1 files changed, 16 insertions, 24 deletions

diff --git a/html/update.php b/html/update.php
index ac8f471..9e9d39b 100644
--- a/html/update.php
+++ b/html/update.php
@@ -10,35 +10,27 @@ if (!array_key_exists('machine', $_GET)) {
   die();
 }
 
-$db = new SQLite3('/srv/http/vhosts/eckner.net/colocation.eckner.net/backend/sqlite.db');
+include "db.php";
 
 $stm = $db -> prepare(
-  'SELECT permissions.name' .
-  ' FROM machines' .
-  ' JOIN granted_permissions ON granted_permissions.machine_id = machines.id' .
-  ' JOIN keys on granted_permissions.key_id = keys.id' .
-  ' JOIN permissions on granted_permissions.permission_id = permissions.id' .
-  ' WHERE keys.key=:key' .
-  ' AND machines.name=:machine');
+  'SELECT permissions.machine_id, permissions.state_id' .
+  ' FROM permissions' .
+  ' JOIN machines ON permissions.machine_id = machines.id' .
+  ' JOIN states ON permissions.state_id = states.id' .
+  ' JOIN keys ON permissions.key_id = keys.id' .
+  ' WHERE machines.name = :machine' .
+  ' AND states.name = :state' .
+  ' AND keys.key = :key'
+);
 $stm -> bindValue('key', $_GET['key']);
 $stm -> bindValue('machine', $_GET['machine']);
-$result = $stm -> execute();
 
-while($row = $result -> fetchArray()) {
-  if (!array_key_exists($row['name'], $_GET))
+foreach ($_GET as $state => $value) {
+  if (($state == 'key') || ($state == 'machine'))
     continue;
-
-  $value = $_GET[$row['name']];
-  if (($value != 0) && ($value != 1))
-    continue;
-
-  $updstm = $db -> prepare(
-    'UPDATE machines SET ' . $row['name'] . ' = :value WHERE machines.name=:machine'
-  );
-  $updstm -> bindValue('value', $value);
-  $updstm -> bindValue('machine', $_GET['machine']);
-  $updstm -> execute();
-  $updstm -> close();
+  $stm -> bindValue('state', $state);
+  $stm -> bindValue('value', $value);
+  $stm -> execute();
 }
 
-$stm -> close();
+echo 'ok' . "\n";