summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rwxr-xr-x[-rw-r--r--].gitignore0
-rwxr-xr-x[-rw-r--r--]config/.gitignore0
-rwxr-xr-xconfig/config.sample.php1
-rwxr-xr-x[-rw-r--r--]css/small.php0
-rwxr-xr-xinc/HTTP/WebDAV/Server/Filesystem.php36
-rwxr-xr-xinc/lib_config.php5
-rwxr-xr-xinc/lib_log.php13
-rwxr-xr-xinc/lib_ocs.php5
-rwxr-xr-xinc/lib_user.php39
-rwxr-xr-xinc/templates/adminform.php2
10 files changed, 70 insertions, 31 deletions
diff --git a/.gitignore b/.gitignore
index 71e3ec1baf9..71e3ec1baf9 100644..100755
--- a/.gitignore
+++ b/.gitignore
diff --git a/config/.gitignore b/config/.gitignore
index d09f42a2389..d09f42a2389 100644..100755
--- a/config/.gitignore
+++ b/config/.gitignore
diff --git a/config/config.sample.php b/config/config.sample.php
index dfaaa4284d6..dc1a62f46e3 100755
--- a/config/config.sample.php
+++ b/config/config.sample.php
@@ -8,4 +8,5 @@ $CONFIG_DBHOST='localhost';
$CONFIG_DBNAME='owncloud-db-name';
$CONFIG_DBUSER='user-name';
$CONFIG_DBPASSWORD='password';
+$CONFIG_DBTABLEPREFIX = 'oc_';
?>
diff --git a/css/small.php b/css/small.php
index 60f79f51be1..60f79f51be1 100644..100755
--- a/css/small.php
+++ b/css/small.php
diff --git a/inc/HTTP/WebDAV/Server/Filesystem.php b/inc/HTTP/WebDAV/Server/Filesystem.php
index b96fb414c27..b99bbdbb81e 100755
--- a/inc/HTTP/WebDAV/Server/Filesystem.php
+++ b/inc/HTTP/WebDAV/Server/Filesystem.php
@@ -150,6 +150,8 @@
*/
function fileinfo($path)
{
+ global $CONFIG_DBTABLEPREFIX;
+
// map URI path to filesystem path
$fspath =$path;
@@ -183,7 +185,7 @@
$info["props"][] = $this->mkprop("getcontentlength", OC_FILESYSTEM::filesize($fspath));
}
// get additional properties from database
- $query = "SELECT ns, name, value FROM properties WHERE path = '$path'";
+ $query = "SELECT ns, name, value FROM {$CONFIG_DBTABLEPREFIX}properties WHERE path = '$path'";
$res = OC_DB::select($query);
foreach($res as $row){
$info["props"][] = $this->mkprop($row["ns"], $row["name"], $row["value"]);
@@ -389,6 +391,7 @@
*/
function DELETE($options)
{
+ global $CONFIG_DBTABLEPREFIX;
$path =$options["path"];
if (!OC_FILESYSTEM::file_exists($path)) {
return "404 Not found";
@@ -402,13 +405,13 @@
}
}
if (OC_FILESYSTEM::is_dir($path)) {
- $query = "DELETE FROM properties WHERE path LIKE '".$this->_slashify($options["path"])."%'";
+ $query = "DELETE FROM {$CONFIG_DBTABLEPREFIX}properties WHERE path LIKE '".$this->_slashify($options["path"])."%'";
OC_DB::query($query);
OC_FILESYSTEM::delTree($path);
} else {
OC_FILESYSTEM::unlink($path);
}
- $query = "DELETE FROM properties WHERE path = '$options[path]'";
+ $query = "DELETE FROM {$CONFIG_DBTABLEPREFIX}properties WHERE path = '$options[path]'";
OC_DB::query($query);
return "204 No Content";
@@ -435,6 +438,7 @@
function COPY($options, $del=false)
{
// TODO Property updates still broken (Litmus should detect this?)
