git-svn-id: svn://presbrey.mit.edu/sql/mitsql@40 a142d4bd-2cfb-0310-9673-cb33a7e74f58

diff --git a/.htaccess b/.htaccess
index d6115572ed86c83c052a216bc63deddf865bade9..16859fb10eaa1d7d2833455c905afd79d16db12a 100644 (file)
--- a/.htaccess
+++ b/.htaccess
@@ -1,12 +1,12 @@
 #php_value auto_prepend_file "prepend.php"
-php_value auto_append_file "global.done.php"
+#php_value auto_append_file "global.done.php"
 #php_flag xdebug.remote_enable on
 #php_flag xdebug.remote_autostart on
 #php_value xdebug.remote_host "localhost"
 #php_value xdebug.remote_port "9000"
 
 RewriteEngine On
-RewriteBase /~administrator/mitsql/
+RewriteBase /~presbrey/mitsql/
 
 #RewriteOptions MaxRedirects=1
 

diff --git a/global.act.php b/global.act.php
index 7563b612b68e1d68717d7a10fbff47ad9f828b29..009d529c407f0125c508129b1493d67a29c0f909 100644 (file)
--- a/global.act.php
+++ b/global.act.php
@@ -49,7 +49,8 @@ if (!is_a($LoginSSL, 'Login')) {
        $LoginSSL = new Login($SSLUsername);
 }
 if (!isLoggedIn() && !$LoginSSL->exists()) {
-       addUser($SSLCred);
+       if (!empty($SSLName))
+               addUser($SSLCred);
        $LoginSSL->refresh();
 }
 

diff --git a/global.done.php b/global.done.php
index e02cc284e9aeaf0f0790d20746c4bd4de03e0a05..51febd8d14cb814ea96b9da3c4f9bbac412bc74a 100644 (file)
--- a/global.done.php
+++ b/global.done.php
@@ -6,8 +6,10 @@ require_once('mitsql.lib.php');
 sess('Login', $Login);
 sess('LoginSSL', $LoginSSL);
 
-echo '<pre>';
-print_r($_SESSION);
-print_r($timings);
+if (DEBUG) {
+       echo '<pre>';
+       print_r($_SESSION);
+       print_r($timings);
+}
 
 ?>

diff --git a/lib/dbaccess.lib.php b/lib/dbaccess.lib.php
index e106698347e58f67920283538dac8b028d23b875..9e759c175ffb24236d48a490545a68bfa763d85b 100644 (file)
--- a/lib/dbaccess.lib.php
+++ b/lib/dbaccess.lib.php
@@ -5,6 +5,7 @@ require_once('joe.lib.php');
 function DBMaster($sql) {
        sessTime($sql);
        $res = mysql_query($sql);
+       if (mysql_error()) die($sql."<br />\n".mysql_error());
        sessTime();
        return $res;
 }

diff --git a/lib/security.lib.php b/lib/security.lib.php
index 44071d13d75442f20726aeefee9314294b974f55..fe9bd0b2d780e0ff6daced009b3349c00461203d 100644 (file)
--- a/lib/security.lib.php
+++ b/lib/security.lib.php
@@ -60,9 +60,11 @@ class Login {
                if ($email == $this->getEmail()) $email = null;
         is_null($name) || $arr['Name'] = $name;
         is_null($email) || $arr['Email'] = $email;
+       $upd = buildSQLSet($arr);
         $sql = sprintf("UPDATE User %s WHERE UserId = '%s'",
-                        buildSQLSet($arr), mysql_escape_string($this->getUserId()));
-        DBUpdate($sql);
+                        $upd, mysql_escape_string($this->getUserId()));
+       if (!empty($upd) && $upd != 'SET')
+               DBUpdate($sql);
                if (isset($arr['Name']))
                        $this->name = $arr['Name'];
                if (isset($arr['Email']))
@@ -115,13 +117,13 @@ class User {
        function setUsage($yes=true) {
                $verb = $yes?'GRANT':'REVOKE';
                $prep = $yes?'TO':'FROM';
-               $suffix = $yes?sprintf("IDENTIFIED BY `%s`",mysql_escape_string($this->pass)):'';
+               $suffix = $yes?sprintf("IDENTIFIED BY '%s'",mysql_escape_string($this->pass)):'';
                $sql = sprintf("%s USAGE ON * . * %s '%s'@'%s' %s",
                                                mysql_escape_string($verb),
                                                mysql_escape_string($prep),
                                                mysql_escape_string($this->getUsername()),
                                                '%',
-                                               mysql_escape_string($suffix));
+                                               $suffix);
                DBGrant($sql);
        }
        function setAccess($db=null,$yes=true) {

diff --git a/login.php b/login.php
index 2d684fafb0ee9ee856edf89f63856e3287020e90..f11e80ebb597a694827c5213e5aa8e1984e3edd1 100644 (file)
--- a/login.php
+++ b/login.php
@@ -13,7 +13,7 @@ if (empty($err) && isPost()) {
        
        if (isSSL()) {
            $Login = new Login($SSLUsername);
-               $Login->update($cred['Name'],$cred['Email']);
+               $Login->update($SSLCred['Name'],$SSLCred['Email']);
                sess('Login', $Login);
        } else {
                $Login = new Login($i_u, $i_p);

diff --git a/mitsql.cfg.php b/mitsql.cfg.php
index 7b2c12855538e0967fe6817edff4b5a91935f0db..9244b1c6da24a78823faced5f8ec6d1fa3f3f566 100755 (executable)
--- a/mitsql.cfg.php
+++ b/mitsql.cfg.php
@@ -6,15 +6,14 @@
 */
 
 define('DEBUG', 0);
-define('DEVEL', 1);
+define('DEVEL', 0);
 define('VERSION', '0.2-dev');
 
 define('DELIMETER', '+');
 
-define('DBHOST', 'localhost');
+define('DBHOST', 'sql.mit.edu');
 define('ADMINUSER', 'root');
-//define('ADMINPASS', base64_decode('TXlCZWF0c1Bvc3RA'));
-define('ADMINPASS', '');
+define('ADMINPASS', base64_decode('TXlCZWF0c1Bvc3RA'));
 define('ADMINDB', 'mitsql');
 
 set_time_limit(0);
@@ -30,5 +29,6 @@ $BASE_URL = isset($_SERVER['SCRIPT_NAME'])?dirname($_SERVER['SCRIPT_NAME']).'/':
 
 $cxn = mysql_connect(DBHOST, ADMINUSER, ADMINPASS);
 mysql_select_db(ADMINDB,$cxn);
+if (mysql_error()) die(mysql_error());
 
 ?>