Issues in dbupdater.php (master) - Issues in master - fwolf/fwlib - Measure and Improve Code Quality continuously with Scrutinizer

Issues (1752)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

class/dbupdater.php (15 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * @package		fwolflib
 * @subpackage	class
 * @copyright	Copyright 2006-2009, Fwolf
 * @author		Fwolf <[email protected]>
 */


require_once(dirname(__FILE__) . '/fwolflib.php');
require_once(FWOLFLIB . 'class/adodb.php');
require_once(FWOLFLIB . 'func/env.php');


//// From fwolflib r12, Don't modify it outside fwolflib ! ////

/**
 * Database mantance & update tools
 * Used in develop or sync multi databases' structure
 *
 * It use a table to 'remember' every update done or to be done to db
 * and, all update to db here is defined to 'sql' lang format,
 * I hope this can meets all my needs.
 *
 * All updates MUST be done by step order, so when a last-update-id
 * is set, it's consided all updates before last-update-id is done.
 *
 * Additional tools do similar task:
 * http://xml2ddl.berlios.de/
 *
 * @deprecated  Use Fwlib\Db\SyncDbSchema
 * @package		fwolflib
 * @subpackage	class
 * @copyright	Copyright 2006-2009, Fwolf
 * @author		Fwolf <[email protected]>
 * @since		2006-12-10
 * @version		$Id$
 */
class DbUpdater extends Fwolflib {

	/**
	 * Db server information array
	 * 	Array item: type, host, user, pass, name.
	 * @var	array
	 */
	private $aServer = array();

	/**
	 * Last update id
	 * @var int
	 */
	public $iLastId = 0;

	/**
	 * Last done update id
	 * @var	int
	 */
	public $iLastDoneId = 0;

	/**
	 * Charset of database
	 * If charset of db diff from os, do convert when execute sql.
	 * @var	string
	 */
	public $sCharsetDb = '';

	/**
	 * Charset of operation system
	 * @var string
	 * @see	$sCharsetDb
	 */
	public $sCharsetOs = '';

	/**
	 * Summary text
	 * @var string
	 */
	public $sSummary = '';

	/**
	 * Table to save modifications and logs
	 *
	 * If u want to change log table name in use(had log some sql already)
	 * remember to rename table in database also.
	 * @var	string
	 */
	public $sTblLog = 'log_dbupdater';


	/**
	 * Db connection object
	 * @var object
	 */
	public $oDb;

	/**
	 * Construct function
	 * @access public
	 * @param	array	$server	Db server information
/**
 * @param array $germany
 * @param array $ireland
 */
function finale($germany, $island) {
    return "2:1";
}
	 */
	function __construct($dbserver=array())

	{
		if (!empty($dbserver))
			$this->SetDatabase($dbserver);

		// Check and install log table
		$this->CheckLogTbl();
	} // end of func construct


	/**
	 * Check and install log table if not exists
	 * @access	public
	 */
	public function CheckLogTbl()
	{
		$logtbl_not_exists = false;
		if ('sybase' == $this->aServer['type'] ||
			'sybase_ase' == $this->aServer['type'])
		{
			$sql = "select count(1) as c from sysobjects where name = '$this->sTblLog' and type = 'U'";
			$rs = $this->oDb->Execute($sql);
			if (0 == $rs->fields['c'])
				$logtbl_not_exists = true;
		}
		elseif ('mysql' == $this->aServer['type'] ||
				'mysqli' == $this->aServer['type'])
		{
			$sql = "SHOW TABLES LIKE '$this->sTblLog'";
			$rs = $this->oDb->Execute($sql);
			if (0 == $rs->RowCount())
				$logtbl_not_exists = true;
		}
		else
		{
			$sql = "select 1 from $this->sTblLog";
			$rs = $this->oDb->Execute($sql);
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
			if (0 == $this->oDb->ErrorNo())
				$logtbl_not_exists = true;
		}

		if (true == $logtbl_not_exists)

