SimpleMachines /
SMF2.1
@@ -199,22 +199,22 @@ discard block |
||
| 199 | 199 | |
| 200 | 200 | case 'date': |
| 201 | 201 | if (preg_match('~^(\d{4})-([0-1]?\d)-([0-3]?\d)$~', $replacement, $date_matches) === 1) |
| 202 | - return sprintf('\'%04d-%02d-%02d\'', $date_matches[1], $date_matches[2], $date_matches[3]).'::date'; |
|
| 202 | + return sprintf('\'%04d-%02d-%02d\'', $date_matches[1], $date_matches[2], $date_matches[3]) . '::date'; |
|
| 203 | 203 | else |
| 204 | 204 | smf_db_error_backtrace('Wrong value type sent to the database. Date expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__); |
| 205 | 205 | break; |
| 206 | 206 | |
| 207 | 207 | case 'time': |
| 208 | 208 | if (preg_match('~^([0-1]?\d|2[0-3]):([0-5]\d):([0-5]\d)$~', $replacement, $time_matches) === 1) |
| 209 | - return sprintf('\'%02d:%02d:%02d\'', $time_matches[1], $time_matches[2], $time_matches[3]).'::time'; |
|
| 209 | + return sprintf('\'%02d:%02d:%02d\'', $time_matches[1], $time_matches[2], $time_matches[3]) . '::time'; |
|
| 210 | 210 | else |
| 211 | 211 | smf_db_error_backtrace('Wrong value type sent to the database. Time expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__); |
| 212 | 212 | break; |
| 213 | 213 | |
| 214 | 214 | case 'datetime': |
| 215 | 215 | if (preg_match('~^(\d{4})-([0-1]?\d)-([0-3]?\d) ([0-1]?\d|2[0-3]):([0-5]\d):([0-5]\d)$~', $replacement, $datetime_matches) === 1) |
| 216 | - return 'to_timestamp('. |
|
| 217 | - sprintf('\'%04d-%02d-%02d %02d:%02d:%02d\'', $datetime_matches[1], $datetime_matches[2], $datetime_matches[3], $datetime_matches[4], $datetime_matches[5] ,$datetime_matches[6]). |
|
| 216 | + return 'to_timestamp(' . |
|
| 217 | + sprintf('\'%04d-%02d-%02d %02d:%02d:%02d\'', $datetime_matches[1], $datetime_matches[2], $datetime_matches[3], $datetime_matches[4], $datetime_matches[5], $datetime_matches[6]) . |
|
| 218 | 218 | ',\'YYYY-MM-DD HH24:MI:SS\')'; |
| 219 | 219 | else |
| 220 | 220 | smf_db_error_backtrace('Wrong value type sent to the database. Datetime expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__); |
@@ -763,10 +763,10 @@ discard block |
||
| 763 | 763 | $returning = ''; |
| 764 | 764 | $with_returning = false; |
| 765 | 765 | // lets build the returning string, mysql allow only in normal mode |
| 766 | - if(!empty($keys) && (count($keys) > 0) && ($method === '' || $method === 'insert') && $returnmode > 0) |
|
| 766 | + if (!empty($keys) && (count($keys) > 0) && ($method === '' || $method === 'insert') && $returnmode > 0) |
|
| 767 | 767 | { |
| 768 | 768 | // we only take the first key |
| 769 | - $returning = ' RETURNING '.$keys[0]; |
|
| 769 | + $returning = ' RETURNING ' . $keys[0]; |
|
| 770 | 770 | $with_returning = true; |
| 771 | 771 | } |
| 772 | 772 | |
@@ -797,7 +797,7 @@ discard block |
||
| 797 | 797 | INSERT INTO ' . $table . '("' . implode('", "', $indexed_columns) . '") |
| 798 | 798 | VALUES |
| 799 | 799 | ' . implode(', |
| 800 | - ', $insertRows).$replace.$returning, |
|
| 800 | + ', $insertRows) . $replace . $returning, |
|
| 801 | 801 | array( |
| 802 | 802 | 'security_override' => true, |
| 803 | 803 | 'db_error_skip' => $method == 'ignore' || $table === $db_prefix . 'log_errors', |
@@ -810,7 +810,7 @@ discard block |
||
| 810 | 810 | if ($returnmode === 2) |
| 811 | 811 | $return_var = array(); |
| 812 | 812 | |
| 813 | - while(($row = $smcFunc['db_fetch_row']($request)) && $with_returning) |
|
| 813 | + while (($row = $smcFunc['db_fetch_row']($request)) && $with_returning) |
|
| 814 | 814 | { |
| 815 | 815 | if (is_numeric($row[0])) // try to emulate mysql limitation |
| 816 | 816 | { |
@@ -13,8 +13,9 @@ discard block |
||
| 13 | 13 | * @version 2.1 Beta 4 |
| 14 | 14 | */ |
| 15 | 15 | |
| 16 | -if (!defined('SMF')) |
|
| 16 | +if (!defined('SMF')) { |
|
| 17 | 17 | die('No direct access...'); |
| 18 | +} |
|
| 18 | 19 | |
| 19 | 20 | /** |
| 20 | 21 | * Maps the implementations in this file (smf_db_function_name) |
@@ -34,8 +35,8 @@ discard block |
||
| 34 | 35 | global $smcFunc; |
| 35 | 36 | |
| 36 | 37 | // Map some database specific functions, only do this once. |
| 37 | - if (!isset($smcFunc['db_fetch_assoc'])) |
|
| 38 | - $smcFunc += array( |
|
| 38 | + if (!isset($smcFunc['db_fetch_assoc'])) { |
|
| 39 | + $smcFunc += array( |
|
| 39 | 40 | 'db_query' => 'smf_db_query', |
| 40 | 41 | 'db_quote' => 'smf_db_quote', |
| 41 | 42 | 'db_insert' => 'smf_db_insert', |
@@ -61,11 +62,13 @@ discard block |
||
| 61 | 62 | 'db_mb4' => true, |
| 62 | 63 | 'db_ping' => 'pg_ping', |
| 63 | 64 | ); |
| 65 | + } |
|
| 64 | 66 | |
| 65 | - if (!empty($db_options['persist'])) |
|
| 66 | - $connection = @pg_pconnect('host=' . $db_server . ' dbname=' . $db_name . ' user=\'' . $db_user . '\' password=\'' . $db_passwd . '\'' . (empty($db_options['port']) ? '' : ' port=\'' . $db_options['port'] . '\'')); |
