From 6dfe752b7fe3e1259c98067fb9046898219be3d8 Mon Sep 17 00:00:00 2001
From: Ralf Becker <RalfBecker@outdoor-training.de>
Date: Thu, 9 Mar 2017 12:07:14 +0100
Subject: [PATCH] allow to switch whole database readonly, via setting
 "db_readonly" => true in header.inc.php

---
 .../class.admin_cmd_change_account_id.inc.php |  4 ++--
 api/src/Db.php                                | 21 ++++++++++++-------
 setup/inc/class.setup_cmd_database.inc.php    | 11 ++++------
 3 files changed, 19 insertions(+), 17 deletions(-)

diff --git a/admin/inc/class.admin_cmd_change_account_id.inc.php b/admin/inc/class.admin_cmd_change_account_id.inc.php
index 9881c5ea07..245cad3037 100644
--- a/admin/inc/class.admin_cmd_change_account_id.inc.php
+++ b/admin/inc/class.admin_cmd_change_account_id.inc.php
@@ -5,7 +5,7 @@
  * @link http://www.egroupware.org
  * @author Ralf Becker <RalfBecker-AT-outdoor-training.de>
  * @package admin
- * @copyright (c) 2007-16 by Ralf Becker <RalfBecker-AT-outdoor-training.de>
+ * @copyright (c) 2007-17 by Ralf Becker <RalfBecker-AT-outdoor-training.de>
  * @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License
  * @version $Id$
  */
@@ -147,7 +147,7 @@ class admin_cmd_change_account_id extends admin_cmd
 
 			$db = clone($GLOBALS['egw']->db);
 			$db->set_app($app);
-			if ($check_only) $db->log_updates = true;
+			if ($check_only) $db->log_updates = $db->readonly = true;
 
 			foreach($data as $table => $columns)
 			{
diff --git a/api/src/Db.php b/api/src/Db.php
index a812591fab..ad1421c645 100644
--- a/api/src/Db.php
+++ b/api/src/Db.php
@@ -7,7 +7,7 @@
  * @package api
  * @subpackage db
  * @author Ralf Becker <RalfBecker-AT-outdoor-training.de>
- * @copyright (c) 2003-16 by Ralf Becker <RalfBecker-AT-outdoor-training.de>
+ * @copyright (c) 2003-17 by Ralf Becker <RalfBecker-AT-outdoor-training.de>
  * @version $Id$
  */
 
@@ -101,13 +101,18 @@ class Db
 	*/
 	var $Password = '';
 
+	/**
+	 * @var boolean $readonly only allow readonly access to database
+	 */
+	var $readonly = false;
+
 	/**
 	* @var int $Debug enable debuging - 0 no, 1 yes
 	*/
 	var $Debug         = 0;
 
 	/**
-	 * Log update querys to error_log, do not run them
+	 * Log update querys to error_log
 	 *
 	 * @var boolean
 	 */
@@ -248,7 +253,7 @@ class Db
 	/**
 	 * Constructor
 	 *
-	 * @param array $db_data =null values for keys 'db_name', 'db_host', 'db_port', 'db_user', 'db_pass', 'db_type'
+	 * @param array $db_data =null values for keys 'db_name', 'db_host', 'db_port', 'db_user', 'db_pass', 'db_type', 'db_readonly'
 	 */
 	function __construct(array $db_data=null)
 	{
@@ -261,6 +266,7 @@ class Db
 				'User'     => 'db_user',
 				'Password' => 'db_pass',
 				'Type'     => 'db_type',
+				'readonly' => 'db_readonly',
 			) as $var => $key)
 			{
 				$this->$var = $db_data[$key];
@@ -609,8 +615,7 @@ class Db
 		if (!empty($this->setupType)) $this->Type = $this->setupType;	// restore Type eg. to mysqli
 
 		$vars = get_object_vars($this);
-		unset($vars['Link_ID']);
-		unset($vars['privat_Link_ID']);
+		unset($vars['Link_ID'], $vars['Query_ID'], $vars['privat_Link_ID']);
 		return array_keys($vars);
 	}
 
@@ -749,10 +754,10 @@ class Db
 		{
 			$num_rows = $GLOBALS['egw_info']['user']['preferences']['common']['maxmatchs'];
 		}
-		if ($this->log_updates && stripos($Query_String, 'SELECT') !== 0)
+		if (($this->readonly || $this->log_updates) && !preg_match('/\(?(SELECT|SET|SHOW)/i', $Query_String))
 		{
-			error_log($Query_String);
-			return 0;
+			if ($this->log_updates) error_log($Query_String.': '.function_backtrace());
+			if ($this->readonly) return 0;
 		}
 		if ($num_rows > 0)
 		{
diff --git a/setup/inc/class.setup_cmd_database.inc.php b/setup/inc/class.setup_cmd_database.inc.php
index a7a25fb6be..24be7b8f05 100644
--- a/setup/inc/class.setup_cmd_database.inc.php
+++ b/setup/inc/class.setup_cmd_database.inc.php
@@ -140,16 +140,13 @@ class setup_cmd_database extends setup_cmd
 	 */
 	private function connect($user=null,$pass=null,$name=null)
 	{
-		if (is_null($user)) $user = $this->db_user;
-		if (is_null($pass)) $pass = $this->db_pass;
-		if (is_null($name)) $name = $this->db_name;
-
-		$this->test_db = new Api\Db();
+		// propagate all db_* vars
+		$this->test_db = new Api\Db(get_object_vars($this));
 
 		$error_rep = error_reporting();
-		error_reporting($error_rep & ~E_WARNING);	// switch warnings of, in case they are on
+		error_reporting($error_rep & ~E_WARNING);	// switch warnings off, in case they are on
 		try {
-			$this->test_db->connect($name,$this->db_host,$this->db_port,$user,$pass,$this->db_type);
+			$this->test_db->connect($name, null, null, $user, $pass);
 		}
 		catch (Exception $e) {
 			// just give a nicer error, after switching error_reporting on again