From: Joe Presbrey <presbrey@mit.edu>
Date: Sat, 23 Jul 2005 17:32:21 +0000 (+0000)
Subject: git-svn-id: svn://presbrey.mit.edu/sql/mitsql@40 a142d4bd-2cfb-0310-9673-cb33a7e74f58
X-Git-Url: http://andersk.mit.edu/gitweb/sql-web.git/commitdiff_plain/3ebfe9a36acba9515fadc37791a8931749a5bd51

git-svn-id: svn://presbrey.mit.edu/sql/mitsql@40 a142d4bd-2cfb-0310-9673-cb33a7e74f58
---

diff --git a/.htaccess b/.htaccess
index d611557..16859fb 100644
--- a/.htaccess
+++ b/.htaccess
@@ -1,12 +1,12 @@
 #php_value auto_prepend_file "prepend.php"
-php_value auto_append_file "global.done.php"
+#php_value auto_append_file "global.done.php"
 #php_flag xdebug.remote_enable on
 #php_flag xdebug.remote_autostart on
 #php_value xdebug.remote_host "localhost"
 #php_value xdebug.remote_port "9000"
 
 RewriteEngine On
-RewriteBase /~administrator/mitsql/
+RewriteBase /~presbrey/mitsql/
 
 #RewriteOptions MaxRedirects=1
 
diff --git a/global.act.php b/global.act.php
index 7563b61..009d529 100644
--- a/global.act.php
+++ b/global.act.php
@@ -49,7 +49,8 @@ if (!is_a($LoginSSL, 'Login')) {
 	$LoginSSL = new Login($SSLUsername);
 }
 if (!isLoggedIn() && !$LoginSSL->exists()) {
-	addUser($SSLCred);
+	if (!empty($SSLName))
+		addUser($SSLCred);
 	$LoginSSL->refresh();
 }
 
diff --git a/global.done.php b/global.done.php
index e02cc28..51febd8 100644
--- a/global.done.php
+++ b/global.done.php
@@ -6,8 +6,10 @@ require_once('mitsql.lib.php');
 sess('Login', $Login);
 sess('LoginSSL', $LoginSSL);
 
-echo '<pre>';
-print_r($_SESSION);
-print_r($timings);
+if (DEBUG) {
+	echo '<pre>';
+	print_r($_SESSION);
+	print_r($timings);
+}
 
 ?>
diff --git a/lib/dbaccess.lib.php b/lib/dbaccess.lib.php
index e106698..9e759c1 100644
--- a/lib/dbaccess.lib.php
+++ b/lib/dbaccess.lib.php
@@ -5,6 +5,7 @@ require_once('joe.lib.php');
 function DBMaster($sql) {
 	sessTime($sql);
 	$res = mysql_query($sql);
+	if (mysql_error()) die($sql."<br />\n".mysql_error());
 	sessTime();
 	return $res;
 }
diff --git a/lib/security.lib.php b/lib/security.lib.php
index 44071d1..fe9bd0b 100644
--- a/lib/security.lib.php
+++ b/lib/security.lib.php
@@ -60,9 +60,11 @@ class Login {
 		if ($email == $this->getEmail()) $email = null;
         is_null($name) || $arr['Name'] = $name;
         is_null($email) || $arr['Email'] = $email;
+	$upd = buildSQLSet($arr);
         $sql = sprintf("UPDATE User %s WHERE UserId = '%s'",
-                        buildSQLSet($arr), mysql_escape_string($this->getUserId()));
-        DBUpdate($sql);
+                        $upd, mysql_escape_string($this->getUserId()));
+	if (!empty($upd) && $upd != 'SET')
+		DBUpdate($sql);
 		if (isset($arr['Name']))
 			$this->name = $arr['Name'];
 		if (isset($arr['Email']))
@@ -115,13 +117,13 @@ class User {
 	function setUsage($yes=true) {
 		$verb = $yes?'GRANT':'REVOKE';
 		$prep = $yes?'TO':'FROM';
-		$suffix = $yes?sprintf("IDENTIFIED BY `%s`",mysql_escape_string($this->pass)):'';
+		$suffix = $yes?sprintf("IDENTIFIED BY '%s'",mysql_escape_string($this->pass)):'';
 		$sql = sprintf("%s USAGE ON * . * %s '%s'@'%s' %s",
 						mysql_escape_string($verb),
 						mysql_escape_string($prep),
 						mysql_escape_string($this->getUsername()),
 						'%',
-						mysql_escape_string($suffix));
+						$suffix);
 		DBGrant($sql);
 	}
 	function setAccess($db=null,$yes=true) {
diff --git a/login.php b/login.php
index 2d684fa..f11e80e 100644
--- a/login.php
+++ b/login.php
@@ -13,7 +13,7 @@ if (empty($err) && isPost()) {
 	
 	if (isSSL()) {
 	    $Login = new Login($SSLUsername);
-		$Login->update($cred['Name'],$cred['Email']);
+		$Login->update($SSLCred['Name'],$SSLCred['Email']);
 		sess('Login', $Login);
 	} else {
 		$Login = new Login($i_u, $i_p);
diff --git a/mitsql.cfg.php b/mitsql.cfg.php
index 7b2c128..9244b1c 100755
--- a/mitsql.cfg.php
+++ b/mitsql.cfg.php
@@ -6,15 +6,14 @@
 */
 
 define('DEBUG', 0);
-define('DEVEL', 1);
+define('DEVEL', 0);
 define('VERSION', '0.2-dev');
 
 define('DELIMETER', '+');
 
-define('DBHOST', 'localhost');
+define('DBHOST', 'sql.mit.edu');
 define('ADMINUSER', 'root');
-//define('ADMINPASS', base64_decode('TXlCZWF0c1Bvc3RA'));
-define('ADMINPASS', '');
+define('ADMINPASS', base64_decode('TXlCZWF0c1Bvc3RA'));
 define('ADMINDB', 'mitsql');
 
 set_time_limit(0);
@@ -30,5 +29,6 @@ $BASE_URL = isset($_SERVER['SCRIPT_NAME'])?dirname($_SERVER['SCRIPT_NAME']).'/':
 
 $cxn = mysql_connect(DBHOST, ADMINUSER, ADMINPASS);
 mysql_select_db(ADMINDB,$cxn);
+if (mysql_error()) die(mysql_error());
 
 ?>