Update ParseUrl::getSiteinfo type recognition

[friendica.git] / src / Database / DBA.php

diff --git a/src/Database/DBA.php b/src/Database/DBA.php
index 8e5a621b3689819f93ec021506716debf7f6561e..ab856ef9d05da6fd2c1205fcf07e2029d8fdce02 100644 (file)
--- a/src/Database/DBA.php
+++ b/src/Database/DBA.php
@@ -91,6 +91,7 @@ class DBA
                                self::$connection->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
                                self::$connected = true;
                        } catch (PDOException $e) {
+                               /// @TODO At least log exception, don't ignore it!
                        }
                }
 
@@ -251,11 +252,16 @@ class DBA
        }
 
        public static function escape($str) {
-               switch (self::$driver) {
-                       case 'pdo':
-                               return substr(@self::$connection->quote($str, PDO::PARAM_STR), 1, -1);
-                       case 'mysqli':
-                               return @self::$connection->real_escape_string($str);
+               if (self::$connected) {
+                       switch (self::$driver) {
+                               case 'pdo':
+                                       return substr(@self::$connection->quote($str, PDO::PARAM_STR), 1, -1);
+
+                               case 'mysqli':
+                                       return @self::$connection->real_escape_string($str);
+                       }
+               } else {
+                       return str_replace("'", "\\'", $str);
                }
        }
 
@@ -368,7 +374,7 @@ class DBA
         * @usage Example: $r = p("SELECT * FROM `item` WHERE `guid` = ?", $guid);
         *
         * Please only use it with complicated queries.
-        * For all regular queries please use dba::select or dba::exists
+        * For all regular queries please use DBA::select or DBA::exists
         *
         * @param string $sql SQL statement
         * @return bool|object statement object or result object
@@ -586,7 +592,7 @@ class DBA
        /**
         * @brief Executes a prepared statement like UPDATE or INSERT that doesn't return data
         *
-        * Please use dba::delete, dba::insert, dba::update, ... instead
+        * Please use DBA::delete, DBA::insert, DBA::update, ... instead
         *
         * @param string $sql SQL statement
         * @return boolean Was the query successfull? False is returned only if an error occurred
@@ -681,7 +687,7 @@ class DBA
        /**
         * Fetches the first row
         *
-        * Please use dba::selectFirst or dba::exists whenever this is possible.
+        * Please use DBA::selectFirst or DBA::exists whenever this is possible.
         *
         * @brief Fetches the first row
         * @param string $sql SQL statement
@@ -928,13 +934,11 @@ class DBA
 
                switch (self::$driver) {
                        case 'pdo':
-                               if (self::$connection->inTransaction()) {
-                                       break;
-                               }
-                               if (!self::$connection->beginTransaction()) {
+                               if (!self::$connection->inTransaction() && !self::$connection->beginTransaction()) {
                                        return false;
                                }
                                break;
+
                        case 'mysqli':
                                if (!self::$connection->begin_transaction()) {
                                        return false;
@@ -953,10 +957,13 @@ class DBA
                                if (!self::$connection->inTransaction()) {
                                        return true;
                                }
+
                                return self::$connection->commit();
+
                        case 'mysqli':
                                return self::$connection->commit();
                }
+
                return true;
        }
 
@@ -989,6 +996,7 @@ class DBA
                                }
                                $ret = self::$connection->rollBack();
                                break;
+
                        case 'mysqli':
                                $ret = self::$connection->rollback();
                                break;
@@ -1054,7 +1062,12 @@ class DBA
 
                $commands[$key] = ['table' => $table, 'conditions' => $conditions];
 
-               $cascade = defaults($options, 'cascade', true);
+               // Don't use "defaults" here, since it would set "false" to "true"
+               if (isset($options['cascade'])) {
+                       $cascade = $options['cascade'];
+               } else {
+                       $cascade = true;
+               }
 
                // To speed up the whole process we cache the table relations
                if ($cascade && count(self::$relation) == 0) {
@@ -1294,7 +1307,7 @@ class DBA
         *
         * $params = array("order" => array("id", "received" => true), "limit" => 10);
         *
-        * $data = dba::select($table, $fields, $condition, $params);
+        * $data = DBA::select($table, $fields, $condition, $params);
         */
        public static function select($table, array $fields = [], array $condition = [], array $params = [])
        {
@@ -1336,7 +1349,7 @@ class DBA
         * or:
         * $condition = ["`uid` = ? AND `network` IN (?, ?)", 1, 'dfrn', 'dspr'];
         *
-        * $count = dba::count($table, $condition);
+        * $count = DBA::count($table, $condition);
         */
        public static function count($table, array $condition = [])
        {
@@ -1390,7 +1403,7 @@ class DBA
                                                /* Workaround for MySQL Bug #64791.
                                                 * Never mix data types inside any IN() condition.
                                                 * In case of mixed types, cast all as string.
-                                                * Logic needs to be consistent with dba::p() data types.
+                                                * Logic needs to be consistent with DBA::p() data types.
                                                 */
                                                $is_int = false;
                                                $is_alpha = false;
@@ -1450,7 +1463,7 @@ class DBA
 
                $limit_string = '';
                if (isset($params['limit']) && is_int($params['limit'])) {
-                       $limit_string = " LIMIT " . $params['limit'];
+                       $limit_string = " LIMIT " . intval($params['limit']);
                }
 
                if (isset($params['limit']) && is_array($params['limit'])) {
@@ -1521,7 +1534,7 @@ class DBA
                        case 'mysqli':
                                // MySQLi offers both a mysqli_stmt and a mysqli_result class.
                                // We should be careful not to assume the object type of $stmt
-                               // because dba::p() has been able to return both types.
+                               // because DBA::p() has been able to return both types.
                                if ($stmt instanceof mysqli_stmt) {
                                        $stmt->free_result();
                                        $ret = $stmt->close();
@@ -1610,7 +1623,7 @@ class DBA
                        if (is_bool($value)) {
                                $value = ($value ? '1' : '0');
                        } else {
-                               $value = dbesc($value);
+                               $value = self::escape($value);
                        }
                        return;
                }
@@ -1620,7 +1633,7 @@ class DBA
                } elseif (is_float($value) || is_integer($value)) {
                        $value = (string) $value;
                } else {
-                       $value = "'" . dbesc($value) . "'";
+                       $value = "'" . self::escape($value) . "'";
                }
        }