Menu
▾
▴
[Meshdb-cvs] www/db2 submit.php,1.7,1.8
|
From: <il...@pr...> - 2004-07-11 07:49:23
|
Update of /cvsroot/meshdb/www/db2 In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv24165 Modified Files: submit.php Log Message: Include a diff of the changes in the mail that gets sent to the admin (possibly in the future we will send this to the node owner, too). Fixed a long standing bug where only the new setting of mail-on-update would be taken notice of (silly PHP and its low precedence for `or' as opposed to ||). Index: submit.php =================================================================== RCS file: /cvsroot/meshdb/www/db2/submit.php,v retrieving revision 1.7 retrieving revision 1.8 diff -u -d -r1.7 -r1.8 --- submit.php 8 Dec 2003 13:44:46 -0000 1.7 +++ submit.php 11 Jul 2004 07:49:15 -0000 1.8 @@ -5,18 +5,34 @@ if ($READONLY) die("database has been marked read only"); +/* Looks up the mail-on-update related information that's currently + * stored for this node so we can send mail (if desired) after we've + * made the changes. */ +function notify_lookup($db, $nodeid) { + global $VAR; + + /* Look up the current mail-on-update information. */ + $result = mysql_query("SELECT contactemail,mailonupdate,updatedip" + ." FROM contact,admin" + ." WHERE contact.nodeid = $nodeid" + ." AND admin.nodeid = $nodeid", $db) + or die(mysql_error($db)); + $row = mysql_fetch_assoc($result); + + /* Put the information away for later use. */ + $notify_info = array(); + $notify_info["mailto"] = + ($row["mailonupdate"] && $row["contactemail"]) + ? $row["contactemail"] : $VAR["contact"]["contactemail"]; + $notify_info["domail"] = + $VAR["admin"]["mailonupdate"] || $row["mailonupdate"]; + $notify_info["updatedip"] = $row["updatedip"]; + return $notify_info; +} + /* send mail to the OLD contactemail if the entry changes */ -function notify($db, $verb, $nodeid) { - global $admin, $DBADMIN, $PREF; - $result = mysql_query("SELECT contactemail,mailonupdate,updatedip" - ." FROM contact,admin" - ." WHERE contact.nodeid = $nodeid" - ." AND admin.nodeid = $nodeid", $db) - or die(mysql_error($db)); - $row = mysql_fetch_row($result); - $to = $row[0]; - $send = intquote($admin["mailonupdate"]) or $row[1]; - $updatedip = $row[2]; +function notify($notify_info, $verb, $nodeid, $changes = "") { + global $DBADMIN, $PREF; /* Take note of the remote host. */ $who = $_SERVER["REMOTE_ADDR"]; @@ -24,7 +40,7 @@ $who .= " [" . $_SERVER["REMOTE_HOST"] . "]"; /* Take note of whether the remote host matches the last update. */ - if ($updatedip != $_SERVER["REMOTE_ADDR"]) + if ($notify_info["updatedip"] != $_SERVER["REMOTE_ADDR"]) $ipchangedstring = "\nLast updated from different address: $updatedip\n"; else $ipchangedstring = ""; @@ -37,27 +53,31 @@ $pageloc = $_SERVER["SCRIPT_URI"]; $dbloc = substr($pageloc, 0, strrpos($pageloc, "/")); + + /* All changes get sent to the DB admin (if there is one). */ if ($DBADMIN != "") mail($DBADMIN, "Mesh DB: Node $nodeid $verb", "Node entry $nodeid has been $verb by $who$idstring\n\n". " $dbloc/view.php?nodeid=$nodeid\n". - $ipchangedstring, + $ipchangedstring. + "\n". + ($changes ? "Changes:\n".$changes : "No changes.\n"), "From: Brisbane Mesh Database <own...@it...>\n". "Return-Path: own...@it...\n" ); - if (!$send || $to == "") - return; - mail($to, - "Mesh DB: Node $nodeid $verb", - "Node entry $nodeid has been $verb by $who\n\n". - " $dbloc/view.php?nodeid=$nodeid\n\n\n". - "Note: If you believe this change was malicious please contact\n". - "$DBADMIN with the details in this mail.