|
| 67 | - else |
|
| 68 | - $connection = @pg_connect('host=' . $db_server . ' dbname=' . $db_name . ' user=\'' . $db_user . '\' password=\'' . $db_passwd . '\'' . (empty($db_options['port']) ? '' : ' port=\'' . $db_options['port'] . '\'')); |
|
| 67 | + if (!empty($db_options['persist'])) { |
|
| 68 | + $connection = @pg_pconnect('host=' . $db_server . ' dbname=' . $db_name . ' user=\'' . $db_user . '\' password=\'' . $db_passwd . '\'' . (empty($db_options['port']) ? '' : ' port=\'' . $db_options['port'] . '\'')); |
|
| 69 | + } else { |
|
| 70 | + $connection = @pg_connect('host=' . $db_server . ' dbname=' . $db_name . ' user=\'' . $db_user . '\' password=\'' . $db_passwd . '\'' . (empty($db_options['port']) ? '' : ' port=\'' . $db_options['port'] . '\'')); |
|
| 71 | + } |
|
| 69 | 72 | |
| 70 | 73 | // Something's wrong, show an error if its fatal (which we assume it is) |
| 71 | 74 | if (!$connection) |
@@ -73,8 +76,7 @@ discard block |
||
| 73 | 76 | if (!empty($db_options['non_fatal'])) |
| 74 | 77 | { |
| 75 | 78 | return null; |
| 76 | - } |
|
| 77 | - else |
|
| 79 | + } else |
|
| 78 | 80 | { |
| 79 | 81 | display_db_error(); |
| 80 | 82 | } |
@@ -125,35 +127,42 @@ discard block |
||
| 125 | 127 | |
| 126 | 128 | list ($values, $connection) = $db_callback; |
| 127 | 129 | |
| 128 | - if ($matches[1] === 'db_prefix') |
|
| 129 | - return $db_prefix; |
|
| 130 | + if ($matches[1] === 'db_prefix') { |
|
| 131 | + return $db_prefix; |
|
| 132 | + } |
|
| 130 | 133 | |
| 131 | 134 | if (!empty($user_info)) |
| 132 | 135 | { |
| 133 | - foreach (array_keys($user_info) as $key) |
|
| 134 | - if (strpos($key, 'query_') !== false && $key === $matches[1]) |
|
| 136 | + foreach (array_keys($user_info) as $key) { |
|
| 137 | + if (strpos($key, 'query_') !== false && $key === $matches[1]) |
|
| 135 | 138 | return $user_info[$matches[1]]; |
| 139 | + } |
|
| 136 | 140 | } |
| 137 | 141 | |
| 138 | - if ($matches[1] === 'empty') |
|
| 139 | - return '\'\''; |
|
| 142 | + if ($matches[1] === 'empty') { |
|
| 143 | + return '\'\''; |
|
| 144 | + } |
|
| 140 | 145 | |
| 141 | - if (!isset($matches[2])) |
|
| 142 | - smf_db_error_backtrace('Invalid value inserted or no type specified.', '', E_USER_ERROR, __FILE__, __LINE__); |
|
| 146 | + if (!isset($matches[2])) { |
|
| 147 | + smf_db_error_backtrace('Invalid value inserted or no type specified.', '', E_USER_ERROR, __FILE__, __LINE__); |
|
| 148 | + } |
|
| 143 | 149 | |
| 144 | - if ($matches[1] === 'literal') |
|
| 145 | - return '\'' . pg_escape_string($matches[2]) . '\''; |
|
| 150 | + if ($matches[1] === 'literal') { |
|
| 151 | + return '\'' . pg_escape_string($matches[2]) . '\''; |
|
| 152 | + } |
|
| 146 | 153 | |
| 147 | - if (!isset($values[$matches[2]])) |
|
| 148 | - smf_db_error_backtrace('The database value you\'re trying to insert does not exist: ' . (isset($smcFunc['htmlspecialchars']) ? $smcFunc['htmlspecialchars']($matches[2]) : htmlspecialchars($matches[2])), '', E_USER_ERROR, __FILE__, __LINE__); |
|
| 154 | + if (!isset($values[$matches[2]])) { |
|
| 155 | + smf_db_error_backtrace('The database value you\'re trying to insert does not exist: ' . (isset($smcFunc['htmlspecialchars']) ? $smcFunc['htmlspecialchars']($matches[2]) : htmlspecialchars($matches[2])), '', E_USER_ERROR, __FILE__, __LINE__); |
|
| 156 | + } |
|
| 149 | 157 | |
| 150 | 158 | $replacement = $values[$matches[2]]; |
| 151 | 159 | |
| 152 | 160 | switch ($matches[1]) |
| 153 | 161 | { |
| 154 | 162 | case 'int': |
| 155 | - if (!is_numeric($replacement) || (string) $replacement !== (string) (int) $replacement) |
|
| 156 | - smf_db_error_backtrace('Wrong value type sent to the database. Integer expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__); |
|
| 163 | + if (!is_numeric($replacement) || (string) $replacement !== (string) (int) $replacement) { |
|
| 164 | + smf_db_error_backtrace('Wrong value type sent to the database. Integer expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__); |
|
| 165 | + } |
|
| 157 | 166 | return (string) (int) $replacement; |
| 158 | 167 | break; |
| 159 | 168 | |
@@ -165,65 +174,73 @@ discard block |
||
| 165 | 174 | case 'array_int': |
| 166 | 175 | if (is_array($replacement)) |
| 167 | 176 | { |
| 168 | - if (empty($replacement)) |
|
| 169 | - smf_db_error_backtrace('Database error, given array of integer values is empty. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__); |
|
| 177 | + if (empty($replacement)) { |
|
| 178 | + smf_db_error_backtrace('Database error, given array of integer values is empty. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__); |
|
| 179 | + } |
|
| 170 | 180 | |
| 171 | 181 | foreach ($replacement as $key => $value) |