		{
			// Table doesn't exist, create it
			// 'sql' is a reserved word, so sqtext is used.
			// SQL for Create table diffs from several db
			if ('sybase' == $this->aServer['type'] || 'sybase_ase' == $this->aServer['type'])
				$sql = "
CREATE TABLE $this->sTblLog (
	id		numeric(8) NOT NULL,
	comment	varchar(200) NOT NULL,
	done	int default 0,	-- 0:not do, -1:error, 1:done ok
	sqltext	text,
	ts		timestamp NOT NULL,
	constraint PK_$this->sTblLog PRIMARY KEY (id)
)
					";
			else
				// :DELETED: ) ENGINE=MyISAM AUTO_INCREMENT=1
				$sql = "
CREATE TABLE $this->sTblLog (
	id		int(8) NOT NULL auto_increment,
	comment	varchar(200) NOT NULL,
	done	tinyint(1) default 0,	-- 0:not do, -1:error, 1:done ok
	sqltext	text,
	ts		timestamp NOT NULL default CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
	PRIMARY KEY (id)
) AUTO_INCREMENT=1
					";
			$this->oDb->Execute($sql);
			if (0 < $this->oDb->ErrorNo())
			{
				$this->Log($this->oDb->ErrorNo() . ' - '  . $this->oDb->ErrorMsg() . "\n");
				$this->Summary();
				die("Log table $this->sTblLog doesn't exists and create fail.\n");
			}

			// Log table create information
			$this->Log("Log table $this->sTblLog doesn't exists, create it, done.\n");
		}
		else
		{
			// Log table exist information
			$this->Log("Log table $this->sTblLog already exists.\n");
		}

		// Get last-done-id for later usage
		$this->GetLastDoneId();
	} // end of func CheckLogTbl


	/**
	 * 获得数据库连接
	 * @param	array	$server
	 * @return object
	 */
	private function &DbConn($server)
	{
		$conn = new Adodb($server);

		$conn->Connect();
		return $conn;
	} // end of func DbConn


	/**
	 * Del error record when last done.
	 *
	 * So it can rewrite/update these record in db.
	 * Only del failed sql is not enough,
	 * you need del all sql start from the failed ONE.
	 */
	public function DelErrorSql() {
		$sql = "SELECT id FROM {$this->sTblLog} WHERE done=-1 ORDER BY id ASC LIMIT 1";
		$rs = $this->oDb->Execute($sql);
		if (!empty($rs) && (0 < $rs->RecordCount())) {
			// Del sql after it
			$id = $rs->fields['id'];
			$sql = "DELETE FROM {$this->sTblLog} WHERE id >= $id";
			$rs = $this->oDb->Execute($sql);
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
			$i = $this->oDb->Affected_Rows();
			// $i should > 0
			$this->Log("Clear $i sql start from failed sql $id.\n");
		}
	} // end of func DelErrorSql


	/**
	 * Do updates according to update-records in log table
	 */
	public function DoUpdate()
	{
		$sql = "SELECT id, sqltext FROM $this->sTblLog where done<>1 order by id asc";
		$rs = $this->oDb->Execute($sql);
		if ($rs->EOF)
		{
			$this->Log("No un-done update to do.\n");
		}
		else
		{
			// Do these updates one by one
			$ar = $rs->GetArray();
			$i_total = count($ar);
			for ($i=0; $i<$i_total; $i++)
			{
				$id = $ar[$i]['id'];
				$sqltext = stripslashes($ar[$i]['sqltext']);
				// Do on update
				// Cancel transaction because some ddl sql can't use in trans.
				//$this->oDb->StartTrans();
				$this->oDb->Execute($sqltext);

				// Bad sybase support, select db will got errormsg
				// Avoid sybase errormsg like: Changed database context to 'jygl'
				if ((0 == strlen($this->oDb->ErrorMsg()) && 0 == $this->oDb->ErrorNo()) || ('Changed database context t' == substr($this->oDb->ErrorMsg(), 0, 26)))
				{
					$this->Log("Update id $id done successful.\n");
					$this->SetUpdateDone($id, 1);
					//$this->oDb->CompleteTrans();
				}
				else
				{
					$this->Log("Update id $id done failed.\n");
					$this->Log($this->oDb->ErrorNo() . '-' . $this->oDb->ErrorMsg() . "\n");
					//$this->oDb->CompleteTrans();
					$this->SetUpdateDone($id, -1);
					$this->Summary(true);
					die("Doing update aborted because of failed.\n");
				}
			}
			// Log
			$this->Log("Total $i/$i_total updates done.\n");
		}
		return true;
	} // end of func DoUpdate


