mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-08-01 14:30:32 +02:00
Code Issues Releases Wiki Activity

This should end some issues we have been having regarding the proper binary encoding of stuff. :D

Browse Source 
Acyd Burn: quit breaking the schema :P


git-svn-id: file:///svn/phpbb/trunk@6238 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
David M
2006-08-06 05:52:41 +00:00
parent b4b901b825
commit 2f901a5203
13 changed files with 250 additions and 817 deletions
Download Patch File Download Diff File Expand all files Collapse all files

66
phpBB/includes/acp/acp_forums.php
View File

@@ -919,72 +919,8 @@ class acp_forums
$forum_id = $forum_data_sql['forum_id'];
unset($forum_data_sql['forum_id']);
$query = '';
switch (SQL_LAYER)
{
case 'mssql':
case 'mssql_odbc':
$values = array();
foreach ($forum_data_sql as $key => $var)
{
if (is_null($var))
{
$values[] = "$key = NULL";
}
else if (is_string($var))
{
if ($key !== 'forum_desc_bitfield' && $key != 'forum_rules_bitfield')
{
$values[] = "$key = '" . $db->sql_escape($var) . "'";
}
else
{
$values[] = "$key = CAST('" . $var . "' AS varbinary)";
}
}
else
{
$values[] = (is_bool($var)) ? "$key = " . intval($var) : "$key = $var";
}
}
$query = implode(', ', $values);
break;
case 'sqlite':
$values = array();
foreach ($forum_data_sql as $key => $var)
{
if (is_null($var))
{
$values[] = "$key = NULL";
}
else if (is_string($var))
{
if ($key !== 'forum_desc_bitfield' && $key != 'forum_rules_bitfield')
{
$values[] = "$key = '" . $db->sql_escape($var) . "'";
}
else
{
$values[] = "$key = '" . sqlite_udf_encode_binary($var) . "'";
}
}
else
{
$values[] = (is_bool($var)) ? "$key = " . intval($var) : "$key = $var";
}
}
$query = implode(', ', $values);
break;
default:
$query = $db->sql_build_array('UPDATE', $forum_data_sql);
break;
}
$sql = 'UPDATE ' . FORUMS_TABLE . '
SET ' . $query . '
SET ' . $db->sql_build_array('UPDATE', $forum_data_sql) . '
WHERE forum_id = ' . $forum_id;
$db->sql_query($sql);

70
phpBB/includes/acp/acp_styles.php
View File

@@ -2949,78 +2949,10 @@ pagination_sep = \'{PAGINATION_SEP}\'
unset($cfg_data);
}
$query = '';
switch (SQL_LAYER)
{
case 'mssql':
case 'mssql_odbc':
$fields = array();
foreach ($sql_ary as $key => $var)
{
$fields[] = $key;
if (is_null($var))
{
$values[] = 'NULL';
}
else if (is_string($var))
{
if ($key !== 'bbcode_bitfield')
{
$values[] = "'" . $db->sql_escape($var) . "'";
}
else
{
$values[] = "CAST('" . $var . "' AS varbinary)";
}
}
else
{
$values[] = (is_bool($var)) ? intval($var) : $var;
}
}
$query = ' (' . implode(', ', $fields) . ') VALUES (' . implode(', ', $values) . ')';
break;
case 'sqlite':
$fields = array();
foreach ($sql_ary as $key => $var)
{
$fields[] = $key;
if (is_null($var))
{
$values[] = 'NULL';
}
else if (is_string($var))
{
if ($key !== 'bbcode_bitfield')
{
$values[] = "'" . $db->sql_escape($var) . "'";
}
else
{
$values[] = "'" . sqlite_udf_encode_binary($var) . "'";
}
}
else
{
$values[] = (is_bool($var)) ? intval($var) : $var;
}
}
$query = ' (' . implode(', ', $fields) . ') VALUES (' . implode(', ', $values) . ')';
break;
default:
$query = $db->sql_build_array('INSERT', $sql_ary);
break;
}
$db->sql_transaction('begin');
$sql = "INSERT INTO $sql_from
" . $query;
" . $db->sql_build_array('INSERT', $sql_ary);
$db->sql_query($sql);
$id = $db->sql_nextid();

