Menu
▾
▴
[vpopmail-cvs] vpopmail ChangeLog,1.103.2.20,1.103.2.21 vmysql.c,1.15.2.1,1.15.2.2 voracle.pc,1.9,1.9.2.1 vpgsql.c,1.20.2.2,1.20.2.3 vpopmail.c,1.28.2.3,1.28.2.4 vpopmail.h,1.7,1.7.2.1 vsybase.c,1.9,1.9.2.1
Update of /cvsroot/vpopmail/vpopmail In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv17118 Modified Files: Tag: stable-5_4 ChangeLog vmysql.c voracle.pc vpgsql.c vpopmail.c vpopmail.h vsybase.c Log Message: backport database backend updates from 5.5.0 release Index: vpgsql.c =================================================================== RCS file: /cvsroot/vpopmail/vpopmail/vpgsql.c,v retrieving revision 1.20.2.2 retrieving revision 1.20.2.3 diff -u -d -r1.20.2.2 -r1.20.2.3 --- vpgsql.c 11 Jun 2004 15:58:23 -0000 1.20.2.2 +++ vpgsql.c 26 Jun 2004 02:20:56 -0000 1.20.2.3 @@ -62,10 +62,9 @@ static PGconn *pgc; /* pointer to pgsql connection */ static int is_open = 0; -#define SQL_BUF_SIZE 600 +#define SQL_BUF_SIZE 2048 static char SqlBufRead[SQL_BUF_SIZE]; static char SqlBufUpdate[SQL_BUF_SIZE]; -static char SqlBufCreate[SQL_BUF_SIZE]; #define SMALL_BUFF 200 char IUser[SMALL_BUFF]; @@ -75,19 +74,15 @@ char IShell[SMALL_BUFF]; char IClearPass[SMALL_BUFF]; -char EPass[SMALL_BUFF]; -char EGecos[SMALL_BUFF]; -char EClearPass[SMALL_BUFF]; - void vcreate_dir_control(char *domain); void vcreate_vlog_table(); -void vpgsql_escape( char *instr, char *outstr ); #ifdef POP_AUTH_OPEN_RELAY void vcreate_relay_table(); #endif #ifdef VALIAS +PGresult *pgvalias = NULL; void vcreate_valias_table(); #endif @@ -101,7 +96,8 @@ PGresult *pgres; pgres=PQexec(pgc, "BEGIN"); if( !pgres || PQresultStatus(pgres)!=PGRES_COMMAND_OK ) { - fprintf(stderr, "pg_begin: %s\n", PQresultErrorMessage(pgres)); + fprintf(stderr, "pg_begin: %s\n", PQerrorMessage(pgc)); + if (pgres) PQclear (pgres); return -1; } PQclear(pgres); @@ -114,7 +110,8 @@ PGresult *pgres; pgres=PQexec(pgc, "END"); if( !pgres || PQresultStatus(pgres)!=PGRES_COMMAND_OK ) { - fprintf(stderr, "pg_end: %s\n", PQresultErrorMessage(pgres)); + fprintf(stderr, "pg_end: %s\n", PQerrorMessage(pgc)); + if (pgres) PQclear (pgres); return -1; } PQclear(pgres); @@ -136,33 +133,38 @@ return(0); } -int vauth_adddomain( char *domain ) +int vauth_create_table (char *table, char *layout, int showerror) { - char *tmpstr = NULL; int err; PGresult *pgres; - - if ( (err=vauth_open()) != 0 ) return(err); + char SqlBufCreate[SQL_BUF_SIZE]; + + if ( err = vauth_open()) return (err); - vset_default_domain( domain ); -#ifndef MANY_DOMAINS - tmpstr = vauth_munch_domain( domain ); -#else - tmpstr = PGSQL_DEFAULT_TABLE; -#endif - snprintf(SqlBufUpdate,SQL_BUF_SIZE, - "create table %s ( %s )",tmpstr,TABLE_LAYOUT); + snprintf(SqlBufCreate, SQL_BUF_SIZE, + "CREATE TABLE %s ( %s )", table, layout); + pgres=PQexec(pgc, SqlBufCreate); + if (!pgres || PQresultStatus(pgres)!=PGRES_COMMAND_OK) { + err = -1; + if (showerror) + fprintf (stderr, "vpgsql: error creating table '%s': %s\n", table, + PQerrorMessage(pgc)); + } else err = 0; + + if (pgres) PQclear (pgres); + return err; +} - pgres = PQexec(pgc, SqlBufUpdate); - if( !pgres || PQresultStatus(pgres)!=PGRES_COMMAND_OK ) { +int vauth_adddomain( char *domain ) +{ #ifndef MANY_DOMAINS - fprintf(stderr, "vauth_adddomain : create table failed : %s\n", - PQresultErrorMessage(pgres)); - return(-1); + vset_default_domain( domain ); + return (vauth_create_table (vauth_munch_domain( domain ), TABLE_LAYOUT, 1)); +#else + /* if creation fails, don't show an error */ + vauth_create_table (PGSQL_DEFAULT_TABLE, TABLE_LAYOUT, 0); + return (0); #endif - } - if(pgres) PQclear(pgres); - return(0); } int vauth_adduser(char *user, char *domain, char *pass, char *gecos, @@ -213,26 +215,21 @@ } else { Crypted[0] = 0; } - vpgsql_escape( Crypted, EPass ); - vpgsql_escape( gecos, EGecos ); -#ifdef CLEAR_PASS - vpgsql_escape( pass, EClearPass); -#endif - snprintf( SqlBufUpdate, SQL_BUF_SIZE, INSERT, + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, INSERT, domstr, user, #ifdef MANY_DOMAINS domain, #endif - EPass, apop, EGecos, dirbuf, quota + Crypted, apop, gecos, dirbuf, quota #ifdef CLEAR_PASS - ,EClearPass + ,pass #endif ); if(! ( pgres=PQexec(pgc,SqlBufUpdate) )|| PQresultStatus(pgres)!=PGRES_COMMAND_OK ) { fprintf(stderr, "vauth_adduser: %s\npgsql: %s\n", - SqlBufUpdate, PQresultErrorMessage(pgres)); + SqlBufUpdate, PQerrorMessage(pgc)); } if( pgres ) PQclear(pgres); return(0); @@ -268,19 +265,19 @@ domstr = PGSQL_LARGE_USERS_TABLE; } - snprintf(SqlBufRead, SQL_BUF_SIZE, USER_SELECT, domstr, user + qnprintf(SqlBufRead, SQL_BUF_SIZE, USER_SELECT, domstr, user #ifdef MANY_DOMAINS ,in_domain #endif ); pgres=PQexec(pgc, SqlBufRead); if ( ! pgres || PQresultStatus(pgres)!=PGRES_TUPLES_OK) { - if( pgres ) PQclear(pgres); #ifdef DEBUG fprintf(stderr, "vauth_getpw: failed select: %s : %s\n", - SqlBufRead, PQresultErrorMessage(pgres)); + SqlBufRead, PQerrorMessage(pgc)); #endif + if( pgres ) PQclear(pgres); return NULL; } if ( PQntuples(pgres) <= 0 ) { /* rows count */ @@ -333,14 +330,15 @@ snprintf( SqlBufUpdate, SQL_BUF_SIZE, "drop table %s", tmpstr); #else tmpstr = PGSQL_DEFAULT_TABLE; - snprintf(SqlBufUpdate,SQL_BUF_SIZE, + qnprintf(SqlBufUpdate,SQL_BUF_SIZE, "delete from %s where pw_domain = '%s'", tmpstr, domain ); #endif pgres=PQexec(pgc, SqlBufUpdate); if( !pgres || PQresultStatus(pgres)!=PGRES_COMMAND_OK){ fprintf(stderr,"vauth_deldomain: pgsql query: %s", - PQresultErrorMessage(pgres)); + PQerrorMessage(pgc)); + if(pgres) PQclear(pgres); return(-1); } if(pgres) PQclear(pgres); @@ -350,7 +348,7 @@ #endif #ifdef ENABLE_AUTH_LOGGING - snprintf( SqlBufUpdate, SQL_BUF_SIZE, + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, "delete from lastauth where domain = '%s'", domain ); pgres=PQexec(pgc, SqlBufUpdate); if( !pgres || PQresultStatus(pgres)!=PGRES_COMMAND_OK) { @@ -380,7 +378,7 @@ tmpstr = PGSQL_DEFAULT_TABLE; #endif - snprintf( SqlBufUpdate, SQL_BUF_SIZE, DELETE_USER, tmpstr, user + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, DELETE_USER, tmpstr, user #ifdef MANY_DOMAINS , domain #endif @@ -393,7 +391,7 @@ if( pgres ) PQclear(pgres); #ifdef ENABLE_AUTH_LOGGING - snprintf( SqlBufUpdate, SQL_BUF_SIZE, + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, "delete from lastauth where user = '%s' and domain = '%s'", user, domain ); pgres=PQexec(pgc, SqlBufUpdate); @@ -427,7 +425,7 @@ tmpstr = PGSQL_DEFAULT_TABLE; #endif - snprintf( SqlBufUpdate, SQL_BUF_SIZE, SETQUOTA, tmpstr, quota, username + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, SETQUOTA, tmpstr, quota, username #ifdef MANY_DOMAINS , domain #endif @@ -436,7 +434,8 @@ pgres = PQexec(pgc, SqlBufUpdate); if( !pgres || PQresultStatus(pgres)!