	/**
	 * Get last update id, whether done or not
	 * @access	public
	 * @return	int
	 */
	public function GetLastId()

	{
		$sql = "select id from $this->sTblLog order by id desc";
		$rs = $this->oDb->SelectLimit($sql, 1);
		if ($rs->EOF)
			$id = 0;
		else
			$id = $rs->fields['id'];
		$this->iLastId = $id;
		return $id;
	} // end of func GetLastId


	/**
	 * Get last done update id
	 * @access	public
	 * @return	int
	 */
	public function GetLastDoneId()

	{
		$sql = "select id from $this->sTblLog where done=1 order by id desc";
		$rs = $this->oDb->SelectLimit($sql, 1);
		if ($rs->EOF)
		{
			$id = 0;
		}
		else
		{
			$id = $rs->fields['id'];
		}
		$this->iLastDoneId = $id;
		return $id;
	} // end of func GetLastDoneId


	/**
	 * Return if an update is already done
	 * Use cached $iLastDoneId if it's non-zero, doesn't retrieve id from db.
	 * @access	public
	 * @param	int	$id
	 * @return	boolean
	 * @see		$iLastDoneId
	 * @see		GetLastDoneId()
	 */
	public function IfDone($id)
	{
		if (0 == $this->iLastDoneId)
			$this->GetLastDoneId();
		return ($id <= $this->iLastDoneId);
	} // end of func IfDone


	/*
	 * Save log
	 * @access	private
	 * @param	string	$log
	 */
	public function Log($log)
	{
		$this->sSummary .= $log;
	} // end of func Log


	/**
	 * Accept database information from outside class
	 *	Didnot validate data send in.
	 *	And connect to db after store infomation.
	 * @access	public
	 * @var	array	$server	array items: type, host, user, pass, name
	 */
	public function SetDatabase($server)

	{
		if (!empty($server) && is_array($server))
		{
			$this->aServer = $server;
			$this->oDb = &$this->DbConn($this->aServer);
		}
	} // end of func SetDatabase


	/**
	 * Set a update step, but doesn't execute it
	 * Use $iLastId if it's non-zero.
	 * @access	public
	 * @param	int	$id
	 * @param	string	$comment
	 * @param	string	$sqltext
	 * @see		$iLastId
	 */
	public function SetUpdate($id, $comment, $sqltext)
	{
		if (0 == $this->iLastId)
			$this->GetLastId();
		// Update can't be recoverd, so only worked when $id > $iLastId
		// And notice that update id MUST be assigned order ASC.
		if ($id > $this->iLastId)
		{
			$comment = addslashes($comment);
			$sqltext = addslashes($sqltext);
			$sql = "INSERT INTO $this->sTblLog (id, comment, sqltext) VALUES ($id, '$comment', '$sqltext')";
			// Check if iconv for sqltext is needed
			if ($this->sCharsetDb != $this->sCharsetOs)
				$sql = mb_convert_encoding($sql, $this->sCharsetDb, $this->sCharsetOs);
			//
			$this->oDb->Execute($sql);
			if (0 != $this->oDb->ErrorNo())
			{
				$this->Log($this->oDb->ErrorNo() . '-' . $this->oDb->ErrorMsg() . "\n");
				$this->Summary(true);
				die("Set update failed.\n");
			}
			else
			{
				$this->iLastId ++;
				$this->Log("Update id $id saved.\n");
			}
		}
	} // end of func SetUpdate


