From 70962b0c63394b14a218fd5e08a9c46575b20948 Mon Sep 17 00:00:00 2001 From: Anonymous Contributor Date: Wed, 23 Aug 2023 18:16:34 +0200 Subject: [PATCH] Only fetch required rows from database --- api/onlineDisplay.php | 2 +- classen/OpenSim.php | 33 ++++++++++++++++----------------- cron/IARMonitor.php | 4 ++-- cron/offlineIM.php | 4 ++-- cron/regionChecker.php | 4 ++-- pages/friends.php | 2 +- pages/groups.php | 4 ++-- pages/identities.php | 10 +++++----- pages/login.php | 4 ++-- pages/profile.php | 4 ++-- pages/regions.php | 13 +++---------- pages/register.php | 4 ++-- pages/user-online-state.php | 2 +- pages/users.php | 2 +- 14 files changed, 42 insertions(+), 50 deletions(-) diff --git a/api/onlineDisplay.php b/api/onlineDisplay.php index 31d4717..d111e99 100644 --- a/api/onlineDisplay.php +++ b/api/onlineDisplay.php @@ -5,7 +5,7 @@ prepare("SELECT * FROM Presence WHERE RegionID != '00000000-0000-0000-0000-000000000000' ORDER BY RegionID ASC"); + $statement = $RUNTIME['PDO']->prepare("SELECT UserID,RegionID FROM Presence WHERE RegionID != '00000000-0000-0000-0000-000000000000' ORDER BY RegionID ASC"); $statement->execute(); if($statement->rowCount() == 0) diff --git a/classen/OpenSim.php b/classen/OpenSim.php index 21e44ac..00c8615 100644 --- a/classen/OpenSim.php +++ b/classen/OpenSim.php @@ -5,12 +5,12 @@ { global $RUNTIME; - $statementUser = $RUNTIME['PDO']->prepare("SELECT * FROM UserAccounts WHERE FirstName = ? AND LastName = ? LIMIT 1"); + $statementUser = $RUNTIME['PDO']->prepare("SELECT PrincipalID FROM UserAccounts WHERE FirstName = ? AND LastName = ? LIMIT 1"); $statementUser->execute(explode(" ", trim($name))); while($rowUser = $statementUser->fetch()) { - $statementAuth = $RUNTIME['PDO']->prepare("SELECT * FROM auth WHERE UUID = ? LIMIT 1"); + $statementAuth = $RUNTIME['PDO']->prepare("SELECT passwordHash,passwordSalt FROM auth WHERE UUID = ? LIMIT 1"); $statementAuth->execute(array($rowUser['PrincipalID'])); while($rowAuth = $statementAuth->fetch()) @@ -35,7 +35,7 @@ if(isset($RUNTIME['CACHE']['USERNAME'][$userID])) return $RUNTIME['CACHE']['USERNAME'][$userID]; - $statementUser = $RUNTIME['PDO']->prepare("SELECT * FROM UserAccounts WHERE PrincipalID = ?"); + $statementUser = $RUNTIME['PDO']->prepare("SELECT FirstName,LastName FROM UserAccounts WHERE PrincipalID = ?"); $statementUser->execute(array($userID)); while($rowUser = $statementUser->fetch()) @@ -44,7 +44,7 @@ return $rowUser['FirstName']." ".$rowUser['LastName']; } - $statementGridUser = $RUNTIME['PDO']->prepare("SELECT * FROM GridUser"); + $statementGridUser = $RUNTIME['PDO']->prepare("SELECT UserID FROM GridUser"); $statementGridUser->execute(array($userID)); while($rowGridUser = $statementGridUser->fetch()) @@ -63,7 +63,7 @@ } } - $statementFriends = $RUNTIME['PDO']->prepare("SELECT * FROM Friends"); + $statementFriends = $RUNTIME['PDO']->prepare("SELECT PrincipalID FROM