Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Improve sql queries (break long lines, use SQL COUNT and more). #4470

Merged
merged 2 commits into from
Nov 22, 2024
Merged

Improve sql queries (break long lines, use SQL COUNT and more). #4470

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
ed3986c
Improve sql queries (break long lines, use SQL COUNT and more).
corentin-soriano Nov 16, 2024
0b9ef5c
Use a list of users id in SQL IN().
corentin-soriano Nov 22, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
48 changes: 37 additions & 11 deletions pages/profile.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -99,21 +99,46 @@
// prepare list of timezones
$zones = timezone_list();
// prepare list of languages
$languages = DB::query('SELECT label, name FROM ' . prefixTable('languages') . ' ORDER BY label ASC');
$languages = DB::query(
'SELECT label, name FROM ' . prefixTable('languages') . ' ORDER BY label ASC'
);

// Do some stats
DB::query('SELECT id_item FROM ' . prefixTable('log_items') . ' WHERE action = "at_creation" AND id_user = "' . $session->get('user-id') . '"');
$userItemsNumber = DB::count();
DB::query('SELECT id_item FROM ' . prefixTable('log_items') . ' WHERE action = "at_modification" AND id_user = "' . $session->get('user-id') . '"');
$userModificationNumber = DB::count();
DB::query('SELECT id_item FROM ' . prefixTable('log_items') . ' WHERE action = "at_shown" AND id_user = "' . $session->get('user-id') . '"');
$userSeenItemsNumber = DB::count();
DB::query('SELECT id_item FROM ' . prefixTable('log_items') . ' WHERE action = "at_password_shown" AND id_user = "' . $session->get('user-id') . '"');
$userSeenPasswordsNumber = DB::count();
$userItemsNumber = DB::queryFirstField(
'SELECT COUNT(id_item) as count
FROM ' . prefixTable('log_items') . '
WHERE action = "at_creation" AND id_user = %i',
$session->get('user-id')
);

$userModificationNumber = DB::queryFirstField(
'SELECT COUNT(id_item) as count
FROM ' . prefixTable('log_items') . '
WHERE action = "at_modification" AND id_user = %i',
$session->get('user-id')
);

$userSeenItemsNumber = DB::queryFirstField(
'SELECT COUNT(id_item) as count
FROM ' . prefixTable('log_items') . '
WHERE action = "at_shown" AND id_user = %i',
$session->get('user-id')
);

$userSeenPasswordsNumber = DB::queryFirstField(
'SELECT COUNT(id_item)
FROM ' . prefixTable('log_items') . '
WHERE action = "at_password_shown" AND id_user = %i',
$session->get('user-id')
);

$userInfo = DB::queryFirstRow(
'SELECT avatar, last_pw_change
FROM ' . prefixTable('users') . '
WHERE id = "' . $session->get('user-id') . '"'
WHERE id = %i',
$session->get('user-id')
);

if (empty($userInfo['avatar']) === true) {
$avatar = $SETTINGS['cpassman_url'] . '/includes/images/photo.jpg';
} else {
Expand All @@ -126,7 +151,8 @@
$tmp = DB::queryFirstRow(
'SELECT title
FROM ' . prefixTable('roles_title') . '
WHERE id = "' . $role . '"'
WHERE id = %i',
$role
);
if ($tmp !== null) {
array_push($userParOfGroups, $tmp['title']);
Expand Down
165 changes: 68 additions & 97 deletions sources/items.queries.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -183,6 +183,14 @@
$filters
);

// List of teampass users ids (and current user id).
$tpUsersIDs = [
OTV_USER_ID,
SSH_USER_ID,
API_USER_ID,
$session->get('user-id'),
];

