diff --git a/html/includes/graphs/cisco_entity_sensor.inc.php b/attic/cisco_entity_sensor.inc.php
similarity index 100%
rename from html/includes/graphs/cisco_entity_sensor.inc.php
rename to attic/cisco_entity_sensor.inc.php
diff --git a/html/ajax_listports.php b/html/ajax_listports.php
index 60e566021..f8913ea70 100755
--- a/html/ajax_listports.php
+++ b/html/ajax_listports.php
@@ -9,19 +9,20 @@ if ($_GET['debug'])
ini_set('error_reporting', E_ALL);
}
-include("../includes/defaults.inc.php");
-include("../config.php");
-include("includes/functions.inc.php");
-include("../includes/common.php");
-include("../includes/rewrites.php");
-include("includes/authenticate.inc.php");
+include_once("../includes/defaults.inc.php");
+include_once("../config.php");
+include_once("includes/functions.inc.php");
+include_once("../includes/dbFacile.php");
+include_once("../includes/common.php");
+
+include_once("../includes/rewrites.php");
+include_once("includes/authenticate.inc.php");
if (!$_SESSION['authenticated']) { echo("unauthenticated"); exit; }
if (is_numeric($_GET['device_id']))
{
- $ports = mysql_query("SELECT * FROM ports WHERE device_id = '".$_GET['device_id']."'");
- while ($interface = mysql_fetch_assoc($ports))
+ foreach (dbFetch("SELECT * FROM ports WHERE device_id = ?", array($_GET['device_id'])) as $interface)
{
echo("obj.options[obj.options.length] = new Option('".$interface['ifDescr']." - ".$interface['ifAlias']."','".$interface['interface_id']."');\n");
}
diff --git a/html/billing-graph.php b/html/billing-graph.php
index 33a05cc28..e290dfd3c 100755
--- a/html/billing-graph.php
+++ b/html/billing-graph.php
@@ -50,19 +50,17 @@ if ($type == "date") { $date_format = "%d %b %H:%i"; $tickinterval = "2"; } else
$datefrom = date('Ymt', $start) . "000000";
$dateto = date('Ymt', $end) . "235959";
-$datefrom = mysql_result(mysql_query("SELECT FROM_UNIXTIME($start, '%Y%m%d')"),0) . "000000";
-$dateto = mysql_result(mysql_query("SELECT FROM_UNIXTIME($end, '%Y%m%d')"),0) . "235959";
+$datefrom = dbFetchCell("SELECT FROM_UNIXTIME($start, '%Y%m%d')") . "000000";
+$dateto = dbFetchCell("SELECT FROM_UNIXTIME($end, '%Y%m%d')") . "235959";
$rate_data = getRates($bill_id,$datefrom,$dateto);
$rate_95th = $rate_data['rate_95th'] * 1000;
$rate_average = $rate_data['rate_average'] * 1000;
-$bi_q = mysql_query("SELECT * FROM bills WHERE bill_id = $bill_id");
-$bi_a = mysql_fetch_assoc($bi_q);
+$bi_a = dbFetchRow("SELECT * FROM bills WHERE bill_id = ?", array($bill_id)");
$bill_name = $bi_a['bill_name'];
-$countsql = mysql_query("SELECT count(`delta`) FROM `bill_data` WHERE `bill_id` = '$bill_id' AND `timestamp` >= '$datefrom' AND `timestamp` <= '$dateto'");
-$counttot = mysql_result($countsql,0);
+$counttot = dbFetchCell("SELECT count(`delta`) FROM `bill_data` WHERE `bill_id` = ? AND `timestamp` >= ? AND `timestamp` <= ?", array($bill_id, $datefrom, $dateto));
$count = round($counttot / (($ysize - 100) * 2), 0);
if ($count <= 1) { $count = 2; }
@@ -72,19 +70,18 @@ if ($count <= 1) { $count = 2; }
#$count = round($counttot / 260, 0);
#if ($count <= 1) { $count = 2; }
-$max = mysql_result(mysql_query("SELECT delta FROM bill_data WHERE bill_id = $bill_id AND timestamp >= $datefrom AND timestamp <= $dateto ORDER BY delta DESC LIMIT 0,1"),0);
+$max = dbFetchCell("SELECT delta FROM bill_data WHERE bill_id = ? AND timestamp >= ? AND timestamp <= ? ORDER BY delta DESC LIMIT 0,1", array($bill_id, $datefrom, $dateto));
if ($max > 1000000) { $div = "1000000"; $yaxis = "Mbit/sec"; } else { $div = "1000"; $yaxis = "Kbit/sec"; }
$i = '0';