	/**
	 * Set a update record's status done or not or failed
	 * Didn't validate $id or $status.
	 * @param	int		$id		Update id
	 * @param	int		$status Update id's status(0/1/-1)
	 */
	private function SetUpdateDone($id, $status)
	{
		if (-1 == $status)
			$this->Log("Error when do update $id, {$this->oDb->ErrorNo()}:{$this->oDb->ErrorMsg()}\n");
		$sql = "UPDATE $this->sTblLog set done=$status where id=$id";
		$this->oDb->Execute($sql);
		//if (0 == $this->oDb->ErrorNo() && 0 == strlen($this->oDb->ErrorMsg()))
		if ((0 == strlen($this->oDb->ErrorMsg()) && 0 == $this->oDb->ErrorNo()) || ('Changed database context t' == substr($this->oDb->ErrorMsg(), 0, 26)))
			$this->Log("Update id $id's done is set to $status.\n");
		else
			die("Failed when set update id $id's done status.({$this->oDb->ErrorNo()}:{$this->oDb->ErrorMsg()})\n");
	} // end of func SetUpdateDone


	/**
	 * Return summary text of the whole backup process
	 * @param	boolean	print
	 * @return string
	 */
	public function Summary($print = false)
	{
		$s = '';
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
		if (true == IsCli())

			$s = $this->sSummary . "\n";
		else
			$s = nl2br($this->sSummary);

		if (true == $print)