| 172 | 182 | { |
| 173 | - if (!is_numeric($value) || (string) $value !== (string) (int) $value) |
|
| 174 | - smf_db_error_backtrace('Wrong value type sent to the database. Array of integers expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__); |
|
| 183 | + if (!is_numeric($value) || (string) $value !== (string) (int) $value) { |
|
| 184 | + smf_db_error_backtrace('Wrong value type sent to the database. Array of integers expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__); |
|
| 185 | + } |
|
| 175 | 186 | |
| 176 | 187 | $replacement[$key] = (string) (int) $value; |
| 177 | 188 | } |
| 178 | 189 | |
| 179 | 190 | return implode(', ', $replacement); |
| 191 | + } else { |
|
| 192 | + smf_db_error_backtrace('Wrong value type sent to the database. Array of integers expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__); |
|
| 180 | 193 | } |
| 181 | - else |
|
| 182 | - smf_db_error_backtrace('Wrong value type sent to the database. Array of integers expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__); |
|
| 183 | 194 | |
| 184 | 195 | break; |
| 185 | 196 | |
| 186 | 197 | case 'array_string': |
| 187 | 198 | if (is_array($replacement)) |
| 188 | 199 | { |
| 189 | - if (empty($replacement)) |
|
| 190 | - smf_db_error_backtrace('Database error, given array of string values is empty. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__); |
|
| 200 | + if (empty($replacement)) { |
|
| 201 | + smf_db_error_backtrace('Database error, given array of string values is empty. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__); |
|
| 202 | + } |
|
| 191 | 203 | |
| 192 | - foreach ($replacement as $key => $value) |
|
| 193 | - $replacement[$key] = sprintf('\'%1$s\'', pg_escape_string($value)); |
|
| 204 | + foreach ($replacement as $key => $value) { |
|
| 205 | + $replacement[$key] = sprintf('\'%1$s\'', pg_escape_string($value)); |
|
| 206 | + } |
|
| 194 | 207 | |
| 195 | 208 | return implode(', ', $replacement); |
| 209 | + } else { |
|
| 210 | + smf_db_error_backtrace('Wrong value type sent to the database. Array of strings expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__); |
|
| 196 | 211 | } |
| 197 | - else |
|
| 198 | - smf_db_error_backtrace('Wrong value type sent to the database. Array of strings expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__); |
|
| 199 | 212 | break; |
| 200 | 213 | |
| 201 | 214 | case 'date': |
| 202 | - if (preg_match('~^(\d{4})-([0-1]?\d)-([0-3]?\d)$~', $replacement, $date_matches) === 1) |
|
| 203 | - return sprintf('\'%04d-%02d-%02d\'', $date_matches[1], $date_matches[2], $date_matches[3]).'::date'; |
|
| 204 | - else |
|
| 205 | - smf_db_error_backtrace('Wrong value type sent to the database. Date expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__); |
|
| 215 | + if (preg_match('~^(\d{4})-([0-1]?\d)-([0-3]?\d)$~', $replacement, $date_matches) === 1) { |
|
| 216 | + return sprintf('\'%04d-%02d-%02d\'', $date_matches[1], $date_matches[2], $date_matches[3]).'::date'; |
|
| 217 | + } else { |
|
| 218 | + smf_db_error_backtrace('Wrong value type sent to the database. Date expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__); |
|
| 219 | + } |
|
| 206 | 220 | break; |
| 207 | 221 | |
| 208 | 222 | case 'time': |
| 209 | - if (preg_match('~^([0-1]?\d|2[0-3]):([0-5]\d):([0-5]\d)$~', $replacement, $time_matches) === 1) |
|
| 210 | - return sprintf('\'%02d:%02d:%02d\'', $time_matches[1], $time_matches[2], $time_matches[3]).'::time'; |
|
| 211 | - else |
|
| 212 | - smf_db_error_backtrace('Wrong value type sent to the database. Time expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__); |
|
| 223 | + if (preg_match('~^([0-1]?\d|2[0-3]):([0-5]\d):([0-5]\d)$~', $replacement, $time_matches) === 1) { |
|
| 224 | + return sprintf('\'%02d:%02d:%02d\'', $time_matches[1], $time_matches[2], $time_matches[3]).'::time'; |
|
| 225 | + } else { |
|
| 226 | + smf_db_error_backtrace('Wrong value type sent to the database. Time expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__); |
|
| 227 | + } |
|
| 213 | 228 | break; |
| 214 | 229 | |
| 215 | 230 | case 'datetime': |
| 216 | - if (preg_match('~^(\d{4})-([0-1]?\d)-([0-3]?\d) ([0-1]?\d|2[0-3]):([0-5]\d):([0-5]\d)$~', $replacement, $datetime_matches) === 1) |
|
| 217 | - return 'to_timestamp('. |
|
| 231 | + if (preg_match('~^(\d{4})-([0-1]?\d)-([0-3]?\d) ([0-1]?\d|2[0-3]):([0-5]\d):([0-5]\d)$~', $replacement, $datetime_matches) === 1) { |
|
| 232 | + return 'to_timestamp('. |
|
| 218 | 233 | sprintf('\'%04d-%02d-%02d %02d:%02d:%02d\'', $datetime_matches[1], $datetime_matches[2], $datetime_matches[3], $datetime_matches[4], $datetime_matches[5] ,$datetime_matches[6]). |
| 219 | 234 | ',\'YYYY-MM-DD HH24:MI:SS\')'; |
| 220 | - else |
|