+ global $CONFIG_DBTABLEPREFIX;
if (!empty($this->_SERVER["CONTENT_LENGTH"])) { // no body parsing yet
return "415 Unsupported media type";
@@ -508,13 +512,13 @@
}
$destpath = $this->_unslashify($options["dest"]);
if (is_dir($source)) {
- $query = "UPDATE properties
+ $query = "UPDATE {$CONFIG_DBTABLEPREFIX}properties
SET path = REPLACE(path, '".$options["path"]."', '".$destpath."')
WHERE path LIKE '".$this->_slashify($options["path"])."%'";
OC_DB::query($query);
}
- $query = "UPDATE properties
+ $query = "UPDATE {$CONFIG_DBTABLEPREFIX}properties
SET path = '".$destpath."'
WHERE path = '".$options["path"]."'";
OC_DB::query($query);
@@ -566,6 +570,7 @@
function PROPPATCH(&$options)
{
global $prefs, $tab;
+ global $CONFIG_DBTABLEPREFIX;
$msg = "";
$path = $options["path"];
@@ -577,9 +582,9 @@
$options["props"][$key]['status'] = "403 Forbidden";
} else {
if (isset($prop["val"])) {
- $query = "REPLACE INTO properties SET path = '$options[path]', name = '$prop[name]', ns= '$prop[ns]', value = '$prop[val]'";
+ $query = "REPLACE INTO {$CONFIG_DBTABLEPREFIX}properties SET path = '$options[path]', name = '$prop[name]', ns= '$prop[ns]', value = '$prop[val]'";
} else {
- $query = "DELETE FROM properties WHERE path = '$options[path]' AND name = '$prop[name]' AND ns = '$prop[ns]'";
+ $query = "DELETE FROM {$CONFIG_DBTABLEPREFIX}properties WHERE path = '$options[path]' AND name = '$prop[name]' AND ns = '$prop[ns]'";
}
OC_DB::query($query);
}
@@ -597,6 +602,8 @@
*/
function LOCK(&$options)
{
+ global $CONFIG_DBTABLEPREFIX;
+
// get absolute fs path to requested resource
$fspath = $options["path"];
// TODO recursive locks on directories not supported yet
@@ -619,12 +626,12 @@
if (isset($options["update"])) { // Lock Update
$where = "WHERE path = '$options[path]' AND token = '$options[update]'";
- $query = "SELECT owner, exclusivelock FROM locks $where";
+ $query = "SELECT owner, exclusivelock FROM {$CONFIG_DBTABLEPREFIX}locks $where";
$res = OC_DB::select($query);
if (is_array($res) and isset($res[0])) {
$row=$res[0];
- $query = "UPDATE `locks` SET `expires` = '$options[timeout]', `modified` = ".time()." $where";
+ $query = "UPDATE `{$CONFIG_DBTABLEPREFIX}locks` SET `expires` = '$options[timeout]', `modified` = ".time()." $where";
OC_DB::query($query);
$options['owner'] = $row['owner'];
@@ -652,7 +659,7 @@
}
}
- $query = "INSERT INTO `locks`
+ $query = "INSERT INTO `{$CONFIG_DBTABLEPREFIX}locks`
SET `token` = '$options[locktoken]'
, `path` = '$options[path]'
, `created` = ".time()."