			echo $s;
		return $s;
	} // end of func Summary


} // end of class DbUpdater
?>



1		<?php
2		/**
3		* @package fwolflib
4		* @subpackage class
5		* @copyright Copyright 2006-2009, Fwolf
6		* @author Fwolf <[email protected]>
7		*/
8
9
10		require_once(dirname(__FILE__) . '/fwolflib.php');
11		require_once(FWOLFLIB . 'class/adodb.php');
12		require_once(FWOLFLIB . 'func/env.php');
13
14
15		//// From fwolflib r12, Don't modify it outside fwolflib ! ////
16
17		/**
18		* Database mantance & update tools
19		* Used in develop or sync multi databases' structure
20		*
21		* It use a table to 'remember' every update done or to be done to db
22		* and, all update to db here is defined to 'sql' lang format,
23		* I hope this can meets all my needs.
24		*
25		* All updates MUST be done by step order, so when a last-update-id
26		* is set, it's consided all updates before last-update-id is done.
27		*
28		* Additional tools do similar task:
29		* http://xml2ddl.berlios.de/
30		*
31		* @deprecated Use Fwlib\Db\SyncDbSchema
32		* @package fwolflib
33		* @subpackage class
34		* @copyright Copyright 2006-2009, Fwolf
35		* @author Fwolf <[email protected]>
36		* @since 2006-12-10
37		* @version $Id$
38		*/
39		class DbUpdater extends Fwolflib {
		0 ignored issues – show Deprecated Code introduced 2016-06-01 06:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this The class `Fwolflib` has been deprecated with message: Use classes in Fwlib namespace, see PSR-0/1/2 This class, trait or interface has been deprecated. The supplier of the file has supplied an explanatory message. The explanatory message should give you some clue as to whether and when the type will be removed from the class and what other constant to use instead. Loading history...
40		/**
41		* Db server information array
42		* Array item: type, host, user, pass, name.
43		* @var array
44		*/
45		private $aServer = array();
46
47		/**
48		* Last update id
49		* @var int
50		*/
51		public $iLastId = 0;
52
53		/**
54		* Last done update id
55		* @var int
56		*/
57		public $iLastDoneId = 0;
58
59		/**
60		* Charset of database
61		* If charset of db diff from os, do convert when execute sql.
62		* @var string
63		*/
64		public $sCharsetDb = '';
65
66		/**
67		* Charset of operation system
68		* @var string
69		* @see $sCharsetDb
70		*/
71		public $sCharsetOs = '';
72
73		/**
74		* Summary text
75		* @var string
76		*/
77		public $sSummary = '';
78
79		/**
80		* Table to save modifications and logs
81		*
82		* If u want to change log table name in use(had log some sql already)
83		* remember to rename table in database also.
84		* @var string
85		*/
86		public $sTblLog = 'log_dbupdater';
87
88
89		/**
90		* Db connection object
91		* @var object
92		*/
93		public $oDb;
94
95		/**
96		* Construct function
97		* @access public
98		* @param array $server Db server information
		0 ignored issues – show Documentation introduced 2016-06-01 06:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this There is no parameter named `$server`. Did you maybe mean `$dbserver`? This check looks for PHPDoc comments describing methods or function parameters that do not exist on the corresponding method or function. It has, however, found a similar but not annotated parameter which might be a good fit. Consider the following example. The parameter `$ireland` is not defined by the method `finale(...)`. /** * @param array $germany * @param array $ireland */ function finale($germany, $island) { return "2:1"; } The most likely cause is that the parameter was changed, but the annotation was not. Loading history...
99		*/
100		function __construct($dbserver=array())
		0 ignored issues – show Best Practice introduced 2016-06-01 06:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this It is generally recommended to explicitly declare the visibility for methods. Adding explicit visibility (`private`, `protected`, or `public`) is generally recommend to communicate to other developers how, and from where this method is intended to be used. Loading history...
101		{
102		if (!empty($dbserver))
103		$this->SetDatabase($dbserver);
104
105		// Check and install log table
106		$this->CheckLogTbl();
107		} // end of func construct
108
109
110		/**
111		* Check and install log table if not exists
112		* @access public
113		*/
114		public function CheckLogTbl()
115		{
116		$logtbl_not_exists = false;
117		if ('sybase' == $this->aServer['type'] \|\|
118		'sybase_ase' == $this->aServer['type'])
119		{
120		$sql = "select count(1) as c from sysobjects where name = '$this->sTblLog' and type = 'U'";
121		$rs = $this->oDb->Execute($sql);
122		if (0 == $rs->fields['c'])