32
phpBB/includes/db/dbal.php
View File

@@ -199,7 +199,14 @@ class dbal
}
else if (is_string($var))
{
$values[] = "'" . $this->sql_escape($var) . "'";
if (strpos($key, 'bitfield') === false)
{
$values[] = "'" . $this->sql_escape($var) . "'";
}
else
{
$values[] = $this->sql_escape_binary($var);
}
}
else if (is_array($var) && is_string($var[0]))
{
@@ -228,7 +235,14 @@ class dbal
}
else if (is_string($var))
{
$values[] = "'" . $this->sql_escape($var) . "'";
if (strpos($key, 'bitfield') === false)
{
$values[] = "'" . $this->sql_escape($var) . "'";
}
else
{
$values[] = $this->sql_escape_binary($var);
}
}
else
{
@@ -251,7 +265,14 @@ class dbal
}
else if (is_string($var))
{
$values[] = "$key = '" . $this->sql_escape($var) . "'";
if (strpos($key, 'bitfield') === false)
{
$values[] = "$key = '" . $this->sql_escape($var) . "'";
}
else
{
$values[] = "$key = " . $this->sql_escape_binary($var);
}
}
else
{
@@ -264,6 +285,11 @@ class dbal
return $query;
}
function sql_escape_binary($msg)
{
return "'" . $this->sql_escape($msg) . "'";
}
/**
* Build sql statement from array for select and select distinct statements
*

8
phpBB/includes/db/mssql.php
View File

@@ -369,6 +369,14 @@ class dbal_mssql extends dbal
return str_replace("'", "''", $msg);
}
/**
* Escape string used in sql query
*/
function sql_escape_binary($msg)
{
return "CAST('" . $msg . "' AS varbinary)";
}
/**
* return sql error array
* @access: private

8
phpBB/includes/db/mssql_odbc.php
View File

@@ -379,6 +379,14 @@ class dbal_mssql_odbc extends dbal
return str_replace("'", "''", $msg);
}
/**
* Escape string used in sql query
*/
function sql_escape_binary($msg)
{
return "CAST('" . $msg . "' AS varbinary)";
}
/**
* Build db-specific query data
* @access: private

19
phpBB/includes/db/postgres.php
View File

@@ -258,7 +258,16 @@ class dbal_postgres extends dbal
return $cache->sql_fetchrow($query_id);
}
return ($query_id) ? @pg_fetch_assoc($query_id, NULL) : false;
$row = @pg_fetch_assoc($query_id, null);
if ($row)
{
foreach ($row as $key => $value)
{
$row[$key] = (strpos($key, 'bitfield') === false) ? $value : pg_unescape_bytea($value);
}
}
return ($query_id) ? $row : false;
}
/**
@@ -378,6 +387,14 @@ class dbal_postgres extends dbal
return @pg_escape_string($msg);
}
/**
* Escape string used in sql query
*/
function sql_escape_binary($msg)
{
return "'" . @pg_escape_bytea($msg) . "'";
}
/**
* return sql error array
* @access: private

19
phpBB/includes/db/sqlite.php
View File

@@ -216,7 +216,16 @@ class dbal_sqlite extends dbal
return $cache->sql_fetchrow($query_id);
}
return ($query_id) ? @sqlite_fetch_array($query_id, SQLITE_ASSOC) : false;
$row = @sqlite_fetch_array($query_id, SQLITE_ASSOC);
if ($row)
{
foreach ($row as $key => $value)
{
$row[$key] = (strpos($key, 'bitfield') === false) ? $value : sqlite_udf_decode_binary($value);
}
}
return $row;
}
/**
@@ -307,6 +316,14 @@ class dbal_sqlite extends dbal
return @sqlite_escape_string($msg);
}
/**
* Escape string used in sql query
*/
function sql_escape_binary($msg)
{
return "'" . @sqlite_udf_encode_binary($msg) . "'";
}
/**
* return sql error array
* @access: private