-#$start = mysql_result(mysql_query("SELECT *, UNIX_TIMESTAMP(timestamp) AS formatted_date FROM bill_data WHERE bill_id = $bill_id AND timestamp >=$datefrom AND timestamp <= $dateto ORDER BY timestamp ASC LIMIT 0,1"),0);
-#$end = mysql_result(mysql_query("SELECT *, UNIX_TIMESTAMP(timestamp) AS formatted_date FROM bill_data WHERE bill_id = $bill_id AND timestamp >=$datefrom AND timestamp <= $dateto ORDER BY timestamp DESC LIMIT 0,1"),0);
+#$start = "SELECT *, UNIX_TIMESTAMP(timestamp) AS formatted_date FROM bill_data WHERE bill_id = $bill_id AND timestamp >=$datefrom AND timestamp <= $dateto ORDER BY timestamp ASC LIMIT 0,1"),0);
+#$end = "SELECT *, UNIX_TIMESTAMP(timestamp) AS formatted_date FROM bill_data WHERE bill_id = $bill_id AND timestamp >=$datefrom AND timestamp <= $dateto ORDER BY timestamp DESC LIMIT 0,1"),0);
$dur = $end - $start;
-$sql = "SELECT *, UNIX_TIMESTAMP(timestamp) AS formatted_date FROM bill_data WHERE bill_id = $bill_id AND timestamp >= $datefrom AND timestamp <= $dateto ORDER BY timestamp ASC";
-$data = mysql_query($sql);
+#$sql = "SELECT *, UNIX_TIMESTAMP(timestamp) AS formatted_date FROM bill_data WHERE bill_id = $bill_id AND timestamp >= $datefrom AND timestamp <= $dateto ORDER BY timestamp ASC";
-while ($row = mysql_fetch_assoc($data))
+foreach (dbFetch("SELECT *, UNIX_TIMESTAMP(timestamp) AS formatted_date FROM bill_data WHERE bill_id = ? AND timestamp >= ? AND timestamp <= ? ORDER BY timestamp ASC", array($bill_id, $datefrom, $dateto)) as $row)
{
@$timestamp = $row['formatted_date'];
if (!$first) { $first = $timestamp; }
diff --git a/html/includes/authentication/http-auth.inc.php b/html/includes/authentication/http-auth.inc.php
index e555bf987..aeab81efd 100644
--- a/html/includes/authentication/http-auth.inc.php
+++ b/html/includes/authentication/http-auth.inc.php
@@ -13,9 +13,7 @@ function authenticate($username,$password)
{
$_SESSION['username'] = mres($_SERVER['REMOTE_USER']);
- $sql = "SELECT username FROM `users` WHERE `username`='".$_SESSION['username'] . "'";;
- $query = mysql_query($sql);
- $row = @mysql_fetch_assoc($query);
+ $row = @dbFetchRow("SELECT username FROM `users` WHERE `username`=?", array($_SESSION['username']));
if (isset($row['username']) && $row['username'] == $_SESSION['username'])
{
return 1;
@@ -46,28 +44,23 @@ function auth_usermanagement()
function adduser($username, $password, $level, $email = "", $realname = "")
{
- mysql_query("INSERT INTO `users` (`username`,`password`,`level`, `email`, `realname`) VALUES ('".mres($username)."',MD5('".mres($password)."'),'".mres($level)."','".mres($email)."','".mres($realname)."')");
-
- return mysql_affected_rows();
+ return dbInsert(array('username' => $username, 'password' => $password. 'level' => $level, 'email' => $email, 'realname' => $realname), 'users');
}
function user_exists($username)
{
- return mysql_result(mysql_query("SELECT * FROM users WHERE username = '".mres($username)."'"),0);
+ ## FIXME this doesn't seem right? (adama)
+ return dbFetchCell("SELECT * FROM `users` WHERE `username` = ?", array($username));
}
function get_userlevel($username)
{
- $sql = "SELECT level FROM `users` WHERE `username`='".mres($username)."'";
- $row = mysql_fetch_assoc(mysql_query($sql));
- return $row['level'];
+ return dbFetchCell("SELECT `level` FROM `users` WHERE `username`= ?", array($username));
}
function get_userid($username)
{
- $sql = "SELECT user_id FROM `users` WHERE `username`='".mres($username)."'";
- $row = mysql_fetch_assoc(mysql_query($sql));
- return $row['user_id'];
+ return dbFetchCell("SELECT `user_id` FROM `users` WHERE `username`= ?", array($username));