Friends"); $statementFriends->execute(array($userID)); while($rowFriends = $statementFriends->fetch()) @@ -89,7 +89,7 @@ { global $RUNTIME; - $statementUser = $RUNTIME['PDO']->prepare("SELECT * FROM UserAccounts"); + $statementUser = $RUNTIME['PDO']->prepare("SELECT PrincipalID,FirstName,LastName FROM UserAccounts"); $statementUser->execute(); while($rowUser = $statementUser->fetch()) @@ -109,7 +109,7 @@ { global $RUNTIME; - $statementRegion = $RUNTIME['PDO']->prepare("SELECT * FROM regions WHERE uuid = ?"); + $statementRegion = $RUNTIME['PDO']->prepare("SELECT regionName FROM regions WHERE uuid = ?"); $statementRegion->execute(array($regionID)); while($rowRegion = $statementRegion->fetch()) @@ -124,7 +124,7 @@ { global $RUNTIME; - $statement = $RUNTIME['PDO']->prepare("SELECT * FROM userprofile WHERE useruuid = ?"); + $statement = $RUNTIME['PDO']->prepare("SELECT profilePartner FROM userprofile WHERE useruuid = ?"); $statement->execute(array($userID)); while($row = $statement->fetch()) @@ -140,7 +140,7 @@ { global $RUNTIME; - $statement = $RUNTIME['PDO']->prepare("SELECT * FROM usersettings WHERE useruuid = ?"); + $statement = $RUNTIME['PDO']->prepare("SELECT imviaemail FROM usersettings WHERE useruuid = ?"); $statement->execute(array($userID)); while($row = $statement->fetch()) @@ -155,7 +155,7 @@ { global $RUNTIME; - $statement = $RUNTIME['PDO']->prepare("SELECT * FROM UserAccounts WHERE PrincipalID = ?"); + $statement = $RUNTIME['PDO']->prepare("SELECT Email FROM UserAccounts WHERE PrincipalID = ?"); $statement->execute(array($userID)); while($row = $statement->fetch()) @@ -170,28 +170,27 @@ { global $RUNTIME; - $statementUser = $RUNTIME['PDO']->prepare("SELECT * FROM UserAccounts"); + $statementUser = $RUNTIME['PDO']->prepare("SELECT COUNT(*) FROM UserAccounts"); $statementUser->execute(); - return $statementUser->rowCount(); + return $statementUser->fetchColumn(); } public function getRegionCount() { global $RUNTIME; - $statementUser = $RUNTIME['PDO']->prepare("SELECT * FROM regions"); + $statementUser = $RUNTIME['PDO']->prepare("SELECT COUNT(*) FROM regions"); $statementUser->execute(); - return $statementUser->rowCount(); + return $statementUser->fetchColumn(); } public function getOnlineCount() { global $RUNTIME; - - $statementUser = $RUNTIME['PDO']->prepare("SELECT * FROM Presence"); + $statementUser = $RUNTIME['PDO']->prepare("SELECT COUNT(*) FROM Presence"); $statementUser->execute(); - return $statementUser->rowCount(); + return $statementUser->fetchColumn(); } public function gen_uuid() diff --git a/cron/IARMonitor.php b/cron/IARMonitor.php index 20dbc7c..66af9e6 100644 --- a/cron/IARMonitor.php +++ b/cron/IARMonitor.php @@ -2,7 +2,7 @@ $statement = $RUNTIME['PDO']->prepare("CREATE TABLE IF NOT EXISTS `iarstates` (`userID` VARCHAR(36) NOT NULL COLLATE 'utf8_unicode_ci', `filesize` BIGINT(20) NOT NULL DEFAULT '0', `iarfilename` VARCHAR(64) NOT NULL COLLATE 'utf8_unicode_ci', `running` INT(1) NOT