// Do asked action
switch ($inputData['type']) {
/*
Expand Down Expand Up @@ -649,7 +657,13 @@
if (empty($data['restricted_to']) === false) {
foreach (explode(';', $data['restricted_to']) as $userRest) {
if (empty($userRest) === false) {
$dataTmp = DB::queryfirstrow('SELECT login FROM ' . prefixTable('users') . ' WHERE id= ' . $userRest);
$dataTmp = DB::queryfirstrow(
'SELECT login
FROM ' . prefixTable('users') . '
WHERE id= %i',
$userRest
);

if (empty($oldRestrictionList) === true) {
$oldRestrictionList = $dataTmp['login'];
} else {
Expand Down Expand Up @@ -3090,7 +3104,12 @@
if (empty($dataItem['restricted_to']) === false) {
foreach (explode(';', $dataItem['restricted_to']) as $userRest) {
if (empty($userRest) === false) {
$dataTmp = DB::queryfirstrow('SELECT login FROM ' . prefixTable('users') . ' WHERE id= ' . $userRest);
$dataTmp = DB::queryfirstrow(
'SELECT login
FROM ' . prefixTable('users') . '
WHERE id= %i',
$userRest
);
if (empty($listOfRestricted)) {
$listOfRestricted = $dataTmp['login'];
} else {
Expand Down Expand Up @@ -5344,9 +5363,11 @@
$users = DB::query(
'SELECT id, public_key
FROM ' . prefixTable('users') . '
WHERE id NOT IN ("' . OTV_USER_ID . '","' . SSH_USER_ID . '","' . API_USER_ID . '","' . $session->get('user-id') . '")
AND public_key != ""'
WHERE id NOT IN %li
AND public_key != ""',
$tpUsersIDs
);

foreach ($users as $user) {
// Insert in DB the new object key for this item by user
DB::insert(
Expand Down Expand Up @@ -5383,8 +5404,9 @@
$users = DB::query(
'SELECT id, public_key
FROM ' . prefixTable('users') . '
WHERE id NOT IN ("' . OTV_USER_ID . '","' . SSH_USER_ID . '","' . API_USER_ID . '","' . $session->get('user-id') . '")
AND public_key != ""'
WHERE id NOT IN %li
AND public_key != ""',
$tpUsersIDs
);
foreach ($users as $user) {
// Insert in DB the new object key for this item by user
Expand Down Expand Up @@ -5423,9 +5445,11 @@
$users = DB::query(
'SELECT id, public_key
FROM ' . prefixTable('users') . '
WHERE id NOT IN ("' . OTV_USER_ID . '","' . SSH_USER_ID . '","' . API_USER_ID . '","' . $session->get('user-id') . '")
AND public_key != ""'
WHERE id NOT IN %li
AND public_key != ""',
$tpUsersIDs
);

foreach ($users as $user) {
// Insert in DB the new object key for this item by user
DB::insert(
Expand Down Expand Up @@ -5669,9 +5693,11 @@
$users = DB::query(
'SELECT id, public_key
FROM ' . prefixTable('users') . '
WHERE id NOT IN ("' . OTV_USER_ID . '","' . SSH_USER_ID . '","' . API_USER_ID . '","' . $session->get('user-id') . '")
AND public_key != ""'
WHERE id NOT IN %li
AND public_key != ""',
$tpUsersIDs
);

foreach ($users as $user) {
// Insert in DB the new object key for this item by user
DB::insert(
Expand Down Expand Up @@ -5708,9 +5734,11 @@
$users = DB::query(
'SELECT id, public_key
FROM ' . prefixTable('users') . '
WHERE id NOT IN ("' . OTV_USER_ID . '","' . SSH_USER_ID . '","' . API_USER_ID . '","' . $session->get('user-id') . '")
AND public_key != ""'
WHERE id NOT IN %li
AND public_key != ""',
$tpUsersIDs
);

foreach ($users as $user) {
// Insert in DB the new object key for this item by user
DB::insert(
Expand Down Expand Up @@ -5748,9 +5776,11 @@
$users = DB::query(
'SELECT id, public_key
FROM ' . prefixTable('users') . '
WHERE id NOT IN ("' . OTV_USER_ID . '","' . SSH_USER_ID . '","' . API_USER_ID . '","' . $session->get('user-id') . '")
AND public_key != ""'
WHERE id NOT IN %li
AND public_key != ""',
$tpUsersIDs
);