}
function deluser($username)
diff --git a/html/includes/authentication/ldap.inc.php b/html/includes/authentication/ldap.inc.php
index f216ff358..636eebe11 100644
--- a/html/includes/authentication/ldap.inc.php
+++ b/html/includes/authentication/ldap.inc.php
@@ -67,17 +67,13 @@ function user_exists($username)
function get_userlevel($username)
{
# FIXME should come from LDAP
- $sql = "SELECT level FROM `users` WHERE `username`='".mres($username)."'";
- $row = mysql_fetch_assoc(mysql_query($sql));
- return $row['level'];
+ return dbFetchRow("SELECT `level` FROM `users` WHERE `username` = ?", array($username));
}
function get_userid($username)
{
# FIXME should come from LDAP
- $sql = "SELECT user_id FROM `users` WHERE `username`='".mres($username)."'";
- $row = mysql_fetch_assoc(mysql_query($sql));
- return $row['user_id'];
+ return dbFetchRow("SELECT `user_id` FROM `users` WHERE `username` = ?", array($username));
}
function deluser($username)
@@ -86,4 +82,4 @@ function deluser($username)
return 0;
}
-?>
\ No newline at end of file
+?>
diff --git a/html/includes/authentication/mysql.inc.php b/html/includes/authentication/mysql.inc.php
index d605fac92..32f1fd16d 100644
--- a/html/includes/authentication/mysql.inc.php
+++ b/html/includes/authentication/mysql.inc.php
@@ -3,16 +3,13 @@
function authenticate($username,$password)
{
$encrypted_old = md5($password);
- $sql = "SELECT username,password FROM `users` WHERE `username`='".$username."'";
- $query = mysql_query($sql);
- $row = @mysql_fetch_assoc($query);
+ $row = dbFetchRow("SELECT username,password FROM `users` WHERE `username`= ?", array($username));
if ($row['username'] && $row['username'] == $username)
{
// Migrate from old, unhashed password
if ($row['password'] == $encrypted_old)
{
- $query = mysql_query("DESCRIBE users password");
- $row = mysql_fetch_assoc($query);
+ $row = dbFetchRow("DESCRIBE users password");
if ($row['Type'] == 'varchar(34)')
{
changepassword($username,$password);
@@ -39,7 +36,7 @@ function passwordscanchange($username="")
if (empty($username) || !user_exists($username)) {
return 1;
} else {
- return @mysql_result(mysql_query("SELECT can_modify_passwd FROM users WHERE username = '".mres($username)."'"),0);
+ return dbFetchCell("SELECT can_modify_passwd FROM users WHERE username = ?", array($username));
}
}
@@ -67,8 +64,7 @@ function generateSalt($max = 15)
function changepassword($username,$password)
{
$encrypted = crypt($password,'$1$' . generateSalt(8).'$');
- $sql = "UPDATE `users` SET `password` = '$encrypted' WHERE `username`='".$username."'";
- $query = mysql_query($sql);
+ return dbUpdate(array('password' => $encrypted), 'users', '`username` = ?', array($username));
}
function auth_usermanagement()
@@ -81,35 +77,30 @@ function adduser($username, $password, $level, $email = "", $realname = "", $can
if (!user_exists($username))
{
$encrypted = crypt($password,'$1$' . generateSalt(8).'$');
- mysql_query("INSERT INTO `users` (`username`,`password`,`level`, `email`, `realname`, `can_modify_passwd`) VALUES ('".mres($username)."','".mres($encrypted)."','".mres($level)."','".mres($email)."','".mres($realname)."','".mres($can_modify_passwd)."')");
+ return dbInsert(array('username' => $username, 'password' => $encrypted, 'level' => $level, 'email' => $email, 'realname' => $realname, 'can_modify_passwd' => $can_modify_passwd), 'users');
+ } else {
+ return FALSE;
}
-
- return mysql_affected_rows();
}
function user_exists($username)
{
- return @mysql_result(mysql_query("SELECT * FROM users WHERE username = '".mres($username)."'"),0);