@@ -677,7 +684,8 @@
*/
function UNLOCK(&$options)
{
- $query = "DELETE FROM locks
+ global $CONFIG_DBTABLEPREFIX;
+ $query = "DELETE FROM {$CONFIG_DBTABLEPREFIX}locks
WHERE path = '$options[path]'
AND token = '$options[token]'";
OC_DB::query($query);
@@ -693,9 +701,11 @@
*/
function checkLock($path)
{
+ global $CONFIG_DBTABLEPREFIX;
+
$result = false;
$query = "SELECT *
- FROM locks
+ FROM {$CONFIG_DBTABLEPREFIX}locks
WHERE path = '$path'
";
$res = OC_DB::select($query);
@@ -741,4 +751,4 @@
}
}
-?>
+?> \ No newline at end of file
diff --git a/inc/lib_config.php b/inc/lib_config.php
index 8ce83b16660..78e10f9474e 100755
--- a/inc/lib_config.php
+++ b/inc/lib_config.php
@@ -25,6 +25,7 @@ class OC_CONFIG{
global $CONFIG_HTTPFORCESSL;
global $CONFIG_DATEFORMAT;
global $CONFIG_DBNAME;
+ global $CONFIG_DBTABLEPREFIX;
global $CONFIG_INSTALLED;
$allow=false;
if(!$CONFIG_INSTALLED){
@@ -130,6 +131,7 @@ class OC_CONFIG{
global $WEBROOT;
global $CONFIG_DBHOST;
global $CONFIG_DBNAME;
+ global $CONFIG_DBTABLEPREFIX;
global $CONFIG_INSTALLED;
global $CONFIG_DBUSER;
global $CONFIG_DBPASSWORD;
@@ -184,6 +186,7 @@ class OC_CONFIG{
//create/fill database
$CONFIG_DBTYPE=$dbtype;
$CONFIG_DBNAME=$_POST['dbname'];
+ $CONFIG_DBTABLEPREFIX=$_POST['dbtableprefix'];
if($dbtype!='sqlite'){
$CONFIG_DBHOST=$_POST['dbhost'];
$CONFIG_DBUSER=$_POST['dbuser'];
@@ -240,6 +243,7 @@ class OC_CONFIG{
$config.='$CONFIG_DATEFORMAT=\''.$_POST['dateformat']."';\n";
$config.='$CONFIG_DBTYPE=\''.$dbtype."';\n";
$config.='$CONFIG_DBNAME=\''.$_POST['dbname']."';\n";
+ $config.='$CONFIG_DBTABLEPREFIX=\''.$_POST['dbtableprefix']."';\n";
if($dbtype!='sqlite'){
$config.='$CONFIG_DBHOST=\''.$_POST['dbhost']."';\n";
$config.='$CONFIG_DBUSER=\''.$_POST['dbuser']."';\n";
@@ -332,6 +336,7 @@ class OC_CONFIG{
$result = pg_exec($connection, $query);
}
}
+ global $CONFIG_DBTABLEPREFIX;
}
}
?>
diff --git a/inc/lib_log.php b/inc/lib_log.php
index f002733acd0..f163fb9fe94 100755
--- a/inc/lib_log.php
+++ b/inc/lib_log.php
@@ -48,7 +48,8 @@ class OC_LOG {
* @param message $message
*/
public static function event($user,$type,$message){
- $result = OC_DB::query('INSERT INTO `log` (`timestamp`,`user`,`type`,`message`) VALUES ('.time().',\''.addslashes($user).'\','.addslashes($type).',\''.addslashes($message).'\');');
+ global $CONFIG_DBTABLEPREFIX;
+ $result = OC_DB::query('INSERT INTO `' . $CONFIG_DBTABLEPREFIX . 'log` (`timestamp`,`user`,`type`,`message`) VALUES ('.time().',\''.addslashes($user).'\','.addslashes($type).',\''.addslashes($message).'\');');
OC_DB::free_result($result);
}
@@ -58,15 +59,17 @@ class OC_LOG {
*
*/
public static function show(){
- global $CONFIG_DATEFORMAT;
+ global $CONFIG_DATEFORMAT;
+ global $CONFIG_DBTABLEPREFIX;
echo('<div class="center"><table cellpadding="6" cellspacing="0" border="0" class="log">');
-
+
if(OC_USER::ingroup($_SESSION['username_clean'],'admin')){
- $result = OC_DB::select('select `timestamp`,`user`,`type`,`message` from log order by timestamp desc limit 20');
+ $result = OC_DB::select('select `timestamp`,`user`,`type`,`message` from '.$CONFIG_DBTABLEPREFIX.'log order by timestamp desc limit 20');
}else{
$user=$_SESSION['username_clean'];
