Fix duplicate creation of acl options in acl_add_options() under certain conditions. (Bug #38385, #40225)

Add unique key to ACL options table to prevent duplicate permission options. (Bug #41835)


git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9400 89ea8834-ac86-4346-8a33-228a782c2dd0

phpBB/install/database_update.php

@@ -894,10 +894,10 @@ function change_database_data(&$no_updates, $version)
 			set_config('captcha_gd_wave', 0);
 			set_config('captcha_gd_3d_noise', 1);
 			set_config('captcha_gd_fonts', 1);
+
 			set_config('confirm_refresh', 1);
 
-
-
+			// Hash old MD5 passwords
 			$sql = 'SELECT user_id, user_password
 					FROM ' . USERS_TABLE . '
 					WHERE user_pass_convert = 1';
@@ -916,11 +916,73 @@ function change_database_data(&$no_updates, $version)
 			}
 			$db->sql_freeresult($result);
 
+			// Adjust bot entry
 			$sql = 'UPDATE ' . BOTS_TABLE . "
 				SET bot_agent = 'ichiro/'
 				WHERE bot_agent = 'ichiro/2'";
 			_sql($sql, $errored, $error_ary);
 
+			// Before we are able to add a unique key to auth_option, we need to remove duplicate entries
+
+			// We get duplicate entries first
+			$sql = 'SELECT auth_option
+				FROM ' . ACL_OPTIONS_TABLE . '
+				GROUP BY auth_option
+				HAVING COUNT(*) >= 1';
+			$result = $db->sql_query($sql);
+
+			$auth_options = array();
+			while ($row = $db->sql_fetchrow($result))
+			{
+				$auth_options[] = $row['auth_option'];
+			}
+			$db->sql_freeresult($result);
+
+			// Remove specific auth options
+			if (!empty($auth_options))
+			{
+				foreach ($auth_options as $option)
+				{
+					// Select auth_option_ids... the largest id will be preserved
+					$sql = 'SELECT auth_option_id
+						FROM ' . ACL_OPTIONS_TABLE . "
+						WHERE auth_option = '" . $db->sql_escape($option) . "'
+						ORDER BY auth_option_id DESC";
+					$result = $db->sql_query_limit($sql, 0, 1);
+
+					while ($row = $db->sql_fetchrow($result))
+					{
+						// Ok, remove this auth option...
+						_sql('DELETE FROM ' . ACL_OPTIONS_TABLE . ' WHERE auth_option_id = ' . $row['auth_option_id'], $errored, $error_ary);
+						_sql('DELETE FROM ' . ACL_ROLES_DATA_TABLE . ' WHERE auth_option_id = ' . $row['auth_option_id'], $errored, $error_ary);
+						_sql('DELETE FROM ' . ACL_GROUPS_TABLE . ' WHERE auth_option_id = ' . $row['auth_option_id'], $errored, $error_ary);
+						_sql('DELETE FROM ' . ACL_USERS_TABLE . ' WHERE auth_option_id = ' . $row['auth_option_id'], $errored, $error_ary);
+					}
+					$db->sql_freeresult($result);
+				}
+			}
+
+			// Now make auth_option UNIQUE, by dropping the old index and adding a UNIQUE one.
+			$changes = array(
+				'drop_keys'			=> array(
+					ACL_OPTIONS_TABLE		=> array('auth_option'),
+				),
+				'add_unique_index'	=> array(
+					ACL_OPTIONS_TABLE		=> array(
+						'auth_option'		=> array('auth_option'),
+					),
+				),
+			);
+
+			global $db_tools;
+
+			$statements = $db_tools->perform_schema_changes($changes);
+
+			foreach ($statements as $sql)
+			{
+				_sql($sql, $errored, $error_ary);
+			}
+
 			$no_updates = false;
 
 		break;

phpBB/install/schemas/firebird_schema.sql

@@ -65,7 +65,7 @@ CREATE TABLE phpbb_acl_options (
 
 ALTER TABLE phpbb_acl_options ADD PRIMARY KEY (auth_option_id);;
 