+ return @dbFetchCell("SELECT * FROM users WHERE username = ?", array($username));
}
function get_userlevel($username)
{
- $sql = "SELECT level FROM `users` WHERE `username`='".mres($username)."'";
- $row = mysql_fetch_assoc(mysql_query($sql));
- return $row['level'];
+ return dbFetchRow("SELECT `level` FROM `users` WHERE `username` = ?", array($username));
}
function get_userid($username)
{
- $sql = "SELECT user_id FROM `users` WHERE `username`='".mres($username)."'";
- $row = mysql_fetch_assoc(mysql_query($sql));
- return $row['user_id'];
+ return dbFetchRow("SELECT `user_id` FROM `users` WHERE `username` = ?", array($username));
}
function deluser($username)
{
- mysql_query("DELETE FROM `users` WHERE `user_id` = '" . mres($_GET['user_id']) . "'");
- return mysql_affected_rows();
+ return dbDelete('users', "`username` = ?", array($username));
}
?>
diff --git a/html/includes/hostbox.inc.php b/html/includes/hostbox.inc.php
index 56445c202..f90e7b9ab 100644
--- a/html/includes/hostbox.inc.php
+++ b/html/includes/hostbox.inc.php
@@ -28,8 +28,8 @@ $image = getImage($device['device_id']);
if ($device['os'] == "ios") { formatCiscoHardware($device, true); }
$device['os_text'] = $config['os'][$device['os']]['text'];
-$port_count = mysql_result(mysql_query("SELECT COUNT(*) FROM `ports` WHERE `device_id` = '".$device['device_id']."'"),0);
-$sensor_count = mysql_result(mysql_query("SELECT COUNT(*) FROM `sensors` WHERE `device_id` = '".$device['device_id']."'"),0);
+$port_count = dbFetchCell("SELECT COUNT(*) FROM `ports` WHERE `device_id` = ?", array($device['device_id']));
+$sensor_count = dbFetchCell("SELECT COUNT(*) FROM `sensors` WHERE `device_id` = ?", array($device['device_id']));
echo('
diff --git a/html/includes/port-edit.inc.php b/html/includes/port-edit.inc.php
index 163c73167..87c38a167 100644
--- a/html/includes/port-edit.inc.php
+++ b/html/includes/port-edit.inc.php
@@ -24,14 +24,7 @@ foreach ($_POST as $key => $val)
continue;
}
- if (!mysql_query('UPDATE `ports` SET `ignore`='.$newign.' WHERE `device_id`='.$device_id.' AND `interface_id`='.$interface_id))
- {
- $n = -1;
- }
- else
- {
- $n = mysql_affected_rows();
- }
+ $n = dbUpdate(array('ignore' => $newign), 'ports', '`device_id` = ? AND `interface_id` = ?', array($device_id, $interface_id));
if ($n <0)
{
@@ -58,14 +51,7 @@ foreach ($_POST as $key => $val)
continue;
}
- if (!mysql_query('UPDATE `ports` SET `disabled`='.$newdis.' WHERE `device_id`='.$device_id.' AND `interface_id`='.$interface_id))
- {
- $n = -1;
- }
- else
- {
- $n = mysql_affected_rows();
- }
+ $n = dbUpdate(array('disabled' => $newdis), 'ports', '`device_id` = ? AND `interface_id` = ?', array($device_id, $interface_id));
if ($n <0)
{
diff --git a/html/includes/print-interface-adsl.inc.php b/html/includes/print-interface-adsl.inc.php
index 43ecfa97a..456990f3a 100644
--- a/html/includes/print-interface-adsl.inc.php
+++ b/html/includes/print-interface-adsl.inc.php
@@ -30,14 +30,12 @@ if ($interface['ifAlias']) { echo("
"); }
unset ($break);
if ($port_details)
{
- $ipdata = mysql_query("SELECT * FROM `ipv4_addresses` WHERE `interface_id` = '" . $interface['interface_id'] . "'");
- while ($ip = mysql_fetch_assoc($ipdata))
+ foreach (dbFetchRows("SELECT * FROM `ipv4_addresses` WHERE `interface_id` = ?", array($interface['interface_id'])) as $ip)
{
echo("$break ".$ip['ipv4_address']."/".$ip['ipv4_prefixlen']."");
$break = ",";
}
- $ip6data = mysql_query("SELECT * FROM `ipv6_addresses` WHERE `interface_id` = '" . $interface['interface_id'] . "'");
- while ($ip6 = mysql_fetch_assoc($ip6data))