NULL DEFAULT '0', PRIMARY KEY (`userID`) USING BTREE) COLLATE='utf8_unicode_ci' ENGINE=InnoDB;"); $statement->execute(); - $statement = $RUNTIME['PDO']->prepare("SELECT * FROM iarstates WHERE running = 1 LIMIT 1"); + $statement = $RUNTIME['PDO']->prepare("SELECT userID,iarfilename,filesize FROM iarstates WHERE running = 1 LIMIT 1"); $statement->execute(); if($row = $statement->fetch()) @@ -41,7 +41,7 @@ echo "IAR für ".$name[0]." ".$name[1]." wurde gestartet: Status: ".$APIResult."\n"; } }else{ - $statement = $RUNTIME['PDO']->prepare("SELECT * FROM iarstates WHERE running = 0 LIMIT 1"); + $statement = $RUNTIME['PDO']->prepare("SELECT userID,iarfilename FROM iarstates WHERE running = 0 LIMIT 1"); $statement->execute(); while($row = $statement->fetch()) diff --git a/cron/offlineIM.php b/cron/offlineIM.php index 50c4aa9..091de83 100644 --- a/cron/offlineIM.php +++ b/cron/offlineIM.php @@ -7,7 +7,7 @@ { GLOBAL $RUNTIME; - $statement = $RUNTIME['PDO']->prepare("SELECT * FROM im_offline_send WHERE id = ?"); + $statement = $RUNTIME['PDO']->prepare("SELECT 1 FROM im_offline_send WHERE id = ? LIMIT 1"); $statement->execute(array($id)); if($statement->rowCount() != 0) @@ -32,7 +32,7 @@ ); //$statement = $RUNTIME['PDO']->prepare("SELECT * FROM im_offline WHERE PrincipalID = '1148b04d-7a93-49e9-b3c9-ea0cdeec38f7'"); - $statement = $RUNTIME['PDO']->prepare("SELECT * FROM im_offline"); + $statement = $RUNTIME['PDO']->prepare("SELECT ID,PrincipalID,Message FROM im_offline"); $statement->execute(); while($row = $statement->fetch()) diff --git a/cron/regionChecker.php b/cron/regionChecker.php index 91f0a1d..9ad49a2 100644 --- a/cron/regionChecker.php +++ b/cron/regionChecker.php @@ -2,7 +2,7 @@ $createStatement = $RUNTIME['PDO']->prepare("CREATE TABLE IF NOT EXISTS `regions_info` (`regionID` VARCHAR(36) NOT NULL COLLATE 'utf8_unicode_ci', `RegionVersion` VARCHAR(128) NOT NULL DEFAULT '' COLLATE 'utf8_unicode_ci', `ProcMem` INT(11) NOT NULL, `Prims` INT(11) NOT NULL, `SimFPS` INT(11) NOT NULL, `PhyFPS` INT(11) NOT NULL, `OfflineTimer` INT(11) NOT NULL DEFAULT '0', PRIMARY KEY (`regionID`) USING BTREE) COLLATE='utf8_unicode_ci' ENGINE=InnoDB;"); $createStatement->execute(); - $statement = $RUNTIME['PDO']->prepare("SELECT * FROM regions"); + $statement = $RUNTIME['PDO']->prepare("SELECT uuid,regionName,owner_uuid,serverURI FROM regions"); $statement->execute(); ini_set('default_socket_timeout', 3); @@ -21,7 +21,7 @@ { echo "Die Region ".$row['regionName']." von ".$RUNTIME['OPENSIM']->getUserName($row['owner_uuid'])." ist nicht erreichbar.\n"; - $infoStatement = $RUNTIME['PDO']->prepare("SELECT * FROM regions_info WHERE regionID = :regionID"); + $infoStatement = $RUNTIME['PDO']->prepare("SELECT OfflineTimer FROM regions_info WHERE regionID = :regionID"); $infoStatement->execute(['regionID' => $row['uuid']]); if($infoRow = $infoStatement->fetch()) diff --git a/pages/friends.php b/pages/friends.php index 0db7ffe..2a7d5aa 100644 --- a/pages/friends.php +++ b/pages/friends.php @@ -13,7 +13,7 @@ $table = '%%ENTRY%%