- $result = OC_DB::select('select `timestamp`,`user`,`type`,`message` from log where user=\''.$user.'\' order by timestamp desc limit 20');
+ $result = OC_DB::select('select `timestamp`,`user`,`type`,`message` from '.$CONFIG_DBTABLEPREFIX.'log where user=\''.$user.'\' order by timestamp desc limit 20');
}
+ $result = OC_DB::select($query);
foreach($result as $entry){
echo('<tr class="browserline">');
echo('<td class="sizetext">'.date($CONFIG_DATEFORMAT,$entry['timestamp']).'</td>');
diff --git a/inc/lib_ocs.php b/inc/lib_ocs.php
index 52dc95800ab..e464d2ed9fb 100755
--- a/inc/lib_ocs.php
+++ b/inc/lib_ocs.php
@@ -372,15 +372,16 @@ class OC_OCS {
* @return string xml/json
*/
private static function activityget($format,$page,$pagesize) {
+ global $CONFIG_DBTABLEPREFIX;
$user=OC_OCS::checkpassword();
- $result = OC_DB::query('select count(*) as co from log');
+ $result = OC_DB::query("select count(*) as co from {$CONFIG_DBTABLEPREFIX}log");
$entry=$result->fetchRow();
$totalcount=$entry['co'];
OC_DB::free_result($result);
- $result = OC_DB::select('select id,timestamp,user,type,message from log order by timestamp desc limit '.($page*$pagesize).','.$pagesize);
+ $result = OC_DB::select("select id,timestamp,user,type,message from {$CONFIG_DBTABLEPREFIX}log order by timestamp desc limit " . ($page*$pagesize) . ",$pagesize");
$itemscount=count($result);
$url='http://'.substr($_SERVER['HTTP_HOST'].$_SERVER['SCRIPT_NAME'],0,-11).'';
diff --git a/inc/lib_user.php b/inc/lib_user.php
index 5a7b92d4781..a9d284cfd49 100755
--- a/inc/lib_user.php
+++ b/inc/lib_user.php
@@ -63,6 +63,7 @@ class OC_USER {
*
*/
public static function createuser($username,$password){
+ global $CONFIG_DBTABLEPREFIX;
if(OC_USER::getuserid($username,true)!=0){
return false;
}else{
@@ -70,7 +71,7 @@ class OC_USER {
$password=sha1($password);
$username=OC_DB::escape($username);
$usernameclean=OC_DB::escape($usernameclean);
- $query="INSERT INTO `users` (`user_name` ,`user_name_clean` ,`user_password`) VALUES ('$username', '$usernameclean', '$password')";
+ $query="INSERT INTO `{$CONFIG_DBTABLEPREFIX}users` (`user_name` ,`user_name_clean` ,`user_password`) VALUES ('$username', '$usernameclean', '$password')";
$result=OC_DB::query($query);
return ($result)?true:false;
}
@@ -82,11 +83,13 @@ class OC_USER {
*
*/
public static function login($username,$password){
+ global $CONFIG_DBTABLEPREFIX;
+
$password=sha1($password);
$usernameclean=strtolower($username);
$username=OC_DB::escape($username);
$usernameclean=OC_DB::escape($usernameclean);
- $query="SELECT user_id FROM users WHERE user_name_clean = '$usernameclean' AND user_password = '$password' LIMIT 1";
+ $query = "SELECT user_id FROM {$CONFIG_DBTABLEPREFIX}users WHERE user_name_clean = '$usernameclean' AND user_password = '$password' LIMIT 1";
$result=OC_DB::select($query);
if(isset($result[0]) && isset($result[0]['user_id'])){
$_SESSION['user_id']=$result[0]['user_id'];
@@ -124,9 +127,10 @@ class OC_USER {
*
*/
public static function creategroup($groupname){
+ global $CONFIG_DBTABLEPREFIX;
if(OC_USER::getgroupid($groupname,true)==0){
$groupname=OC_DB::escape($groupname);