+ foreach (dbFetchRows("SELECT * FROM `ipv6_addresses` WHERE `interface_id` = ?", array($interface['interface_id']) as $ip6);
{
echo("$break ".Net_IPv6::compress($ip6['ipv6_address'])."/".$ip6['ipv6_prefixlen']."");
$break = ",";
@@ -142,4 +140,4 @@ if ($graph_type && is_file($graph_file))
echo("
");
}
-?>
\ No newline at end of file
+?>
diff --git a/html/includes/print-interface.inc.php b/html/includes/print-interface.inc.php
index 924636b0f..b3c17e602 100644
--- a/html/includes/print-interface.inc.php
+++ b/html/includes/print-interface.inc.php
@@ -16,15 +16,14 @@ if($int_colour)
if (!is_integer($i/2)) { $row_colour = $list_colour_a; } else { $row_colour = $list_colour_b; }
}
-$port_adsl_query = mysql_query("SELECT * FROM `ports_adsl` WHERE `interface_id` = '".$interface['interface_id']."'");
-$port_adsl = mysql_fetch_assoc($port_adsl_query);
+$port_adsl = dbFetchRow("SELECT * FROM `ports_adsl` WHERE `interface_id` = ?", array($interface['interface_id']));
if ($interface['ifInErrors_delta'] > 0 || $interface['ifOutErrors_delta'] > 0)
{
$error_img = generate_port_link($interface, "
", "port_errors");
} else { $error_img = ""; }
-if (mysql_result(mysql_query("SELECT count(*) FROM mac_accounting WHERE interface_id = '".$interface['interface_id']."'"),0))
+if (dbFetchCell("SELECT COUNT(*) FROM `mac_accounting` WHERE `interface_id` = ?", array($interface['interface_id'])))
{
$mac = "
";
} else { $mac = ""; }
@@ -41,13 +40,13 @@ unset ($break);
if ($port_details)
{
- $ipdata = mysql_query("SELECT * FROM `ipv4_addresses` WHERE `interface_id` = '" . $interface['interface_id'] . "'");
- while ($ip = mysql_fetch_Array($ipdata)) {
+ foreach (dbFetchRows("SELECT * FROM `ipv4_addresses` WHERE `interface_id` = ?", array($interface['interface_id'])) as $ip)
+ {
echo("$break $ip[ipv4_address]/$ip[ipv4_prefixlen]");
$break = "
";
}
- $ip6data = mysql_query("SELECT * FROM `ipv6_addresses` WHERE `interface_id` = '" . $interface['interface_id'] . "'");
- while ($ip6 = mysql_fetch_Array($ip6data)) {
+ foreach (dbFetchRows("SELECT * FROM `ipv6_addresses` WHERE `interface_id` = ?", array($interface['interface_id'])) as $ip6)
+ {
echo("$break ".Net_IPv6::compress($ip6['ipv6_address'])."/".$ip6['ipv6_prefixlen']."");
$break = "
";
}
@@ -94,7 +93,7 @@ if ($device['os'] == "ios" || $device['os'] == "iosxe")
} elseif ($interface['ifVlan']) {
echo("VLAN " . $interface['ifVlan'] . "");
} elseif ($interface['ifVrf']) {
- $vrf = mysql_fetch_assoc(mysql_query("SELECT * FROM vrfs WHERE vrf_id = '".$interface['ifVrf']."'"));
+ $vrf = dbFetchRow("SELECT * FROM vrfs WHERE vrf_id = ?", array($interface['ifVrf']));
echo("" . $vrf['vrf_name'] . "");
}
}
@@ -126,8 +125,7 @@ echo("");
echo("");
if (strpos($interface['label'], "oopback") === false && !$graph_type)
{
- $link_query = mysql_query("select * from links AS L, ports AS I, devices AS D WHERE L.local_interface_id = '$if_id' AND L.remote_interface_id = I.interface_id AND I.device_id = D.device_id");
- while ($link = mysql_fetch_assoc($link_query))
+ foreach(dbFetchRows("SELECT * FROM `links` AS L, `ports` AS I, `devices` AS D WHERE L.local_interface_id = ? AND L.remote_interface_id = I.interface_id AND I.device_id = D.device_id", array($if_id)) as $link)
{
# echo(" " . generate_port_link($link, makeshortif($link['label'])) . " on " . generate_device_link($link, shorthost($link['hostname'])) . " ");
# $br = " ";
@@ -139,17 +137,15 @@ if (strpos($interface['label'], "oopback") === false && !$graph_type)
if ($port_details)
{ ## Show which other devices are on the same subnet as this interface