135
phpBB/includes/functions_posting.php
View File

@@ -1549,76 +1549,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u
);
}
$query = '';
switch (SQL_LAYER)
{
case 'mssql':
case 'mssql_odbc':
$fields = array();
foreach ($sql_data[POSTS_TABLE]['sql'] as $key => $var)
{
$fields[] = $key;
if (is_null($var))
{
$values[] = 'NULL';
}
else if (is_string($var))
{
if ($key !== 'bbcode_bitfield')
{
$values[] = "'" . $db->sql_escape($var) . "'";
}
else
{
$values[] = "CAST('" . $var . "' AS varbinary)";
}
}
else
{
$values[] = (is_bool($var)) ? intval($var) : $var;
}
}
$query = ' (' . implode(', ', $fields) . ') VALUES (' . implode(', ', $values) . ')';
break;
case 'sqlite':
$fields = array();
foreach ($sql_data[POSTS_TABLE]['sql'] as $key => $var)
{
$fields[] = $key;
if (is_null($var))
{
$values[] = 'NULL';
}
else if (is_string($var))
{
if ($key !== 'bbcode_bitfield')
{
$values[] = "'" . $db->sql_escape($var) . "'";
}
else
{
$values[] = "'" . sqlite_udf_encode_binary($var) . "'";
}
}
else
{
$values[] = (is_bool($var)) ? intval($var) : $var;
}
}
$query = ' (' . implode(', ', $fields) . ') VALUES (' . implode(', ', $values) . ')';
break;
default:
$query = $db->sql_build_array('INSERT', $sql_data[POSTS_TABLE]['sql']);
break;
}
$sql = 'INSERT INTO ' . POSTS_TABLE . ' ' . $query;
$sql = 'INSERT INTO ' . POSTS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_data[POSTS_TABLE]['sql']);
$db->sql_query($sql);
$data['post_id'] = $db->sql_nextid();
@@ -1694,70 +1625,8 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u
// Update the posts table
if (isset($sql_data[POSTS_TABLE]['sql']))
{
switch (SQL_LAYER)
{
case 'mssql':
case 'mssql_odbc':
$values = array();
foreach ($sql_data[POSTS_TABLE]['sql'] as $key => $var)
{
if (is_null($var))
{
$values[] = "$key = NULL";
}
else if (is_string($var))
{
if ($key !== 'bbcode_bitfield')
{
$values[] = "$key = '" . $db->sql_escape($var) . "'";
}
else
{
$values[] = "$key = CAST('" . $var . "' AS varbinary)";
}
}
else
{
$values[] = (is_bool($var)) ? "$key = " . intval($var) : "$key = $var";
}
}
$query = implode(', ', $values);
break;
case 'sqlite':
$values = array();
foreach ($sql_data[POSTS_TABLE]['sql'] as $key => $var)
{
if (is_null($var))
{
$values[] = "$key = NULL";
}
else if (is_string($var))
{
if ($key !== 'bbcode_bitfield')
{
$values[] = "$key = '" . $db->sql_escape($var) . "'";
}
else
{
$values[] = "$key ='" . sqlite_udf_encode_binary($var) . "'";
}
}
else
{
$values[] = (is_bool($var)) ? "$key = " . intval($var) : "$key = $var";
}
}
$query = implode(', ', $values);
break;
default:
$query = $db->sql_build_array('UPDATE', $sql_data[POSTS_TABLE]['sql']);
break;
}
$sql = 'UPDATE ' . POSTS_TABLE . '
SET ' . $query . '
SET ' . $db->sql_build_array('UPDATE', $sql_data[POSTS_TABLE]['sql']) . '
WHERE post_id = ' . $data['post_id'];
$db->sql_query($sql);
}