| 221 | - smf_db_error_backtrace('Wrong value type sent to the database. Datetime expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__); |
|
| 235 | + } else { |
|
| 236 | + smf_db_error_backtrace('Wrong value type sent to the database. Datetime expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__); |
|
| 237 | + } |
|
| 222 | 238 | break; |
| 223 | 239 | |
| 224 | 240 | case 'float': |
| 225 | - if (!is_numeric($replacement)) |
|
| 226 | - smf_db_error_backtrace('Wrong value type sent to the database. Floating point number expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__); |
|
| 241 | + if (!is_numeric($replacement)) { |
|
| 242 | + smf_db_error_backtrace('Wrong value type sent to the database. Floating point number expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__); |
|
| 243 | + } |
|
| 227 | 244 | return (string) (float) $replacement; |
| 228 | 245 | break; |
| 229 | 246 | |
@@ -236,31 +253,36 @@ discard block |
||
| 236 | 253 | break; |
| 237 | 254 | |
| 238 | 255 | case 'inet': |
| 239 | - if ($replacement == 'null' || $replacement == '') |
|
| 240 | - return 'null'; |
|
| 241 | - if (inet_pton($replacement) === false) |
|
| 242 | - smf_db_error_backtrace('Wrong value type sent to the database. IPv4 or IPv6 expected.(' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__); |
|
| 256 | + if ($replacement == 'null' || $replacement == '') { |
|
| 257 | + return 'null'; |
|
| 258 | + } |
|
| 259 | + if (inet_pton($replacement) === false) { |
|
| 260 | + smf_db_error_backtrace('Wrong value type sent to the database. IPv4 or IPv6 expected.(' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__); |
|
| 261 | + } |
|
| 243 | 262 | return sprintf('\'%1$s\'::inet', pg_escape_string($replacement)); |
| 244 | 263 | |
| 245 | 264 | case 'array_inet': |
| 246 | 265 | if (is_array($replacement)) |
| 247 | 266 | { |
| 248 | - if (empty($replacement)) |
|
| 249 | - smf_db_error_backtrace('Database error, given array of IPv4 or IPv6 values is empty. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__); |
|
| 267 | + if (empty($replacement)) { |
|
| 268 | + smf_db_error_backtrace('Database error, given array of IPv4 or IPv6 values is empty. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__); |
|
| 269 | + } |
|
| 250 | 270 | |
| 251 | 271 | foreach ($replacement as $key => $value) |
| 252 | 272 | { |
| 253 | - if ($replacement == 'null' || $replacement == '') |
|
| 254 | - $replacement[$key] = 'null'; |
|
| 255 | - if (!isValidIP($value)) |
|
| 256 | - smf_db_error_backtrace('Wrong value type sent to the database. IPv4 or IPv6 expected.(' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__); |
|
| 273 | + if ($replacement == 'null' || $replacement == '') { |
|
| 274 | + $replacement[$key] = 'null'; |
|
| 275 | + } |
|
| 276 | + if (!isValidIP($value)) { |
|
| 277 | + smf_db_error_backtrace('Wrong value type sent to the database. IPv4 or IPv6 expected.(' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__); |
|
| 278 | + } |
|
| 257 | 279 | $replacement[$key] = sprintf('\'%1$s\'::inet', pg_escape_string($value)); |
| 258 | 280 | } |
| 259 | 281 | |
| 260 | 282 | return implode(', ', $replacement); |
| 283 | + } else { |
|
| 284 | + smf_db_error_backtrace('Wrong value type sent to the database. Array of IPv4 or IPv6 expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__); |
|
| 261 | 285 | } |
| 262 | - else |
|
| 263 | - smf_db_error_backtrace('Wrong value type sent to the database. Array of IPv4 or IPv6 expected. (' . $matches[2] . ')', '', E_USER_ERROR, __FILE__, __LINE__); |
|
| 264 | 286 | break; |
| 265 | 287 | |
| 266 | 288 | default: |
@@ -354,14 +376,16 @@ discard block |
||
| 354 | 376 | ), |
| 355 | 377 | ); |
| 356 | 378 | |
| 357 | - if (isset($replacements[$identifier])) |
|
| 358 | - $db_string = preg_replace(array_keys($replacements[$identifier]), array_values($replacements[$identifier]), $db_string); |
|
| 379 | + if (isset($replacements[$identifier])) { |
|
| 380 | + $db_string = preg_replace(array_keys($replacements[$identifier]), array_values($replacements[$identifier]), $db_string); |
|
| 381 | + } |
|
| 359 | 382 | |
| 360 | 383 | // Limits need to be a little different. |
| 361 | 384 | $db_string = preg_replace('~\sLIMIT\s(\d+|{int:.+}),\s*(\d+|{int:.+})\s*$~i', 'LIMIT $2 OFFSET $1', $db_string); |
| 362 | 385 | |
| 363 | - if (trim($db_string) == '') |
|
| 364 | - return false; |
|
| 386 | + if (trim($db_string) == '') { |
|
| 387 | + return false; |
|
| 388 | + } |
|
| 365 | 389 | |
| 366 | 390 | // Comments that are allowed in a query are preg_removed. |
| 367 | 391 | static $allowed_comments_from = array( |
@@ -381,8 +405,9 @@ discard block |
||
| 381 | 405 | $db_count = !isset($db_count) ? 1 : $db_count + 1; |