- $sql = "SELECT `ipv4_network_id` FROM `ipv4_addresses` WHERE `interface_id` = '".$interface['interface_id']."' AND `ipv4_address` NOT LIKE '127.%'";
- $nets_query = mysql_query($sql);
- while ($net = mysql_fetch_assoc($nets_query))
+ foreach (dbFetchRows("SELECT `ipv4_network_id` FROM `ipv4_addresses` WHERE `interface_id` = ? AND `ipv4_address` NOT LIKE '127.%'", array($interface['interface_id'])) as $net)
{
$ipv4_network_id = $net['ipv4_network_id'];
$sql = "SELECT I.interface_id FROM ipv4_addresses AS A, ports AS I, devices AS D
WHERE A.interface_id = I.interface_id
- AND A.ipv4_network_id = '".$net['ipv4_network_id']."' AND D.device_id = I.device_id
- AND D.device_id != '".$device['device_id']."'";
- $new_query = mysql_query($sql);
- while ($new = mysql_fetch_assoc($new_query))
+ AND A.ipv4_network_id = ? AND D.device_id = I.device_id
+ AND D.device_id != ?";
+ $array = array($net['ipv4_network_id'], $device['device_id']);
+ foreach(dbFetchRow($sql, $array) AS $new)
{
echo($new['ipv4_network_id']);
$this_ifid = $new['interface_id'];
@@ -161,17 +157,16 @@ if (strpos($interface['label'], "oopback") === false && !$graph_type)
}
}
- $sql = "SELECT ipv6_network_id FROM ipv6_addresses WHERE interface_id = '".$interface['interface_id']."'";
- $nets_query = mysql_query($sql);
- while ($net = mysql_fetch_assoc($nets_query))
+ foreach (dbFetchRows("SELECT ipv6_network_id FROM ipv6_addresses WHERE interface_id = ?", array($interface['interface_id'])) as $net)
{
$ipv6_network_id = $net['ipv6_network_id'];
$sql = "SELECT I.interface_id FROM ipv6_addresses AS A, ports AS I, devices AS D
WHERE A.interface_id = I.interface_id
- AND A.ipv6_network_id = '".$net['ipv6_network_id']."' AND D.device_id = I.device_id
- AND D.device_id != '".$device['device_id']."' AND A.ipv6_origin != 'linklayer' AND A.ipv6_origin != 'wellknown'";
- $new_query = mysql_query($sql);
- while ($new = mysql_fetch_assoc($new_query))
+ AND A.ipv6_network_id = ? AND D.device_id = I.device_id
+ AND D.device_id != ? AND A.ipv6_origin != 'linklayer' AND A.ipv6_origin != 'wellknown'";
+ $array = array($net['ipv6_network_id'], $device['device_id']);
+
+ foreach(dbFetchRow($sql, $array) AS $new)
{
echo($new['ipv6_network_id']);
$this_ifid = $new['interface_id'];
@@ -186,7 +181,7 @@ if (strpos($interface['label'], "oopback") === false && !$graph_type)
foreach ($int_links as $int_link)
{
- $link_if = mysql_fetch_assoc(mysql_query("SELECT * from ports AS I, devices AS D WHERE I.device_id = D.device_id and I.interface_id = '".$int_link."'"));
+ $link_if = dbFetchRow("SELECT * from ports AS I, devices AS D WHERE I.device_id = D.device_id and I.interface_id = ?", array($int_link));
echo("$br");
@@ -202,21 +197,18 @@ if (strpos($interface['label'], "oopback") === false && !$graph_type)
# unset($int_links, $int_links_v6, $int_links_v4, $int_links_phys, $br);
}
-$pseudowires = mysql_query("SELECT * FROM `pseudowires` WHERE `interface_id` = '" . $interface['interface_id'] . "'");
-while ($pseudowire = mysql_fetch_assoc($pseudowires))
+foreach (dbFetchRows("SELECT * FROM `pseudowires` WHERE `interface_id` = ?", array($interface['interface_id'])) as $pseudowire)
{
#`interface_id`,`peer_device_id`,`peer_ldp_id`,`cpwVcID`,`cpwOid`
- $pw_peer_dev = mysql_fetch_assoc(mysql_query("SELECT * from `devices` WHERE `device_id` = '" . $pseudowire['peer_device_id'] . "'"));
- $pw_peer_int = mysql_fetch_assoc(mysql_query("SELECT * from `ports` AS I, pseudowires AS P WHERE I.device_id = '".$pseudowire['peer_device_id']."' AND
- P.cpwVcID = '".$pseudowire['cpwVcID']."' AND
- P.interface_id = I.interface_id"));
