From 061339b087bf9bb3291144833a1cf9032637881d Mon Sep 17 00:00:00 2001 From: chriskl Date: Sun, 23 May 2004 04:10:19 +0000 Subject: [PATCH] fix a load of bugs in comment support --- BUGS | 5 ----- classes/database/Postgres.php | 36 ++++++++++++++++++--------------- classes/database/Postgres72.php | 5 +++-- classes/database/Postgres73.php | 4 ++-- classes/database/Postgres75.php | 3 ++- viewproperties.php | 9 +++++---- views.php | 6 +++--- 7 files changed, 35 insertions(+), 33 deletions(-) diff --git a/BUGS b/BUGS index dd557cbc..9bb473f8 100644 --- a/BUGS +++ b/BUGS @@ -20,12 +20,9 @@ Need to fix: * Don't offer owner change feature if user is not superuser * check use of apostrophes, etc. in tree menu -* Fix all uses of setComment that do double escaping - NEEDS TESTING ------------- -* Comment stuff * Import * Script execution * Create view wizard looks buggy @@ -33,6 +30,4 @@ NEEDS TESTING * error on viewing reports page * highlight things on the info stats page * advanced stats functions -* 7.5 alter column support needs a lot of testing in pre-7.5 -* Alter view column broken? (it is on 7.0) diff --git a/classes/database/Postgres.php b/classes/database/Postgres.php index da4ac071..24625cf1 100755 --- a/classes/database/Postgres.php +++ b/classes/database/Postgres.php @@ -4,7 +4,7 @@ * A class that implements the DB interface for Postgres * Note: This class uses ADODB and returns RecordSets. * - * $Id: Postgres.php,v 1.209 2004/05/19 01:28:34 soranzo Exp $ + * $Id: Postgres.php,v 1.210 2004/05/23 04:10:19 chriskl Exp $ */ // @@@ THOUGHT: What about inherits? ie. use of ONLY??? @@ -1126,7 +1126,6 @@ class Postgres extends BaseDB { */ function alterColumn($table, $column, $name, $notnull, $oldnotnull, $default, $olddefault, $type, $length, $array, $oldtype, $comment) { - $this->clean($comment); $this->beginTransaction(); // @@ NEED TO HANDLE "NESTED" TRANSACTION HERE @@ -1151,12 +1150,6 @@ class Postgres extends BaseDB { } } - $status = $this->setComment('COLUMN', $column, $table, $comment); - if ($status != 0) { - $this->rollbackTransaction(); - return -4; - } - // Rename the column, if it has been changed if ($column != $name) { $status = $this->renameColumn($table, $column, $name); @@ -1165,6 +1158,17 @@ class Postgres extends BaseDB { return -3; } } + + // Parameters must be cleaned for the setComment function. It's ok to do + // that here since this is the last time these variables are used. + $this->fieldClean($name); + $this->fieldClean($table); + $this->clean($comment); + $status = $this->setComment('COLUMN', $name, $table, $comment); + if ($status != 0) { + $this->rollbackTransaction(); + return -4; + } return $this->endTransaction(); } @@ -1188,7 +1192,7 @@ class Postgres extends BaseDB { function createTable($name, $fields, $field, $type, $array, $length, $notnull, $default, $withoutoids, $colcomment, $tblcomment) { $this->fieldClean($name); - $this->fieldClean($tblcomment); + $this->clean($tblcomment); $status = $this->beginTransaction(); if ($status != 0) return -1; @@ -1253,10 +1257,10 @@ class Postgres extends BaseDB { } if ($tblcomment != '') { - $status = $this->setComment('TABLE', '', $name, $tblcomment); + $status = $this->setComment('TABLE', '', $name, $tblcomment, true); if ($status) { $this->rollbackTransaction(); - return -1; + return -1; } } @@ -1977,15 +1981,14 @@ class Postgres extends BaseDB { /** * Sets the comment for an object