From 7c3fd2adb5364385ed51b3ec8ab3613430caf20e Mon Sep 17 00:00:00 2001 From: Michael Date: Wed, 22 Nov 2017 07:21:19 +0000 Subject: [PATCH 1/4] Some more replaced old database functions --- include/dba.php | 14 ++---- include/event.php | 2 +- include/items.php | 20 ++------ include/like.php | 4 +- include/oauth.php | 2 +- include/oembed.php | 8 +-- include/plugin.php | 105 ++++++++++++++++------------------------ include/queue_fn.php | 4 +- include/threads.php | 2 +- src/Worker/CronJobs.php | 11 +++-- 10 files changed, 65 insertions(+), 107 deletions(-) diff --git a/include/dba.php b/include/dba.php index 79c15c85b..642539a75 100644 --- a/include/dba.php +++ b/include/dba.php @@ -1016,16 +1016,12 @@ class dba { public static function update($table, $fields, $condition, $old_fields = array()) { $table = self::escape($table); - if (count($condition) > 0) { - $array_element = each($condition); - $array_key = $array_element['key']; - if (is_int($array_key)) { - $condition_string = " WHERE ".array_shift($condition); - } else { - $condition_string = " WHERE `".implode("` = ? AND `", array_keys($condition))."` = ?"; - } + $array_element = each($condition); + $array_key = $array_element['key']; + if (is_int($array_key)) { + $condition_string = " WHERE ".array_shift($condition); } else { - $condition_string = ""; + $condition_string = " WHERE `".implode("` = ? AND `", array_keys($condition))."` = ?"; } if (is_bool($old_fields)) { diff --git a/include/event.php b/include/event.php index 9a74551bc..4ecc411b7 100644 --- a/include/event.php +++ b/include/event.php @@ -216,7 +216,7 @@ function event_delete($event_id) { return; } - q("DELETE FROM `event` WHERE `id` = %d", intval($event_id)); + dba::delete('event', array('id' => $event_id)); logger("Deleted event ".$event_id, LOGGER_DEBUG); } diff --git a/include/items.php b/include/items.php index 1f5511217..b25191534 100644 --- a/include/items.php +++ b/include/items.php @@ -2122,7 +2122,7 @@ function drop_item($id, $interactive = true) { } - if ((local_user() == $item['uid']) || ($contact_id) || (! $interactive)) { + if ((local_user() == $item['uid']) || $contact_id || !$interactive) { // Check if we should do HTML-based delete confirmation if ($_REQUEST['confirm']) { @@ -2189,30 +2189,18 @@ function drop_item($id, $interactive = true) { * generate a resource-id and therefore aren't intimately linked to the item. */ if (strlen($item['resource-id'])) { - q("DELETE FROM `photo` WHERE `resource-id` = '%s' AND `uid` = %d ", - dbesc($item['resource-id']), - intval($item['uid']) - ); - // ignore the result + dba::delete('photo', array('resource-id' => $item['resource-id'], 'uid' => $item['uid'])); } // If item is a link to an event, nuke the event record. if (intval($item['event-id'])) { - q("DELETE FROM `event` WHERE `id` = %d AND `uid` = %d", - intval($item['event-id']), - intval($item['uid']) - ); - // ignore the result + dba::delete('event', array('id' => $item['event-id'], 'uid' => $item['uid'])); } // If item has attachments, drop them foreach (explode(", ", $item['attach']) as $attach) { preg_match("|attach/(\d+)|", $attach, $matches); - q("DELETE FROM `attach` WHERE `id` = %d AND `uid` = %d", - intval($matches[1]), - local_user() - ); - // ignore the result + dba::delete('attach', array('id' => $matches[1], 'uid' => $item['uid'])); } // The new code splits the queries since the mysql optimizer really has bad problems with subqueries diff --git a/include/like.php b/include/like.php index e6f1aab6d..96cc477b8 100644 --- a/include/like.php +++ b/include/like.php @@ -163,9 +163,7 @@ function do_like($item_id, $verb) { // Clean up the Diaspora signatures for this like // Go ahead and do it even if Diaspora support is disabled. We still want to clean up // if it had been enabled in the past - q("DELETE FROM `sign` WHERE `iid` = %d", - intval($like_item['id']) - ); + dba::delete('sign', array('iid' => $like_item['id'])); $like_item_id = $like_item['id']; Worker::add(PRIORITY_HIGH, "Notifier", "like", $like_item_id); diff --git a/include/oauth.php b/include/oauth.php index bb1227868..c6993d05b 100644 --- a/include/oauth.php +++ b/include/oauth.php @@ -113,7 +113,7 @@ class FKOAuthDataStore extends OAuthDataStore { } - q("DELETE FROM tokens WHERE id='%s'", $token->key); + dba::delete('tokens', array('id' => $token->key)); if (!is_null($ret) && $uverifier!