- $query="INSERT INTO `groups` (`group_name`) VALUES ('$groupname')";
+ $query="INSERT INTO `{$CONFIG_DBTABLEPREFIX}groups` (`group_name`) VALUES ('$groupname')";
$result=OC_DB::query($query);
return ($result)?true:false;
}else{
@@ -139,12 +143,13 @@ class OC_USER {
*
*/
public static function getuserid($username,$nocache=false){
+ global $CONFIG_DBTABLEPREFIX;
$usernameclean=strtolower($username);
if(!$nocache and isset($_SESSION['user_id_cache'][$usernameclean])){//try to use cached value to save an sql query
return $_SESSION['user_id_cache'][$usernameclean];
}
$usernameclean=OC_DB::escape($usernameclean);
- $query="SELECT user_id FROM users WHERE user_name_clean = '$usernameclean'";
+ $query="SELECT user_id FROM {$CONFIG_DBTABLEPREFIX}users WHERE user_name_clean = '$usernameclean'";
$result=OC_DB::select($query);
if(!is_array($result)){
return 0;
@@ -162,11 +167,12 @@ class OC_USER {
*
*/
public static function getgroupid($groupname,$nocache=false){
+ global $CONFIG_DBTABLEPREFIX;
if(!$nocache and isset($_SESSION['group_id_cache'][$groupname])){//try to use cached value to save an sql query
return $_SESSION['group_id_cache'][$groupname];
}
$groupname=OC_DB::escape($groupname);
- $query="SELECT group_id FROM groups WHERE group_name = '$groupname'";
+ $query="SELECT group_id FROM {$CONFIG_DBTABLEPREFIX}groups WHERE group_name = '$groupname'";
$result=OC_DB::select($query);
if(!is_array($result)){
return 0;
@@ -184,11 +190,12 @@ class OC_USER {
*
*/
public static function getgroupname($groupid,$nocache=false){
+ global $CONFIG_DBTABLEPREFIX;
if($nocache and $name=array_search($groupid,$_SESSION['group_id_cache'])){//try to use cached value to save an sql query
return $name;
}
$groupid=(integer)$groupid;
- $query="SELECT group_name FROM groups WHERE group_id = '$groupid' LIMIT 1";
+ $query="SELECT group_name FROM {$CONFIG_DBTABLEPREFIX}groups WHERE group_id = '$groupid' LIMIT 1";
$result=OC_DB::select($query);
if(isset($result[0]) && isset($result[0]['group_name'])){
return $result[0]['group_name'];
@@ -202,10 +209,12 @@ class OC_USER {
*
*/
public static function ingroup($username,$groupname){
+ global $CONFIG_DBTABLEPREFIX;
+
$userid=OC_USER::getuserid($username);
$groupid=OC_USER::getgroupid($groupname);
if($groupid>0 and $userid>0){
- $query="SELECT * FROM user_group WHERE group_id = '$groupid' AND user_id = '$userid';";
+ $query="SELECT * FROM {$CONFIG_DBTABLEPREFIX}user_group WHERE group_id = '$groupid' AND user_id = '$userid';";
$result=OC_DB::select($query);
if(isset($result[0]) && isset($result[0]['user_group_id'])){
return true;
@@ -222,11 +231,13 @@ class OC_USER {
*
*/
public static function addtogroup($username,$groupname){
+ global $CONFIG_DBTABLEPREFIX;
+
if(!OC_USER::ingroup($username,$groupname)){
$userid=OC_USER::getuserid($username);
$groupid=OC_USER::getgroupid($groupname);
if($groupid!=0 and $userid!=0){
- $query="INSERT INTO `user_group` (`user_id` ,`group_id`) VALUES ('$userid', '$groupid');";
+ $query="INSERT INTO `{$CONFIG_DBTABLEPREFIX}user_group` (`user_id` ,`group_id`) VALUES ('$userid', '$groupid');";
$result=OC_DB::query($query);
if($result){
return true;
@@ -250,8 +261,10 @@ class OC_USER {
*
*/