=PGRES_COMMAND_OK ) { fprintf(stderr, - "vauth_setquota: query failed: %s\n", PQresultErrorMessage(pgres)); + "vauth_setquota: query failed: %s\n", PQerrorMessage(pgc)); + if( pgres ) PQclear(pgres); return(-1); } if( pgres ) PQclear(pgres); @@ -463,7 +462,7 @@ if ( first == 1 ) { if ( (err=vauth_open()) != 0 ) return(NULL); - snprintf(SqlBufRead, SQL_BUF_SIZE, GETALL, domstr + qnprintf(SqlBufRead, SQL_BUF_SIZE, GETALL, domstr #ifdef MANY_DOMAINS ,domain #endif @@ -478,7 +477,7 @@ } pgres = PQexec(pgc, SqlBufRead); if( !pgres || PQresultStatus(pgres) != PGRES_TUPLES_OK ) { - fprintf(stderr, "vauth_getall:query failed[5]: %s\n",PQresultErrorMessage(pgres)); + fprintf(stderr, "vauth_getall:query failed[5]: %s\n", PQerrorMessage(pgc)); if( pgres ) { PQclear(pgres); pgres=NULL; @@ -576,22 +575,16 @@ tmpstr = PGSQL_DEFAULT_TABLE; #endif - vpgsql_escape( inpw->pw_passwd, EPass ); - vpgsql_escape( inpw->pw_gecos, EGecos ); -#ifdef CLEAR_PASS - vpgsql_escape( inpw->pw_clear_passwd, EClearPass ); -#endif - - snprintf( SqlBufUpdate,SQL_BUF_SIZE,SETPW, + qnprintf( SqlBufUpdate,SQL_BUF_SIZE,SETPW, tmpstr, - EPass, + inpw->pw_passwd, inpw->pw_uid, inpw->pw_gid, - EGecos, + inpw->pw_gecos, inpw->pw_dir, inpw->pw_shell, #ifdef CLEAR_PASS - EClearPass, + inpw->pw_clear_passwd, #endif inpw->pw_name #ifdef MANY_DOMAINS @@ -601,7 +594,7 @@ pgres=PQexec(pgc, SqlBufUpdate); if ( !pgres || PQresultStatus(pgres)!= PGRES_COMMAND_OK ) { fprintf(stderr, "vauth_setpw: pgsql query[6]: %s\n", - PQresultErrorMessage(pgres)); + PQerrorMessage(pgc)); if( pgres ) PQclear(pgres); return(-1); } @@ -628,7 +621,7 @@ if ( (err=vauth_open()) != 0 ) return 0; - snprintf(SqlBufUpdate, SQL_BUF_SIZE, + qnprintf(SqlBufUpdate, SQL_BUF_SIZE, "UPDATE relay SET ip_addr='%s', timestamp=%d WHERE ip_addr='%s'", ipaddr, (int)mytime, ipaddr); @@ -636,7 +629,7 @@ if (PQresultStatus(pgres) == PGRES_COMMAND_OK && atoi(PQcmdTuples(pgres)) == 0) { if( pgres ) PQclear(pgres); - snprintf( SqlBufUpdate, SQL_BUF_SIZE, + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, "INSERT INTO relay (ip_addr, timestamp) VALUES ('%s', %lu)", ipaddr, time(NULL)); @@ -650,7 +643,7 @@ vcreate_relay_table(); /* and try INSERTing now... */ - snprintf( SqlBufUpdate, SQL_BUF_SIZE, + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, "INSERT INTO relay (ip_addr, timestamp) VALUES ('%s', %lu)", ipaddr, time(NULL)); @@ -681,7 +674,8 @@ vcreate_relay_table(); if(pgres) PQclear(pgres); if ( !(pgres=PQexec(pgc, SqlBufRead)) || PQresultStatus(pgres)!=PGRES_TUPLES_OK ) { - fprintf(stderr, "vupdate_rules: query : %s\n", PQresultErrorMessage(pgres)); + fprintf(stderr, "vupdate_rules: query : %s\n", PQerrorMessage(pgc)); + if (pgres) PQclear (pgres); return; } } @@ -729,16 +723,7 @@ void vcreate_relay_table() { - PGresult *pgres; - if (vauth_open() != 0) return; - snprintf( SqlBufCreate, SQL_BUF_SIZE, - "CREATE TABLE relay ( %s )", RELAY_TABLE_LAYOUT); - pgres=PQexec(pgc, SqlBufCreate); - if( !pgres || PQresultStatus(pgres)!=PGRES_COMMAND_OK) { - fprintf(stderr, "vcreate_relay_table: create failed[9]: %s \n", - PQresultErrorMessage(pgres)); - } - if(pgres) PQclear(pgres); + vauth_create_table ("relay", RELAY_TABLE_LAYOUT, 1); return; } #endif @@ -760,15 +745,7 @@ #ifdef IP_ALIAS_DOMAINS void vcreate_ip_map_table() { - PGresult *pgres; - if ( vauth_open() != 0 ) return; - - snprintf(SqlBufCreate, SQL_BUF_SIZE, "create table ip_alias_map ( %s )", - IP_ALIAS_TABLE_LAYOUT); - pgres=PQexec(pgc, SqlBufCreate); - if( !pgres || PQresultStatus(pgres)!=PGRES_COMMAND_OK) - fprintf(stderr,"vcreate_ip_map_table[a]:%s\n",PQresultErrorMessage(pgres)); - if( pgres ) PQclear(pgres); + vauth_create_table ("ip_alias_map", IP_ALIAS_TABLE_LAYOUT, 1); return; } @@ -783,7 +760,7 @@ if ( domain == NULL ) return(-2); if ( vauth_open() != 0 ) return(-3); - snprintf(SqlBufRead, SQL_BUF_SIZE, + qnprintf(SqlBufRead, SQL_BUF_SIZE, "select domain from ip_alias_map where ip_addr = '%s'", ip); pgres=PQexec(pgc, SqlBufRead); @@ -819,7 +796,7 @@ if( ( err=pg_begin() )!= 0 ) { /* begin transaction */ return(err); } - snprintf(SqlBufUpdate,SQL_BUF_SIZE, + qnprintf(SqlBufUpdate,SQL_BUF_SIZE, "delete from ip_alias_map where ip_addr='%s' and domain='%s'", ip, domain); @@ -829,14 +806,14 @@ table may not exist */ /* step 2: insert new data */ - snprintf(SqlBufUpdate,SQL_BUF_SIZE, + qnprintf(SqlBufUpdate,SQL_BUF_SIZE, "insert into ip_alias_map (ip_addr,domain) values ('%s','%s')", ip, domain); pgres=PQexec(pgc, SqlBufUpdate); if ( !pgres || PQresultStatus(pgres) != PGRES_COMMAND_OK ) { if( pgres ) PQclear(pgres); vcreate_ip_map_table(); - snprintf(SqlBufUpdate,SQL_BUF_SIZE, + qnprintf(SqlBufUpdate,SQL_BUF_SIZE, "insert into ip_alias_map (ip_addr,domain) values ('%s','%s')", ip, domain); pgres=PQexec( pgc, SqlBufUpdate); @@ -859,14 +836,14 @@ if ( domain == NULL || strlen(domain) <= 0 ) return(-1); if ( (err=vauth_open()) != 0 ) return(err); - snprintf( SqlBufUpdate,SQL_BUF_SIZE, + qnprintf( SqlBufUpdate,SQL_BUF_SIZE, "delete from ip_alias_map where ip_addr='%s' and domain='%s'", ip, domain); pgres=PQexec(pgc, SqlBufUpdate); if( !pgres || PQresultStatus(pgres)!=PGRES_COMMAND_OK ) { fprintf(stderr, "vdel_ip_map: delete failed: %s\n", - PQresultErrorMessage(pgres)); + PQerrorMessage(pgc)); if(pgres) PQclear(pgres); /* #warning why are we returning 0 when we couldn't delete?*/ return(0); @@ -928,7 +905,7 @@ if ( vauth_open() != 0 ) return(-1); - snprintf(SqlBufUpdate, SQL_BUF_SIZE, + qnprintf(SqlBufUpdate, SQL_BUF_SIZE, "select %s from dir_control where domain = '%s'", DIR_CONTROL_SELECT, domain ); @@ -936,13 +913,14 @@ PQresultStatus(pgres)!=PGRES_TUPLES_OK ) { if( pgres ) PQclear(pgres); vcreate_dir_control(domain); - snprintf(SqlBufUpdate, SQL_BUF_SIZE, + qnprintf(SqlBufUpdate, SQL_BUF_SIZE, "select %s from dir_control where domain = '%s'", DIR_CONTROL_SELECT, domain ); if (! (pgres=PQexec(pgc, SqlBufUpdate)) || PQresultStatus(pgres)!=PGRES_TUPLES_OK ) { fprintf(stderr, "vread_dir_control: q: %s\npgsql: %s", - SqlBufUpdate, PQresultErrorMessage(pgres)); + SqlBufUpdate, PQerrorMessage(pgc)); + if (pgres) PQclear (pgres); return (-1); } } @@ -995,7 +973,7 @@ if ( vauth_open() != 0 ) return(-1); - snprintf(SqlBufUpdate, SQL_BUF_SIZE, + qnprintf(SqlBufUpdate, SQL_BUF_SIZE, "delete from dir_control where domain='%s'", domain ); if( pg_begin() ) { /* begin transaction */ return -1; @@ -1003,10 +981,11 @@ pgres=PQexec(pgc, SqlBufUpdate); if( !pgres || PQresultStatus(pgres)!=PGRES_COMMAND_OK ) { fprintf(stderr, "vwrite_dir_control: delete failed: %s", - PQresultErrorMessage(pgres)); + PQerrorMessage(pgc)); + if (pgres) PQclear (pgres); return -1; } - snprintf(SqlBufUpdate, SQL_BUF_SIZE, + qnprintf(SqlBufUpdate, SQL_BUF_SIZE, "insert into dir_control ( \ domain, cur_users, \ level_cur, level_max, \ @@ -1032,7 +1011,8 @@ PQclear(pgres); vcreate_dir_control(domain); if ( !pgres || PQresultStatus(pgres)!=PGRES_COMMAND_OK ) { - fprintf(stderr, "vwrite_dir_control: %s\n", PQresultErrorMessage(pgres)); + fprintf(stderr, "vwrite_dir_control: %s\n", PQerrorMessage(pgc)); + if (pgres) PQclear (pgres); return(-1); } } @@ -1044,21 +1024,9 @@ void vcreate_dir_control(char *domain) { PGresult *pgres; + vauth_create_table ("dir_control", DIR_CONTROL_TABLE_LAYOUT, 1); - if ( vauth_open() != 0 ) return; - - snprintf(SqlBufCreate, SQL_BUF_SIZE, "create table dir_control ( %s )", - DIR_CONTROL_TABLE_LAYOUT); - - pgres=PQexec( pgc, SqlBufCreate ); - if( ! pgres || PQresultStatus(pgres)!