123		$logtbl_not_exists = true;
124		}
125		elseif ('mysql' == $this->aServer['type'] \|\|
126		'mysqli' == $this->aServer['type'])
127		{
128		$sql = "SHOW TABLES LIKE '$this->sTblLog'";
129		$rs = $this->oDb->Execute($sql);
130		if (0 == $rs->RowCount())
131		$logtbl_not_exists = true;
132		}
133		else
134		{
135		$sql = "select 1 from $this->sTblLog";
136		$rs = $this->oDb->Execute($sql);
		0 ignored issues – show Unused Code introduced 2016-06-01 06:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$rs` is not used, you could remove the assignment. This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value'; $higher = false; if (rand(1, 6) > 3) { $higher = true; } else { $higher = false; } Both the `$myVar` assignment in line 1 and the `$higher` assignment in line 2 are dead. The first because `$myVar` is never used and the second because `$higher` is always overwritten for every possible time line. Loading history...
137		if (0 == $this->oDb->ErrorNo())
138		$logtbl_not_exists = true;
139		}
140
141		if (true == $logtbl_not_exists)
		0 ignored issues – show Coding Style Best Practice introduced 2016-06-01 06:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like you are loosely comparing two booleans. Considering using the strict comparison `===` instead. When comparing two booleans, it is generally considered safer to use the strict comparison operator. Loading history...
142		{
143		// Table doesn't exist, create it
144		// 'sql' is a reserved word, so sqtext is used.
145		// SQL for Create table diffs from several db
146		if ('sybase' == $this->aServer['type'] \|\| 'sybase_ase' == $this->aServer['type'])
147		$sql = "
148		CREATE TABLE $this->sTblLog (
149		id numeric(8) NOT NULL,
150		comment varchar(200) NOT NULL,
151		done int default 0, -- 0:not do, -1:error, 1:done ok
152		sqltext text,
153		ts timestamp NOT NULL,
154		constraint PK_$this->sTblLog PRIMARY KEY (id)
155		)
156		";
157		else
158		// :DELETED: ) ENGINE=MyISAM AUTO_INCREMENT=1
159		$sql = "
160		CREATE TABLE $this->sTblLog (
161		id int(8) NOT NULL auto_increment,
162		comment varchar(200) NOT NULL,
163		done tinyint(1) default 0, -- 0:not do, -1:error, 1:done ok
164		sqltext text,
165		ts timestamp NOT NULL default CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
166		PRIMARY KEY (id)
167		) AUTO_INCREMENT=1
168		";
169		$this->oDb->Execute($sql);
170		if (0 < $this->oDb->ErrorNo())
171		{
172		$this->Log($this->oDb->ErrorNo() . ' - ' . $this->oDb->ErrorMsg() . "\n");
173		$this->Summary();
174		die("Log table $this->sTblLog doesn't exists and create fail.\n");
175		}
176
177		// Log table create information
178		$this->Log("Log table $this->sTblLog doesn't exists, create it, done.\n");
179		}
180		else
181		{
182		// Log table exist information
183		$this->Log("Log table $this->sTblLog already exists.\n");
184		}
185
186		// Get last-done-id for later usage
187		$this->GetLastDoneId();
188		} // end of func CheckLogTbl
189
190
191		/**
192		* 获得数据库连接
193		* @param array $server
194		* @return object
195		*/
196		private function &DbConn($server)
197		{
198		$conn = new Adodb($server);
		0 ignored issues – show Deprecated Code introduced 2016-06-01 06:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this The class `Adodb` has been deprecated with message: Use Fwlib\Bridge\Adodb This class, trait or interface has been deprecated. The supplier of the file has supplied an explanatory message. The explanatory message should give you some clue as to whether and when the type will be removed from the class and what other constant to use instead. Loading history...
199		$conn->Connect();
200		return $conn;
201		} // end of func DbConn
202
203
204		/**
205		* Del error record when last done.
206		*
207		* So it can rewrite/update these record in db.
208		* Only del failed sql is not enough,
209		* you need del all sql start from the failed ONE.
210		*/
211		public function DelErrorSql() {
212		$sql = "SELECT id FROM {$this->sTblLog} WHERE done=-1 ORDER BY id ASC LIMIT 1";
213		$rs = $this->oDb->Execute($sql);
214		if (!empty($rs) && (0 < $rs->RecordCount())) {
215		// Del sql after it
216		$id = $rs->fields['id'];
217		$sql = "DELETE FROM {$this->sTblLog} WHERE id >= $id";
218		$rs = $this->oDb->Execute($sql);
		0 ignored issues – show Unused Code introduced 2016-06-01 06:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$rs` is not used, you could remove the assignment. This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value'; $higher = false; if (rand(1, 6) > 3) { $higher = true; } else { $higher = false; } Both the `$myVar` assignment in line 1 and the `$higher` assignment in line 2 are dead. The first because `$myVar` is never used and the second because `$higher` is always overwritten for every possible time line. Loading history...