| 382 | 406 | $db_replace_result = 0; |
| 383 | 407 | |
| 384 | - if (empty($modSettings['disableQueryCheck']) && strpos($db_string, '\'') !== false && empty($db_values['security_override'])) |
|
| 385 | - smf_db_error_backtrace('Hacking attempt...', 'Illegal character (\') used in query...', true, __FILE__, __LINE__); |
|
| 408 | + if (empty($modSettings['disableQueryCheck']) && strpos($db_string, '\'') !== false && empty($db_values['security_override'])) { |
|
| 409 | + smf_db_error_backtrace('Hacking attempt...', 'Illegal character (\') used in query...', true, __FILE__, __LINE__); |
|
| 410 | + } |
|
| 386 | 411 | |
| 387 | 412 | if (empty($db_values['security_override']) && (!empty($db_values) || strpos($db_string, '{db_prefix}') !== false)) |
| 388 | 413 | { |
@@ -403,8 +428,9 @@ discard block |
||
| 403 | 428 | list ($file, $line) = smf_db_error_backtrace('', '', 'return', __FILE__, __LINE__); |
| 404 | 429 | |
| 405 | 430 | // Initialize $db_cache if not already initialized. |
| 406 | - if (!isset($db_cache)) |
|
| 407 | - $db_cache = array(); |
|
| 431 | + if (!isset($db_cache)) { |
|
| 432 | + $db_cache = array(); |
|
| 433 | + } |
|
| 408 | 434 | |
| 409 | 435 | if (!empty($_SESSION['debug_redirect'])) |
| 410 | 436 | { |
@@ -430,17 +456,18 @@ discard block |
||
| 430 | 456 | while (true) |
| 431 | 457 | { |
| 432 | 458 | $pos = strpos($db_string, '\'', $pos + 1); |
| 433 | - if ($pos === false) |
|
| 434 | - break; |
|
| 459 | + if ($pos === false) { |
|
| 460 | + break; |
|
| 461 | + } |
|
| 435 | 462 | $clean .= substr($db_string, $old_pos, $pos - $old_pos); |
| 436 | 463 | |
| 437 | 464 | while (true) |
| 438 | 465 | { |
| 439 | 466 | $pos1 = strpos($db_string, '\'', $pos + 1); |
| 440 | 467 | $pos2 = strpos($db_string, '\\', $pos + 1); |
| 441 | - if ($pos1 === false) |
|
| 442 | - break; |
|
| 443 | - elseif ($pos2 === false || $pos2 > $pos1) |
|
| 468 | + if ($pos1 === false) { |
|
| 469 | + break; |
|
| 470 | + } elseif ($pos2 === false || $pos2 > $pos1) |
|
| 444 | 471 | { |
| 445 | 472 | $pos = $pos1; |
| 446 | 473 | break; |
@@ -456,16 +483,19 @@ discard block |
||
| 456 | 483 | $clean = trim(strtolower(preg_replace($allowed_comments_from, $allowed_comments_to, $clean))); |
| 457 | 484 | |
| 458 | 485 | // Comments? We don't use comments in our queries, we leave 'em outside! |
| 459 | - if (strpos($clean, '/*') > 2 || strpos($clean, '--') !== false || strpos($clean, ';') !== false) |
|
| 460 | - $fail = true; |
|
| 486 | + if (strpos($clean, '/*') > 2 || strpos($clean, '--') !== false || strpos($clean, ';') !== false) { |
|
| 487 | + $fail = true; |
|
| 488 | + } |
|
| 461 | 489 | // Trying to change passwords, slow us down, or something? |
| 462 | - elseif (strpos($clean, 'sleep') !== false && preg_match('~(^|[^a-z])sleep($|[^[_a-z])~s', $clean) != 0) |
|
| 463 | - $fail = true; |
|
| 464 | - elseif (strpos($clean, 'benchmark') !== false && preg_match('~(^|[^a-z])benchmark($|[^[a-z])~s', $clean) != 0) |
|
| 465 | - $fail = true; |
|
| 490 | + elseif (strpos($clean, 'sleep') !== false && preg_match('~(^|[^a-z])sleep($|[^[_a-z])~s', $clean) != 0) { |
|
| 491 | + $fail = true; |
|
| 492 | + } elseif (strpos($clean, 'benchmark') !== false && preg_match('~(^|[^a-z])benchmark($|[^[a-z])~s', $clean) != 0) { |
|
| 493 | + $fail = true; |
|
| 494 | + } |
|
| 466 | 495 | |
| 467 | - if (!empty($fail) && function_exists('log_error')) |
|
| 468 | - smf_db_error_backtrace('Hacking attempt...', 'Hacking attempt...' . "\n" . $db_string, E_USER_ERROR, __FILE__, __LINE__); |
|
| 496 | + if (!empty($fail) && function_exists('log_error')) { |
|
| 497 | + smf_db_error_backtrace('Hacking attempt...', 'Hacking attempt...' . "\n" . $db_string, E_USER_ERROR, __FILE__, __LINE__); |
|
| 498 | + } |
|
| 469 | 499 | } |
| 470 | 500 | |
| 471 | 501 | // Set optimize stuff |
@@ -484,18 +514,21 @@ discard block |
||
| 484 | 514 | |
| 485 | 515 | $db_string = $query_hints_set . $db_string; |
| 486 | 516 | |
| 487 | - if (isset($db_show_debug) && $db_show_debug === true && $db_cache[$db_count]['q'] != '...') |
|
| 488 | - $db_cache[$db_count]['q'] = "\t\t" . $db_string; |
|
| 517 | + if (isset($db_show_debug) && $db_show_debug === true && $db_cache[$db_count]['q'] != '...') { |
|
| 518 | + $db_cache[$db_count]['q'] = "\t\t" . $db_string; |
|
| 519 | + } |
|
| 489 | 520 | } |
| 490 | 521 | |
| 491 | 522 | $db_last_result = @pg_query($connection, $db_string); |
| 492 | 523 | |
| 493 | - if ($db_last_result === false && empty($db_values['db_error_skip'])) |
|
| 494 | - $db_last_result = smf_db_error($db_string, $connection); |
|
| 524 | + if ($db_last_result === false && empty($db_values['db_error_skip'])) { |
|
| 525 | + $db_last_result = smf_db_error($db_string, $connection); |
|
| 526 | + } |
|
| 495 | 527 | |
