1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
|
<?php
if (!array_key_exists('key', $_GET)) {
echo 'key missing.' . "\n";
die();
}
if (!array_key_exists('machine', $_GET)) {
echo 'machine missing.' . "\n";
die();
}
include "db.php";
$stm = $db -> prepare(
'SELECT' .
' machines.id as machine_id,' .
' upd_values.id as value_id,' .
' IIF(upd_values.state_id <= "values".state_id, 1, 0) as downgrade,' .
' IIF(upd_values.state_id >= "values".state_id, 1, 0) as upgrade,' .
' IIF(upd_values.state_id = "values".state_id, 1, 0) as exact,' .
' states.name as state' .
' FROM permissions' .
' JOIN "values" ON permissions.value_id = "values".id' .
' JOIN "values" as upd_values ON upd_values.machine_id = "values".machine_id' .
' JOIN machines ON "values".machine_id = machines.id' .
' JOIN states ON "values".state_id = states.id' .
' JOIN keys ON permissions.key_id = keys.id' .
' WHERE machines.name = :machine' .
' AND keys.key = :key'
);
$stm -> bindValue('key', $_GET['key']);
$stm -> bindValue('machine', $_GET['machine']);
$result = $stm -> execute();
$updstm = $db -> prepare(
'UPDATE "values"' .
' SET value = :value' .
' WHERE "values".id = :value_id' .
' AND ("values".value != :global_value OR "values".value IS NULL)'
);
$updmstm = $db -> prepare(
'UPDATE machines' .
' SET last_update = datetime(' . "'now'" . ')' .
' WHERE machines.id = :machine'
);
while ($row = $result -> fetchArray()) {
if (! array_key_exists($row['state'], $_GET))
continue;
$value = $_GET[$row['state']];
if (($value != 0) && ($value != 1))
continue;
if ($value == 0) {
if ($row['downgrade'] != 1)
continue;
}
if ($value == 1) {
if ($row['upgrade'] != 1)
continue;
}
if ($row['exact'] == 1)
$updstm -> bindValue('value', $value);
else
$updstm -> bindValue('value', NULL);
$updstm -> bindValue('global_value', $value);
$updstm -> bindValue('value_id', $row['value_id']);
$updstm -> execute();
$updmstm -> bindValue('machine', $row['machine_id']);
$updmstm -> execute();
}
$stm -> close();
$updstm -> close();
$updmstm -> close();
echo 'ok' . "\n";
|