132
phpBB/includes/functions_privmsgs.php
View File

@@ -1316,141 +1316,13 @@ function submit_pm($mode, $subject, &$data, $update_message, $put_in_outbox = tr
if ($mode == 'post' || $mode == 'reply' || $mode == 'quote' || $mode == 'quotepost' || $mode == 'forward')
{
switch (SQL_LAYER)
{
case 'mssql':
case 'mssql_odbc':
$fields = array();
foreach ($sql_data as $key => $var)
{
$fields[] = $key;
if (is_null($var))
{
$values[] = 'NULL';
}
else if (is_string($var))
{
if ($key !== 'bbcode_bitfield')
{
$values[] = "'" . $db->sql_escape($var) . "'";
}
else
{
$values[] = "CAST('" . $var . "' AS varbinary)";
}
}
else
{
$values[] = (is_bool($var)) ? intval($var) : $var;
}
}
$query = ' (' . implode(', ', $fields) . ') VALUES (' . implode(', ', $values) . ')';
break;
case 'sqlite':
$fields = array();
foreach ($sql_data as $key => $var)
{
$fields[] = $key;
if (is_null($var))
{
$values[] = 'NULL';
}
else if (is_string($var))
{
if ($key !== 'bbcode_bitfield')
{
$values[] = "'" . $db->sql_escape($var) . "'";
}
else
{
$values[] = "'" . sqlite_udf_encode_binary($var) . "'";
}
}
else
{
$values[] = (is_bool($var)) ? intval($var) : $var;
}
}
$query = ' (' . implode(', ', $fields) . ') VALUES (' . implode(', ', $values) . ')';
break;
default:
$query = $db->sql_build_array('INSERT', $sql_data);
break;
}
$db->sql_query('INSERT INTO ' . PRIVMSGS_TABLE . ' ' . $query);
$db->sql_query('INSERT INTO ' . PRIVMSGS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_data));
$data['msg_id'] = $db->sql_nextid();
}
else if ($mode == 'edit')
{
switch (SQL_LAYER)
{
case 'mssql':
case 'mssql_odbc':
$values = array();
foreach ($sql_data as $key => $var)
{
if (is_null($var))
{
$values[] = "$key = NULL";
}
else if (is_string($var))
{
if ($key !== 'forum_desc_bitfield')
{
$values[] = "$key = '" . $db->sql_escape($var) . "'";
}
else
{
$values[] = "$key = CAST('" . $var . "' AS varbinary)";
}
}
else
{
$values[] = (is_bool($var)) ? "$key = " . intval($var) : "$key = $var";
}
}
$query = implode(', ', $values);
break;
case 'sqlite':
$values = array();
foreach ($sql_data as $key => $var)
{
if (is_null($var))
{
$values[] = "$key = NULL";
}
else if (is_string($var))
{
if ($key !== 'forum_desc_bitfield')
{
$values[] = "$key = '" . $db->sql_escape($var) . "'";
}
else
{
$values[] = "$key = '" . sqlite_udf_encode_binary($var) . "'";
}
}
else
{
$values[] = (is_bool($var)) ? "$key = " . intval($var) : "$key = $var";
}
}
$query = implode(', ', $values);
break;
default:
$query = $db->sql_build_array('UPDATE', $sql_data);
break;
}
$sql = 'UPDATE ' . PRIVMSGS_TABLE . '
SET message_edit_count = message_edit_count + 1, ' . $query . '
SET message_edit_count = message_edit_count + 1, ' . $db->sql_build_array('UPDATE', $sql_data) . '
WHERE msg_id = ' . $data['msg_id'];
$db->sql_query($sql);
}

