Compare commits
3 commits
6a88ed8b11
...
44a4bb6e6f
Author | SHA1 | Date | |
---|---|---|---|
44a4bb6e6f | |||
ec00cfa176 | |||
1d295df8da |
4 changed files with 32 additions and 5 deletions
|
@ -0,0 +1,14 @@
|
||||||
|
<?php
|
||||||
|
use Index\Data\IDbConnection;
|
||||||
|
use Index\Data\Migration\IDbMigration;
|
||||||
|
|
||||||
|
final class BaseSixtyFourEncodePmsInDb_20240602_194809 implements IDbMigration {
|
||||||
|
public function migrate(IDbConnection $conn): void {
|
||||||
|
$conn->execute('UPDATE msz_messages SET msg_title = TO_BASE64(msg_title), msg_body = TO_BASE64(msg_body)');
|
||||||
|
$conn->execute('
|
||||||
|
ALTER TABLE `msz_messages`
|
||||||
|
CHANGE COLUMN `msg_title` `msg_title` TINYBLOB NOT NULL AFTER `msg_reply_to`,
|
||||||
|
CHANGE COLUMN `msg_body` `msg_body` BLOB NOT NULL AFTER `msg_title`;
|
||||||
|
');
|
||||||
|
}
|
||||||
|
}
|
|
@ -104,7 +104,7 @@ class MessagesDatabase {
|
||||||
$hasPagination = $pagination !== null;
|
$hasPagination = $pagination !== null;
|
||||||
|
|
||||||
$args = 0;
|
$args = 0;
|
||||||
$query = 'SELECT msg_id, msg_owner_id, msg_author_id, msg_recipient_id, msg_reply_to, msg_title, msg_body, msg_parser, UNIX_TIMESTAMP(msg_created), UNIX_TIMESTAMP(msg_sent), UNIX_TIMESTAMP(msg_read), UNIX_TIMESTAMP(msg_deleted) FROM msz_messages';
|
$query = 'SELECT msg_id, msg_owner_id, msg_author_id, msg_recipient_id, msg_reply_to, FROM_BASE64(msg_title), FROM_BASE64(msg_body), msg_parser, UNIX_TIMESTAMP(msg_created), UNIX_TIMESTAMP(msg_sent), UNIX_TIMESTAMP(msg_read), UNIX_TIMESTAMP(msg_deleted) FROM msz_messages';
|
||||||
if($hasOwnerInfo) {
|
if($hasOwnerInfo) {
|
||||||
++$args;
|
++$args;
|
||||||
$query .= ' WHERE msg_owner_id = ?';
|
$query .= ' WHERE msg_owner_id = ?';
|
||||||
|
@ -162,7 +162,7 @@ class MessagesDatabase {
|
||||||
bool $useReplyTo = false
|
bool $useReplyTo = false
|
||||||
): MessageInfo {
|
): MessageInfo {
|
||||||
$stmt = $this->cache->get(sprintf(
|
$stmt = $this->cache->get(sprintf(
|
||||||
'SELECT msg_id, msg_owner_id, msg_author_id, msg_recipient_id, msg_reply_to, msg_title, msg_body, msg_parser, UNIX_TIMESTAMP(msg_created), UNIX_TIMESTAMP(msg_sent), UNIX_TIMESTAMP(msg_read), UNIX_TIMESTAMP(msg_deleted) FROM msz_messages WHERE msg_id = %s AND msg_owner_id = ?',
|
'SELECT msg_id, msg_owner_id, msg_author_id, msg_recipient_id, msg_reply_to, FROM_BASE64(msg_title), FROM_BASE64(msg_body), msg_parser, UNIX_TIMESTAMP(msg_created), UNIX_TIMESTAMP(msg_sent), UNIX_TIMESTAMP(msg_read), UNIX_TIMESTAMP(msg_deleted) FROM msz_messages WHERE msg_id = %s AND msg_owner_id = ?',
|
||||||
!$useReplyTo || $messageInfoOrId instanceof MessageInfo ? '?' : '(SELECT msg_reply_to FROM msz_messages WHERE msg_id = ?)'
|
!$useReplyTo || $messageInfoOrId instanceof MessageInfo ? '?' : '(SELECT msg_reply_to FROM msz_messages WHERE msg_id = ?)'
