From e19231f39d9d6583cc5753dbd2638c597957fdd1 Mon Sep 17 00:00:00 2001 From: Roland Haeder Date: Mon, 6 Jun 2016 22:09:01 +0200 Subject: [PATCH] Don't abuse isValidSqlLink() for checking results MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Signed-off-by: Roland Häder --- inc/db/lib-mysql.php | 18 +++++++++--------- inc/db/lib-mysqli.php | 16 ++++++++-------- inc/module-functions.php | 2 +- inc/modules/admin/what-list_notifications.php | 2 +- inc/sql-functions.php | 6 +++--- 5 files changed, 22 insertions(+), 22 deletions(-) diff --git a/inc/db/lib-mysql.php b/inc/db/lib-mysql.php index 56cfe52861..3d0a3b2ca5 100644 --- a/inc/db/lib-mysql.php +++ b/inc/db/lib-mysql.php @@ -89,7 +89,7 @@ function sqlQuery ($sqlString, $file, $line, $enableCodes = TRUE) { //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'file=' . basename($file) . ',line=' . $line . ',sql=' . $GLOBALS['last_sql']); $result = mysql_query($GLOBALS['last_sql'], getSqlLink()) or logSqlError($file, $line, 'file='. basename($file) . ',line=' . $line . ':mysql_error()=' . mysql_error() . ',last_query=' . $GLOBALS['last_sql']); - //* DEBUG: */ logDebugMessage($file, $line, 'sql=' . $GLOBALS['last_sql'] . ',affected=' . sqlAffectedRows() . ',numRows='.(isValidSqlLink($result) ? sqlNumRows($result) : gettype($result))); + //* DEBUG: */ logDebugMessage($file, $line, 'sql=' . $GLOBALS['last_sql'] . ',affected=' . sqlAffectedRows() . ',numRows='.(isValidSqlResult($result) ? sqlNumRows($result) : gettype($result))); // Calculate query time $queryTime = microtime(TRUE) - $querytimeBefore; @@ -116,7 +116,7 @@ function sqlQuery ($sqlString, $file, $line, $enableCodes = TRUE) { } // END - if // Append debug line - appendLineToFile(getCachePath() . 'mysql.log', basename($file) . '|LINE=' . $line . '|NUM=' . (isValidSqlLink($result) ? sqlNumRows($result) : 'false') . '|AFFECTED=' . sqlAffectedRows() . '|QUERYTIME:' . ($queryTime * 1000) . 'ms): ' . str_replace(array(chr(13), PHP_EOL), array('', ' '), $GLOBALS['last_sql'])); + appendLineToFile(getCachePath() . 'mysql.log', basename($file) . '|LINE=' . $line . '|NUM=' . (isValidSqlResult($result) ? sqlNumRows($result) : 'false') . '|AFFECTED=' . sqlAffectedRows() . '|QUERYTIME:' . ($queryTime * 1000) . 'ms): ' . str_replace(array(chr(13), PHP_EOL), array('', ' '), $GLOBALS['last_sql'])); } // END - if // Increment stats entry @@ -138,7 +138,7 @@ function sqlNumRows ($resource) { if (isset($GLOBALS['sql_numrows'][intval($resource)])) { // Use cache $lines = $GLOBALS['sql_numrows'][intval($resource)]; - } elseif (isValidSqlLink($resource)) { + } elseif (isValidSqlResult($resource)) { // Get the count of rows from database $lines = mysql_num_rows($resource); @@ -168,7 +168,7 @@ function sqlAffectedRows () { // SQL fetch row function sqlFetchRow ($resource) { // Is $resource valid? - if ((!isValidSqlLink($resource)) || (!isSqlLinkUp())) return FALSE; + if ((!isValidSqlResult($resource)) || (!isSqlLinkUp())) return FALSE; // Fetch the data and return it return mysql_fetch_row($resource); @@ -177,7 +177,7 @@ function sqlFetchRow ($resource) { // SQL fetch array function sqlFetchArray ($resource) { // Is $resource valid? - if ((!isValidSqlLink($resource)) || (!isSqlLinkUp())) return FALSE; + if ((!isValidSqlResult($resource)) || (!isSqlLinkUp())) return FALSE; // Load row as array from database $row = mysql_fetch_assoc($resource); @@ -195,7 +195,7 @@ function sqlFetchArray ($resource) { // SQL result function sqlResult ($resource, $row, $field = '0') { // Is $resource valid? - if ((!isValidSqlLink($resource)) || (!isSqlLinkUp())) return FALSE; + if ((!isValidSqlResult($resource)) || (!isSqlLinkUp())) return FALSE; // Run the result command $result = mysql_result($resource, $row, $field); @@ -268,7 +268,7 @@ function sqlCloseLink ($file, $line) { // SQL free result function sqlFreeResult ($resource) { - if ((!isValidSqlLink($resource)) || (!isSqlLinkUp())) { + if ((!isValidSqlResult($resource)) || (!isSqlLinkUp())) { // Abort here return FALSE; } // END - if @@ -361,9 +361,9 @@ function isValidSqlLink ($linkResource) { } // Checks whether given result is a valid SQL result -function isSqlResult ($result) { +function isValidSqlResult ($resultResource) { // TODO: Can't this be made better? - return is_resource($result); + return is_resource($resultResource); } // [EOF] diff --git a/inc/db/lib-mysqli.php b/inc/db/lib-mysqli.php index b3559bf7e8..200c58b79c 100644 --- a/inc/db/lib-mysqli.php +++ b/inc/db/lib-mysqli.php @@ -91,7 +91,7 @@ function sqlQuery ($sqlString, $file, $line, $enableCodes = TRUE) { //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'file=' . basename($file) . ',line=' . $line . ',sql=' . $GLOBALS['last_sql']); $result = mysqli_query(getSqlLink(), $GLOBALS['last_sql']) or logSqlError($file, $line, 'file='. basename($file) . ',line=' . $line . ':mysqli_error()=' . mysqli_error(getSqlLink()) . ',last_query=' . $GLOBALS['last_sql']); - //* DEBUG: */ logDebugMessage($file, $line, 'sql=' . $GLOBALS['last_sql'] . ',affected=' . sqlAffectedRows() . ',numRows='.(isValidSqlLink($result) ? sqlNumRows($result) : gettype($result))); + //* DEBUG: */ logDebugMessage($file, $line, 'sql=' . $GLOBALS['last_sql'] . ',affected=' . sqlAffectedRows() . ',numRows='.(isValidSqlResult($result) ? sqlNumRows($result) : gettype($result))); // Calculate query time $queryTime = microtime(TRUE) - $querytimeBefore; @@ -118,7 +118,7 @@ function sqlQuery ($sqlString, $file, $line, $enableCodes = TRUE) { } // END - if // Append debug line - appendLineToFile(getCachePath() . 'mysql.log', basename($file) . '|LINE=' . $line . '|NUM=' . (isValidSqlLink($result) ? sqlNumRows($result) : 'false') . '|AFFECTED=' . sqlAffectedRows() . '|QUERYTIME:' . ($queryTime * 1000) . 'ms): ' . str_replace(array(chr(13), PHP_EOL), array('', ' '), $GLOBALS['last_sql'])); + appendLineToFile(getCachePath() . 'mysql.log', basename($file) . '|LINE=' . $line . '|NUM=' . (isValidSqlResult($result) ? sqlNumRows($result) : 'false') . '|AFFECTED=' . sqlAffectedRows() . '|QUERYTIME:' . ($queryTime * 1000) . 'ms): ' . str_replace(array(chr(13), PHP_EOL), array('', ' '), $GLOBALS['last_sql'])); } // END - if // Increment stats entry @@ -155,7 +155,7 @@ function sqlAffectedRows () { // SQL fetch row function sqlFetchRow ($resource) { // Is $resource valid? - if ((!isValidSqlLink($resource)) || (!isSqlLinkUp())) return FALSE; + if ((!isValidSqlResult($resource)) || (!isSqlLinkUp())) return FALSE; // Fetch the data and return it return mysqli_fetch_row($resource); @@ -164,7 +164,7 @@ function sqlFetchRow ($resource) { // SQL fetch array function sqlFetchArray ($resource) { // Is $resource valid? - if ((!isValidSqlLink($resource)) || (!isSqlLinkUp())) return FALSE; + if ((!isValidSqlResult($resource)) || (!isSqlLinkUp())) return FALSE; // Load row as array from database $row = mysqli_fetch_assoc($resource); @@ -182,7 +182,7 @@ function sqlFetchArray ($resource) { // SQL result function sqlResult ($resource, $row, $field = '0') { // Is $resource valid? - if ((!isValidSqlLink($resource)) || (!isSqlLinkUp())) return FALSE; + if ((!isValidSqlResult($resource)) || (!isSqlLinkUp())) return FALSE; // Run the result command $result = mysqli_result($resource, $row, $field); @@ -261,7 +261,7 @@ function sqlCloseLink ($file, $line) { // SQL free result function sqlFreeResult ($resource) { - if ((!isValidSqlLink($resource)) || (!isSqlLinkUp())) { + if ((!isValidSqlResult($resource)) || (!isSqlLinkUp())) { // Abort here return FALSE; } // END - if @@ -347,7 +347,7 @@ function setSqlError ($file, $line, $message) { // Checks whether given link is a valid SQL link function isValidSqlLink ($linkInstance) { // Is it an object? - $isValid = (($linkInstance instanceof mysqli) || ($linkInstance instanceof mysqli_result)); + $isValid = ($linkInstance instanceof mysqli); // Debug message //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'linkInstance[]=' . gettype($linkInstance). ',isValid=' . intval($isValid)); @@ -357,7 +357,7 @@ function isValidSqlLink ($linkInstance) { } // Checks whether given result is really a result -function isSqlResult ($resultInstance) { +function isValidSqlResult ($resultInstance) { // Is it a resource? $isValid = ($resultInstance instanceof mysqli_result); diff --git a/inc/module-functions.php b/inc/module-functions.php index 41c45b648c..72ed10ee4b 100644 --- a/inc/module-functions.php +++ b/inc/module-functions.php @@ -80,7 +80,7 @@ function getModuleTitle ($module) { } else { // No name found $data['title'] = '{%message,UNKNOWN_MODULE_DETECTED_TITLE=' . $module . '%}'; - if ((isSqlResult($result)) && (ifSqlHasZeroNumRows($result))) { + if ((isValidSqlResult($result)) && (ifSqlHasZeroNumRows($result))) { // Add module to database and ignore return value checkModulePermissions($module); } // END - if diff --git a/inc/modules/admin/what-list_notifications.php b/inc/modules/admin/what-list_notifications.php index eb8b135e48..ab3974e6a8 100644 --- a/inc/modules/admin/what-list_notifications.php +++ b/inc/modules/admin/what-list_notifications.php @@ -109,7 +109,7 @@ if ((isExtensionActive('bonus')) && (!ifSqlHasZeroNumRows($result_max)) && (!emp // Load main template loadTemplate('admin_list_notify_emails', FALSE, $content); } -} elseif ((sqlNumRows($result_max) === 0) && (isSqlResult($result_max))) { +} elseif ((sqlNumRows($result_max) === 0) && (isValidSqlResult($result_max))) { // No notifications found displayMessage('{--ADMIN_NO_NOTIFICATIONS--}'); } diff --git a/inc/sql-functions.php b/inc/sql-functions.php index 2ed26a7da8..b56d0dfca8 100644 --- a/inc/sql-functions.php +++ b/inc/sql-functions.php @@ -585,7 +585,7 @@ function ifSqlTableExists ($tableName) { array($tableName), __FUNCTION__, __LINE__); // Is a link there? - if (!isValidSqlLink($result)) { + if (!isValidSqlResult($result)) { // Is installation phase? if (isInstaller()) { // Then silently abort here @@ -630,7 +630,7 @@ function ifSqlTableColumnExists ($tableName, $columnName, $forceFound = FALSE) { ), __FUNCTION__, __LINE__); // Is a link there? - if (!isValidSqlLink($result)) { + if (!isValidSqlResult($result)) { // Is installation phase? if (isInstaller()) { // Then silently abort here @@ -672,7 +672,7 @@ function ifSqlTableIndexExist ($tableName, $keyName, $forceFound = FALSE) { $result = sqlQueryEscaped("SHOW INDEX FROM `%s`", array($tableName), __FUNCTION__, __LINE__); // Is a link there? - if (!isValidSqlLink($result)) { + if (!isValidSqlResult($result)) { // Is installation phase? if (isInstaller()) { // Then silently abort here -- 2.39.5