]> git.datanom.net - qtadmin.git/blob - lib/db_mysqli.inc.php
Enhance security
[qtadmin.git] / lib / db_mysqli.inc.php
1 <?php
2 /* vim: set ts=4 tw=0 sw=4 noet: */
3 require_once $CFG->root .'lib/db_implementation.php';
4
5 class DBMysqli extends DBImpl {
6
7 private static $_instance = null;
8 private $con = null;
9 private $charset = 'utf8';
10 private $numRows = -1;
11
12 private function __construct() {
13 $this->connect();
14 }
15
16 function __destruct() {
17 if ($this->con) {
18 $this->con->close();
19 $this->con = null;
20 }
21 }
22
23 private function __clone() {}
24
25 public static function getInstance() {
26 if (!is_object(self::$_instance)) {
27 self::$_instance = new DBMysqli();
28 }
29 return self::$_instance;
30 }
31
32 private function connect() {
33 global $CFG;
34
35 if (!$this->con) {
36 $this->con = new mysqli($CFG->amavisd_db_host, $CFG->amavisd_db_user,
37 $CFG->amavisd_db_password, $CFG->amavisd_db_name,
38 $CFG->amavisd_db_port);
39 if ($this->con->connect_error) {
40 die ('Connect error ('.$this->con->connect_errno.') '.
41 $this->con->connect_error);
42 }
43 }
44 }
45
46 public function setCharset($charset = 'utf8') {
47 $this->charset = $charset;
48 }
49
50 private function changeCharset() {
51 if (!$this->con->set_charset($this->charset)) {
52 printf("Error loading character set %s: %s\n", $this->charset, $this->con->error);
53 }
54 }
55
56 public function update($sql) {
57 $success = true;
58
59 if (! is_array($sql)) {
60 $sql = array($sql);
61 }
62
63 $this->con->autocommit(false);
64 foreach ($sql as $query) {
65 $this->con->query($query) ? null : $success = false;
66 }
67 $success ? $this->con->commit() : $this->con->rollback();
68 $this->con->autocommit(true);
69
70 return $success;
71 }
72
73 function getMarked($recipient = 'all') {
74 $all = array();
75
76 $query = "select distinct m.mail_id as id from quarantine q, msgrcpt m, msgs s, maddr r ";
77 $query .= "where m.mail_id = q.mail_id and q.mail_id = s.mail_id and m.rid = r.id ";
78 $query .= "and (m.rs = 'R' or m.rs = 'D')";
79
80 if ($recipient != 'all') {
81 $query .= " and email = '$recipient'";
82 }
83
84 if ($result = $this->con->query($query)) {
85 while ($row = $result->fetch_object()) {
86 $all[] = $row->id;
87 }
88 }
89
90 return $all;
91 }
92
93 public function getQMails($offset = -1, $rowsPerPage = -1, $recipient = 'all') {
94 $row = array();
95 $this->changeCharset();
96 $query = "SELECT DISTINCT quarantine.mail_id, secret_id, rs, bspam_level, ";
97 $query .= "(UNIX_TIMESTAMP(time_iso) + (3600 * 2)) AS time_iso, ";
98 $query .= "SUBSTRING(sender.email,1,35) AS sender, ";
99 $query .= "SUBSTRING(recipient.email,1,28) AS recipient, size, msgrcpt.content ";
100 $query .= "AS quaratinefor, SUBSTRING( subject, 1, 25) AS subject FROM ";
101 $query .= "`quarantine` LEFT JOIN msgrcpt ON msgrcpt.mail_id = quarantine.mail_id ";
102 $query .= "LEFT JOIN msgs ON msgs.mail_id = quarantine.mail_id LEFT JOIN maddr AS ";
103 $query .= "recipient ON msgrcpt.rid = recipient.id LEFT JOIN maddr AS sender ON ";
104 $query .= "msgs.sid = sender.id WHERE msgrcpt.rs != 'R' AND msgrcpt.rs != 'D'";
105
106 if ($recipient != 'all') {
107 $query .= " and recipient.email = '$recipient'";
108 }
109
110 if ($offset >= 0 && $rowsPerPage >= 0) {
111 $result = $this->con->query($query, MYSQLI_STORE_RESULT);
112 if ($result) {
113 $this->numRows = $result->num_rows;
114 $result->free();
115 } else {
116 $this->numRows = 0;
117 }
118 $query .= " ORDER BY time_iso DESC LIMIT $offset, $rowsPerPage";
119 }
120
121 if ($result = $this->con->query($query, MYSQLI_USE_RESULT)) {
122 if ($this->numRows < 0)
123 $this->numRows = $result->num_rows;
124 while ($obj = $result->fetch_object()) {
125 $row[] = $obj;
126 }
127 $result->free();
128 }
129
130 return $row;
131 }
132
133 public function numRows() {
134 return $this->numRows;
135 }
136
137 public function getMail($id) {
138 $row = null;
139
140 $this->changeCharset();
141 $query = "SELECT * FROM quarantine WHERE mail_id = '$id'";
142 if ($result = $this->con->query($query, MYSQLI_USE_RESULT)) {
143 $row = $result->fetch_object();
144 }
145
146 return $row;
147 }
148
149 }
150
151 ?>
This page took 0.13151 seconds and 6 git commands to generate.