==false){ diff --git a/include/oembed.php b/include/oembed.php index 74ce90dd1..b7c1616fe 100755 --- a/include/oembed.php +++ b/include/oembed.php @@ -28,17 +28,17 @@ function oembed_replacecb($matches){ * @return bool|object Returns object with embed content or false if no embedable * content exists */ -function oembed_fetch_url($embedurl, $no_rich_type = false){ +function oembed_fetch_url($embedurl, $no_rich_type = false) { $embedurl = trim($embedurl, "'"); $embedurl = trim($embedurl, '"'); $a = get_app(); - $r = q("SELECT * FROM `oembed` WHERE `url` = '%s'", - dbesc(normalise_link($embedurl))); + $condition = array('url' => normalise_link($embedurl)); + $r = dba::select('oembed', array('content'), $condition, array('limit' => 1)); if (DBM::is_result($r)) { - $txt = $r[0]["content"]; + $txt = $r["content"]; } else { $txt = Cache::get($a->videowidth . $embedurl); } diff --git a/include/plugin.php b/include/plugin.php index 2814b2464..276c36bd2 100644 --- a/include/plugin.php +++ b/include/plugin.php @@ -16,19 +16,16 @@ use Friendica\Database\DBM; * @param string $plugin name of the addon * @return boolean */ -if (! function_exists('uninstall_plugin')){ -function uninstall_plugin($plugin){ +function uninstall_plugin($plugin) { logger("Addons: uninstalling " . $plugin); - q("DELETE FROM `addon` WHERE `name` = '%s' ", - dbesc($plugin) - ); + dba::delete('addon', array('name' => $plugin)); @include_once('addon/' . $plugin . '/' . $plugin . '.php'); if (function_exists($plugin . '_uninstall')) { $func = $plugin . '_uninstall'; $func(); } -}} +} /** * @brief installs an addon. @@ -36,12 +33,12 @@ function uninstall_plugin($plugin){ * @param string $plugin name of the addon * @return bool */ -if (! function_exists('install_plugin')){ function install_plugin($plugin) { // silently fail if plugin was removed - if (! file_exists('addon/' . $plugin . '/' . $plugin . '.php')) + if (!file_exists('addon/' . $plugin . '/' . $plugin . '.php')) { return false; + } logger("Addons: installing " . $plugin); $t = @filemtime('addon/' . $plugin . '/' . $plugin . '.php'); @include_once('addon/' . $plugin . '/' . $plugin . '.php'); @@ -62,26 +59,24 @@ function install_plugin($plugin) { dba::update('addon', array('hidden' => true), array('name' => $plugin)); } return true; - } - else { + } else { logger("Addons: FAILED installing " . $plugin); return false; } - -}} +} // reload all updated plugins -if (! function_exists('reload_plugins')) { function reload_plugins() { - $plugins = Config::get('system','addon'); + $plugins = Config::get('system', 'addon'); if (strlen($plugins)) { $r = q("SELECT * FROM `addon` WHERE `installed` = 1"); - if (DBM::is_result($r)) + if (DBM::is_result($r)) { $installed = $r; - else + } else { $installed = array(); + } $parr = explode(',',$plugins); @@ -115,7 +110,7 @@ function reload_plugins() { } } -}} +} /** * @brief check if addon is enabled @@ -137,21 +132,17 @@ function plugin_enabled($plugin) { * @param int $priority A priority (defaults to 0) * @return mixed|bool */ -if (! function_exists('register_hook')) { -function register_hook($hook,$file,$function,$priority=0) { - - $r = q("SELECT * FROM `hook` WHERE `hook` = '%s' AND `file` = '%s' AND `function` = '%s' LIMIT 1", - dbesc($hook), - dbesc($file), - dbesc($function) - ); - if (DBM::is_result($r)) +function