Search Postgresql Archives

migration problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I have a couple of LAN servers set up for learning & developing. One is FreeBSD 4.10 running apache 1.3 with php4 module and postgresql 7.3 ; the 7.0 is running apache22, php5 and posstgresql 8.3.
Here's the problem: Everything is fine on the older machine. I transferred one "WebSite" to the newer machine; did the pg_dumpall to the new machine and all appears ok. I changed the include $DOCUMENT_ROOTs to ($_SERVER["DOCUMENT_ROOT"]...... and all that is well. However, there seems to be a problem with the sql code which was done by another party. There is a function "checkuser" which is invoked upon login from index.php. The instruction is: checkuser(array(0,1,2,3,4,5,6));...... and there it stops.

function checkuser($group_id) {
    global $sid,$ttl,$login_prompt,$user,$password,$REMOTE_ADDR,$HTTP_POST_VARS,
    $HTTP_GET_VARS,$SCRIPT_NAME,$HTTP_USER_AGENT,$HTTP_REFERER,
    $REQUEST_URI,$loglevel;

    if(!isset($user)) {
    $user='';
    }
    if(!isset($password)) {
    $password='';
    }
    if(!isset($sid)) {
    $sid='';
    }
    if(is_array($group_id)) {
    $group_id=join($group_id,',');
    }
    /*
     * Statistics: check if such page exists in database
     * If not, add it
     */
    if($loglevel>=1) {
    list($page_id)=sqlget("
        select page_id from pages where name='$SCRIPT_NAME'");
    if(!$page_id) {
        $page_q=sqlquery("insert into pages (name) values ('$SCRIPT_NAME')");
        $page_id=sqlinsid($page_q);
    }
    }

    /*
     * Get user ID by session ID
     */
    list($user_id)=sqlget("
    select \"user\".user_id from \"user\",groups,user_group,session
    where hash='$sid' and
        \"user\".user_id=session.user_id and
        user_group.group_id=groups.group_id and
        \"user\".user_id=user_group.user_id and
        groups.group_id in ($group_id) and
        end_time>".(time()));

    /*
     * No such session, or session is expired
     */
    if(!isset($user_id) || $user_id=='') do {
    /*
     * Handle POSTs
     * Check password and group; anonymous access also
     */
    list($user_id)=sqlget("
        select \"user\".user_id from \"user\",groups,user_group
        where \"user\".user_id=user_group.user_id and
        user_group.group_id=groups.group_id and
        groups.group_id in ($group_id) and
            ((\"user\".name='$user' and
            \"user\".password='".(md5($password))."') or
            groups.anonymous='Y')");

    /*
     * yeah, authorized
     */
    if(isset($user_id) && $user_id!='' && $user_id>=0) {
        list($md5)=sqlget("
        select hash from session where user_id='$user_id' and
            ip='$REMOTE_ADDR' and end_time>".(time())."
        order by end_time desc");
        if(isset($md5) && $md5!='') {
        sqlquery("
            update session set end_time=".(time()+$ttl).",
            visited_pages=visited_pages+1
            where hash='$md5' and user_id='$user_id'");
        }
        else do {
        mt_srand((double)microtime()*1000000);
        $rnd=mt_rand(0,(double)microtime()*1000000);
        $md5=md5("$rnd$REMOTE_ADDR$user_id$password");
        $result=sqlquery("
                insert into session (hash,user_id,start_time,
            end_time,ip,visited_pages,useragent)
                values ('$md5','$user_id',".(time()).",".(time()+$ttl).",
            '$REMOTE_ADDR',1,'$HTTP_USER_AGENT')");
        } while (strcmp($result,'error')==0);

        setcookie('sid',$md5);
        $sid=$md5;
        break;
    }

    /*
     * Unauthorized; prompt to login
     * Save POST and GET variables, except user/password
     */

    setcookie('sid','-1');
    $vars='';
    while(list($name,$value)=each($HTTP_POST_VARS)) {
        if($name!='user' && $name!='password') {
        $vars.="\n<input type=hidden name='$name' value='$value'>";
        }
    }
    while(list($name,$value)=each($HTTP_GET_VARS)) {
        if($name!='user' && $name!='password') {
        $vars.="\n<input type=hidden name='$name' value='$value'>";
        }
    }
    $login_prompt=eregi_replace('<!-- INFERNO -->','<!-- INFERNO -->'.$vars,$login_prompt);
    echo $login_prompt;
    exit();
    } while (0);
    /*
     * Update existing session to prevent expiration
     */
    else {
    sqlquery("
        update session set end_time=".(time()+$ttl).",
        visited_pages=visited_pages+1
        where hash='$sid'");
    }

    /*
     * Statistics: write page view
     */
    if($loglevel>=1) {
    sqlquery("
        insert into visits (session_id,page_id,when_stamp,path,referer)
        select session_id,$page_id,'now','$REQUEST_URI','$HTTP_REFERER'
        from session
        where hash='$sid'");
    }

    return $user_id;
}

The Web page does not load. If I remove the line checkuser (array....)  from the php code, things come up fine.  Sooooo, I'm a little lost. Could it be that the sql code should be different for the current psql? The database is fine, I can access it and view it (SELECT * FROM ....etc...etc.) from the command line.

Could someone please steer me as to what to look for and where to find possible correcections?
Thanks much in advance.

PJ
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]
  Powered by Linux