| 496 | 528 | // Debugging. |
| 497 | - if (isset($db_show_debug) && $db_show_debug === true) |
|
| 498 | - $db_cache[$db_count]['t'] = array_sum(explode(' ', microtime())) - array_sum(explode(' ', $st)); |
|
| 529 | + if (isset($db_show_debug) && $db_show_debug === true) { |
|
| 530 | + $db_cache[$db_count]['t'] = array_sum(explode(' ', microtime())) - array_sum(explode(' ', $st)); |
|
| 531 | + } |
|
| 499 | 532 | |
| 500 | 533 | return $db_last_result; |
| 501 | 534 | } |
@@ -508,10 +541,11 @@ discard block |
||
| 508 | 541 | { |
| 509 | 542 | global $db_last_result, $db_replace_result; |
| 510 | 543 | |
| 511 | - if ($db_replace_result) |
|
| 512 | - return $db_replace_result; |
|
| 513 | - elseif ($result === null && !$db_last_result) |
|
| 514 | - return 0; |
|
| 544 | + if ($db_replace_result) { |
|
| 545 | + return $db_replace_result; |
|
| 546 | + } elseif ($result === null && !$db_last_result) { |
|
| 547 | + return 0; |
|
| 548 | + } |
|
| 515 | 549 | |
| 516 | 550 | return pg_affected_rows($result === null ? $db_last_result : $result); |
| 517 | 551 | } |
@@ -535,8 +569,9 @@ discard block |
||
| 535 | 569 | array( |
| 536 | 570 | ) |
| 537 | 571 | ); |
| 538 | - if (!$request) |
|
| 539 | - return false; |
|
| 572 | + if (!$request) { |
|
| 573 | + return false; |
|
| 574 | + } |
|
| 540 | 575 | list ($lastID) = $smcFunc['db_fetch_row']($request); |
| 541 | 576 | $smcFunc['db_free_result']($request); |
| 542 | 577 | |
@@ -557,12 +592,13 @@ discard block |
||
| 557 | 592 | // Decide which connection to use |
| 558 | 593 | $connection = $connection === null ? $db_connection : $connection; |
| 559 | 594 | |
| 560 | - if ($type == 'begin') |
|
| 561 | - return @pg_query($connection, 'BEGIN'); |
|
| 562 | - elseif ($type == 'rollback') |
|
| 563 | - return @pg_query($connection, 'ROLLBACK'); |
|
| 564 | - elseif ($type == 'commit') |
|
| 565 | - return @pg_query($connection, 'COMMIT'); |
|
| 595 | + if ($type == 'begin') { |
|
| 596 | + return @pg_query($connection, 'BEGIN'); |
|
| 597 | + } elseif ($type == 'rollback') { |
|
| 598 | + return @pg_query($connection, 'ROLLBACK'); |
|
| 599 | + } elseif ($type == 'commit') { |
|
| 600 | + return @pg_query($connection, 'COMMIT'); |
|
| 601 | + } |
|
| 566 | 602 | |
| 567 | 603 | return false; |
| 568 | 604 | } |
@@ -590,19 +626,22 @@ discard block |
||
| 590 | 626 | $query_error = @pg_last_error($connection); |
| 591 | 627 | |
| 592 | 628 | // Log the error. |
| 593 | - if (function_exists('log_error')) |
|
| 594 | - log_error($txt['database_error'] . ': ' . $query_error . (!empty($modSettings['enableErrorQueryLogging']) ? "\n\n" . $db_string : ''), 'database', $file, $line); |
|
| 629 | + if (function_exists('log_error')) { |
|
| 630 | + log_error($txt['database_error'] . ': ' . $query_error . (!empty($modSettings['enableErrorQueryLogging']) ? "\n\n" . $db_string : ''), 'database', $file, $line); |
|
| 631 | + } |
|
| 595 | 632 | |
| 596 | 633 | // Nothing's defined yet... just die with it. |
| 597 | - if (empty($context) || empty($txt)) |
|
| 598 | - die($query_error); |
|
| 634 | + if (empty($context) || empty($txt)) { |
|
| 635 | + die($query_error); |
|
| 636 | + } |
|
| 599 | 637 | |
| 600 | 638 | // Show an error message, if possible. |
| 601 | 639 | $context['error_title'] = $txt['database_error']; |
| 602 | - if (allowedTo('admin_forum')) |
|
| 603 | - $context['error_message'] = nl2br($query_error) . '<br>' . $txt['file'] . ': ' . $file . '<br>' . $txt['line'] . ': ' . $line; |
|
| 604 | - else |
|
| 605 | - $context['error_message'] = $txt['try_again']; |
|
| 640 | + if (allowedTo('admin_forum')) { |
|
| 641 | + $context['error_message'] = nl2br($query_error) . '<br>' . $txt['file'] . ': ' . $file . '<br>' . $txt['line'] . ': ' . $line; |
|
| 642 | + } else { |
|
| 643 | + $context['error_message'] = $txt['try_again']; |
|
| 644 | + } |
|
| 606 | 645 | |
| 607 | 646 | if (allowedTo('admin_forum') && isset($db_show_debug) && $db_show_debug === true) |
| 608 | 647 | { |
@@ -624,12 +663,14 @@ discard block |
||
| 624 | 663 | { |
| 625 | 664 | global $db_row_count; |
| 626 | 665 | |
| 627 | - if ($counter !== false) |
|
| 628 | - return pg_fetch_row($request, $counter); |
|
| 666 | + if ($counter !== false) { |
|
| 667 | + return pg_fetch_row($request, $counter); |
|
| 668 | + } |
|
| 629 | 669 | |
| 630 | 670 | // Reset the row counter... |
| 631 | - if (!isset($db_row_count[(int) $request])) |
|
| 632 | - $db_row_count[(int) $request] = 0; |
|
| 671 | + if (!isset($db_row_count[(int) $request])) { |
|
| 672 | + $db_row_count[(int) $request] = 0; |
|
| 673 | + } |
|
| 633 | 674 | |
| 634 | 675 | // Return the right row. |
| 635 | 676 | return @pg_fetch_row($request, $db_row_count[(int) $request]++); |
@@ -646,12 +687,14 @@ discard block |