=PGRES_COMMAND_OK ) { - fprintf(stderr, "vcreate_dir_control: pgsql query: %s\n", - PQresultErrorMessage(pgres)); - return; - } - if( pgres ) PQclear(pgres); - - snprintf(SqlBufUpdate, SQL_BUF_SIZE, "insert into dir_control ( \ + qnprintf(SqlBufUpdate, SQL_BUF_SIZE, "insert into dir_control ( \ domain, cur_users, \ level_cur, level_max, \ level_start0, level_start1, level_start2, \ @@ -1077,7 +1045,8 @@ pgres = PQexec( pgc, SqlBufUpdate ); if ( !pgres || PQresultStatus(pgres)!=PGRES_COMMAND_OK ) { fprintf(stderr, "vcreate_dir_control: insert failed: %s\n", - PQresultErrorMessage(pgres)); + PQerrorMessage(pgc)); + if (pgres) PQclear (pgres); return; } @@ -1091,7 +1060,7 @@ if ( (err=vauth_open()) != 0 ) return(err); - snprintf(SqlBufUpdate, SQL_BUF_SIZE, + qnprintf(SqlBufUpdate, SQL_BUF_SIZE, "delete from dir_control where domain = '%s'", domain); pgres=PQexec(pgc, SqlBufUpdate); @@ -1099,12 +1068,12 @@ if ( !pgres || PQresultStatus(pgres)!=PGRES_COMMAND_OK ) { PQclear(pgres); vcreate_dir_control(domain); - snprintf(SqlBufUpdate, SQL_BUF_SIZE, + qnprintf(SqlBufUpdate, SQL_BUF_SIZE, "delete from dir_control where domain = '%s'", domain); if ( !pgres || PQresultStatus(pgres)!=PGRES_COMMAND_OK ) { fprintf(stderr, "vdel_dir_control: delete failed[e]: %s\n", - PQresultErrorMessage(pgres)); + PQerrorMessage(pgc)); err=-1; } } @@ -1120,7 +1089,7 @@ if ( (err=vauth_open()) != 0 ) return(err); - snprintf( SqlBufUpdate, SQL_BUF_SIZE, + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, "UPDATE lastauth SET remote_ip='%s', timestamp=%lu " \ "WHERE userid='%s' AND domain='%s'", remoteip, time(NULL), user, domain); @@ -1138,7 +1107,7 @@ if( pgres ) PQclear(pgres); - snprintf( SqlBufUpdate, SQL_BUF_SIZE, + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, "INSERT INTO lastauth (userid, domain, remote_ip, timestamp) " \ "VALUES ('%s', '%s', '%s', %lu)", user, domain, remoteip, time(NULL)); @@ -1151,7 +1120,7 @@ /* UPDATE returned 0 rows and/or INSERT failed. Try creating the table */ if(!pgres || PQresultStatus(pgres) != PGRES_COMMAND_OK) { #ifdef DEBUG -fprintf(stderr,"UPDATE and/or INSERT failed. error was %s\n", PQresultErrorMessage(pgres)); +fprintf(stderr,"UPDATE and/or INSERT failed. error was %s\n", PQerrorMessage(pgc)); #endif if( pgres ) PQclear(pgres); @@ -1161,7 +1130,7 @@ vcreate_lastauth_table(); /* and try INSERTing now... */ - snprintf( SqlBufUpdate, SQL_BUF_SIZE, + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, "INSERT INTO lastauth (userid, domain, remote_ip, timestamp) " \ "VALUES ('%s', '%s', '%s', %lu)", user, domain, remoteip, time(NULL)); @@ -1185,14 +1154,14 @@ if ( (err=vauth_open()) != 0 ) return(err); - snprintf( SqlBufRead, SQL_BUF_SIZE, "SELECT timestamp FROM lastauth WHERE userid='%s' AND domain='%s'", pw->pw_name, domain); + qnprintf( SqlBufRead, SQL_BUF_SIZE, "SELECT timestamp FROM lastauth WHERE userid='%s' AND domain='%s'", pw->pw_name, domain); pgres=PQexec(pgc, SqlBufRead); if ( !pgres || PQresultStatus(pgres) != PGRES_TUPLES_OK ) { if( pgres ) PQclear(pgres); vcreate_lastauth_table(); - snprintf( SqlBufRead, SQL_BUF_SIZE, "SELECT timestamp FROM lastauth WHERE userid='%s' AND domain='%s'", pw->pw_name, domain); + qnprintf( SqlBufRead, SQL_BUF_SIZE, "SELECT timestamp FROM lastauth WHERE userid='%s' AND domain='%s'", pw->pw_name, domain); pgres=PQexec(pgc, SqlBufRead); if ( !pgres || PQresultStatus(pgres) != PGRES_TUPLES_OK ) { fprintf(stderr,"vpgsql: sql error[g]: %s\n", PQerrorMessage(pgc)); @@ -1217,13 +1186,13 @@ if ( vauth_open() != 0 ) return(NULL); - snprintf( SqlBufRead, SQL_BUF_SIZE, "select remote_ip from lastauth where userid='%s' and domain='%s'", pw->pw_name, domain); + qnprintf( SqlBufRead, SQL_BUF_SIZE, "select remote_ip from lastauth where userid='%s' and domain='%s'", pw->pw_name, domain); pgres=PQexec(pgc, SqlBufRead); if ( !pgres || PQresultStatus(pgres) != PGRES_TUPLES_OK ) { if( pgres ) PQclear(pgres); vcreate_lastauth_table(); - snprintf( SqlBufRead, SQL_BUF_SIZE, "select remote_ip from lastauth where userid='%s' and domain='%s'", pw->pw_name, domain); + qnprintf( SqlBufRead, SQL_BUF_SIZE, "select remote_ip from lastauth where userid='%s' and domain='%s'", pw->pw_name, domain); pgres=PQexec(pgc, SqlBufRead); if ( !pgres || PQresultStatus(pgres) != PGRES_TUPLES_OK ) { @@ -1241,19 +1210,7 @@ void vcreate_lastauth_table() { - PGresult *pgres; - if ( vauth_open() != 0 ) return; - - snprintf( SqlBufCreate, SQL_BUF_SIZE, "CREATE TABLE lastauth ( %s )", - LASTAUTH_TABLE_LAYOUT); - - pgres = PQexec( pgc, SqlBufCreate ); - if ( !pgres || PQresultStatus(pgres) != PGRES_COMMAND_OK ) { - fprintf(stderr, "vpgsql: vcreate_lastauth_table(): %s\nsql error[i]: %s\n", - SqlBufCreate, PQerrorMessage(pgc)); - return; - } - if( pgres ) PQclear( pgres ); + vauth_create_table ("lastauth", LASTAUTH_TABLE_LAYOUT, 1); return; } #endif /* ENABLE_AUTH_LOGGING */ @@ -1261,7 +1218,6 @@ #ifdef VALIAS char *valias_select( char *alias, char *domain ) { - PGresult *pgres; int err, verrori; if ( (err=vauth_open()) != 0 ) { @@ -1269,30 +1225,35 @@ return(NULL); } - snprintf( SqlBufRead, SQL_BUF_SIZE, + /* if we're already in a query, clear it out before starting a new one */ + if (pgvalias) PQclear(pgvalias); + + qnprintf( SqlBufRead, SQL_BUF_SIZE, "select valias_line from valias where alias='%s' and domain='%s'", alias, domain ); - if ( ! (pgres=PQexec(pgc, SqlBufRead)) - || PQresultStatus(pgres) != PGRES_TUPLES_OK ) { - if(pgres) PQclear(pgres); + if ( ! (pgvalias=PQexec(pgc, SqlBufRead)) + || PQresultStatus(pgvalias) != PGRES_TUPLES_OK ) { + if(pgvalias) PQclear(pgvalias); vcreate_valias_table(); - if ( ! (pgres=PQexec(pgc, SqlBufRead)) - || PQresultStatus(pgres) != PGRES_TUPLES_OK ) { + if ( ! (pgvalias=PQexec(pgc, SqlBufRead)) + || PQresultStatus(pgvalias) != PGRES_TUPLES_OK ) { fprintf(stderr,"vpgsql: sql error[j]: %s\n", - PQresultErrorMessage(pgres)); + PQerrorMessage(pgc)); + if (pgvalias) PQclear(pgvalias); return(NULL); } } - if ( PQntuples(pgres) > 0 ) { - return( PQgetvalue( pgres, 0, 0 ) ); - } - if(pgres) PQclear(pgres); - return(NULL); + + return valias_select_next(); } char *valias_select_next() { - /* moved contents to last bit of valias_select */ + if ( PQntuples(pgvalias) > 0 ) { + return( PQgetvalue( pgvalias, 0, 0 ) ); + } + if(pgvalias) PQclear(pgvalias); + return(NULL); } int valias_insert( char *alias, char *domain, char *alias_line) @@ -1302,8 +1263,9 @@ if ( (err=vauth_open()) != 0 ) return(err); - while( *alias_line==' ' && *alias_line !=0 ) ++alias_line; - snprintf( SqlBufUpdate, SQL_BUF_SIZE, + while(*alias_line==' ') ++alias_line; + + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, "insert into valias(alias,domain,valias_line) values ('%s','%s','%s')", alias, domain, alias_line ); @@ -1311,12 +1273,13 @@ if( !pgres || PQresultStatus(pgres)!