\n", - "From: Brisbane Mesh Database <own...@it...>\n". - "Return-Path: own...@it...\n" + + /* Changes get sent to the node's owner if they asked for it. */ + if ($notify_info["domail"] && $notify_info["mailto"]) + mail($notify_info["mailto"], + "Mesh DB: Node $nodeid $verb", + "Node entry $nodeid has been $verb by $who\n\n". + " $dbloc/view.php?nodeid=$nodeid\n\n\n". + "Note: If you believe this change was malicious please contact\n". + "$DBADMIN with the details in this mail.\n", + "From: Brisbane Mesh Database <own...@it...>\n". + "Return-Path: own...@it...\n" ); - /* XXX - should generate a difference to show what changed */ } /* Used to escape strings for mysql statements */ @@ -163,13 +183,34 @@ die(mysql_error($db)); } - if ($operation == "replace") - notify($db, "updated", $nodeid); + if ($operation == "replace" || $operation == "delete") + $notify_info = notify_lookup($db, $nodeid); if ($operation == "insert" || $operation == "replace") { if (!isset($nodeid)) die("nodeid missing"); + $changes = ""; + + if ($operation == "replace") { + /* Look up the old values. */ + include("lookup.inc.php"); + $oldadmin = $admin; + $oldcontact = $contact; + $oldphysaddr = $physaddr; + $oldphysloc = $physloc; + $oldnetloc = $netloc; + $oldconfig = $config; + } else { + /* No old values. */ + $oldarray = array(); + $oldcontact = array(); + $oldphysaddr = array(); + $oldphysloc = array(); + $oldnetloc = array(); + $oldconfig = array(); + } + $admin = $VAR["admin"]; $contact = $VAR["contact"]; $physaddr = $VAR["physaddr"]; @@ -187,32 +228,65 @@ cvteastnorth($physloc["lat"], $physloc["lon"]); } + function addchange($name, $old, $new, &$changes) + { + if (!isset($changes)) return; + $newval = $new[$name] != "" ? stripslashes($new[$name]) : "(blank)"; + $oldval = $old[$name] != "" ? $old[$name] : "(blank)"; + if (strlen($newval) > 26 || strlen($oldval) > 26) { + /* Long values; put on separate lines. */ + $changes .= "$name:\n"; + $changes .= "$oldval\n"; + $changes .= "\t->\n"; + $changes .= "$newval\n"; + } else { + /* Short values; same line. */ + $changeline = str_pad("$name: ", 16); + $changeline = str_pad($changeline . "$oldval", 42); + $changeline .= " -> $newval\n"; + $changes .= $changeline; + } + } + + function needsupdate($name, $array, $old) + { + return stripslashes($array[$name]) != $old[$name]; + } + /* return set expressions prefixed with comma */ - function setexp($array = null, $strs = "", $ints="", $dbls="", $pfx="") + function setexp($array = null, $old = null, &$changes, + $strs = "", $ints = "", $dbls = "", + $pfx = "") { $ret = ""; foreach(explode(" ",$strs) as $k) - if (isset($array[$pfx.$k])) + if (needsupdate($pfx.$k, $array, $old)) { $ret .= ",$k=".quote($array[$pfx.$k]); + addchange($pfx.$k, $old, $array, $changes); + } else if ($operation == "insert") die("$k: required field"); foreach(explode(" ",$ints) as $k) - if (isset($array[$pfx.$k])) + if (needsupdate($pfx.$k, $array, $old)) { $ret .= ",$k=".intquote($array[$pfx.$k]); + addchange($pfx.$k, $old, $array, $changes); + } else if ($operation == "insert") die("$k: required field"); foreach(explode(" ",$dbls) as $k) - if (isset($array[$pfx.$k])) + if (needsupdate($pfx.$k, $array, $old)) { $ret .= ",$k=".dblquote($array[$pfx.$k]); + addchange($pfx.