||
| 646 | 687 | { |
| 647 | 688 | global $db_row_count; |
| 648 | 689 | |
| 649 | - if ($counter !== false) |
|
| 650 | - return pg_fetch_assoc($request, $counter); |
|
| 690 | + if ($counter !== false) { |
|
| 691 | + return pg_fetch_assoc($request, $counter); |
|
| 692 | + } |
|
| 651 | 693 | |
| 652 | 694 | // Reset the row counter... |
| 653 | - if (!isset($db_row_count[(int) $request])) |
|
| 654 | - $db_row_count[(int) $request] = 0; |
|
| 695 | + if (!isset($db_row_count[(int) $request])) { |
|
| 696 | + $db_row_count[(int) $request] = 0; |
|
| 697 | + } |
|
| 655 | 698 | |
| 656 | 699 | // Return the right row. |
| 657 | 700 | return @pg_fetch_assoc($request, $db_row_count[(int) $request]++); |
@@ -704,11 +747,13 @@ discard block |
||
| 704 | 747 | |
| 705 | 748 | $replace = ''; |
| 706 | 749 | |
| 707 | - if (empty($data)) |
|
| 708 | - return; |
|
| 750 | + if (empty($data)) { |
|
| 751 | + return; |
|
| 752 | + } |
|
| 709 | 753 | |
| 710 | - if (!is_array($data[array_rand($data)])) |
|
| 711 | - $data = array($data); |
|
| 754 | + if (!is_array($data[array_rand($data)])) { |
|
| 755 | + $data = array($data); |
|
| 756 | + } |
|
| 712 | 757 | |
| 713 | 758 | // Replace the prefix holder with the actual prefix. |
| 714 | 759 | $table = str_replace('{db_prefix}', $db_prefix, $table); |
@@ -727,11 +772,13 @@ discard block |
||
| 727 | 772 | //pg 9.5 got replace support |
| 728 | 773 | $pg_version = $smcFunc['db_get_version'](); |
| 729 | 774 | // if we got a Beta Version |
| 730 | - if (stripos($pg_version, 'beta') !== false) |
|
| 731 | - $pg_version = substr($pg_version, 0, stripos($pg_version, 'beta')) . '.0'; |
|
| 775 | + if (stripos($pg_version, 'beta') !== false) { |
|
| 776 | + $pg_version = substr($pg_version, 0, stripos($pg_version, 'beta')) . '.0'; |
|
| 777 | + } |
|
| 732 | 778 | // or RC |
| 733 | - if (stripos($pg_version, 'rc') !== false) |
|
| 734 | - $pg_version = substr($pg_version, 0, stripos($pg_version, 'rc')) . '.0'; |
|
| 779 | + if (stripos($pg_version, 'rc') !== false) { |
|
| 780 | + $pg_version = substr($pg_version, 0, stripos($pg_version, 'rc')) . '.0'; |
|
| 781 | + } |
|
| 735 | 782 | |
| 736 | 783 | $replace_support = (version_compare($pg_version, '9.5.0', '>=') ? true : false); |
| 737 | 784 | } |
@@ -750,8 +797,7 @@ discard block |
||
| 750 | 797 | $key_str .= ($count_pk > 0 ? ',' : ''); |
| 751 | 798 | $key_str .= $columnName; |
| 752 | 799 | $count_pk++; |
| 753 | - } |
|
| 754 | - else //normal field |
|
| 800 | + } else //normal field |
|
| 755 | 801 | { |
| 756 | 802 | $col_str .= ($count > 0 ? ',' : ''); |
| 757 | 803 | $col_str .= $columnName . ' = EXCLUDED.' . $columnName; |
@@ -759,20 +805,21 @@ discard block |
||
| 759 | 805 | } |
| 760 | 806 | } |
| 761 | 807 | $replace = ' ON CONFLICT (' . $key_str . ') DO UPDATE SET ' . $col_str; |
| 762 | - } |
|
| 763 | - else |
|
| 808 | + } else |
|
| 764 | 809 | { |
| 765 | 810 | foreach ($columns as $columnName => $type) |
| 766 | 811 | { |
| 767 | 812 | // Are we restricting the length? |
| 768 | - if (strpos($type, 'string-') !== false) |
|
| 769 | - $actualType = sprintf($columnName . ' = SUBSTRING({string:%1$s}, 1, ' . substr($type, 7) . '), ', $count); |
|
| 770 | - else |
|
| 771 | - $actualType = sprintf($columnName . ' = {%1$s:%2$s}, ', $type, $count); |
|
| 813 | + if (strpos($type, 'string-') !== false) { |
|
| 814 | + $actualType = sprintf($columnName . ' = SUBSTRING({string:%1$s}, 1, ' . substr($type, 7) . '), ', $count); |
|
| 815 | + } else { |
|
| 816 | + $actualType = sprintf($columnName . ' = {%1$s:%2$s}, ', $type, $count); |
|
| 817 | + } |
|
| 772 | 818 | |
| 773 | 819 | // A key? That's what we were looking for. |
| 774 | - if (in_array($columnName, $keys)) |
|
| 775 | - $where .= (empty($where) ? '' : ' AND ') . substr($actualType, 0, -2); |
|
| 820 | + if (in_array($columnName, $keys)) { |
|
| 821 | + $where .= (empty($where) ? '' : ' AND ') . substr($actualType, 0, -2); |
|
| 822 | + } |
|
| 776 | 823 | $count++; |
| 777 | 824 | } |
| 778 | 825 | |
@@ -808,10 +855,11 @@ discard block |
||
| 808 | 855 | foreach ($columns as $columnName => $type) |
| 809 | 856 | { |
| 810 | 857 | // Are we restricting the length? |
| 811 | - if (strpos($type, 'string-') !== false) |
|
| 812 | - $insertData .= sprintf('SUBSTRING({string:%1$s}, 1, ' . substr($type, 7) . '), ', $columnName); |
|
| 813 | - else |
|
| 814 | - $insertData .= sprintf('{%1$s:%2$s}, ', $type, $columnName); |
|
| 858 | + if (strpos($type, 'string-') !== false) { |
|
| 859 | + $insertData .= sprintf('SUBSTRING({string:%1$s}, 1, ' . substr($type, 7) . '), ', $columnName); |
|
| 860 | + } else { |
|
| 861 | + $insertData .= sprintf('{%1$s:%2$s}, ', $type, $columnName); |
|
| 862 | + } |
|
| 815 | 863 | } |
