install/schemas/upgrade/1.1.6-1.1.7.php
author Dan Fuhry <dan@enanocms.org>
Tue, 16 Nov 2010 12:31:41 -0500
branch1.1.7-maintenance
changeset 1317 6012710ae538
parent 1181 91911e183685
child 1227 bdac73ed481e
permissions -rw-r--r--
SECURITY: Fix SQL injection in banlist check (1.1.7 branch)
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
1179
ac861c01a764 Added an upgrade hook to populate the author_uid column in logs, pending test by Neal
Dan
parents:
diff changeset
     1
<?php
ac861c01a764 Added an upgrade hook to populate the author_uid column in logs, pending test by Neal
Dan
parents:
diff changeset
     2
ac861c01a764 Added an upgrade hook to populate the author_uid column in logs, pending test by Neal
Dan
parents:
diff changeset
     3
// Migrate usernames in the logs table
ac861c01a764 Added an upgrade hook to populate the author_uid column in logs, pending test by Neal
Dan
parents:
diff changeset
     4
ac861c01a764 Added an upgrade hook to populate the author_uid column in logs, pending test by Neal
Dan
parents:
diff changeset
     5
global $db, $session, $paths, $template, $plugins; // Common objects
ac861c01a764 Added an upgrade hook to populate the author_uid column in logs, pending test by Neal
Dan
parents:
diff changeset
     6
1181
91911e183685 Forgot table_prefix in the logs table migrator
Dan
parents: 1179
diff changeset
     7
$q = $db->sql_query('SELECT user_id, username FROM ' . table_prefix . 'users;');
1179
ac861c01a764 Added an upgrade hook to populate the author_uid column in logs, pending test by Neal
Dan
parents:
diff changeset
     8
if ( !$q )
ac861c01a764 Added an upgrade hook to populate the author_uid column in logs, pending test by Neal
Dan
parents:
diff changeset
     9
  $db->_die();
ac861c01a764 Added an upgrade hook to populate the author_uid column in logs, pending test by Neal
Dan
parents:
diff changeset
    10
ac861c01a764 Added an upgrade hook to populate the author_uid column in logs, pending test by Neal
Dan
parents:
diff changeset
    11
$map = array();
ac861c01a764 Added an upgrade hook to populate the author_uid column in logs, pending test by Neal
Dan
parents:
diff changeset
    12
while($row = $db->fetchrow())
ac861c01a764 Added an upgrade hook to populate the author_uid column in logs, pending test by Neal
Dan
parents:
diff changeset
    13
{
ac861c01a764 Added an upgrade hook to populate the author_uid column in logs, pending test by Neal
Dan
parents:
diff changeset
    14
  $map[ $row['username'] ] = $row['user_id'];
ac861c01a764 Added an upgrade hook to populate the author_uid column in logs, pending test by Neal
Dan
parents:
diff changeset
    15
}
ac861c01a764 Added an upgrade hook to populate the author_uid column in logs, pending test by Neal
Dan
parents:
diff changeset
    16
$db->free_result();
ac861c01a764 Added an upgrade hook to populate the author_uid column in logs, pending test by Neal
Dan
parents:
diff changeset
    17
1181
91911e183685 Forgot table_prefix in the logs table migrator
Dan
parents: 1179
diff changeset
    18
$q = $db->sql_query('SELECT author FROM ' . table_prefix . 'logs WHERE author_uid = 1;');
1179
ac861c01a764 Added an upgrade hook to populate the author_uid column in logs, pending test by Neal
Dan
parents:
diff changeset
    19
if ( !$q )
ac861c01a764 Added an upgrade hook to populate the author_uid column in logs, pending test by Neal
Dan
parents:
diff changeset
    20
  $db->_die();
ac861c01a764 Added an upgrade hook to populate the author_uid column in logs, pending test by Neal
Dan
parents:
diff changeset
    21
ac861c01a764 Added an upgrade hook to populate the author_uid column in logs, pending test by Neal
Dan
parents:
diff changeset
    22
$updated = array();
ac861c01a764 Added an upgrade hook to populate the author_uid column in logs, pending test by Neal
Dan
parents:
diff changeset
    23
ac861c01a764 Added an upgrade hook to populate the author_uid column in logs, pending test by Neal
Dan
parents:
diff changeset
    24
while ( $row = $db->fetchrow($q) )
ac861c01a764 Added an upgrade hook to populate the author_uid column in logs, pending test by Neal
Dan
parents:
diff changeset
    25
{
ac861c01a764 Added an upgrade hook to populate the author_uid column in logs, pending test by Neal
Dan
parents:
diff changeset
    26
  if ( isset($map[ $row['author'] ]) && !is_valid_ip($row['author']) && !in_array($row['author'], $updated) )
ac861c01a764 Added an upgrade hook to populate the author_uid column in logs, pending test by Neal
Dan
parents:
diff changeset
    27
  {
ac861c01a764 Added an upgrade hook to populate the author_uid column in logs, pending test by Neal
Dan
parents:
diff changeset
    28
    $author = $db->escape($row['author']);
1181
91911e183685 Forgot table_prefix in the logs table migrator
Dan
parents: 1179
diff changeset
    29
    $sql = "UPDATE " . table_prefix . "logs SET author_uid = {$map[ $row['author'] ]} WHERE author = '$author';";
1179
ac861c01a764 Added an upgrade hook to populate the author_uid column in logs, pending test by Neal
Dan
parents:
diff changeset
    30
    if ( !$db->sql_query($sql) )
ac861c01a764 Added an upgrade hook to populate the author_uid column in logs, pending test by Neal
Dan
parents:
diff changeset
    31
      $db->_die();
ac861c01a764 Added an upgrade hook to populate the author_uid column in logs, pending test by Neal
Dan
parents:
diff changeset
    32
    $updated[] = $row['author'];
ac861c01a764 Added an upgrade hook to populate the author_uid column in logs, pending test by Neal
Dan
parents:
diff changeset
    33
  }
ac861c01a764 Added an upgrade hook to populate the author_uid column in logs, pending test by Neal
Dan
parents:
diff changeset
    34
}
ac861c01a764 Added an upgrade hook to populate the author_uid column in logs, pending test by Neal
Dan
parents:
diff changeset
    35