+ $pw_peer_dev = dbFetchRow("SELECT * FROM `devices` WHERE `device_id` = ?", array($pseudowire['peer_device_id']));
+ $pw_peer_int = dbFetchRow("SELECT * FROM `ports` AS I, pseudowires AS P WHERE I.device_id = ? AND P.cpwVcID = ? AND P.interface_id = I.interface_id", array($pseudowire['peer_device_id'], $pseudowire['cpwVcID']));
+
$pw_peer_int = ifNameDescr($pw_peer_int);
echo("$br " . generate_port_link($pw_peer_int, makeshortif($pw_peer_int['label'])) ." on ". generate_device_link($pw_peer_dev, shorthost($pw_peer_dev['hostname'])) . "");
$br = " ";
}
-$members = mysql_query("SELECT * FROM `ports` WHERE `pagpGroupIfIndex` = '".$interface['ifIndex']."' and `device_id` = '".$device['device_id']."'");
-while ($member = mysql_fetch_assoc($members))
+foreach(dbFetchRows("SELECT * FROM `ports` WHERE `pagpGroupIfIndex` = ? and `device_id` = ?", array($interface['ifIndex'], $device['device_id'])) as $member)
{
echo("$br " . generate_port_link($member) . " (PAgP)");
$br = " ";
@@ -224,13 +216,12 @@ while ($member = mysql_fetch_assoc($members))
if ($interface['pagpGroupIfIndex'] && $interface['pagpGroupIfIndex'] != $interface['ifIndex'])
{
- $parent = mysql_fetch_assoc(mysql_query("SELECT * FROM `ports` WHERE `ifIndex` = '".$interface['pagpGroupIfIndex']."' and `device_id` = '".$device['device_id']."'"));
+ $parent = dbFetchRow("SELECT * FROM `ports` WHERE `ifIndex` = ? and `device_id` = ?", array($interface['pagpGroupIfIndex'], $device['device_id']));
echo("$br " . generate_port_link($parent) . " (PAgP)");
$br = " ";
}
-$higher_ifs = mysql_query("SELECT * FROM `ports_stack` WHERE `interface_id_low` = '".$interface['ifIndex']."' and `device_id` = '".$device['device_id']."'");
-while ($higher_if = mysql_fetch_assoc($higher_ifs))
+foreach(dbFetchRows("SELECT * FROM `ports_stack` WHERE `interface_id_low` = ? and `device_id` = ?", array($interface['ifIndex'], $device['device_id'])) as $higher_if)
{
if($higher_if['interface_id_high'])
{
@@ -240,8 +231,7 @@ while ($higher_if = mysql_fetch_assoc($higher_ifs))
}
}
-$lower_ifs = mysql_query("SELECT * FROM `ports_stack` WHERE `interface_id_high` = '".$interface['ifIndex']."' and `device_id` = '".$device['device_id']."'");
-while ($lower_if = mysql_fetch_assoc($lower_ifs))
+foreach(dbFetchRows("SELECT * FROM `ports_stack` WHERE `interface_id_high` = ? and `device_id` = ?", array($interface['ifIndex'], $device['device_id'])) as $lower_if)
{
if($lower_if['interface_id_low'])
{
diff --git a/html/includes/print-vlan.inc.php b/html/includes/print-vlan.inc.php
index acd896313..b6d64f20f 100644
--- a/html/includes/print-vlan.inc.php
+++ b/html/includes/print-vlan.inc.php
@@ -8,8 +8,7 @@ echo(" | Vlan " . $vlan['vlan_vlan'] . " | ");
echo("" . $vlan['vlan_descr'] . " | ");
echo("");
-$ports_query = mysql_query("SELECT * FROM ports WHERE `device_id` = '" . $device['device_id'] . "' AND `ifVlan` = '" . $vlan['vlan_vlan'] . "' ");
-while ($port = mysql_fetch_assoc($ports_query))
+foreach (dbFetchRows("SELECT * FROM ports WHERE `device_id` = ? AND `ifVlan` = ?", array($device['device_id'], $vlan['vlan_vlan'])) as $port)
{
if ($_GET['opta'])
{
@@ -36,4 +35,4 @@ while ($port = mysql_fetch_assoc($ports_query))
echo(' | ');
-?>
\ No newline at end of file
+?>
diff --git a/html/includes/print-vrf.inc.php b/html/includes/print-vrf.inc.php
index eb366cfdc..38dba870b 100644
--- a/html/includes/print-vrf.inc.php
+++ b/html/includes/print-vrf.inc.php
@@ -9,8 +9,7 @@ echo("" . $vrf['mplsVpnVrfDescription'] . " | ");
echo("" . $vrf['mplsVpnVrfRouteDistinguisher'] . " | ");
echo('');