-CREATE INDEX phpbb_acl_options_auth_option ON phpbb_acl_options(auth_option);;
+CREATE UNIQUE INDEX phpbb_acl_options_auth_option ON phpbb_acl_options(auth_option);;
 
 CREATE GENERATOR phpbb_acl_options_gen;;
 SET GENERATOR phpbb_acl_options_gen TO 0;;

phpBB/install/schemas/mysql_40_schema.sql

@@ -49,7 +49,7 @@ CREATE TABLE phpbb_acl_options (
 	is_local tinyint(1) UNSIGNED DEFAULT '0' NOT NULL,
 	founder_only tinyint(1) UNSIGNED DEFAULT '0' NOT NULL,
 	PRIMARY KEY (auth_option_id),
-	KEY auth_option (auth_option)
+	UNIQUE auth_option (auth_option)
 );
 
 

phpBB/install/schemas/mysql_41_schema.sql

@@ -49,7 +49,7 @@ CREATE TABLE phpbb_acl_options (
 	is_local tinyint(1) UNSIGNED DEFAULT '0' NOT NULL,
 	founder_only tinyint(1) UNSIGNED DEFAULT '0' NOT NULL,
 	PRIMARY KEY (auth_option_id),
-	KEY auth_option (auth_option)
+	UNIQUE auth_option (auth_option)
 ) CHARACTER SET `utf8` COLLATE `utf8_bin`;
 
 

phpBB/install/schemas/oracle_schema.sql

@@ -119,12 +119,11 @@ CREATE TABLE phpbb_acl_options (
 	is_global number(1) DEFAULT '0' NOT NULL,
 	is_local number(1) DEFAULT '0' NOT NULL,
 	founder_only number(1) DEFAULT '0' NOT NULL,
-	CONSTRAINT pk_phpbb_acl_options PRIMARY KEY (auth_option_id)
+	CONSTRAINT pk_phpbb_acl_options PRIMARY KEY (auth_option_id),
+	CONSTRAINT u_phpbb_auth_option UNIQUE (auth_option)
 )
 /
 
-CREATE INDEX phpbb_acl_options_auth_option ON phpbb_acl_options (auth_option)
-/
 
 CREATE SEQUENCE phpbb_acl_options_seq
 /
@@ -821,7 +820,7 @@ CREATE TABLE phpbb_poll_votes (
 	topic_id number(8) DEFAULT '0' NOT NULL,
 	poll_option_id number(4) DEFAULT '0' NOT NULL,
 	vote_user_id number(8) DEFAULT '0' NOT NULL,
-	vote_user_ip varchar2(40) DEFAULT '' 
+	vote_user_ip varchar2(40) DEFAULT ''
 )
 /
 
@@ -1465,7 +1464,7 @@ CREATE TABLE phpbb_styles_template_data (
 	template_filename varchar2(100) DEFAULT '' ,
 	template_included clob DEFAULT '' ,
 	template_mtime number(11) DEFAULT '0' NOT NULL,
-	template_data clob DEFAULT '' 
+	template_data clob DEFAULT ''
 )
 /
 

phpBB/install/schemas/postgres_schema.sql

@@ -140,7 +140,7 @@ CREATE TABLE phpbb_acl_options (
 	PRIMARY KEY (auth_option_id)
 );
 
-CREATE INDEX phpbb_acl_options_auth_option ON phpbb_acl_options (auth_option);
+CREATE UNIQUE INDEX phpbb_acl_options_auth_option ON phpbb_acl_options (auth_option);
 
 /*
 	Table: 'phpbb_acl_roles'

phpBB/install/schemas/sqlite_schema.sql

@@ -51,7 +51,7 @@ CREATE TABLE phpbb_acl_options (
 	founder_only INTEGER UNSIGNED NOT NULL DEFAULT '0'
 );
 
-CREATE INDEX phpbb_acl_options_auth_option ON phpbb_acl_options (auth_option);
+CREATE UNIQUE INDEX phpbb_acl_options_auth_option ON phpbb_acl_options (auth_option);
 
 # Table: 'phpbb_acl_roles'
 CREATE TABLE phpbb_acl_roles (