NameOptionen
'; - $statement = $RUNTIME['PDO']->prepare("SELECT * FROM Friends WHERE PrincipalID = ? ORDER BY Friend ASC"); + $statement = $RUNTIME['PDO']->prepare("SELECT PrincipalID,Friend FROM Friends WHERE PrincipalID = ? ORDER BY Friend ASC"); $statement->execute([$_SESSION['UUID']]); while($row = $statement->fetch()) diff --git a/pages/groups.php b/pages/groups.php index c3518d6..a5653d0 100644 --- a/pages/groups.php +++ b/pages/groups.php @@ -10,12 +10,12 @@ $table = '%%ENTRY%%
NameGründerAktionen
'; - $statementMembership = $RUNTIME['PDO']->prepare("SELECT * FROM os_groups_membership WHERE PrincipalID = ? ORDER BY GroupID ASC"); + $statementMembership = $RUNTIME['PDO']->prepare("SELECT GroupID FROM os_groups_membership WHERE PrincipalID = ? ORDER BY GroupID ASC"); $statementMembership->execute(array($_SESSION['UUID'])); while($rowMembership = $statementMembership->fetch()) { - $statementGroups = $RUNTIME['PDO']->prepare("SELECT * FROM os_groups_groups WHERE GroupID = ? LIMIT 1"); + $statementGroups = $RUNTIME['PDO']->prepare("SELECT Name,FounderID,GroupID FROM os_groups_groups WHERE GroupID = ? LIMIT 1"); $statementGroups->execute(array($rowMembership['GroupID'])); while($rowGroups = $statementGroups->fetch()) diff --git a/pages/identities.php b/pages/identities.php index f08a98e..1045d46 100644 --- a/pages/identities.php +++ b/pages/identities.php @@ -5,7 +5,7 @@ $statementCreateTable = $RUNTIME['PDO']->prepare("CREATE TABLE IF NOT EXISTS `UserIdentitys` (`PrincipalID` VARCHAR(38) NOT NULL, `IdentityID` VARCHAR(38) NOT NULL, PRIMARY KEY (`IdentityID`))"); $statementCreateTable->execute(); - $statementCheckForEntry = $RUNTIME['PDO']->prepare("SELECT * FROM UserIdentitys WHERE PrincipalID = ? LIMIT 1"); + $statementCheckForEntry = $RUNTIME['PDO']->prepare("SELECT 1 FROM UserIdentitys WHERE PrincipalID = ? LIMIT 1"); $statementCheckForEntry->execute(array($_SESSION['UUID'])); if($statementCheckForEntry->rowCount() == 0) @@ -18,10 +18,10 @@ { if(isset($_REQUEST['newuuid']) || @$_REQUEST['newuuid'] != "") { - $statement = $RUNTIME['PDO']->prepare("SELECT * FROM UserIdentitys WHERE PrincipalID = :PrincipalID AND IdentityID = :IdentityID LIMIT 1"); + $statement = $RUNTIME['PDO']->prepare("SELECT 1 FROM UserIdentitys WHERE PrincipalID = :PrincipalID AND IdentityID = :IdentityID LIMIT 1"); $statement->execute(['PrincipalID' => $_SESSION['UUID'], 'IdentityID' => $_REQUEST['newuuid']]); - $statementPresence = $RUNTIME['PDO']->prepare("SELECT * FROM Presence WHERE UserID = :PrincipalID LIMIT 1"); + $statementPresence = $RUNTIME['PDO']->prepare("SELECT 1 FROM Presence WHERE UserID = :PrincipalID LIMIT 1"); $statementPresence->execute(['PrincipalID' => $_SESSION['UUID']]); if($statementPresence->rowCount() == 0) @@ -75,7 +75,7 @@ if(count($avatarNameParts) == 2) { - $statement = $RUNTIME['PDO']->prepare("SELECT * FROM UserAccounts WHERE FirstName = :FirstName AND LastName = :LastName LIMIT 1"); + $statement = $RUNTIME['PDO']->prepare("SELECT 1 FROM UserAccounts WHERE FirstName = :FirstName AND LastName = :LastName LIMIT 1"); $statement->execute(['FirstName' => trim($avatarNameParts[0]), 'LastName' => trim($avatarNameParts[1])]); if($statement->rowCount() == 0) @@ -99,7 +99,7 @@ } $table = '%%ENTRY%%
NameAktionen
'; - $statement = $RUNTIME['PDO']->prepare("SELECT * FROM UserIdentitys WHERE PrincipalID = ? ORDER BY IdentityID ASC"); + $statement = $RUNTIME['PDO']->prepare("SELECT IdentityID FROM UserIdentitys WHERE PrincipalID = ? ORDER BY IdentityID ASC"); $statement->execute(array($_SESSION['UUID'])); while($row = $statement->fetch()) diff --git a/pages/login.php b/pages/login.php index 6f68535..d8c996b 100644 --- a/pages/login.php +++ b/pages/login.php @@ -16,14 +16,14 @@ $HTML->ReplaceLayoutInhalt("%%LOGINMESSAGE%%", "Bitte gebe Benutzername und Passwort an."); } else { - $statementUser = $RUNTIME['PDO']->prepare("SELECT * FROM UserAccounts WHERE FirstName = ? AND LastName = ? LIMIT 1"); + $statementUser = $RUNTIME['PDO']->prepare("SELECT PrincipalID,FirstName,LastName,Email,UserLevel FROM UserAccounts WHERE FirstName = ? AND LastName = ? LIMIT 1"); $statementUser->execute(explode(" ", trim($_POST['username']))); $RUNTIME['MESSAGE']['LOGINERROR'] = "Benutzername nicht gefunden!"; while($rowUser = $statementUser->fetch()) { - $statementAuth = $RUNTIME['PDO']->prepare("SELECT * FROM auth WHERE UUID = ? LIMIT 1"); + $statementAuth = $RUNTIME['PDO']->prepare("SELECT passwordHash,passwordSalt FROM auth WHERE UUID = ? LIMIT 1"); $statementAuth->execute(array($rowUser['PrincipalID'])); $RUNTIME['DEBUG']['LOGIN']['UUID'] = $rowUser['PrincipalID']; diff --git a/pages/profile.php b/pages/profile.php index 3aaad9a..d784d65 100644 --- a/pages/profile.php +++ b/pages/profile.php @@ -8,7 +8,7 @@ //Prüfe ob IAR grade erstellt wird. $IARRUNNING = FALSE; - $statementIARCheck = $RUNTIME['PDO']->prepare('SELECT * FROM iarstates WHERE userID =:userID'); + $statementIARCheck = $RUNTIME['PDO']->prepare('SELECT 1 FROM iarstates WHERE userID =:userID'); $statementIARCheck->execute(['userID' => $_SESSION['UUID']]); if($statementIARCheck->rowCount() != 0) { @@ -126,7 +126,7 @@ } } - $statementLocalUsers = $RUNTIME['PDO']->prepare("SELECT * FROM UserAccounts ORDER BY PrincipalID ASC"); + $statementLocalUsers = $RUNTIME['PDO']->prepare("SELECT FirstName,LastName FROM UserAccounts ORDER BY PrincipalID ASC"); $statementLocalUsers->execute(); $allUsers = ""; diff --git a/pages/regions.php b/pages/regions.php index e6d3ad5..715fb81 100644 --- a/pages/regions.php +++ b/pages/regions.php @@ -22,7 +22,7 @@ { global $RUNTIME; - $statement = $RUNTIME['PDO']->prepare("SELECT * FROM regions_info WHERE regionID = ?"); + $statement = $RUNTIME['PDO']->prepare("SELECT Prims,SimFPS,PhyFPS,ProcMem,RegionVersion FROM regions_info WHERE regionID = ?"); $statement->execute([$regionID]); if($row = $statement->fetch()) @@ -54,15 +54,8 @@ $table = '%%ENTRY%%