public static function getusergroups($username){
+ global $CONFIG_DBTABLEPREFIX;
+
$userid=OC_USER::getuserid($username);
- $query="SELECT group_id FROM user_group WHERE user_id = '$userid'";
+ $query = "SELECT group_id FROM {$CONFIG_DBTABLEPREFIX}user_group WHERE user_id = '$userid'";
$result=OC_DB::select($query);
$groups=array();
if(is_array($result)){
@@ -268,9 +281,11 @@ class OC_USER {
*
*/
public static function setpassword($username,$password){
+ global $CONFIG_DBTABLEPREFIX;
+
$password=sha1($password);
$userid=OC_USER::getuserid($username);
- $query="UPDATE users SET user_password = '$password' WHERE user_id ='$userid'";
+ $query = "UPDATE {$CONFIG_DBTABLEPREFIX}users SET user_password = '$password' WHERE user_id ='$userid'";
$result=OC_DB::query($query);
if($result){
return true;
@@ -284,11 +299,13 @@ class OC_USER {
*
*/
public static function checkpassword($username,$password){
+ global $CONFIG_DBTABLEPREFIX;
+
$password=sha1($password);
$usernameclean=strtolower($username);
$username=OC_DB::escape($username);
$usernameclean=OC_DB::escape($usernameclean);
- $query="SELECT user_id FROM 'users' WHERE user_name_clean = '$usernameclean' AND user_password = '$password' LIMIT 1";
+ $query = "SELECT user_id FROM '{$CONFIG_DBTABLEPREFIX}users' WHERE user_name_clean = '$usernameclean' AND user_password = '$password' LIMIT 1";
$result=OC_DB::select($query);
if(isset($result[0]) && isset($result[0]['user_id']) && $result[0]['user_id']>0){
return true;
diff --git a/inc/templates/adminform.php b/inc/templates/adminform.php
index 661cb514516..3adbd04ee73 100755
--- a/inc/templates/adminform.php
+++ b/inc/templates/adminform.php
@@ -10,6 +10,7 @@ if(!$f) die('Error: Config file (config/config.php) is not writable for the webs
if(!isset($fillDB)) $fillDB=true;
if(!isset($CONFIG_DBHOST)) $CONFIG_DBHOST='localhost';
if(!isset($CONFIG_DBUSER)) $CONFIG_DBUSER='owncloud';
+if(!isset($CONFIG_DBTABLEPREFIX)) $CONFIG_DBTABLEPREFIX='oc_';
$newuserpassword=OC_USER::generatepassword();
?>
<script type="text/javascript">
@@ -116,6 +117,7 @@ if($CONFIG_DBTYPE=='sqlite'){
</td></tr>
<tr id='dbhost'><td>database host:</td><td><input type="text" name="dbhost" size="30" class="formstyle" value='<?php echo($CONFIG_DBHOST);?>'></input></td></tr>
<tr id='dbname'><td>database name:</td><td><input type="text" name="dbname" size="30" class="formstyle" value='<?php echo($CONFIG_DBNAME);?>'></input></td></tr>
+<tr id='dbtableprefix'><td>database table prefix:</td><td><input type="text" name="dbtableprefix" size="30" class="formstyle" value='<?php echo($CONFIG_DBTABLEPREFIX);?>'></input></td></tr>
<tr id='dbuser'><td>database user:</td><td><input type="text" name="dbuser" size="30" class="formstyle" value='<?php echo($CONFIG_DBUSER);?>'></input></td></tr>
<tr id='dbpass'><td>database password:</td><td><input type="password" name="dbpassword" size="30" class="formstyle" value=''></input></td><td>(leave empty to keep current password)</td></tr>
<tr id='dbpass_retype'><td>retype database password:</td><td><input type="password" name="dbpassword2" size="30" class="formstyle" value=''></input></td></tr>
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-20 08:14:42 +0000