Issues (1963)

html/inc/db.inc (7 issues)

1
<?php
2
// This file is part of BOINC.
3
// http://boinc.berkeley.edu
4
// Copyright (C) 2008 University of California
5
//
6
// BOINC is free software; you can redistribute it and/or modify it
7
// under the terms of the GNU Lesser General Public License
8
// as published by the Free Software Foundation,
9
// either version 3 of the License, or (at your option) any later version.
10
//
11
// BOINC is distributed in the hope that it will be useful,
12
// but WITHOUT ANY WARRANTY; without even the implied warranty of
13
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
14
// See the GNU Lesser General Public License for more details.
15
//
16
// You should have received a copy of the GNU Lesser General Public License
17
// along with BOINC.  If not, see <http://www.gnu.org/licenses/>.
18
19
require_once("../inc/util_basic.inc");
20
21
// functions for doing arbitrary SQL queries, including joins.
22
// When possible, use the classes in boinc_db.inc instead.
23
// Lots of old code uses these functions, e.g. in ops/
24
25
define("MYSQLI", true);
26
27
if (MYSQLI) {
28
    function _mysql_connect($host, $user, $pass, $dbname) {
29
        global $mysqli;
30
        $x = explode(":", $host);
31
        if (sizeof($x)>1) {
32
            $host = $x[0];
33
            $port = $x[1];
34
        } else {
35
            $port = null;
36
        }
37
        $mysqli = @new mysqli($host, $user, $pass, $dbname, $port);
0 ignored issues
show
It seems like $port can also be of type string; however, parameter $port of mysqli::__construct() does only seem to accept integer, maybe add an additional type check? ( Ignorable by Annotation )

If this is a false-positive, you can also ignore this issue in your code via the ignore-type  annotation

37
        $mysqli = @new mysqli($host, $user, $pass, $dbname, /** @scrutinizer ignore-type */ $port);
Loading history...
38
        if ($mysqli->connect_errno) {
39
            return null;
40
        }
41
        return $mysqli;
42
    }
43
    function _mysql_query($q) {
44
        global $mysqli;
45
        return mysqli_query($mysqli, $q);
46
    }
47
    function _mysql_num_rows($r) {
48
        return mysqli_num_rows($r);
49
    }
50
    function _mysql_num_fields($r) {
51
        global $mysqli;
52
        return mysqli_field_count($mysqli);
53
    }
54
    function _mysql_fetch_object($r) {
55
        return mysqli_fetch_object($r);
56
    }
57
    function _mysql_fetch_row($r) {
58
        return mysqli_fetch_row($r);
59
    }
60
    function _mysql_fetch_assoc($r) {
61
        return mysqli_fetch_assoc($r);
62
    }
63
    function _mysql_free_result($r) {
64
        return mysqli_free_result($r);
0 ignored issues
show
Are you sure the usage of mysqli_free_result($r) is correct as it seems to always return null.

This check looks for function or method calls that always return null and whose return value is used.

class A
{
    function getObject()
    {
        return null;
    }

}

$a = new A();
if ($a->getObject()) {

The method getObject() can return nothing but null, so it makes no sense to use the return value.

The reason is most likely that a function or method is imcomplete or has been reduced for debug purposes.