| 816 | 864 | $insertData = substr($insertData, 0, -2) . ')'; |
| 817 | 865 | |
@@ -820,8 +868,9 @@ discard block |
||
| 820 | 868 | |
| 821 | 869 | // Here's where the variables are injected to the query. |
| 822 | 870 | $insertRows = array(); |
| 823 | - foreach ($data as $dataRow) |
|
| 824 | - $insertRows[] = smf_db_quote($insertData, array_combine($indexed_columns, $dataRow), $connection); |
|
| 871 | + foreach ($data as $dataRow) { |
|
| 872 | + $insertRows[] = smf_db_quote($insertData, array_combine($indexed_columns, $dataRow), $connection); |
|
| 873 | + } |
|
| 825 | 874 | |
| 826 | 875 | // Do the insert. |
| 827 | 876 | $request = $smcFunc['db_query']('', ' |
@@ -838,19 +887,21 @@ discard block |
||
| 838 | 887 | |
| 839 | 888 | if ($with_returning && $request !== false) |
| 840 | 889 | { |
| 841 | - if ($returnmode === 2) |
|
| 842 | - $return_var = array(); |
|
| 890 | + if ($returnmode === 2) { |
|
| 891 | + $return_var = array(); |
|
| 892 | + } |
|
| 843 | 893 | |
| 844 | 894 | while(($row = $smcFunc['db_fetch_row']($request)) && $with_returning) |
| 845 | 895 | { |
| 846 | - if (is_numeric($row[0])) // try to emulate mysql limitation |
|
| 896 | + if (is_numeric($row[0])) { |
|
| 897 | + // try to emulate mysql limitation |
|
| 847 | 898 | { |
| 848 | 899 | if ($returnmode === 1) |
| 849 | 900 | $return_var = $row[0]; |
| 850 | - elseif ($returnmode === 2) |
|
| 851 | - $return_var[] = $row[0]; |
|
| 852 | - } |
|
| 853 | - else |
|
| 901 | + } elseif ($returnmode === 2) { |
|
| 902 | + $return_var[] = $row[0]; |
|
| 903 | + } |
|
| 904 | + } else |
|
| 854 | 905 | { |
| 855 | 906 | $with_returning = false; |
| 856 | 907 | trigger_error('trying to returning ID Field which is not a Int field', E_USER_ERROR); |
@@ -859,9 +910,10 @@ discard block |
||
| 859 | 910 | } |
| 860 | 911 | } |
| 861 | 912 | |
| 862 | - if ($with_returning && !empty($return_var)) |
|
| 863 | - return $return_var; |
|
| 864 | -} |
|
| 913 | + if ($with_returning && !empty($return_var)) { |
|
| 914 | + return $return_var; |
|
| 915 | + } |
|
| 916 | + } |
|
| 865 | 917 | |
| 866 | 918 | /** |
| 867 | 919 | * Dummy function really. Doesn't do anything on PostgreSQL. |
@@ -898,8 +950,9 @@ discard block |
||
| 898 | 950 | */ |
| 899 | 951 | function smf_db_error_backtrace($error_message, $log_message = '', $error_type = false, $file = null, $line = null) |
| 900 | 952 | { |
| 901 | - if (empty($log_message)) |
|
| 902 | - $log_message = $error_message; |
|
| 953 | + if (empty($log_message)) { |
|
| 954 | + $log_message = $error_message; |
|
| 955 | + } |
|
| 903 | 956 | |
| 904 | 957 | foreach (debug_backtrace() as $step) |
| 905 | 958 | { |
@@ -918,12 +971,14 @@ discard block |
||
| 918 | 971 | } |
| 919 | 972 | |
| 920 | 973 | // A special case - we want the file and line numbers for debugging. |
| 921 | - if ($error_type == 'return') |
|
| 922 | - return array($file, $line); |
|
| 974 | + if ($error_type == 'return') { |
|
| 975 | + return array($file, $line); |
|
| 976 | + } |
|
| 923 | 977 | |
| 924 | 978 | // Is always a critical error. |
| 925 | - if (function_exists('log_error')) |
|
| 926 | - log_error($log_message, 'critical', $file, $line); |
|
| 979 | + if (function_exists('log_error')) { |
|
| 980 | + log_error($log_message, 'critical', $file, $line); |
|
| 981 | + } |
|
| 927 | 982 | |
| 928 | 983 | if (function_exists('fatal_error')) |
| 929 | 984 | { |
@@ -931,12 +986,12 @@ discard block |
||
| 931 | 986 | |
| 932 | 987 | // Cannot continue... |
| 933 | 988 | exit; |
| 989 | + } elseif ($error_type) { |
|
| 990 | + trigger_error($error_message . ($line !== null ? '<em>(' . basename($file) . '-' . $line . ')</em>' : ''), $error_type); |
|
| 991 | + } else { |
|
| 992 | + trigger_error($error_message . ($line !== null ? '<em>(' . basename($file) . '-' . $line . ')</em>' : '')); |
|
| 993 | + } |
|
| 934 | 994 | } |
| 935 | - elseif ($error_type) |
|
| 936 | - trigger_error($error_message . ($line !== null ? '<em>(' . basename($file) . '-' . $line . ')</em>' : ''), $error_type); |
|
| 937 | - else |
|
| 938 | - trigger_error($error_message . ($line !== null ? '<em>(' . basename($file) . '-' . $line . ')</em>' : '')); |
|
| 939 | -} |
|
| 940 | 995 | |
| 941 | 996 | /** |
| 942 | 997 | * Escape the LIKE wildcards so that they match the character and not the wildcard. |
@@ -953,10 +1008,11 @@ discard block |
||
| 953 | 1008 | '\\' => '\\\\', |
| 954 | 1009 | ); |
| 955 | 1010 | |
| 956 | - if ($translate_human_wildcards) |
|
| 957 | - $replacements += array( |
|
| 1011 | + if ($translate_human_wildcards) { |
|
| 1012 | + $replacements += array( |
|
| 958 | 1013 | '*' => '%', |
| 959 | 1014 | ); |
| 1015 | + } |
|
| 960 | 1016 | |
| 961 | 1017 | return strtr($string, $replacements); |
| 962 | 1018 | } |