|
||||||
));
|
));
|
||||||
|
|
||||||
|
@ -192,7 +192,7 @@ class MessagesDatabase {
|
||||||
DateTime|int|null $sentAt = null,
|
DateTime|int|null $sentAt = null,
|
||||||
DateTime|int|null $readAt = null
|
DateTime|int|null $readAt = null
|
||||||
): MessageInfo {
|
): MessageInfo {
|
||||||
$stmt = $this->cache->get('INSERT INTO msz_messages (msg_id, msg_owner_id, msg_author_id, msg_recipient_id, msg_reply_to, msg_title, msg_body, msg_parser, msg_sent, msg_read) VALUES (?, ?, ?, ?, ?, ?, ?, ?, FROM_UNIXTIME(?), FROM_UNIXTIME(?))');
|
$stmt = $this->cache->get('INSERT INTO msz_messages (msg_id, msg_owner_id, msg_author_id, msg_recipient_id, msg_reply_to, msg_title, msg_body, msg_parser, msg_sent, msg_read) VALUES (?, ?, ?, ?, ?, TO_BASE64(?), TO_BASE64(?), ?, FROM_UNIXTIME(?), FROM_UNIXTIME(?))');
|
||||||
$stmt->addParameter(1, $messageId);
|
$stmt->addParameter(1, $messageId);
|
||||||
$stmt->addParameter(2, $ownerInfo instanceof UserInfo ? $ownerInfo->getId() : $ownerInfo);
|
$stmt->addParameter(2, $ownerInfo instanceof UserInfo ? $ownerInfo->getId() : $ownerInfo);
|
||||||
$stmt->addParameter(3, $authorInfo instanceof UserInfo ? $authorInfo->getId() : $authorInfo);
|
$stmt->addParameter(3, $authorInfo instanceof UserInfo ? $authorInfo->getId() : $authorInfo);
|
||||||
|
@ -233,12 +233,12 @@ class MessagesDatabase {
|
||||||
}
|
}
|
||||||
|
|
||||||
if($title !== null) {
|
if($title !== null) {
|
||||||
$setQuery[] = 'msg_title = ?';
|
$setQuery[] = 'msg_title = TO_BASE64(?)';
|
||||||
$setValues[] = $title;
|
$setValues[] = $title;
|
||||||
}
|
}
|
||||||
|
|
||||||
if($body !== null) {
|
if($body !== null) {
|
||||||
$setQuery[] = 'msg_body = ?';
|
$setQuery[] = 'msg_body = TO_BASE64(?)';
|
||||||
$setValues[] = $body;
|
$setValues[] = $body;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -39,6 +39,10 @@ class MessagesRoutes extends RouteHandler {
|
||||||
if(!$this->authInfo->isLoggedIn())
|
if(!$this->authInfo->isLoggedIn())
|
||||||
return 401;
|
return 401;
|
||||||
|
|
||||||
|
// do not allow access to PMs when impersonating in production mode
|
||||||
|
if(!MSZ_DEBUG && $this->authInfo->isImpersonating())
|
||||||
|
return 403;
|
||||||
|
|
||||||
$globalPerms = $this->authInfo->getPerms('global');
|
$globalPerms = $this->authInfo->getPerms('global');
|
||||||
if(!$globalPerms->check(Perm::G_MESSAGES_VIEW))
|
if(!$globalPerms->check(Perm::G_MESSAGES_VIEW))
|
||||||
return 403;
|
return 403;
|
||||||
|
|
|
@ -132,6 +132,15 @@ msz_sched_task_func('Resync statistics counters.', true, function() use ($msz) {
|
||||||
'users:warnings:visible' => 'SELECT COUNT(*) FROM msz_users_warnings WHERE warn_created > NOW() - INTERVAL 90 DAY',
|
'users:warnings:visible' => 'SELECT COUNT(*) FROM msz_users_warnings WHERE warn_created > NOW() - INTERVAL 90 DAY',
|
||||||
'users:bans:total' => 'SELECT COUNT(*) FROM msz_users_bans',
|
'users:bans:total' => 'SELECT COUNT(*) FROM msz_users_bans',
|
||||||
'users:bans:active' => 'SELECT COUNT(*) FROM msz_users_bans WHERE ban_expires IS NULL OR ban_expires > NOW()',
|
'users:bans:active' => 'SELECT COUNT(*) FROM msz_users_bans WHERE ban_expires IS NULL OR ban_expires > NOW()',
|
||||||
|
'pms:msgs:total' => 'SELECT COUNT(*) FROM msz_messages',
|
||||||
|
'pms:msgs:messages' => 'SELECT COUNT(DISTINCT msg_id) FROM msz_messages',
|
||||||
|
'pms:msgs:replies' => 'SELECT COUNT(*) FROM msz_messages WHERE msg_reply_to IS NULL',
|
||||||
|
'pms:msgs:drafts' => 'SELECT COUNT(*) FROM msz_messages WHERE msg_sent IS NULL',
|
||||||
|
'pms:msgs:unread' => 'SELECT COUNT(*) FROM msz_messages WHERE msg_read IS NULL',
|
||||||
|
'pms:msgs:deleted' => 'SELECT COUNT(*) FROM msz_messages WHERE msg_deleted IS NOT NULL',
|
||||||
|
'pms:msgs:plain' => 'SELECT COUNT(*) FROM msz_messages WHERE msg_parser = 0',
|
||||||
|
'pms:msgs:bbcode' => 'SELECT COUNT(*) FROM msz_messages WHERE msg_parser = 1',
|
||||||
|
'pms:msgs:markdown' => 'SELECT COUNT(*) FROM msz_messages WHERE msg_parser = 2',
|
||||||
];
|
];
|
||||||
|
|
||||||
foreach($stats as $name => $query) {
|
foreach($stats as $name => $query) {
|
||||||
|
|
Loading…
Reference in a new issue