=PGRES_COMMAND_OK ) { if(pgres) PQclear(pgres); vcreate_valias_table(); - snprintf( SqlBufUpdate, SQL_BUF_SIZE, + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, "insert into valias(alias,domain,valias_line) values ('%s','%s','%s')", alias, domain, alias_line ); pgres=PQexec( pgc, SqlBufUpdate ); if( !pgres || PQresultStatus(pgres)!=PGRES_COMMAND_OK ) { - fprintf(stderr,"vpgsql: sql error[k]: %s\n",PQresultErrorMessage(pgres)); + fprintf(stderr,"vpgsql: sql error[k]: %s\n", PQerrorMessage(pgc)); + if (pgres) PQclear (pgres); return(-1); } if(pgres) PQclear(pgres); @@ -1332,19 +1295,20 @@ if ( (err=vauth_open()) != 0 ) return(err); - snprintf( SqlBufUpdate, SQL_BUF_SIZE, + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, "delete from valias where alias='%s' and domain='%s'", alias, domain ); pgres=PQexec( pgc, SqlBufUpdate ); if( !pgres || PQresultStatus(pgres)!=PGRES_COMMAND_OK ) { if(pgres) PQclear(pgres); vcreate_valias_table(); - snprintf( SqlBufUpdate, SQL_BUF_SIZE, + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, "delete from valias where alias='%s' and domain='%s'", alias, domain ); pgres=PQexec( pgc, SqlBufUpdate ); if( !pgres || PQresultStatus(pgres)!=PGRES_COMMAND_OK ) { - fprintf(stderr,"vpgsql: sql error: %s\n", PQresultErrorMessage(pgres)); + fprintf(stderr,"vpgsql: sql error: %s\n", PQerrorMessage(pgc)); + if (pgres) PQclear (pgres); return(-1); } } @@ -1359,7 +1323,7 @@ if ( (err=vauth_open()) != 0 ) return(err); - snprintf( SqlBufUpdate, SQL_BUF_SIZE, + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, "delete from valias where alias='%s' and valias_line='%s' and domain='%s'", alias, alias_line, domain ); pgres=PQexec( pgc, SqlBufUpdate ); @@ -1368,7 +1332,8 @@ vcreate_valias_table(); pgres=PQexec( pgc, SqlBufUpdate ); if( !pgres || PQresultStatus(pgres)!=PGRES_COMMAND_OK ) { - fprintf(stderr,"vpgsql: sql error: %s\n", PQresultErrorMessage(pgres)); + fprintf(stderr,"vpgsql: sql error: %s\n", PQerrorMessage(pgc)); + if (pgres) PQclear (pgres); return(-1); } } @@ -1383,18 +1348,19 @@ if ( (err=vauth_open()) != 0 ) return(err); - snprintf( SqlBufUpdate, SQL_BUF_SIZE, + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, "delete from valias where domain='%s'", domain ); pgres=PQexec( pgc, SqlBufUpdate ); if( !pgres || PQresultStatus(pgres)!=PGRES_COMMAND_OK ) { if(pgres) PQclear(pgres); vcreate_valias_table(); - snprintf( SqlBufUpdate, SQL_BUF_SIZE, + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, "delete from valias where domain='%s'", domain ); pgres=PQexec( pgc, SqlBufUpdate ); if( !pgres || PQresultStatus(pgres)!=PGRES_COMMAND_OK ) { - fprintf(stderr,"vpgsql: sql error: %s\n", PQresultErrorMessage(pgres)); + fprintf(stderr,"vpgsql: sql error: %s\n", PQerrorMessage(pgc)); + if (pgres) PQclear (pgres); return(-1); } } @@ -1405,26 +1371,16 @@ void vcreate_valias_table() { PGresult *pgres; + char SqlBufCreate[SQL_BUF_SIZE]; - if ( vauth_open() != 0 ) return; - - snprintf( SqlBufCreate, SQL_BUF_SIZE, "create table valias ( %s )", - VALIAS_TABLE_LAYOUT ); - - pgres=PQexec( pgc, SqlBufCreate ); - if( !pgres || PQresultStatus(pgres)!=PGRES_COMMAND_OK ) { - if( pgres ) PQclear(pgres); - fprintf(stderr,"vpgsql:sql error[n]:%s\n", PQresultErrorMessage(pgres)); - return; - } - if( pgres ) PQclear(pgres); + vauth_create_table ("valias", VALIAS_TABLE_LAYOUT, 1); snprintf( SqlBufCreate, SQL_BUF_SIZE, "create index valias_idx on valias ( %s )", VALIAS_INDEX_LAYOUT ); pgres=PQexec( pgc, SqlBufCreate ); if( !pgres || PQresultStatus(pgres)!=PGRES_COMMAND_OK ) { + fprintf(stderr,"vpgsql:sql error[n.i]:%s\n", PQerrorMessage(pgc)); if( pgres ) PQclear(pgres); - fprintf(stderr,"vpgsql:sql error[n.i]:%s\n", PQresultErrorMessage(pgres)); return; } if( pgres ) PQclear(pgres); @@ -1438,7 +1394,7 @@ if ( (err=vauth_open()) != 0 ) return(NULL); - snprintf( SqlBufRead, SQL_BUF_SIZE, + qnprintf( SqlBufRead, SQL_BUF_SIZE, "select alias, valias_line from valias where domain = '%s' order by alias", domain ); if ( ! (pgres=PQexec(pgc, SqlBufRead)) @@ -1448,7 +1404,8 @@ if ( ! (pgres=PQexec(pgc, SqlBufRead)) || PQresultStatus(pgres) != PGRES_TUPLES_OK ) { fprintf(stderr,"vpgsql: sql error[o]: %s\n", - PQresultErrorMessage(pgres)); + PQerrorMessage(pgc)); + if (pgres) PQclear (pgres); return(NULL); } } @@ -1478,14 +1435,14 @@ if ( (err=vauth_open()) != 0 ) return(err); /* - snprintf( SqlBufUpdate, SQL_BUF_SIZE, + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, "INSERT INTO vlog set userid='%s', passwd='%s', \ domain='%s', logon='%s', remoteip='%s', message='%s', \ error=%i, timestamp=%d", TheUser, ThePass, TheDomain, TheName, IpAddr, LogLine, verror, (int)mytime); */ - snprintf( SqlBufUpdate, SQL_BUF_SIZE, + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, "INSERT INTO vlog (userid,passwd,domain,logon,remoteip,message,error,timestamp values('%s','%s','%s','%s','%s','%s',%i,%d", TheUser, ThePass, TheDomain, TheName, IpAddr, LogLine, verror, (int)mytime); @@ -1494,7 +1451,7 @@ if( !pgres || PQresultStatus(pgres)!=PGRES_COMMAND_OK ) { if( pgres ) PQclear(pgres); vcreate_vlog_table(); - snprintf( SqlBufUpdate, SQL_BUF_SIZE, + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, "INSERT INTO vlog (userid,passwd,domain,logon,remoteip,message,error,timestamp values('%s','%s','%s','%s','%s','%s',%i,%d", TheUser, ThePass, TheDomain, TheName, IpAddr, LogLine, verror, (int)mytime); @@ -1511,33 +1468,11 @@ void vcreate_vlog_table() { - PGresult *pgres; - if ( vauth_open() != 0 ) return; - - snprintf( SqlBufCreate, SQL_BUF_SIZE, "CREATE TABLE vlog ( %s )", - VLOG_TABLE_LAYOUT); - - pgres=PQexec( pgc, SqlBufCreate ); - if( !pgres || PQresultStatus(pgres)!=PGRES_COMMAND_OK ) { - fprintf(stderr, "could not create lastauth table %s\n", SqlBufCreate); - } - if( pgres ) PQclear(pgres); + vauth_create_table ("vlog", VLOG_TABLE_LAYOUT, 1); return; } #endif -void vpgsql_escape( char *instr, char *outstr ) -{ - /* escape out " characters */ - while( *instr != 0 ) { - if ( *instr == '"' ) *outstr++ = '\\'; - *outstr++ = *instr++; - } - - /* make sure the terminating NULL char is included */ - *outstr++ = *instr++; -} - int vauth_crypt(char *user,char *domain,char *clear_pass,struct vqpasswd *vpw) { if ( vpw == NULL ) return(-1); Index: vpopmail.c =================================================================== RCS file: /cvsroot/vpopmail/vpopmail/vpopmail.c,v retrieving revision 1.28.2.3 retrieving revision 1.28.2.4 diff -u -d -r1.28.2.3 -r1.28.2.4 --- vpopmail.c 30 Apr 2004 03:50:52 -0000 1.28.2.3 +++ vpopmail.c 26 Jun 2004 02:20:56 -0000 1.28.2.4 @@ -3117,3 +3117,115 @@ return( email ); } +/* escape these characters out of strings: ', \, " */ +#define ESCAPE_CHARS "'\"\\" + +/* qnprintf - Custom version of snprintf for creating SQL queries with escaped + * strings. + * + * int qnprintf (char *buffer, size_t size, const char *format, ...) + * + * buffer - buffer to print string to + * size - size of buffer + * format - a printf-style format string* + * ... - variable arguments for the format string + * + * NOTE: Currently supported formats: %%, %s, %d/%i, %u, %ld/%li, %lu + * Since this function was designed to build SQL queries with escaped data, + * the formats don't support any extended options. + * + * Returns the number of characters that would have been printed to buffer + * if it was big enough. (i.e., if return value is larger than (size-1), + * buffer received an incomplete copy of the formatted string). + * + * It is possible to call qnprintf with a NULL buffer of 0 bytes to determine + * how large the buffer needs to be. This is inefficient, as qnprintf has + * to run twice. + * + * qnprintf written February 2004 by Tom Collins <to...