$k, $old, $array, $changes); + } else if ($operation == "insert") die("$k: required field"); return $ret; } /* admin */ - $s = setexp($admin, - $strs = "nodename url comment policy status", - $ints = "mailonupdate"); + $s = setexp($admin, $oldadmin, $changes, + $strs = "nodename url comment policy status", + $ints = "mailonupdate"); $result = mysql_query("UPDATE admin SET " . " updated = NOW()" . ",updatedip = ".quote($_SERVER["REMOTE_ADDR"]) @@ -222,8 +296,8 @@ or die("UPDATE admin: ".mysql_error($db)); /* contact */ - $s = setexp($contact, - $strs = "contactname contactemail contactphone"); + $s = setexp($contact, $oldcontact, $changes, + $strs = "contactname contactemail contactphone"); if ($s) $result = mysql_query("UPDATE contact SET " . substr($s,1) @@ -232,8 +306,8 @@ or die("UPDATE contact s={$s}: ".mysql_error($db)); /* physaddr */ - $s = setexp($physaddr, - $strs = "streetno suburb state country postcode imageurl"); + $s = setexp($physaddr, $oldphysaddr, $changes, + $strs = "streetno suburb state country postcode imageurl"); if ($s) $result = mysql_query("UPDATE physaddr SET " . substr($s,1) @@ -242,8 +316,8 @@ or die("UPDATE physaddr: ".mysql_error($db)); /* physloc */ - $s = setexp($physloc, - $dbls = "e n h error"); + $s = setexp($physloc, $oldphysloc, $changes, + $dbls = "e n h error"); if ($s) $result = mysql_query("UPDATE physloc SET " . substr($s,1) @@ -266,6 +340,7 @@ die("Interface name NEW is reserved!!"); if (in_array($ifname, $ifnames)) die("Interface $ifname already exists"); + $changes .= "New interface $ifname\n"; /* clean up any old data */ $where = "nodeid=$nodeid AND ifname=".quote("NEW"); $set = "nodeid=$nodeid , ifname=".quote("NEW"); @@ -298,34 +373,43 @@ $netloc["$ifname.peerid"] = strval($row[0]); } - if (isset($deletenetloc[$ifname])) + $delete = isset($deletenetloc[$ifname]); + if ($delete) { + $changes .= "Deleted interface $ifname:\n"; + $newvals = array(); + } else + $newvals = $netloc; + $s = setexp($newvals, $oldnetloc, $changes, + $strs = "mac family address comment", + $ints = "peerid active", + $dbls = "", + $pfx = "$ifname."); + if ($delete) $q = "DELETE FROM netloc"; - else { - $s = setexp($netloc, - $strs = "mac family address comment", - $ints = "peerid active", - $dbls = "", - $pfx = "$ifname."); + else $q = "UPDATE netloc SET $setifname".$s; - } $result = mysql_query("$q WHERE $where", $db) or die(mysql_error($db)); - if (isset($deletenetloc[$ifname])) + if (!$delete) + $newvals = $config; + $s = setexp($newvals, $oldconfig, $changes, + $strs = "carddesc cardurl antdesc anturl" + ." imageurl protocol", + $ints = "channel", + $dbls = "estgain antspread direction", + $pfx = $ifname."."); + if ($delete) $q = "DELETE FROM config"; - else { - $s = setexp($config, - $strs = "carddesc cardurl antdesc anturl" - ." imageurl protocol", - $ints = "channel", - $dbls = "estgain antspread direction", - $pfx = $ifname."."); - $q = "UPDATE config SET $setifname $s"; - } + else + $q = "UPDATE config SET $setifname".$s; $result = mysql_query("$q WHERE $where", $db) or die(mysql_error($db)); } + if ($operation == "replace") + notify($notify_info, "updated", $nodeid, $changes); + $result = mysql_query("COMMIT") or die(mysql_error($db)); @@ -340,7 +424,7 @@ if (!isset($nodeid)) die("nodeid missing"); - notify($db, "deleted", $nodeid); + notify($notify_info, "deleted", $nodeid); $result = mysql_query("DELETE FROM admin WHERE nodeid=".$nodeid, $db) or die(mysql_error($db)); @@ -367,4 +451,3 @@ header("Location: $location"); ?> - |
