getMessage()); } } private function getMsg($resource) { $err = $resource->errorInfo(); if (count($err) > 2) return $err[2]; else return ""; } function initDatabase($name, $pwd, $uid) { } function createDatabase($name) { $sql = "select count(*) as found from sqlite_master where type = 'table' and name = 'user'"; $sth = $this->prepare($sql); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; throw new Exception($err); } $sth->execute(); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; throw new Exception($err); } $res = $sth->fetch(); if ($res['found'] == 0) { $this->beginTransaction(); include 'db_create.sqlite.php'; $db = make_sql_stm(); foreach ($db as $sql) { $sth->closeCursor(); $sth = $this->prepare($sql); if ($sth->errorCode() && $sth->errorCode() != '00000') { $this->rollBack(); $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; throw new Exception($err); } $sth->execute(); if ($sth->errorCode() && $sth->errorCode() != '00000') { $this->rollBack(); $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; throw new Exception($err); } } $this->commit(); } else throw new Exception("Database exists"); } function getViewStyle($uid) { $sql = "select userview from user u where u.uid = ?"; $sth = $this->prepare($sql); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } $sth->execute(array($uid)); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } $res = $sth->fetch(); return $res[0]; } function getRole($uid) { $sql = "select userrole from user u where u.uid = ?"; $sth = $this->prepare($sql); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } $sth->execute(array($uid)); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } $res = $sth->fetch(); return $res[0]; } function getTimeout($uid) { $sql = "select timeout from user u where u.uid = ?"; $sth = $this->prepare($sql); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } $sth->execute(array($uid)); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } $res = $sth->fetch(); return $res[0]; } function getTimezone($uid) { $sql = "select timezone from user u where u.uid = ?"; $sth = $this->prepare($sql); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } $sth->execute(array($uid)); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } $res = $sth->fetch(); return $res[0]; } function getStartWeek($uid) { $sql = "select weekstart from user u where u.uid = ?"; $sth = $this->prepare($sql); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } $sth->execute(array($uid)); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } $res = $sth->fetch(); return ($res[0]) ? 'MO' : 'SU'; } function getStartHour($uid) { $sql = "select daystart from user u where u.uid = ?"; $sth = $this->prepare($sql); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } $sth->execute(array($uid)); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } $res = $sth->fetch(); return $res[0]; } function getEndHour($uid) { $sql = "select daystart from user u where u.uid = ?"; $sth = $this->prepare($sql); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } $sth->execute(array($uid)); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } $res = $sth->fetch(); return $res[0]; } function authenticate($uid, $pwd) { $res = array(); $sql = "select userrole, timeout, userview, weekstart, daystart, dayend, timezone, seckey, pubkey, c.id id, name, color, config from user u left join calendar c on c.uid = u.id where u.uid = ? and u.pwd = ?"; $sth = $this->prepare($sql); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; throw new Exception($err); } $sth->execute(array($uid,$pwd)); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; throw new Exception($err); } $res = $sth->fetchAll(PDO::FETCH_ASSOC); return $res; } function addUser($data) { $sql = "insert into user (uid, pwd, timezone, userrole, seckey, pubkey, " . "timeout, userview, weekstart, daystart, dayend) values (?,?,?,?,?,?,?,?,?,?,?)"; $sth = $this->prepare($sql); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } $this->beginTransaction(); $sth->execute(array($data['uid'],$data['pwd'],$data['timezone'], $data['userrole'],$data['seckey'],$data['pubkey'], $data['timeout'], $data['view'], ($data['week_start'] == false) ? 0 : 1, $data['start'], $data['end'])); if ($sth->errorCode() && $sth->errorCode() != '00000') { $this->rollBack(); $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } $this->commit(); return TRUE; } function setUserSettings($uid, $data) { $sql = "update user set userrole = ?, timeout = ?, userview = ?, weekstart = ?, daystart = ?, dayend = ?, timezone = ? where uid = ?"; $sth = $this->prepare($sql); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } $this->beginTransaction(); $sth->execute(array($data['userrole'],$data['timeout'], $data['userview'],$data['weekstart'],$data['daystart'], $data['dayend'],$data['timezone'],$uid)); if ($sth->errorCode() && $sth->errorCode() != '00000') { $this->rollBack(); $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } $this->commit(); return TRUE; } /* timeout integer default 3600, userview text default 'week', weekstart integer default 0, daystart real default 8.00, dayend real default 17.00, timezone text default 'Etc/UTC', */ function changeDefault($data) { $temp = <<<_TEMP CREATE TEMPORARY TABLE tmpuser ( id integer, uid text, pwd text, userrole integer, timeout integer, userview text, weekstart integer, daystart real, dayend real, timezone text, seckey text, pubkey text ) _TEMP; $table = <<<_TABLE CREATE TABLE user ( id integer primary key autoincrement, uid text not null, pwd text not null, userrole integer not null, timeout integer default __TIMEOUT__, userview text default '__VIEW__', weekstart integer default __WEEKSTART__, daystart real default __DAYSTART__, dayend real default __DAYEND__, timezone text default '__TIMEZONE__', seckey text default '', pubkey text default '', constraint uid_index unique (uid) constraint userrole_fk foreign key (userrole) references roles (id) on delete restrict on update cascade on insert cascade ) _TABLE; $table = str_replace('__TIMEOUT__', $data['TIMEOUT'], $table); $table = str_replace('__VIEW__', $data['VIEW_STYLE'], $table); $table = str_replace('__WEEKSTART__', $data['WEEK_START_SUNDAY'], $table); $table = str_replace('__DAYSTART__', $data['START_HOUR'], $table); $table = str_replace('__DAYEND__', $data['END_HOUR'], $table); $table = str_replace('__TIMEZONE__', $data['TIMEZONE'], $table); $this->beginTransaction(); if ($this->exec($temp) === FALSE) { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; $this->rollBack(); return $err; } if ($this->exec('insert into tmpuser select * from user') === FALSE) { $err = "cp to tmp table\n"; $err .= $this->getMsg($this)."\n"; $this->rollBack(); return $err; } if ($this->exec('drop table user') === FALSE) { $err = "drop user table\n"; $err .= $this->getMsg($this)."\n"; $this->rollBack(); return $err; } if ($this->exec($table) === FALSE) { $err = "create table\n"; $err .= $this->getMsg($this)."\n"; $this->rollBack(); return $err; } if ($this->exec('insert into user select * from tmpuser') === FALSE) { $err = "cp tmp to user table\n"; $err .= $this->getMsg($this)."\n"; $this->rollBack(); return $err; } if ($this->exec('drop table tmpuser') === FALSE) { $err = "drop user table\n"; $err .= $this->getMsg($this)."\n"; $this->rollBack(); return $err; } $this->commit(); return TRUE; } function deleteUser($uid) { $sql = "delete from user where uid = ?"; $sth = $this->prepare($sql); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } $this->beginTransaction(); $sth->execute(array($uid)); if ($sth->errorCode() && $sth->errorCode() != '00000') { $this->rollBack(); $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } $this->commit(); return TRUE; } function addCalendar($uid, CalendarInfo $cal) { //$fp = fopen('/tmp/add_calender.log', 'a'); //fwrite($fp, "New calendar\nUID: $uid\nname: {$cal->name}\nColor: {$cal->color}\nConfig: {$cal->config}\n"); $this->beginTransaction(); $sql = "select id from user where uid = ?"; //fwrite($fp, "Get ID: $sql\n"); $sth = $this->prepare($sql); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; $this->rollBack(); return $err; } $sth->execute(array($uid)); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; $this->rollBack(); return $err; } $sth->bindColumn(1, $id); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; $this->rollBack(); return $err; } $sth->fetch(PDO::FETCH_BOUND); //fwrite($fp, "Returned user ID: $id\n"); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; $this->rollBack(); return $err; } $sth->closeCursor(); $sql = "insert into calendar (uid, name, color, config) values ($id,?,?,?)"; //var_dump($sql); //fwrite($fp, "Insert into calendar: $sql\n"); $sth = $this->prepare($sql); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; $this->rollBack(); return $err; } $sth->execute(array($cal->name,$cal->color,$cal->config)); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; $this->rollBack(); return $err; } $sth->closeCursor(); $sth = $this->prepare('select max(id) from calendar'); $sth->execute(); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; $this->rollBack(); return $err; } $sth->bindColumn(1, $id); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; $this->rollBack(); return $err; } $sth->fetch(PDO::FETCH_BOUND); //fwrite($fp, "Returned ID for created calendar: $id\n"); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; $this->rollBack(); return $err; } $sth->closeCursor(); $this->commit(); /* $sql = "select * from calendar where id = $id"; $sth = $this->prepare($sql); $sth->execute(); $result = $sth->fetchAll(PDO::FETCH_ASSOC); if ($result) fwrite($fp, var_export($result[0], TRUE) . "\n"); else fwrite($fp, "No date found in calendar relation\n"); fclose($fp);*/ return $id; } function deleteCalendar($uid, $id) { $this->beginTransaction(); $sql = "select id from user where uid = ?"; $sth = $this->prepare($sql); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; $this->rollBack(); return $err; } $sth->execute(array($uid)); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; $this->rollBack(); return $err; } $sth->bindColumn(1, $uid); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; $this->rollBack(); return $err; } $sth->fetch(PDO::FETCH_BOUND); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; $this->rollBack(); return $err; } $sth->closeCursor(); $sql = "delete from calendar where