@to...> + */ +int qnprintf (char *buffer, size_t size, const char *format, ...) +{ + va_list ap; + int printed; /* number of characters printed */ + const char *f; /* current position in format string */ + char *b; /* current position in output buffer */ + char n[20]; /* buffer to hold string representation of number */ + + char *s; /* pointer to string to insert */ + + if (buffer == NULL && size > 0) return -1; + + va_start (ap, format); + + printed = 0; + b = buffer; + for (f = format; *f != '\0'; f++) { + if (*f != '%') { + if (++printed < size) *b++ = *f; + } else { + f++; + s = n; + switch (*f) { + case '%': + strcpy (n, "%"); + break; + + case 'd': + case 'i': + snprintf (n, sizeof(n), "%d", va_arg (ap, int)); + break; + + case 'u': + snprintf (n, sizeof(n), "%u", va_arg (ap, unsigned int)); + break; + + case 'l': + f++; + switch (*f) { + case 'd': + case 'i': + snprintf (n, sizeof(n), "%ld", va_arg (ap, long)); + break; + + case 'u': + snprintf (n, sizeof(n), "%lu", va_arg (ap, unsigned long)); + break; + + default: + strcpy (n, "*"); + } + break; + + case 's': + s = va_arg (ap, char *); + break; + + default: + strcpy (n, "*"); + } + while (*s != '\0') { + if (strchr (ESCAPE_CHARS, *s) != NULL) { + if (++printed < size) *b++ = '\\'; + } + if (++printed < size) *b++ = *s; + s++; + } + } + } + + va_end (ap); + + *b = '\0'; + + /* If the query doesn't fit in the buffer, zero out the buffer. An + * incomplete query could be very dangerous (say if a WHERE clause + * got dropped from a DELETE). + */ + if (printed >= size) { + memset (buffer, '\0', size); + } + + return printed; +} + Index: voracle.pc =================================================================== RCS file: /cvsroot/vpopmail/vpopmail/voracle.pc,v retrieving revision 1.9 retrieving revision 1.9.2.1 diff -u -d -r1.9 -r1.9.2.1 --- voracle.pc 13 Jan 2004 23:56:41 -0000 1.9 +++ voracle.pc 26 Jun 2004 02:20:56 -0000 1.9.2.1 @@ -60,7 +60,7 @@ static int update_open = 0; -#define SQL_BUF_SIZE 600 +#define SQL_BUF_SIZE 2048 EXEC SQL BEGIN DECLARE SECTION; char SqlBufRead[SQL_BUF_SIZE]; char SqlBufUpdate[SQL_BUF_SIZE]; @@ -115,13 +115,8 @@ char IShell[SMALL_BUFF]; char IClearPass[SMALL_BUFF]; -char EPass[SMALL_BUFF]; -char EGecos[SMALL_BUFF]; -char EClearPass[SMALL_BUFF]; - void vcreate_dir_control(char *domain); void vcreate_vlog_table(); -void voracle_escape( char *instr, char *outstr ); #ifdef POP_AUTH_OPEN_RELAY void vcreate_relay_table(); @@ -356,20 +351,15 @@ } else { Crypted[0] = 0; } - voracle_escape( Crypted, EPass ); - voracle_escape( gecos, EGecos ); -#ifdef CLEAR_PASS - voracle_escape( pass, EClearPass); -#endif - snprintf( SqlBufUpdate, SQL_BUF_SIZE, INSERT, + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, INSERT, domstr, user, #ifdef MANY_DOMAINS domain, #endif - EPass, apop, EGecos, dirbuf, quota + Crypted, apop, gecos, dirbuf, quota #ifdef CLEAR_PASS -,EClearPass +,pass #endif ); @@ -427,7 +417,7 @@ if ( domstr == NULL || domstr[0] == 0 ) domstr = ORACLE_LARGE_USERS_TABLE; - snprintf(SqlBufRead, SQL_BUF_SIZE, USER_SELECT, domstr, user + qnprintf(SqlBufRead, SQL_BUF_SIZE, USER_SELECT, domstr, user #ifdef MANY_DOMAINS , in_domain #endif @@ -497,7 +487,7 @@ snprintf( SqlBufUpdate, SQL_BUF_SIZE, "drop table %s", tmpstr); #else tmpstr = ORACLE_DEFAULT_TABLE; - snprintf( SqlBufUpdate, SQL_BUF_SIZE, "delete from %s where pw_domain = '%s'", + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, "delete from %s where pw_domain = '%s'", tmpstr, domain ); #endif @@ -510,7 +500,7 @@ #endif #ifdef ENABLE_AUTH_LOGGING - snprintf( SqlBufUpdate, SQL_BUF_SIZE, + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, "delete from lastauth where pw_domain = '%s'", domain ); EXEC SQL PREPARE S FROM :SqlBufUpdate; EXEC SQL EXECUTE S; @@ -540,7 +530,7 @@ tmpstr = ORACLE_DEFAULT_TABLE; #endif - snprintf( SqlBufUpdate, SQL_BUF_SIZE, DELETE_USER, tmpstr, user + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, DELETE_USER, tmpstr, user #ifdef MANY_DOMAINS , domain #endif @@ -550,7 +540,7 @@ EXEC SQL COMMIT; #ifdef ENABLE_AUTH_LOGGING - snprintf( SqlBufUpdate, SQL_BUF_SIZE, + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, "delete from lastauth where pw_user = '%s' and pw_domain = '%s'", user, domain ); EXEC SQL PREPARE S FROM :SqlBufUpdate; @@ -582,7 +572,7 @@ tmpstr = ORACLE_DEFAULT_TABLE; #endif - snprintf( SqlBufUpdate, SQL_BUF_SIZE, SETQUOTA, tmpstr, quota, username + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, SETQUOTA, tmpstr, quota, username #ifdef MANY_DOMAINS , domain #endif @@ -612,7 +602,7 @@ if ( first == 1 ) { if ( (err=vauth_open_update()) != 0 ) return(NULL); - snprintf(SqlBufRead, SQL_BUF_SIZE, GETALL, domstr + qnprintf(SqlBufRead, SQL_BUF_SIZE, GETALL, domstr #ifdef MANY_DOMAINS ,domain #endif @@ -734,22 +724,16 @@ tmpstr = ORACLE_DEFAULT_TABLE; #endif - voracle_escape( inpw->pw_passwd, EPass ); - voracle_escape( inpw->pw_gecos, EGecos ); -#ifdef CLEAR_PASS - voracle_escape( inpw->pw_clear_passwd, EClearPass ); -#endif - - snprintf( SqlBufUpdate,SQL_BUF_SIZE,SETPW, + qnprintf( SqlBufUpdate,SQL_BUF_SIZE,SETPW, tmpstr, - EPass, + inpw->pw_passwd, inpw->pw_uid, inpw->pw_gid, - EGecos, + inpw->pw_gecos, inpw->pw_dir, inpw->pw_shell, #ifdef CLEAR_PASS - EClearPass, + inpw->pw_clear_passwd, #endif inpw->pw_name #ifdef MANY_DOMAINS @@ -789,7 +773,7 @@ if ( (err=vauth_open_update()) != 0 ) return; - snprintf( SqlBufUpdate, SQL_BUF_SIZE, + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, "insert into relay ( ip_addr, timestamp ) values ( '%s', %d )", ipaddr, (int)mytime); /*fprintf(stderr, "relay: %s\n", SqlBufUpdate);*/ @@ -878,7 +862,7 @@ if ( domain == NULL ) return(-2); if ( vauth_open_update() != 0 ) return(-3); - snprintf(SqlBufRead, SQL_BUF_SIZE, "select domain from ip_alias_map where ip_addr = '%s'", + qnprintf(SqlBufRead, SQL_BUF_SIZE, "select domain from ip_alias_map where ip_addr = '%s'", ip); if (mysql_query(&mysql_read,SqlBufRead)) { return(-1); @@ -905,7 +889,7 @@ if ( domain == NULL || strlen(domain) <= 0 ) return(-1); if ( vauth_open_update() != 0 ) return(-1); - snprintf(SqlBufUpdate,SQL_BUF_SIZE, + qnprintf(SqlBufUpdate,SQL_BUF_SIZE, "update ip_alias_map set ip_addr='%s', domain='%s' ", ip, domain); EXEC SQL PREPARE S FROM :SqlBufUpdate; @@ -920,7 +904,7 @@ if ( domain == NULL || strlen(domain) <= 0 ) return(-1); if ( vauth_open_update() != 0 ) return(-1); - snprintf( SqlBufUpdate,SQL_BUF_SIZE, + qnprintf( SqlBufUpdate,SQL_BUF_SIZE, "delete from ip_alias_map where ip_addr = '%s' and domain = '%s'", ip, domain); EXEC SQL PREPARE S FROM :SqlBufUpdate; @@ -980,7 +964,7 @@ int i; if ( vauth_open_update() != 0 ) return(-1); - snprintf(SqlBufRead, SQL_BUF_SIZE, + qnprintf(SqlBufRead, SQL_BUF_SIZE, "select %s from dir_control where domain = '%s'", DIR_CONTROL_SELECT, domain ); /*printf("read dir control: %s\n", SqlBufRead);*/ @@ -1083,7 +1067,7 @@ EXEC SQL EXECUTE S; EXEC SQL COMMIT; - snprintf(SqlBufUpdate, SQL_BUF_SIZE, "insert into dir_control ( \ + qnprintf(SqlBufUpdate, SQL_BUF_SIZE, "insert into dir_control ( \ domain, cur_users, \ level_cur, level_max, \ level_start0, level_start1, level_start2, \ @@ -1110,7 +1094,7 @@ if ( (err=vauth_open_update()) != 0 ) return(err); - snprintf(SqlBufUpdate, SQL_BUF_SIZE, + qnprintf(SqlBufUpdate, SQL_BUF_SIZE, "delete from dir_control where domain = '%s'", domain); EXEC SQL PREPARE S FROM :SqlBufUpdate; @@ -1126,7 +1110,7 @@ if ( (err=vauth_open_update()) != 0 ) return(err); - snprintf( SqlBufUpdate, SQL_BUF_SIZE, + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, "update lastauth set pw_user='%s', pw_domain='%s', \ remote_ip='%s', timestamp=%lu", user, domain, remoteip, time(NULL)); @@ -1145,7 +1129,7 @@ if ( (err=vauth_open_update()) != 0 ) return(err); - snprintf( SqlBufUpdate, SQL_BUF_SIZE, + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, "select timestamp from lastauth where pw_user='%s' and pw_domain='%s'", pw->pw_name, domain); EXEC SQL PREPARE SD FROM :SqlBufUpdate; @@ -1205,7 +1189,7 @@ return(NULL); } - snprintf( SqlBufRead, SQL_BUF_SIZE, "select valias_line from valias \ + qnprintf( SqlBufRead, SQL_BUF_SIZE, "select valias_line from valias \ where alias = '%s' and domain = '%s'", alias, domain ); EXEC SQL PREPARE SC FROM :SqlBufRead; EXEC SQL DECLARE CC CURSOR FOR SC; @@ -1235,7 +1219,7 @@ if ( (err=vauth_open_update()) != 0 ) return(err); while(*alias_line==' ' && *alias_line!=0) ++alias_line; - snprintf( SqlBufUpdate, SQL_BUF_SIZE, "insert into valias \ + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, "insert into valias \ ( alias, domain, valias_line ) values ( '%s', '%s', '%s')", alias, domain, alias_line ); @@ -1251,7 +1235,7 @@ if ( (err=vauth_open_update()) != 0 ) return(err); - snprintf( SqlBufUpdate, SQL_BUF_SIZE, + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, "delete from valias where alias = '%s' \ and valias_line = '%s' and domain = '%s'", alias, alias_line, domain ); @@ -1267,7 +1251,7 @@ if ( (err=vauth_open_update()) != 0 ) return(err); - snprintf( SqlBufUpdate, SQL_BUF_SIZE, + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, "delete from valias where alias = '%s' \ and domain = '%s'", alias, domain ); @@ -1283,7 +1267,7 @@ if ( (err=vauth_open_update()) != 0 ) return(err); - snprintf( SqlBufUpdate, SQL_BUF_SIZE, + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, "delete from valias where domain = '%s'", domain ); EXEC SQL PREPARE S FROM :SqlBufUpdate; @@ -1355,7 +1339,7 @@ mytime = time(NULL); if ( (err=vauth_open_update()) != 0 ) return(err); - snprintf( SqlBufUpdate, SQL_BUF_SIZE, + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, "INSERT INTO vlog set user='%s', passwd='%s', \ domain='%s', logon='%s', remoteip='%s', message='%s', \ error=%i, timestamp=%d", TheUser, ThePass, TheDomain, @@ -1381,19 +1365,6 @@ } #endif -void voracle_escape( char *instr, char *outstr ) -{ - - /* escape out " characters */ - while( *instr != 0 ) { - if ( *instr == '"' ) *outstr++ = '\\'; - *outstr++ = *instr++; - } - - /* make sure the terminating NULL char is included */ - *outstr++ = *instr++; -} - #ifdef ENABLE_ORACLE_LIMITS void vcreate_limits_table() { @@ -1415,7 +1386,7 @@ return(-1); } - snprintf( SqlBufRead, SQL_BUF_SIZE, "SELECT maxpopaccounts, maxaliases, " + qnprintf( SqlBufRead, SQL_BUF_SIZE, "SELECT maxpopaccounts, maxaliases, " "maxforwards, maxautoresponders, maxmailinglists, diskquota, " "defaultquota, disablepop, disableimap, disabledialup, " "disablepasswordchanging, disablewebmail, disablerelay \n" @@ -1463,7 +1434,7 @@ int vdel_limits( char *domain ) { - snprintf( SqlBufUpdate, SQL_BUF_SIZE, "DELETE FROM limits WHERE domain = '%s'", + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, "DELETE FROM limits WHERE domain = '%s'", domain); EXEC SQL PREPARE S FROM :SqlBufUpdate; EXEC SQL EXECUTE S; @@ -1480,7 +1451,7 @@ return(-1); } - snprintf( SqlBufUpdate, SQL_BUF_SIZE, "REPLACE INTO limits ( " + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, "REPLACE INTO limits ( " "domain, maxpopaccounts, maxaliases, " "maxforwards, maxautoresponders, maxmailinglists, diskquota, " "defaultquota, disablepop, disableimap, disabledialup, " Index: vmysql.c =================================================================== RCS file: /cvsroot/vpopmail/vpopmail/vmysql.c,v retrieving revision 1.15.2.1 retrieving revision 1.15.2.2 diff -u -d -r1.15.2.1 -r1.15.2.2 --- vmysql.c 11 Jun 2004 15:52:28 -0000 1.15.2.1 +++ vmysql.c 26 Jun 2004 02:20:56 -0000 1.15.2.2 @@ -71,7 +71,6 @@ #define SQL_BUF_SIZE 2048 static char SqlBufRead[SQL_BUF_SIZE]; static char SqlBufUpdate[SQL_BUF_SIZE]; -static char SqlBufCreate[SQL_BUF_SIZE]; #define SMALL_BUFF 200 char IUser[SMALL_BUFF]; @@ -81,13 +80,8 @@ char IShell[SMALL_BUFF]; char IClearPass[SMALL_BUFF]; -char EPass[SMALL_BUFF]; -char EGecos[SMALL_BUFF]; -char EClearPass[SMALL_BUFF]; - void vcreate_dir_control(char *domain); void vcreate_vlog_table(); -void vmysql_escape( char *instr, char *outstr ); #ifdef POP_AUTH_OPEN_RELAY void vcreate_relay_table(); @@ -223,7 +217,8 @@ /* we could not create the database * so report the error and return */ - fprintf(stderr, "vmysql: sql error[1]: %s\n", mysql_error(&mysql_update)); + fprintf(stderr, "vmysql: couldn't create database '%s': %s\n", MYSQL_UPDATE_DATABASE, + mysql_error(&mysql_update)); return(-1); } /* set the database (we just created)*/ @@ -300,30 +295,33 @@ return(0); } -int vauth_adddomain( char *domain ) +int vauth_create_table (char *table, char *layout, int showerror) { - char *tmpstr = NULL; - int err; - - if ( (err=vauth_open_update()) != 0 ) return(err); + int err; + char SqlBufCreate[SQL_BUF_SIZE]; - vset_default_domain( domain ); + if ((err = vauth_open_update()) != 0) return (err); + snprintf (SqlBufCreate, SQL_BUF_SIZE, "CREATE TABLE %s ( %s )", table, layout); + if (mysql_query (&mysql_update, SqlBufCreate)) { + if (showerror) + fprintf (stderr, "vmysql: error creating table '%s': %s\n", table, + mysql_error(&mysql_update)); + return -1; + } else { + return 0; + } +} + +int vauth_adddomain( char *domain ) +{ #ifndef MANY_DOMAINS - tmpstr = vauth_munch_domain( domain ); + vset_default_domain( domain ); + return (vauth_create_table (vauth_munch_domain( domain ), TABLE_LAYOUT, 1)); #else - tmpstr = MYSQL_DEFAULT_TABLE; -#endif - - snprintf(SqlBufUpdate,SQL_BUF_SIZE, - "create table %s ( %s )",tmpstr,TABLE_LAYOUT); - - if (mysql_query(&mysql_update,SqlBufUpdate) ) { -#ifndef MANY_DOMAINS - return(-1); + /* if creation fails, don't show an error */ + vauth_create_table (MYSQL_DEFAULT_TABLE, TABLE_LAYOUT, 0); + return (0); #endif - } - - return(0); } int vauth_adduser(char *user, char *domain, char *pass, char *gecos, @@ -373,20 +371,15 @@ } else { Crypted[0] = 0; } - vmysql_escape( Crypted, EPass ); - vmysql_escape( gecos, EGecos ); -#ifdef CLEAR_PASS - vmysql_escape( pass, EClearPass); -#endif - snprintf( SqlBufUpdate, SQL_BUF_SIZE, INSERT, + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, INSERT, domstr, user, #ifdef MANY_DOMAINS domain, #endif - EPass, apop, EGecos, dirbuf, quota + Crypted, apop, gecos, dirbuf, quota #ifdef CLEAR_PASS -,EClearPass +, pass #endif ); @@ -435,7 +428,7 @@ if ( domstr == NULL || domstr[0] == 0 ) domstr = MYSQL_LARGE_USERS_TABLE; - snprintf(SqlBufRead, SQL_BUF_SIZE, USER_SELECT, domstr, user + qnprintf(SqlBufRead, SQL_BUF_SIZE, USER_SELECT, domstr, user #ifdef MANY_DOMAINS , in_domain #endif @@ -510,7 +503,7 @@ snprintf( SqlBufUpdate, SQL_BUF_SIZE, "drop table %s", tmpstr); #else tmpstr = MYSQL_DEFAULT_TABLE; - snprintf( SqlBufUpdate, SQL_BUF_SIZE, "delete from %s where pw_domain = \"%s\"", + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, "delete from %s where pw_domain = '%s'", tmpstr, domain ); #endif @@ -523,8 +516,8 @@ #endif #ifdef ENABLE_AUTH_LOGGING - snprintf( SqlBufUpdate, SQL_BUF_SIZE, - "delete from lastauth where domain = \"%s\"", domain ); + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, + "delete from lastauth where domain = '%s'", domain ); if (mysql_query(&mysql_update,SqlBufUpdate)) { return(-1); } @@ -553,7 +546,7 @@ tmpstr = MYSQL_DEFAULT_TABLE; #endif - snprintf( SqlBufUpdate, SQL_BUF_SIZE, DELETE_USER, tmpstr, user + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, DELETE_USER, tmpstr, user #ifdef MANY_DOMAINS , domain #endif @@ -563,8 +556,8 @@ } #ifdef ENABLE_AUTH_LOGGING - snprintf( SqlBufUpdate, SQL_BUF_SIZE, - "delete from lastauth where user = \"%s\" and domain = \"%s\"", + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, + "delete from lastauth where user = '%s' and domain = '%s'", user, domain ); if (mysql_query(&mysql_update,SqlBufUpdate)) { err = -1; @@ -594,7 +587,7 @@ tmpstr = MYSQL_DEFAULT_TABLE; #endif - snprintf( SqlBufUpdate, SQL_BUF_SIZE, SETQUOTA, tmpstr, quota, username + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, SETQUOTA, tmpstr, quota, username #ifdef MANY_DOMAINS , domain #endif @@ -625,7 +618,7 @@ if ( first == 1 ) { if ( (err=vauth_open_read_getall()) != 0 ) return(NULL); - snprintf(SqlBufRead, SQL_BUF_SIZE, GETALL, domstr + qnprintf(SqlBufRead, SQL_BUF_SIZE, GETALL, domstr #ifdef MANY_DOMAINS ,domain #endif @@ -741,22 +734,16 @@ tmpstr = MYSQL_DEFAULT_TABLE; #endif - vmysql_escape( inpw->pw_passwd, EPass ); - vmysql_escape( inpw->pw_gecos, EGecos ); -#ifdef CLEAR_PASS - vmysql_escape( inpw->pw_clear_passwd, EClearPass ); -#endif - - snprintf( SqlBufUpdate,SQL_BUF_SIZE,SETPW, + qnprintf( SqlBufUpdate,SQL_BUF_SIZE,SETPW, tmpstr, - EPass, + inpw->pw_passwd, inpw->pw_uid, inpw->pw_gid, - EGecos, + inpw->pw_gecos, inpw->pw_dir, inpw->pw_shell, #ifdef CLEAR_PASS - EClearPass, + inpw->pw_clear_passwd, #endif inpw->pw_name #ifdef MANY_DOMAINS @@ -792,8 +779,8 @@ if ( (err=vauth_open_update()) != 0 ) return 0; - snprintf( SqlBufUpdate, SQL_BUF_SIZE, -"replace into relay ( ip_addr, timestamp ) values ( \"%s\", %d )", + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, +"replace into relay ( ip_addr, timestamp ) values ( '%s', %d )", ipaddr, (int)mytime); if (mysql_query(&mysql_update,SqlBufUpdate)) { vcreate_relay_table(); @@ -850,14 +837,8 @@ void vcreate_relay_table() { - if (vauth_open_update() != 0) return; - - snprintf( SqlBufCreate, SQL_BUF_SIZE, "create table relay ( %s )",RELAY_TABLE_LAYOUT); - if (mysql_query(&mysql_update,SqlBufCreate)) { - fprintf(stderr, "vmysql: sql error[9]: %s\n", mysql_error(&mysql_update)); - return; - } - return; + vauth_create_table ("relay", RELAY_TABLE_LAYOUT, 1); + return; } #endif @@ -885,15 +866,8 @@ #ifdef IP_ALIAS_DOMAINS void vcreate_ip_map_table() { - if ( vauth_open_update() != 0 ) return; - - snprintf(SqlBufCreate, SQL_BUF_SIZE, "create table ip_alias_map ( %s )", - IP_ALIAS_TABLE_LAYOUT); - if (mysql_query(&mysql_update,SqlBufCreate)) { - fprintf(stderr, "vmysql: sql error[a]: %s\n", mysql_error(&mysql_update)); - return; - } - return; + vauth_create_table ("ip_alias_map", IP_ALIAS_TABLE_LAYOUT, 1); + return; } int vget_ip_map( char *ip, char *domain, int domain_size) @@ -904,7 +878,7 @@ if ( domain == NULL ) return(-2); if ( vauth_open_read() != 0 ) return(-3); - snprintf(SqlBufRead, SQL_BUF_SIZE, "select domain from ip_alias_map where ip_addr = \"%s\"", + qnprintf(SqlBufRead, SQL_BUF_SIZE, "select domain from ip_alias_map where ip_addr = '%s'", ip); if (mysql_query(&mysql_read,SqlBufRead)) { return(-1); @@ -928,8 +902,8 @@ if ( domain == NULL || strlen(domain) <= 0 ) return(-1); if ( vauth_open_update() != 0 ) return(-1); - snprintf(SqlBufUpdate,SQL_BUF_SIZE, - "replace into ip_alias_map ( ip_addr, domain ) values ( \"%s\", \"%s\" )", + qnprintf(SqlBufUpdate,SQL_BUF_SIZE, + "replace into ip_alias_map ( ip_addr, domain ) values ( '%s', '%s' )", ip, domain); if (mysql_query(&mysql_update,SqlBufUpdate)) { vcreate_ip_map_table(); @@ -946,8 +920,8 @@ if ( domain == NULL || strlen(domain) <= 0 ) return(-1); if ( vauth_open_update() != 0 ) return(-1); - snprintf( SqlBufUpdate,SQL_BUF_SIZE, - "delete from ip_alias_map where ip_addr = \"%s\" and domain = \"%s\"", + qnprintf( SqlBufUpdate,SQL_BUF_SIZE, + "delete from ip_alias_map where ip_addr = '%s' and domain = '%s'", ip, domain); if (mysql_query(&mysql_update,SqlBufUpdate)) { return(0); @@ -1004,13 +978,13 @@ int found = 0; if ( vauth_open_read() != 0 ) return(-1); - snprintf(SqlBufRead, SQL_BUF_SIZE, - "select %s from dir_control where domain = \"%s\"", + qnprintf(SqlBufRead, SQL_BUF_SIZE, + "select %s from dir_control where domain = '%s'", DIR_CONTROL_SELECT, domain ); if (mysql_query(&mysql_read,SqlBufRead)) { vcreate_dir_control(domain); - snprintf(SqlBufRead, SQL_BUF_SIZE, - "select %s from dir_control where domain = \"%s\"", + qnprintf(SqlBufRead, SQL_BUF_SIZE, + "select %s from dir_control where domain = '%s'", DIR_CONTROL_SELECT, domain ); if (mysql_query(&mysql_read,SqlBufRead)) { return(-1); @@ -1070,19 +1044,19 @@ { if ( vauth_open_update() != 0 ) return(-1); - snprintf(SqlBufUpdate, SQL_BUF_SIZE, "replace into dir_control ( \ + qnprintf(SqlBufUpdate, SQL_BUF_SIZE, "replace into dir_control ( \ domain, cur_users, \ level_cur, level_max, \ level_start0, level_start1, level_start2, \ level_end0, level_end1, level_end2, \ level_mod0, level_mod1, level_mod2, \ level_index0, level_index1, level_index2, the_dir ) values ( \ -\"%s\", %lu, %d, %d, \ +'%s', %lu, %d, %d, \ %d, %d, %d, \ %d, %d, %d, \ %d, %d, %d, \ %d, %d, %d, \ -\"%s\")\n", +'%s')\n", domain, vdir->cur_users, vdir->level_cur, vdir->level_max, vdir->level_start[0], vdir->level_start[1], vdir->level_start[2], vdir->level_end[0], vdir->level_end[1], vdir->level_end[2], @@ -1103,30 +1077,23 @@ void vcreate_dir_control(char *domain) { - if ( vauth_open_update() != 0 ) return; - - snprintf(SqlBufCreate, SQL_BUF_SIZE, "create table dir_control ( %s )", - DIR_CONTROL_TABLE_LAYOUT); - - if (mysql_query(&mysql_update,SqlBufCreate)) { - fprintf(stderr, "vmysql: sql error[c]: %s\n", mysql_error(&mysql_update)); - return; - } + if (vauth_create_table ("dir_control", DIR_CONTROL_TABLE_LAYOUT, 1)) return; - snprintf(SqlBufUpdate, SQL_BUF_SIZE, "replace into dir_control ( \ + /* this next bit should be replaced with a call to vwrite_dir_control */ + qnprintf(SqlBufUpdate, SQL_BUF_SIZE, "replace into dir_control ( \ domain, cur_users, \ level_cur, level_max, \ level_start0, level_start1, level_start2, \ level_end0, level_end1, level_end2, \ level_mod0, level_mod1, level_mod2, \ level_index0, level_index1, level_index2, the_dir ) values ( \ -\"%s\", 0, \ +'%s', 0, \ 0, %d, \ 0, 0, 0, \ %d, %d, %d, \ 0, 2, 4, \ 0, 0, 0, \ -\"\")\n", +'')\n", domain, MAX_DIR_LEVELS, MAX_DIR_LIST-1, MAX_DIR_LIST-1, MAX_DIR_LIST-1); if (mysql_query(&mysql_update,SqlBufUpdate)) { @@ -1141,8 +1108,8 @@ if ( (err=vauth_open_update()) != 0 ) return(err); - snprintf(SqlBufUpdate, SQL_BUF_SIZE, - "delete from dir_control where domain = \"%s\"", + qnprintf(SqlBufUpdate, SQL_BUF_SIZE, + "delete from dir_control where domain = '%s'", domain); if (mysql_query(&mysql_update,SqlBufUpdate)) { vcreate_dir_control(domain); @@ -1162,9 +1129,9 @@ if ( (err=vauth_open_update()) != 0 ) return(err); - snprintf( SqlBufUpdate, SQL_BUF_SIZE, -"replace into lastauth set user=\"%s\", domain=\"%s\", \ -remote_ip=\"%s\", timestamp=%lu", user, domain, remoteip, time(NULL)); + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, +"replace into lastauth set user='%s', domain='%s', \ +remote_ip='%s', timestamp=%lu", user, domain, remoteip, time(NULL)); if (mysql_query(&mysql_update,SqlBufUpdate)) { vcreate_lastauth_table(); if (mysql_query(&mysql_update,SqlBufUpdate)) { @@ -1181,8 +1148,8 @@ if ( (err=vauth_open_read()) != 0 ) return(err); - snprintf( SqlBufRead, SQL_BUF_SIZE, - "select timestamp from lastauth where user=\"%s\" and domain=\"%s\"", + qnprintf( SqlBufRead, SQL_BUF_SIZE, + "select timestamp from lastauth where user='%s' and domain='%s'", pw->pw_name, domain); if (mysql_query(&mysql_read,SqlBufRead)) { vcreate_lastauth_table(); @@ -1206,8 +1173,8 @@ if ( vauth_open_read() != 0 ) return(NULL); - snprintf( SqlBufRead, SQL_BUF_SIZE, - "select remote_ip from lastauth where user=\"%s\" and domain=\"%s\"", + qnprintf( SqlBufRead, SQL_BUF_SIZE, + "select remote_ip from lastauth where user='%s' and domain='%s'", pw->pw_name, domain); if (mysql_query(&mysql_read,SqlBufRead)) { vcreate_lastauth_table(); @@ -1226,16 +1193,8 @@ void vcreate_lastauth_table() { - - if ( vauth_open_update() != 0 ) return; - - snprintf( SqlBufCreate, SQL_BUF_SIZE, "create table lastauth ( %s )", - LASTAUTH_TABLE_LAYOUT); - if (mysql_query(&mysql_update,SqlBufCreate)) { - fprintf(stderr, "vmysql: sql error[i]: %s\n", mysql_error(&mysql_update)); - return; - } - return; + vauth_create_table ("lastauth", LASTAUTH_TABLE_LAYOUT, 1); + return; } #endif /* ENABLE_AUTH_LOGGING */ @@ -1249,8 +1208,8 @@ return(NULL); } - snprintf( SqlBufRead, SQL_BUF_SIZE, "select valias_line from valias \ -where alias = \"%s\" and domain = \"%s\"", alias, domain ); + qnprintf( SqlBufRead, SQL_BUF_SIZE, "select valias_line from valias \ +where alias = '%s' and domain = '%s'", alias, domain ); if (mysql_query(&mysql_read,SqlBufRead)) { vcreate_valias_table(); @@ -1279,8 +1238,8 @@ if ( (err=vauth_open_update()) != 0 ) return(err); while(*alias_line==' ' && *alias_line!=0) ++alias_line; - snprintf( SqlBufUpdate, SQL_BUF_SIZE, "insert into valias \ -( alias, domain, valias_line ) values ( \"%s\", \"%s\", \"%s\")", + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, "insert into valias \ +( alias, domain, valias_line ) values ( '%s', '%s', '%s')", alias, domain, alias_line ); if (mysql_query(&mysql_update,SqlBufUpdate)) { @@ -1299,9 +1258,9 @@ if ( (err=vauth_open_update()) != 0 ) return(err); - snprintf( SqlBufUpdate, SQL_BUF_SIZE, - "delete from valias where alias = \"%s\" \ -and valias_line = \"%s\" and domain = \"%s\"", alias, alias_line, domain ); + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, + "delete from valias where alias = '%s' \ +and valias_line = '%s' and domain = '%s'", alias, alias_line, domain ); if (mysql_query(&mysql_update,SqlBufUpdate)) { vcreate_valias_table(); @@ -1319,9 +1278,9 @@ if ( (err=vauth_open_update()) != 0 ) return(err); - snprintf( SqlBufUpdate, SQL_BUF_SIZE, - "delete from valias where alias = \"%s\" \ -and domain = \"%s\"", alias, domain ); + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, + "delete from valias where alias = '%s' \ +and domain = '%s'", alias, domain ); if (mysql_query(&mysql_update,SqlBufUpdate)) { vcreate_valias_table(); @@ -1339,8 +1298,8 @@ if ( (err=vauth_open_update()) != 0 ) return(err); - snprintf( SqlBufUpdate, SQL_BUF_SIZE, - "delete from valias where domain = \"%s\"", + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, + "delete from valias where domain = '%s'", domain ); if (mysql_query(&mysql_update,SqlBufUpdate)) { @@ -1355,15 +1314,8 @@ void vcreate_valias_table() { - if ( vauth_open_update() != 0 ) return; - - snprintf( SqlBufCreate, SQL_BUF_SIZE, "create table valias ( %s )", - VALIAS_TABLE_LAYOUT ); - if (mysql_query(&mysql_update,SqlBufCreate)) { - fprintf(stderr, "vmysql: sql error[n]: %s\n", mysql_error(&mysql_update)); - return; - } - return; + vauth_create_table ("valias", VALIAS_TABLE_LAYOUT, 1); + return; } char *valias_select_all( char *alias, char *domain ) @@ -1372,8 +1324,8 @@ if ( (err=vauth_open_read()) != 0 ) return(NULL); - snprintf( SqlBufRead, SQL_BUF_SIZE, - "select alias, valias_line from valias where domain = \"%s\" order by alias", domain ); + qnprintf( SqlBufRead, SQL_BUF_SIZE, + "select alias, valias_line from valias where domain = '%s' order by alias", domain ); if (mysql_query(&mysql_read,SqlBufRead)) { vcreate_valias_table(); @@ -1408,9 +1360,9 @@ mytime = time(NULL); if ( (err=vauth_open_update()) != 0 ) return(err); - snprintf( SqlBufUpdate, SQL_BUF_SIZE, - "INSERT INTO vlog set user=\"%s\", passwd=\"%s\", \ - domain=\"%s\", logon=\"%s\", remoteip=\"%s\", message=\"%s\", \ + qnprintf( SqlBufUpdate, SQL_BUF_SIZE, + "INSERT INTO vlog set user='%s', passwd='%s', \ + domain='%s', logon='%s', remoteip='%s', message='%s', \ error=%i, timestamp=%d", TheUser, ThePass, TheDomain, TheName, IpAddr, LogLine, verror, (int)mytime); @@ -1426,44 +1378,16 @@ void vcreate_vlog_table() { - - if ( vauth_open_update() != 0 ) return; - - snpri... [truncated message content] |