219		$i = $this->oDb->Affected_Rows();
220		// $i should > 0
221		$this->Log("Clear $i sql start from failed sql $id.\n");
222		}
223		} // end of func DelErrorSql
224
225
226		/**
227		* Do updates according to update-records in log table
228		*/
229		public function DoUpdate()
230		{
231		$sql = "SELECT id, sqltext FROM $this->sTblLog where done<>1 order by id asc";
232		$rs = $this->oDb->Execute($sql);
233		if ($rs->EOF)
234		{
235		$this->Log("No un-done update to do.\n");
236		}
237		else
238		{
239		// Do these updates one by one
240		$ar = $rs->GetArray();
241		$i_total = count($ar);
242		for ($i=0; $i<$i_total; $i++)
243		{
244		$id = $ar[$i]['id'];
245		$sqltext = stripslashes($ar[$i]['sqltext']);
246		// Do on update
247		// Cancel transaction because some ddl sql can't use in trans.
248		//$this->oDb->StartTrans();
249		$this->oDb->Execute($sqltext);
250
251		// Bad sybase support, select db will got errormsg
252		// Avoid sybase errormsg like: Changed database context to 'jygl'
253		if ((0 == strlen($this->oDb->ErrorMsg()) && 0 == $this->oDb->ErrorNo()) \|\| ('Changed database context t' == substr($this->oDb->ErrorMsg(), 0, 26)))
254		{
255		$this->Log("Update id $id done successful.\n");
256		$this->SetUpdateDone($id, 1);
257		//$this->oDb->CompleteTrans();
258		}
259		else
260		{
261		$this->Log("Update id $id done failed.\n");
262		$this->Log($this->oDb->ErrorNo() . '-' . $this->oDb->ErrorMsg() . "\n");
263		//$this->oDb->CompleteTrans();
264		$this->SetUpdateDone($id, -1);
265		$this->Summary(true);
266		die("Doing update aborted because of failed.\n");
267		}
268		}
269		// Log
270		$this->Log("Total $i/$i_total updates done.\n");
271		}
272		return true;
273		} // end of func DoUpdate
274
275
276		/**
277		* Get last update id, whether done or not
278		* @access public
279		* @return int
280		*/
281	View Code Duplication	public function GetLastId()
		0 ignored issues – show Duplication introduced 2018-01-24 08:29 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
282		{
283		$sql = "select id from $this->sTblLog order by id desc";
284		$rs = $this->oDb->SelectLimit($sql, 1);
285		if ($rs->EOF)
286		$id = 0;
287		else
288		$id = $rs->fields['id'];
289		$this->iLastId = $id;
290		return $id;
291		} // end of func GetLastId
292
293
294		/**
295		* Get last done update id
296		* @access public
297		* @return int
298		*/
299	View Code Duplication	public function GetLastDoneId()
		0 ignored issues – show Duplication introduced 2018-01-24 08:29 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
300		{
301		$sql = "select id from $this->sTblLog where done=1 order by id desc";
302		$rs = $this->oDb->SelectLimit($sql, 1);
303		if ($rs->EOF)
304		{
305		$id = 0;
306		}
307		else
308		{
309		$id = $rs->fields['id'];
310		}
311		$this->iLastDoneId = $id;
312		return $id;
313		} // end of func GetLastDoneId
314
315
316		/**
317		* Return if an update is already done
318		* Use cached $iLastDoneId if it's non-zero, doesn't retrieve id from db.
319		* @access public
320		* @param int $id
321		* @return boolean
322		* @see $iLastDoneId
323		* @see GetLastDoneId()
324		*/
325		public function IfDone($id)
326		{
327		if (0 == $this->iLastDoneId)
328		$this->GetLastDoneId();
329		return ($id <= $this->iLastDoneId);
330		} // end of func IfDone
331
332
333		/*
334		* Save log
335		* @access private
336		* @param string $log
337		*/
338		public function Log($log)
339		{
340		$this->sSummary .= $log;
341		} // end of func Log
342
343
344		/**
345		* Accept database information from outside class
346		* Didnot validate data send in.
347		* And connect to db after store infomation.
348		* @access public
349		* @var array $server array items: type, host, user, pass, name
350		*/
351	View Code Duplication	public function SetDatabase($server)
		0 ignored issues – show Duplication introduced 2018-01-24 08:29 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
352		{
353		if (!empty($server) && is_array($server))
354		{
355		$this->aServer = $server;
356		$this->oDb = &$this->DbConn($this->aServer);
357		}
358		} // end of func SetDatabase
359
360
361		/**
362		* Set a update step, but doesn't execute it
363		* Use $iLastId if it's non-zero.
364		* @access public
365		* @param int $id
366		* @param string $comment
367		* @param string $sqltext
368		* @see $iLastId
369		*/
370		public function SetUpdate($id, $comment, $sqltext)
371		{
372		if (0 == $this->iLastId)
373		$this->GetLastId();
374		// Update can't be recoverd, so only worked when $id > $iLastId