Region NameEigentümerPositionAktionen
'; - if(@$_SESSION['LEVEL'] >= 100 && @$_REQUEST['SHOWALL'] == "1") - { - $statement = $RUNTIME['PDO']->prepare("SELECT * FROM regions ORDER BY owner_uuid ASC"); - $statement->execute(array($_SESSION['UUID'])); - }else{ - $statement = $RUNTIME['PDO']->prepare("SELECT * FROM regions WHERE owner_uuid = ? ORDER BY uuid ASC"); - $statement->execute(array($_SESSION['UUID'])); - } - + $showAll = isset($_SESSION['LEVEL']) && $_SESSION['LEVEL'] >= 100 && isset($_REQUEST['SHOWALL']) && $_REQUEST['SHOWALL'] == "1"; + $statement = $RUNTIME['PDO']->prepare("SELECT uuid,regionName,owner_uuid,locX,locY FROM regions ".($showAll ? "ORDER BY owner_uuid ASC" : "WHERE owner_uuid = ? ORDER BY uuid ASC")); $statement->execute(array($_SESSION['UUID'])); while($row = $statement->fetch()) diff --git a/pages/register.php b/pages/register.php index 83b9669..6192cbf 100644 --- a/pages/register.php +++ b/pages/register.php @@ -47,7 +47,7 @@ die(); } - $statementInviteCode = $RUNTIME['PDO']->prepare("SELECT * FROM InviteCodes WHERE InviteCode = ? LIMIT 1"); + $statementInviteCode = $RUNTIME['PDO']->prepare("SELECT 1 FROM InviteCodes WHERE InviteCode = ? LIMIT 1"); $statementInviteCode->execute([$_REQUEST['code']]); if($statementInviteCode->rowCount() == 0) { @@ -69,7 +69,7 @@ $nameParts = explode(" ", $name); } - $statementAvatarName = $RUNTIME['PDO']->prepare("SELECT * FROM UserAccounts WHERE FirstName = :FirstName AND LastName = :LastName LIMIT 1"); + $statementAvatarName = $RUNTIME['PDO']->prepare("SELECT 1 FROM UserAccounts WHERE FirstName = :FirstName AND LastName = :LastName LIMIT 1"); $statementAvatarName->execute(['FirstName' => $nameParts[0], 'LastName' => $nameParts[1]]); if($statementAvatarName->rowCount() == 0) { diff --git a/pages/user-online-state.php b/pages/user-online-state.php index 5de7213..0f17e19 100644 --- a/pages/user-online-state.php +++ b/pages/user-online-state.php @@ -4,7 +4,7 @@ $table = '%%ENTRY%%
BenutzernameRegion
'; - $statement = $RUNTIME['PDO']->prepare("SELECT * FROM Presence ORDER BY RegionID ASC"); + $statement = $RUNTIME['PDO']->prepare("SELECT RegionID,UserID FROM Presence ORDER BY RegionID ASC"); $statement->execute(); while($row = $statement->fetch()) diff --git a/pages/users.php b/pages/users.php index c0e35cd..eb31a86 100644 --- a/pages/users.php +++ b/pages/users.php @@ -45,7 +45,7 @@ $table = '%%ENTRY%%
VornameNachnameStatusAktionen
'; - $statement = $RUNTIME['PDO']->prepare("SELECT * FROM UserAccounts ORDER BY Created ASC"); + $statement = $RUNTIME['PDO']->prepare("SELECT FirstName,LastName,UserLevel,PrincipalID FROM UserAccounts ORDER BY Created ASC"); $statement->execute(); while($row = $statement->fetch())