id = ? and uid = $uid"; $sth = $this->prepare($sql); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; $this->rollBack(); return $err; } $sth->execute(array($id)); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; $this->rollBack(); return $err; } $this->commit(); return TRUE; } function updateCalendar($uid, $id, CalendarInfo $cal) { $this->beginTransaction(); $sql = "select id from user where uid = ?"; $sth = $this->prepare($sql); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; $this->rollBack(); return $err; } $sth->execute(array($uid)); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; $this->rollBack(); return $err; } $sth->bindColumn(1, $uid); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; $this->rollBack(); return $err; } $sth->fetch(PDO::FETCH_BOUND); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; $this->rollBack(); return $err; } $sth->closeCursor(); $sql = "update calendar set name = ?, color = ?, config = ? where id = ? and uid = $uid"; $sth = $this->prepare($sql); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; $this->rollBack(); return $err; } $sth->execute(array($cal->name,$cal->color,$cal->config,$id)); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; $this->rollBack(); return $err; } $this->commit(); return TRUE; } function changePassword($uid, $pwd) { $this->beginTransaction(); $sql = "update user set pwd = ? where uid = ?"; $sth = $this->prepare($sql); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } $sth->execute(array($pwd,$uid)); if ($sth->errorCode() && $sth->errorCode() != '00000') { $this->rollBack(); $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } $this->commit(); return TRUE; } function getAllUsers($limit, $offset) { $sql = "select u.uid, r.name as userrole from user u, roles r where u.userrole = r.id limit ? offset ?"; $sth = $this->prepare($sql); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } $sth->execute(array($limit,$offset)); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } return $sth->fetchAll(PDO::FETCH_ASSOC); } function getRoles() { $sql = "select id, name from roles order by id desc"; $sth = $this->prepare($sql); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } $sth->execute(); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } return $sth->fetchAll(PDO::FETCH_ASSOC); } function getRoleName($id) { $sql = "select name from roles where id = ?"; $sth = $this->prepare($sql); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } $sth->execute(array($id)); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } return $sth->fetch(PDO::FETCH_ASSOC); } function getVersion() { $version = array('version' => 0); $sql = "select count(*) as exist from sqlite_master where type = 'table' and tbl_name = 'about'"; $sth = $this->prepare($sql); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } $sth->execute(); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } $res = $sth->fetch(); if ($res['exist'] > 0) { $sql = "select version from about where id = 1"; $sth = $this->prepare($sql); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } $sth->execute(); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } $res = $sth->fetch(); $version = $res; } return $version; } function execute($sql) { $sth = $this->prepare($sql); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } $sth->execute(); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } return true; } function getCalendarConfig($id) { if ($id == -1) { $sql = "select id, config from calendar"; } else { $sql = "select id, config from calendar where id = ?"; } $sth = $this->prepare($sql); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } $sth->execute(array($id)); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } return $sth->fetchAll(PDO::FETCH_ASSOC); } function nextTableNumber($name) { $sql = "select count(*) as found from sqlite_master where " . "type = 'table' and name like ?"; $sth = $this->prepare($sql); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } $sth->execute(array($name . '%')); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } $res = $sth->fetch(PDO::FETCH_ASSOC); return $res['found']; } function getLdapConfig() { $sql = "select enable, dns, tls, base_dn, user_attr from ldap"; $sth = $this->prepare($sql); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } $sth->execute(); if ($sth->errorCode() && $sth->errorCode() != '00000') { $err = "$sql\n"; $err .= $this->getMsg($sth)."\n"; return $err; } return $sth->fetch(PDO::FETCH_ASSOC); } function setLdapConfig(array $config) { $old_config = $this->getLdapConfig(); if (! is_array($old_config) && $old_config) return $old_config; else if (is_array($old_config)) $sql = "update ldap set enable=?, dns=?, tls=?, base_dn=?, user_attr=?"; else $sql = "insert into ldap values(?, ?, ?, ?, ?)"; $this->beginTransaction(); $sth = $this->prepare($sql); if (! $sth) { $err = "$sql\n"; foreach ($this->errorInfo() as $info) $err .= "$info\n"; $this->rollBack(); return $err; } $sth->execute($config); if ($sth->errorCode() && $sth->errorCode() != '00000') { $this->rollBack(); $err = "$sql\n"; foreach ($this->errorInfo() as $info) $err .= "$info\n"; return $err; } $this->commit(); return true; } }