375		// And notice that update id MUST be assigned order ASC.
376		if ($id > $this->iLastId)
377		{
378		$comment = addslashes($comment);
379		$sqltext = addslashes($sqltext);
380		$sql = "INSERT INTO $this->sTblLog (id, comment, sqltext) VALUES ($id, '$comment', '$sqltext')";
381		// Check if iconv for sqltext is needed
382		if ($this->sCharsetDb != $this->sCharsetOs)
383		$sql = mb_convert_encoding($sql, $this->sCharsetDb, $this->sCharsetOs);
384		//
385		$this->oDb->Execute($sql);
386		if (0 != $this->oDb->ErrorNo())
387		{
388		$this->Log($this->oDb->ErrorNo() . '-' . $this->oDb->ErrorMsg() . "\n");
389		$this->Summary(true);
390		die("Set update failed.\n");
391		}
392		else
393		{
394		$this->iLastId ++;
395		$this->Log("Update id $id saved.\n");
396		}
397		}
398		} // end of func SetUpdate
399
400
401		/**
402		* Set a update record's status done or not or failed
403		* Didn't validate $id or $status.
404		* @param int $id Update id
405		* @param int $status Update id's status(0/1/-1)
406		*/
407		private function SetUpdateDone($id, $status)
408		{
409		if (-1 == $status)
410		$this->Log("Error when do update $id, {$this->oDb->ErrorNo()}:{$this->oDb->ErrorMsg()}\n");
411		$sql = "UPDATE $this->sTblLog set done=$status where id=$id";
412		$this->oDb->Execute($sql);
413		//if (0 == $this->oDb->ErrorNo() && 0 == strlen($this->oDb->ErrorMsg()))
414		if ((0 == strlen($this->oDb->ErrorMsg()) && 0 == $this->oDb->ErrorNo()) \|\| ('Changed database context t' == substr($this->oDb->ErrorMsg(), 0, 26)))
415		$this->Log("Update id $id's done is set to $status.\n");
416		else
417		die("Failed when set update id $id's done status.({$this->oDb->ErrorNo()}:{$this->oDb->ErrorMsg()})\n");
418		} // end of func SetUpdateDone
419
420
421		/**
422		* Return summary text of the whole backup process
423		* @param boolean print
424		* @return string
425		*/
426		public function Summary($print = false)
427		{
428		$s = '';
		0 ignored issues – show Unused Code introduced 2016-06-01 06:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$s` is not used, you could remove the assignment. This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value'; $higher = false; if (rand(1, 6) > 3) { $higher = true; } else { $higher = false; } Both the `$myVar` assignment in line 1 and the `$higher` assignment in line 2 are dead. The first because `$myVar` is never used and the second because `$higher` is always overwritten for every possible time line. Loading history...
429		if (true == IsCli())
		0 ignored issues – show Coding Style Best Practice introduced 2016-06-01 06:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like you are loosely comparing two booleans. Considering using the strict comparison `===` instead. When comparing two booleans, it is generally considered safer to use the strict comparison operator. Loading history... Deprecated Code introduced 2016-06-01 06:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this The function `IsCli()` has been deprecated with message: Use Fwlib\Util\Env::isCli() This function has been deprecated. The supplier of the file has supplied an explanatory message. The explanatory message should give you some clue as to whether and when the function will be removed from the class and what other function to use instead. Loading history...
430		$s = $this->sSummary . "\n";
431		else
432		$s = nl2br($this->sSummary);
433
434		if (true == $print)
		0 ignored issues – show Coding Style Best Practice introduced 2016-06-01 06:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like you are loosely comparing two booleans. Considering using the strict comparison `===` instead. When comparing two booleans, it is generally considered safer to use the strict comparison operator. Loading history...
435		echo $s;
436		return $s;
437		} // end of func Summary
438
439
440		} // end of class DbUpdater
441		?>
		0 ignored issues – show Best Practice introduced 2016-06-01 06:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this It is not recommended to use PHP's closing tag `?>` in files other than templates. Using a closing tag in PHP files that only contain PHP code is not recommended as you might accidentally add whitespace after the closing tag which would then be output by PHP. This can cause severe problems, for example headers cannot be sent anymore. A simple precaution is to leave off the closing tag as it is not required, and it also has no negative effects whatsoever. Loading history...
442

fwolf / fwlib

Issues (1752)

Security Analysis not enabled

class/dbupdater.php (15 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like