201
phpBB/includes/functions_user.php
View File

@@ -207,75 +207,7 @@ function user_add($user_row, $cp_data = false)
}
}
$query = '';
switch (SQL_LAYER)
{
case 'mssql':
case 'mssql_odbc':
$fields = array();
foreach ($sql_ary as $key => $var)
{
$fields[] = $key;
if (is_null($var))
{
$values[] = 'NULL';
}
else if (is_string($var))
{
if ($key !== 'user_sig_bbcode_bitfield')
{
$values[] = "'" . $db->sql_escape($var) . "'";
}
else
{
$values[] = "CAST('" . $var . "' AS varbinary)";
}
}
else
{
$values[] = (is_bool($var)) ? intval($var) : $var;
}
}
$query = ' (' . implode(', ', $fields) . ') VALUES (' . implode(', ', $values) . ')';
break;
case 'sqlite':
$fields = array();
foreach ($sql_ary as $key => $var)
{
$fields[] = $key;
if (is_null($var))
{
$values[] = 'NULL';
}
else if (is_string($var))
{
if ($key !== 'user_sig_bbcode_bitfield')
{
$values[] = "'" . $db->sql_escape($var) . "'";
}
else
{
$values[] = "'" . sqlite_udf_encode_binary($var) . "'";
}
}
else
{
$values[] = (is_bool($var)) ? intval($var) : $var;
}
}
$query = ' (' . implode(', ', $fields) . ') VALUES (' . implode(', ', $values) . ')';
break;
default:
$query = $db->sql_build_array('INSERT', $sql_ary);
break;
}
$sql = 'INSERT INTO ' . USERS_TABLE . ' ' . $query;
$sql = 'INSERT INTO ' . USERS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary);
$db->sql_query($sql);
$user_id = $db->sql_nextid();
@@ -1495,140 +1427,13 @@ function group_create(&$group_id, $type, $name, $desc, $group_attributes, $allow
if ($group_id)
{
switch (SQL_LAYER)
{
case 'mssql':
case 'mssql_odbc':
$values = array();
foreach ($sql_ary as $key => $var)
{
if (is_null($var))
{
$values[] = "$key = NULL";
}
else if (is_string($var))
{
if ($key !== 'group_desc_bitfield')
{
$values[] = "$key = '" . $db->sql_escape($var) . "'";
}
else
{
$values[] = "$key = CAST('" . $var . "' AS varbinary)";
}
}
else
{
$values[] = (is_bool($var)) ? "$key = " . intval($var) : "$key = $var";
}
}
$query = implode(', ', $values);
break;
case 'sqlite':
$values = array();
foreach ($sql_ary as $key => $var)
{
if (is_null($var))
{
$values[] = "$key = NULL";
}
else if (is_string($var))
{
if ($key !== 'group_desc_bitfield')
{
$values[] = "$key = '" . $db->sql_escape($var) . "'";
}
else
{
$values[] = "$key = '" . sqlite_udf_encode_binary($var) . "'";
}
}
else
{
$values[] = (is_bool($var)) ? "$key = " . intval($var) : "$key = $var";
}
}
$query = implode(', ', $values);
break;
default:
$query = $db->sql_build_array('UPDATE', $sql_ary);
break;
}
$sql = 'UPDATE ' . GROUPS_TABLE . '
SET ' . $query . "
SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
WHERE group_id = $group_id";
}
else
{
switch (SQL_LAYER)
{
case 'mssql':
case 'mssql_odbc':
$fields = array();
foreach ($sql_ary as $key => $var)
{
$fields[] = $key;
if (is_null($var))
{
$values[] = 'NULL';
}
else if (is_string($var))
{
if ($key !== 'bbcode_bitfield')
{
$values[] = "'" . $db->sql_escape($var) . "'";
}
else
{
$values[] = "CAST('" . $var . "' AS varbinary)";
}
}
else
{
$values[] = (is_bool($var)) ? intval($var) : $var;
}
}
$query = ' (' . implode(', ', $fields) . ') VALUES (' . implode(', ', $values) . ')';
break;
case 'sqlite':
$fields = array();
foreach ($sql_ary as $key => $var)
{
$fields[] = $key;
if (is_null($var))
{
$values[] = 'NULL';
}
else if (is_string($var))
{
if ($key !== 'bbcode_bitfield')
{
$values[] = "'" . $db->sql_escape($var) . "'";
}
else
{
$values[] = "'" . sqlite_udf_encode_binary($var) . "'";
}
}
else
{
$values[] = (is_bool($var)) ? intval($var) : $var;
}
}
$query = ' (' . implode(', ', $fields) . ') VALUES (' . implode(', ', $values) . ')';
break;
default:
$query = $db->sql_build_array('INSERT', $sql_ary);
break;
}
$sql = 'INSERT INTO ' . GROUPS_TABLE . ' ' . $query;
$sql = 'INSERT INTO ' . GROUPS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary);
}
$db->sql_query($sql);

66
phpBB/includes/ucp/ucp_profile.php
View File

@@ -440,72 +440,8 @@ class ucp_profile
'user_sig_bbcode_bitfield' => $message_parser->bbcode_bitfield
);
$query = '';
switch (SQL_LAYER)
{
case 'mssql':
case 'mssql_odbc':
$values = array();
foreach ($sql_ary as $key => $var)
{
if (is_null($var))
{
$values[] = "$key = NULL";
}
else if (is_string($var))
{
if ($key !== 'user_sig_bbcode_bitfield')
{
$values[] = "$key = '" . $db->sql_escape($var) . "'";
}
else
{
$values[] = "$key = CAST('" . $var . "' AS varbinary)";
}
}
else
{
$values[] = (is_bool($var)) ? "$key = " . intval($var) : "$key = $var";
}
}
$query = implode(', ', $values);
break;
case 'sqlite':
$values = array();
foreach ($sql_ary as $key => $var)
{
if (is_null($var))
{
$values[] = "$key = NULL";
}
else if (is_string($var))
{
if ($key !== 'user_sig_bbcode_bitfield')
{
$values[] = "$key = '" . $db->sql_escape($var) . "'";
}
else
{
$values[] = "$key = '" . sqlite_udf_encode_binary($var) . "'";
}
}
else
{
$values[] = (is_bool($var)) ? "$key = " . intval($var) : "$key = $var";
}
}
$query = implode(', ', $values);
break;
default:
$query = $db->sql_build_array('UPDATE', $sql_ary);
break;
}
$sql = 'UPDATE ' . USERS_TABLE . '
SET ' . $query . '
SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
WHERE user_id = ' . $user->data['user_id'];
$db->sql_query($sql);