foreach ($users as $user) {
// Insert in DB the new object key for this item by user
DB::insert(
Expand Down Expand Up @@ -5954,8 +5984,19 @@
}
if ($inputData['cat'] === 'request_access_to_author') {
// Variables
$dataAuthor = DB::queryfirstrow('SELECT email,login FROM ' . prefixTable('users') . ' WHERE id = ' . $post_content[1]);
$dataItem = DB::queryfirstrow('SELECT label, id_tree FROM ' . prefixTable('items') . ' WHERE id = ' . $post_content[0]);
$dataAuthor = DB::queryfirstrow(
'SELECT email,login
FROM ' . prefixTable('users') . '
WHERE id = %i',
$post_content[1]
);

$dataItem = DB::queryfirstrow(
'SELECT label, id_tree
FROM ' . prefixTable('items') . '
WHERE id = %i',
$post_content[0]
);

// Get path
$path = geItemReadablePath(
Expand Down Expand Up @@ -6022,60 +6063,9 @@
break;

/*
* CASE
* manage notification of an Item
*/
/*
case 'notify_a_user':
if ($inputData['key'] !== $session->get('key')) {
echo '[{"error" : "something_wrong"}]';
break;
}
if ($inputData['notifyType'] === 'on_show') {
// Check if values already exist
$data = DB::queryfirstrow(
'SELECT notification FROM ' . prefixTable('items') . ' WHERE id = %i',
$inputData['itemId']
);
$notifiedUsers = explode(';', $data['notification']);
// User is not in actual notification list
if ($inputData['status'] === 'true' && !in_array($inputData['userId'], $notifiedUsers)) {
// User is not in actual notification list and wants to be notified
DB::update(
prefixTable('items'),
array(
'notification' => empty($data['notification']) ?
$inputData['userId'] . ';'
: $data['notification'] . $inputData['userId'] ,
),
'id=%i',
$inputData['itemId']
);
echo '[{"error" : "", "new_status":"true"}]';
break;
}
if ($inputData['status'] === 'false' && in_array($inputData['userId'], $notifiedUsers)) {
// TODO : delete user from array and store in DB
// User is in actual notification list and doesn't want to be notified
DB::update(
prefixTable('items'),
array(
'notification' => empty($data['notification']) ?
$inputData['userId']
: $data['notification'] . ';' . $inputData['userId'],
),
'id=%i',
$inputData['itemId']
);
}
}
break;
*/

/*
* CASE
* Item History Log - add new entry
*/
* CASE
* Item History Log - add new entry
*/
case 'history_entry_add':
if ($inputData['key'] !== $session->get('key')) {
$data = array('error' => 'key_is_wrong');
Expand Down Expand Up @@ -6176,30 +6166,10 @@
);
break;

/*
* CASE
* Check if Item has been changed since loaded
*/
/*
case 'is_item_changed':
$data = DB::queryFirstRow(
'SELECT date FROM ' . prefixTable('log_items') . ' WHERE action = %s AND id_item = %i ORDER BY date DESC',
'at_modification',
$inputData['itemId']
);
// Check if it's in a personal folder. If yes, then force complexity overhead.
if ((int) $data['date'] > (int) $inputData['timestamp']) {
echo '{ "modified" : "1" }';
} else {
echo '{ "modified" : "0" }';
}
break;
*/

/*
* CASE
* Check if Item has been changed since loaded
*/
* CASE
* Check if Item has been changed since loaded
*/
case 'generate_OTV_url':
// Check KEY
if ($inputData['key'] !== $session->get('key')) {
Expand All @@ -6214,10 +6184,11 @@
);

// delete all existing old otv codes
$rows = DB::query('SELECT id FROM ' . prefixTable('otv') . ' WHERE time_limit < ' . time());
foreach ($rows as $record) {
DB::delete(prefixTable('otv'), 'id=%i', $record['id']);
}
DB::delete(
prefixTable('otv'),
'time_limit < %i',
time()
);

// generate session
$otv_code = GenerateCryptKey(32, false, true, true, false, true);
Expand Down