register_hook($hook, $file, $function, $priority=0) { + $condition = array('hook' => $hook, 'file' => $file, 'function' => $function); + $exists = dba::exists('hook', $condition); + if ($exists) { return true; + } $r = dba::insert('hook', array('hook' => $hook, 'file' => $file, 'function' => $function, 'priority' => $priority)); return $r; -}} +} /** * @brief unregisters a hook. @@ -161,16 +152,11 @@ function register_hook($hook,$file,$function,$priority=0) { * @param string $function the name of the function that the hook called * @return array */ -if (! function_exists('unregister_hook')) { -function unregister_hook($hook,$file,$function) { - - $r = q("DELETE FROM `hook` WHERE `hook` = '%s' AND `file` = '%s' AND `function` = '%s'", - dbesc($hook), - dbesc($file), - dbesc($function) - ); +function unregister_hook($hook, $file, $function) { + $condition = array('hook' => $hook, 'file' => $file, 'function' => $function); + $r = dba::delete('hook', $condition); return $r; -}} +} function load_hooks() { @@ -224,17 +210,13 @@ function call_single_hook($a, $name, $hook, &$data = null) { $func($a, $data); } else { // remove orphan hooks - q("DELETE FROM `hook` WHERE `hook` = '%s' AND `file` = '%s' AND `function` = '%s'", - dbesc($name), - dbesc($hook[0]), - dbesc($hook[1]) - ); + $condition = array('hook' => $name, 'file' => $hook[0], 'function' => $hook[1]); + dba::delete('hook', $condition); } } //check if an app_menu hook exist for plugin $name. //Return true if the plugin is an app -if (! function_exists('plugin_is_app')) { function plugin_is_app($name) { $a = get_app(); @@ -246,7 +228,7 @@ function plugin_is_app($name) { } return false; -}} +} /** * @brief Parse plugin comment in search of plugin infos. @@ -264,8 +246,7 @@ function plugin_is_app($name) { * @return array with the plugin information */ -if (! function_exists('get_plugin_info')){ -function get_plugin_info($plugin){ +function get_plugin_info($plugin) { $a = get_app(); @@ -285,14 +266,14 @@ function get_plugin_info($plugin){ $r = preg_match("|/\*.*\*/|msU", $f, $m); - if ($r){ + if ($r) { $ll = explode("\n", $m[0]); foreach ( $ll as $l ) { $l = trim($l,"\t\n\r */"); - if ($l!=""){ + if ($l != "") { list($k,$v) = array_map("trim", explode(":",$l,2)); $k= strtolower($k); - if ($k=="author"){ + if ($k == "author") { $r=preg_match("|([^<]+)<([^>]+)>|", $v, $m); if ($r) { $info['author'][] = array('name'=>$m[1], 'link'=>$m[2]); @@ -300,7 +281,7 @@ function get_plugin_info($plugin){ $info['author'][] = array('name'=>$v); } } else { - if (array_key_exists($k,$info)){ + if (array_key_exists($k,$info)) { $info[$k]=$v; } } @@ -310,7 +291,7 @@ function get_plugin_info($plugin){ } return $info; -}} +} /** @@ -329,8 +310,7 @@ function get_plugin_info($plugin){ * @return array */ -if (! function_exists('get_theme_info')){ -function get_theme_info($theme){ +function get_theme_info($theme) { $info=Array( 'name' => $theme, 'description' => "", @@ -356,14 +336,14 @@ function get_theme_info($theme){ $r = preg_match("|/\*.*\*/|msU", $f, $m); - if ($r){ + if ($r) { $ll = explode("\n", $m[0]); foreach ( $ll as $l ) { $l = trim($l,"\t\n\r */"); - if ($l!=""){ + if ($l != "") { list($k,$v) = array_map("trim", explode(":",$l,2)); $k= strtolower($k); - if ($k=="author"){ + if ($k == "author") { $r=preg_match("|([^<]+)<([^>]+)>|", $v, $m); if ($r) { @@ -371,8 +351,7 @@ function get_theme_info($theme){ } else { $info['author'][] = array('name'=>$v); } - } - elseif ($k=="maintainer"){ + } elseif ($k == "maintainer") { $r=preg_match("|([^<]+)<([^>]+)>|", $v, $m); if ($r) { $info['maintainer'][] = array('name'=>$m[1], 'link'=>$m[2]); @@ -380,7 +359,7 @@ function get_theme_info($theme){ $info['maintainer'][] = array('name'=>$v); } } else { - if (array_key_exists($k,$info)){ + if (array_key_exists($k,$info)) { $info[$k]=$v; } } @@ -390,7 +369,7 @@ function get_theme_info($theme){ } return $info; -}} +} /** * @brief Returns the theme's screenshot. @@ -411,8 +390,7 @@ function get_theme_screenshot($theme) { } // install and uninstall theme -if (! function_exists('uninstall_theme')){ -function uninstall_theme($theme){ +function uninstall_theme($theme) { logger("Addons: uninstalling theme " . $theme); include_once("view/theme/$theme/theme.php"); @@ -420,9 +398,8 @@ function uninstall_theme($theme){ $func = "{$theme}_uninstall"; $func(); } -}} +} -if (! function_exists('install_theme')){ function install_theme($theme) { // silently fail if theme was removed @@ -443,7 +420,7 @@ function install_theme($theme) { return false; } -}} +} /** * @brief Get the full path to relevant theme files by filename diff --git a/include/queue_fn.php b/include/queue_fn.php index e6fd14e07..c4ab229ae 100644 --- a/include/queue_fn.php +++ b/include/queue_fn.php @@ -13,9 +13,7 @@ function update_queue_time($id) { function remove_queue_item($id) { logger('queue: remove queue item ' . $id); - q("DELETE FROM `queue` WHERE `id` = %d", - intval($id) - ); + dba::delete('queue', array('id' => $id)); } /** diff --git a/include/threads.php b/include/threads.php index 107f2f76b..00848ccc6 100644 --- a/include/threads.php +++ b/include/threads.php @@ -251,7 +251,7 @@ function delete_thread($itemid, $itemuri = "") { } // Using dba::delete at this time could delete the associated item entries - $result = q("DELETE FROM `thread` WHERE `iid` = %d", intval($itemid)); + $result = dba::e("DELETE FROM `thread` WHERE `iid` = ?", $itemid); logger("delete_thread: Deleted thread for item ".$itemid." - ".print_r($result, true), LOGGER_DEBUG); diff --git a/src/Worker/CronJobs.php b/src/Worker/CronJobs.php index 08a1af6dc..cbfa86ed8 100644 --- a/src/Worker/CronJobs.php +++ b/src/Worker/CronJobs.php @@ -155,14 +155,15 @@ class CronJobs { if (!$cachetime) { $cachetime = PROXY_DEFAULT_TIME; } - q('DELETE FROM `photo` WHERE `uid` = 0 AND `resource-id` LIKE "pic:%%" AND `created` < NOW() - INTERVAL %d SECOND', $cachetime); + $condition = array('`uid` = 0 AND `resource-id` LIKE "pic:%" AND `created` < NOW() - INTERVAL ? SECOND', $cachetime); + dba::delete('photo', $condition); } - // Delete the cached OEmbed entries that are older than one year - q("DELETE FROM `oembed` WHERE `created` < NOW() - INTERVAL 3 MONTH"); + // Delete the cached OEmbed entries that are older than three month + dba::delete('oembed', array("`created` < NOW() - INTERVAL 3 MONTH")); - // Delete the cached "parse_url" entries that are older than one year - q("DELETE FROM `parsed_url` WHERE `created` < NOW() - INTERVAL 3 MONTH"); + // Delete the cached "parse_url" entries that are older than three month + dba::delete('parsed_url', array("`created` < NOW() - INTERVAL 3 MONTH")); // Maximum table size in megabyte $max_tablesize = intval(Config::get('system','optimize_max_tablesize')) * 1000000; From c6c180e8b92edc20f059fa9071e53d9cfee5664d Mon Sep 17 00:00:00 2001 From: Michael Date: Wed, 22 Nov 2017 09:11:44 +0000 Subject: [PATCH 2/4] Some more changed calls --- include/api.php | 12 ++---------- include/group.php | 26 +++++++++++--------------- 2 files changed, 13 insertions(+), 25 deletions(-) diff --git a/include/api.php b/include/api.php index 9f91139d1..7c012ddbb 100644 --- a/include/api.php +++ b/include/api.php @@ -3435,11 +3435,7 @@ function api_fr_photoalbum_delete($type) } // now let's delete all photos from the album - $result = q( - "DELETE FROM `photo` WHERE `uid` = %d AND `album` = '%s'", - intval(api_user()), - dbesc($album) - ); + $result = dba::delete('photo', array('uid' => api_user(), 'album' => $album)); // return success of deletion or error message if ($result) { @@ -3722,11 +3718,7 @@ function api_fr_photo_delete($type) throw new BadRequestException("photo not available"); } // now we can perform on the deletion of the photo - $result = q( - "DELETE FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s'", - intval(api_user()), - dbesc($photo_id) - ); + $result = dba::delete('photo', array('uid' => api_user(), 'resource-id' => $photo_id)); // return success of deletion or error message if ($result) { diff --git a/include/group.php b/include/group.php index d3c3a8171..6e7348c4e 100644 --- a/include/group.php +++ b/include/group.php @@ -79,10 +79,7 @@ function group_rmv($uid,$name) { } // remove all members - $r = q("DELETE FROM `group_member` WHERE `uid` = %d AND `gid` = %d ", - intval($uid), - intval($group_id) - ); + dba::delete('group_member', array('uid' => $uid, 'pid' => $group_id)); // remove group $r = q("UPDATE `group` SET `deleted` = 1 WHERE `uid` = %d AND `name` = '%s'", @@ -109,20 +106,19 @@ function group_byname($uid,$name) { return false; } -function group_rmv_member($uid,$name,$member) { - $gid = group_byname($uid,$name); - if (! $gid) +function group_rmv_member($uid, $name, $member) { + $gid = group_byname($uid, $name); + + if (!$gid) { return false; - if (! ( $uid && $gid && $member)) + } + + if (!($uid && $gid && $member)) { return false; - $r = q("DELETE FROM `group_member` WHERE `uid` = %d AND `gid` = %d AND `contact-id` = %d", - intval($uid), - intval($gid), - intval($member) - ); + } + + $r = dba::delete('group_member', array('uid' => $uid, 'gid' => $gid, 'contact-id' => $member)); return $r; - - } From 87660ac9e63bfc6c76e2abb668586a425a9c4fed Mon Sep 17 00:00:00 2001 From: Michael Date: Wed, 22 Nov 2017 09:14:42 +0000 Subject: [PATCH 3/4] /src is now free from old style delete queries --- src/App.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/App.php b/src/App.php index 1bb35e1dc..ab64d7a3f 100644 --- a/src/App.php +++ b/src/App.php @@ -722,7 +722,7 @@ class App { if (DBM::is_result($r)) { foreach ($r AS $process) { if (!posix_kill($process['pid'], 0)) { - q('DELETE FROM `process` WHERE `pid` = %d', intval($process['pid'])); + dba::delete('process', array('pid' => $process['pid'])); } } } @@ -733,7 +733,7 @@ class App { * @brief Remove the active process from the "process" table */ function end_process() { - q('DELETE FROM `process` WHERE `pid` = %d', intval(getmypid())); + dba::delete('process', array('pid' => getmypid())); } function get_useragent() { From ffceb601d5dd62bef22b013dd921958a20b58b54 Mon Sep 17 00:00:00 2001 From: Michael Date: Wed, 22 Nov 2017 22:50:45 +0000 Subject: [PATCH 4/4] Some handling for empty parameters --- include/dba.php | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/include/dba.php b/include/dba.php index 642539a75..684f53ea4 100644 --- a/include/dba.php +++ b/include/dba.php @@ -713,6 +713,12 @@ class dba { * @return boolean was the insert successfull? */ public static function insert($table, $param, $on_duplicate_update = false) { + + if (empty($table) || empty($param)) { + logger('Table and fields have to be set'); + return false; + } + $sql = "INSERT INTO `".self::escape($table)."` (`".implode("`, `", array_keys($param))."`) VALUES (". substr(str_repeat("?, ", count($param)), 0, -2).")"; @@ -852,6 +858,12 @@ class dba { * @return boolean|array was the delete successfull? When $in_process is set: deletion data */ public static function delete($table, $param, $in_process = false, &$callstack = array()) { + + if (empty($table) || empty($param)) { + logger('Table and condition have to be set'); + return false; + } + $commands = array(); // Create a key for the loop prevention @@ -1014,6 +1026,12 @@ class dba { * @return boolean was the update successfull? */ public static function update($table, $fields, $condition, $old_fields = array()) { + + if (empty($table) || empty($fields) || empty($condition)) { + logger('Table, fields and condition have to be set'); + return false; + } + $table = self::escape($table); $array_element = each($condition);