Loading history...
65
    }
66
    function _mysql_insert_id() {
67
        global $mysqli;
68
        return mysqli_insert_id($mysqli);
69
    }
70
    function _mysql_affected_rows() {
71
        global $mysqli;
72
        return mysqli_affected_rows($mysqli);
73
    }
74
    function _mysql_field_attrs($r, $i) {
75
        $x = mysqli_fetch_field_direct($r, $i);
76
        switch ($x->type) {
77
            case 1: $x->type = 'tinyint'; break;
78
            case 2: $x->type = 'smallint'; break;
79
            case 3: $x->type = 'int'; break;
80
            case 5: $x->type = 'double'; break;
81
            case 7: $x->type = 'timestamp'; break;
82
            case 252: $x->type = 'blob'; break;
83
            case 253: $x->type = 'varchar'; break;
84
            case 254: $x->type = 'char'; break;
85
        }
86
        return $x;
87
    }
88
    function _mysql_escape_string($x) {
89
        global $mysqli;
90
        return mysqli_escape_string($mysqli, $x);
91
    }
92
    function _mysql_error() {
93
        global $mysqli;
94
        return mysqli_error($mysqli);
95
    }
96
    function _mysql_fetch_array($r) {
97
        return mysqli_fetch_array($r);
98
    }
99
} else {
100
    function _mysql_connect($host, $user, $pass, $db_name) {
101
        $link = mysql_pconnect($host, $user, $pass);
102
        if (!$link) return null;
0 ignored issues
show
$link is of type resource, thus it always evaluated to false.
Loading history...
103
        if (!mysql_select_db($db_name, $link)) {
104
            return null;
105
        }
106
        return $link;
107
    }
108
    function _mysql_query($q) {
109
        return mysql_query($q);
110
    }
111
    function _mysql_num_rows($r) {
112
        return mysql_num_rows($r);
113
    }
114
    function _mysql_num_fields($r) {
115
        return mysql_num_fields($r);
116
    }
117
    function _mysql_fetch_object($r) {
118
        return mysql_fetch_object($r);
119
    }
120
    function _mysql_fetch_row($r) {
121
        return mysql_fetch_row($r);
122
    }
123
    function _mysql_fetch_assoc($r) {
124
        return mysql_fetch_assoc($r);
125
    }
126
    function _mysql_free_result($r) {
127
        return mysql_free_result($r);
128
    }
129
    function _mysql_insert_id() {
130
        return mysql_insert_id();
131
    }
132
    function _mysql_affected_rows() {
133
        return mysql_affected_rows();
134
    }
135
    function _mysql_field_attrs($r, $i) {
136
        $x = new StdClass;
137
        $x->name = mysql_field_name($r, $i);
138
        $x->type = mysql_field_type($r, $i);
139
        $x->length = mysql_field_len($r, $i);
140
        return $x;
141
    }
142
    function _mysql_escape_string($x) {
143
        return mysql_escape_string($x);
144
    }
145
    function _mysql_error() {
146
        return mysql_error();
147
    }
148
    function _mysql_fetch_array($r) {
149
        return mysql_fetch_array($r);
150
    }
151
}
152
153
function db_init_aux($try_replica=false) {
154
    $config = get_config();
155
    $user = parse_config($config, "<db_user>");
156
    $pass = parse_config($config, "<db_passwd>");
157
    $db_name = parse_config($config, "<db_name>");
158
    $host = null;
159
    if ($try_replica) {
160
        $x = parse_config($config, "<replica_db_host>");
161
        if ($x) {
162
            $host = $x;
163
            $x = parse_config($config, "<replica_db_user>");
164
            if ($x) $user = $x;
165
            $x = parse_config($config, "<replica_db_passwd>");
166
            if ($x) $pass = $x;
167
            $x = parse_config($config, "<replica_db_name>");
168
            if ($x) $db_name = $x;
169
        }
170
    }
171
    if ($host == null) {
0 ignored issues
show
It seems like you are loosely comparing $host of type null|string against null; this is ambiguous if the string can be empty. Consider using a strict comparison === instead.
Loading history...
172
        $host = parse_config($config, "<db_host>");
173
    }
174
    if ($host == null) {
0 ignored issues
show
It seems like you are loosely comparing $host of type null|string against null; this is ambiguous if the string can be empty. Consider using a strict comparison === instead.
Loading history...
175
        $host = "localhost";
176
    }
177
    if (1) {
178
        if (!_mysql_connect($host, $user, $pass, $db_name)) {
0 ignored issues
show
Are you sure the usage of _mysql_connect($host, $user, $pass, $db_name) is correct as it seems to always return null.

This check looks for function or method calls that always return null and whose return value is used.

class A
{
    function getObject()
    {
        return null;
    }

}

$a = new A();
if ($a->getObject()) {

The method getObject() can return nothing but null, so it makes no sense to use the return value.

The reason is most likely that a function or method is imcomplete or has been reduced for debug purposes.

Loading history...
179
            return 1;
180
        }
181
    } else {
182
        $link = mysql_pconnect($host, $user, $pass);
183
        if (!$link) {
0 ignored issues
show
$link is of type resource, thus it always evaluated to false.
Loading history...
184
            return 1;
185
        }
186
        if (!mysql_select_db($db_name, $link)) {
187
            echo "selecting $db_name\n";
188
            return 2;
189
        }
190
    }
191
192
    return 0;
193
}
194
195
// escape a string for MySQL "like"
196
//
197
function escape_pattern($str) {
198
    $str = str_replace('_', '\\\\_', $str);
199
    $str = str_replace('%', '\\\\%', $str);
200
    return $str;
201
}
202
203
?>
204