib/auth.php | 2 |
4 files changed, 30 insertions, 13 deletions
diff --git a/php/admin/mirror-list.php b/php/admin/mirror-list.php index e0876d4..29f6e9b 100644 --- a/php/admin/mirror-list.php +++ b/php/admin/mirror-list.php @@ -40,7 +40,7 @@ if (!empty($_GET['os_id'])&&!empty($_GET['product_id'])) { mirror_locations.product_id = ? AND mirror_location_mirror_map.location_active = '1' AND mirror_mirrors.mirror_active = '1' - ", PDO::FETCH_ASSOC, [$os_id, $product_id]); + ", PDO::FETCH_ASSOC, null, [$os_id, $product_id]); header("Content-type: text/plain;"); foreach ($mirrors as $mirror) { diff --git a/php/index-list.php b/php/index-list.php index 1b158b7..861ba95 100644 --- a/php/index-list.php +++ b/php/index-list.php @@ -7,7 +7,9 @@ require_once('./cfg/init.php'); require_once(LIB.'/auth.php'); // auth functions require_once(LIB.'/forms.php'); // form library -error_reporting(E_GET); +ob_start(); + +try{ if (!empty($_GET['os'])&&!empty($_GET['product'])) { // clean in os and product strings @@ -44,7 +46,7 @@ if (!empty($os_id)&&!empty($product_id)) { mirror_mirrors.mirror_active = '1' ORDER BY mirror_rating DESC, mirror_baseurl - ", PDO::FETCH_ASSOC, [$os_id, $product_id]); + ", PDO::FETCH_ASSOC, null, [$os_id, $product_id]); header("Content-type: text/plain;"); foreach ($mirrors as $mirror) { @@ -68,15 +70,21 @@ if (!empty($os_id)&&!empty($product_id)) { echo '<div>'; form_label('Product', 'product','label-small'); form_select('product_id','product','',Mirror::get_products_select(),$_GET['product_id']); - echo ' [<a href="./products.php">edit products</a>]'; + echo ' [<a href="admin/products.php">edit products</a>]'; echo '</div><br />'; echo '<div>'; form_label('OS', 'os','label-small'); form_select('os_id','os','',Mirror::get_oss_select(),$_GET['os_id']); - echo ' [<a href="./os.php">edit operating systems</a>]'; + echo ' [<a href="admin/os.php">edit operating systems</a>]'; echo '</div><br />'; form_submit('submit','','button1','Update'); form_end(); require_once(FOOTER); } + +} catch (Exception $ex) { + header("Status: 500", true, 500); + echo "An unexpected error has occurred."; + trigger_error($ex->getMessage() . ' ' . $ex->getTraceAsString(), E_USER_WARNING); +} diff --git a/php/index.php b/php/index.php index 28b29b8..aeb7128 100644 --- a/php/index.php +++ b/php/index.php @@ -4,14 +4,14 @@ * @package mirror * @subpackage pub */ -error_reporting(0); // hide all errors +ob_start(); require_once('./cfg/config.php'); // config file that defines constants // if we don't have an os, make it windows, playing the odds if (empty($_GET['os'])) { $_GET['os'] = 'Any'; } - +try{ // do we even have an os or product? if (!empty($_GET['os'])&&!empty($_GET['product'])) { require_once(LIB.'/db.php'); // core mysql wrappers @@ -27,19 +27,19 @@ if (!empty($_GET['os'])&&!empty($_GET['product'])) { // do we have a valid os and product? if (!empty($os_id)&&!empty($product_id)) { - $location = DB::get_one("SELECT location_id,location_path FROM mirror_locations WHERE product_id={$product_id} AND os_id={$os_id}"); + $location = DB::get_one("SELECT location_id,location_path FROM mirror_locations WHERE product_id=? AND os_id=?", PDO::FETCH_ASSOC, [$product_id, $os_id]); // did we get a valid location? if (!empty($location)) { - $mirror = DB::get_one("SELECT mirror_mirrors.mirror_id,mirror_baseurl FROM mirror_mirrors, mirror_location_mirror_map WHERE mirror_mirrors.mirror_id = mirror_location_mirror_map.mirror_id AND mirror_location_mirror_map.location_id = {$location['location_id']} AND mirror_active='1' AND location_active ='1' ORDER BY rand()*(1/mirror_rating)"); + $mirror = DB::get_one("SELECT mirror_mirrors.mirror_id,mirror_baseurl FROM mirror_mirrors JOIN mirror_location_mirror_map ON mirror_mirrors.mirror_id = mirror_location_mirror_map.mirror_id WHERE mirror_location_mirror_map.location_id = ? AND mirror_active='1' AND location_active ='1' ORDER BY rand()*(1/mirror_rating)", PDO::FETCH_ASSOC, [$location['location_id']]); // did we get a valid mirror? if (!empty($mirror)) { // if logging is enabled, insert log if (LOGGING) { - DB::query("UPDATE mirror_mirrors SET mirror_count=mirror_count+1 WHERE mirror_id={$mirror['mirror_id']}"); - DB::query("UPDATE mirror_products SET product_count=product_count+1 WHERE product_id={$product_id}"); + DB::query("UPDATE mirror_mirrors SET mirror_count=mirror_count+1 WHERE mirror_id=?", [$mirror['mirror_id']]); + DB::query("UPDATE mirror_products SET product_count=product_count+1 WHERE product_id=?", [$product_id]); } // LANGUAGE HACK @@ -51,7 +51,7 @@ if (!empty($_GET['os'])&&!empty($_GET['product'])) { // BitTorrent HACK - robbat2 if (!empty($_GET['extra'])) { $extra = $_GET['extra']; - $location['location_path'] .= ereg_replace('\?.*|&.*','',$extra); + $location['location_path'] .= preg_replace('/\?.*|&.*/','',$extra); } // if we are just testing, then just print and exit. @@ -62,11 +62,20 @@ if (!empty($_GET['os'])&&!empty($_GET['product'])) { // otherwise, by default, redirect them and exit header('Location: '.$mirror['mirror_baseurl'].$location['location_path']); + var_dump($mirror); exit; } } } } +} +catch (Exception $ex) { + header("Status: 500", true, 500); + echo "An unexpected error has occurred."; + trigger_error($ex->getMessage() . ' ' . $ex->getTraceAsString(), E_USER_WARNING); + exit(); +} + // if we get here, the request was invalid; redirect to Gentoo home header('Location: http://www.gentoo.org/'); diff --git a/php/lib/auth.php b/php/lib/auth.php index eb6319c..68bf91a 100644 --- a/php/lib/auth.php +++ b/php/lib/auth.php @@ -62,7 +62,7 @@ public static function query($username,$password) private static function password_upgrade($userrow, $username, $password) { require_once(LIB.'/mirror.php'); //Upgrade password security - Mirror::update_user($userrow['user_id'],$username,$password,$password,$userrow['firstname'],$userrow['lastname'],$userrow['email']); + Mirror::update_user($userrow['user_id'],$username,$password,$password,$userrow['user_firstname'],$userrow['user_lastname'],$userrow['user_email']); } /** |