-$ports_query = mysql_query("SELECT * FROM ports WHERE `device_id` = '" . $device['device_id'] . "' AND `ifVrf` = '" . $vrf['vrf_id'] . "' ");
-while ($port = mysql_fetch_assoc($ports_query))
+foreach (dbFetchRows("SELECT * FROM ports WHERE `device_id` = ? AND `ifVrf` = ?", array($device['device_id'], $vrf['vrf_id'])) as $port))
{
if ($_GET['optb'] == "graphs")
{
diff --git a/html/includes/service-add.inc.php b/html/includes/service-add.inc.php
index 71c66b056..5e8367329 100644
--- a/html/includes/service-add.inc.php
+++ b/html/includes/service-add.inc.php
@@ -2,15 +2,11 @@
$updated = '1';
- $sql = "INSERT INTO `services` (`device_id`,`service_ip`,`service_type`,`service_desc`,`service_param`,`service_ignore`)
- VALUES ('" . mres($_POST['device']). "','" . mres($_POST['ip']) . "','" . mres($_POST['type']) . "',
- '" . mres($_POST['descr']) . "','" . mres($_POST['params']) . "','0')";
-
- $query = mysql_query($sql);
- $affected = mysql_affected_rows() . "records affected";
-
- $message .= $message_break . "Service added!";
- $message_break .= " "
+ $service_id = dbInsert(array('device_id' => $_POST['device'], 'service_ip' => $_POST['ip'], 'service_type' => $_POST['type'], 'service_desc' => $_POST['descr'], 'service_param' => $_POST['params'], 'service_ignore' => '0'), 'services');
+ if($service_id) {
+ $message .= $message_break . "Service added (".$service_id.")!";
+ $message_break .= " "
+ }
?>
diff --git a/html/includes/service-delete.inc.php b/html/includes/service-delete.inc.php
index ce8d63fb9..c102fd817 100644
--- a/html/includes/service-delete.inc.php
+++ b/html/includes/service-delete.inc.php
@@ -2,14 +2,12 @@
$updated = '1';
- $sql = "DELETE FROM `services` WHERE service_id = '" . mres($_POST['service']). "'";
-
- $query = mysql_query($sql);
- $rows = mysql_affected_rows();
- $affected = $rows . " records affected";
-
- $message .= $message_break . $rows . " service deleted!";
- $message_break .= " "
+ $affected = dbDelete('services', '`service_id` = ?', array($_POST['service']));
+ if($affected)
+ {
+ $message .= $message_break . $rows . " service deleted!";
+ $message_break .= " "
+ }
?>
diff --git a/includes/functions.php b/includes/functions.php
index 3d2a5b553..2a0d24c67 100755
--- a/includes/functions.php
+++ b/includes/functions.php
@@ -481,7 +481,7 @@ function log_event($text, $device = NULL, $type = NULL, $reference = NULL)
'datetime' => array("NOW()"),
'message' => $text);
- return $dbInsert($insert, 'eventlog');
+ dbInsert($insert, 'eventlog');
}
diff --git a/includes/services.inc.php b/includes/services.inc.php
index c270e85c2..ce72285f2 100644
--- a/includes/services.inc.php
+++ b/includes/services.inc.php
@@ -13,7 +13,7 @@
$insert = array('device_id' => $id, 'service_ip' => $hostname, 'service_type' => $service, 'service_desc' => "auto discovered: $service", 'service_param' => "", 'service_ignore' => "0");
- return $dbInsert($insert, 'services');
+ return dbInsert($insert, 'services');
}
diff --git a/includes/syslog.php b/includes/syslog.php
index 568b96cf7..7e3378537 100755
--- a/includes/syslog.php
+++ b/includes/syslog.php
@@ -91,7 +91,7 @@ function process_syslog ($entry, $update)
$insert_array = array('device_id' => $entry['device_id'], 'program' => $entry['program'], 'facility' => $entry['facility'], 'priority' => $entry['priority'],
'level' => $entry['level'], 'tag' => $entry['tag'], 'msg' => $entry['msg'], 'timestamp' => $entry['timestamp']);
- if ($update && $entry['device_id']) { $dbInsert($insert_array, 'syslog'); }
+ if ($update && $entry['device_id']) { dbInsert($insert_array, 'syslog'); }
unset ($fix);
} else { print_r($entry); echo("D-$delete"); }
|