in the database + * @pre All parameters must already be cleaned * @param $obj_type One of 'TABLE' | 'COLUMN' | 'VIEW' | 'SCHEMA' | 'SEQUENCE' | 'TYPE' | 'FUNCTION' - * @param $obj_name The name of the object for which to attach a comment + * @param $obj_name The name of the object for which to attach a comment. * @param $table Name of table that $obj_name belongs to. Ignored unless $obj_type is 'TABLE' or 'COLUMN'. - * @param $comment The comment to add + * @param $comment The comment to add. * @return 0 success */ function setComment($obj_type, $obj_name, $table, $comment) { - $this->clean($comment); - $sql = "COMMENT ON {$obj_type} " ; switch ($obj_type) { @@ -3539,7 +3542,7 @@ class Postgres extends BaseDB { * @return -3 create function error * @return -4 comment error */ - function setFunction($function_oid, $funcname, $newname, $args, $returns, $definition, $language, $flags, $setof, $comment) { + function setFunction($function_oid, $funcname, $newname, $args, $returns, $definition, $language, $flags, $setof, $comment) { $status = $this->beginTransaction(); if ($status != 0) return -1; @@ -3559,6 +3562,7 @@ class Postgres extends BaseDB { // Comment on the function $this->fieldClean($newname); + $this->clean($comment); $status = $this->setComment('FUNCTION', "\"{$newname}\"({$args})", null, $comment); if ($status != 0) { $this->rollbackTransaction(); diff --git a/classes/database/Postgres72.php b/classes/database/Postgres72.php index 7ffca5cd..70218793 100644 --- a/classes/database/Postgres72.php +++ b/classes/database/Postgres72.php @@ -4,7 +4,7 @@ * A class that implements the DB interface for Postgres * Note: This class uses ADODB and returns RecordSets. * - * $Id: Postgres72.php,v 1.65 2004/05/19 01:28:34 soranzo Exp $ + * $Id: Postgres72.php,v 1.66 2004/05/23 04:10:20 chriskl Exp $ */ @@ -314,6 +314,7 @@ class Postgres72 extends Postgres71 { // Comment on the function $this->fieldClean($funcname); + $this->clean($comment); $status = $this->setComment('FUNCTION', "\"{$funcname}\"({$args})", null, $comment); if ($status != 0) { $this->rollbackTransaction(); @@ -321,8 +322,8 @@ class Postgres72 extends Postgres71 { } // Rename the function, if necessary + $this->fieldClean($newname); if ($funcname != $newname && $this->hasFunctionRename()) { - $this->fieldClean($newname); $sql = "ALTER FUNCTION \"{$funcname}\"({$args}) RENAME TO \"{$newname}\""; $status = $this->execute($sql); if ($status != 0) { diff --git a/classes/database/Postgres73.php b/classes/database/Postgres73.php index 5db25d42..0f0ddbac 100644 --- a/classes/database/Postgres73.php +++ b/classes/database/Postgres73.php @@ -4,7 +4,7 @@ * A class that implements the DB interface for Postgres * Note: This class uses ADODB and returns RecordSets. * - * $Id: Postgres73.php,v 1.108 2004/05/19 01:28:34 soranzo Exp $ + * $Id: Postgres73.php,v 1.109 2004/05/23 04:10:20 chriskl Exp $ */ // @@@ THOUGHT: What about inherits? ie. use of ONLY??? @@ -181,7 +181,7 @@ class Postgres73 extends Postgres72 { */ function updateSchema($schemaname, $comment) { $this->fieldClean($schemaname); - $this->fieldClean($comment); + $this->clean($comment); return $this->setComment('SCHEMA', $schemaname, '', $comment); } diff --git a/classes/database/Postgres75.php b/classes/database/Postgres75.php index 596e7693..55eb3e70 100755 --- a/classes/database/Postgres75.php +++ b/classes/database/Postgres75.php @@ -3,7 +3,7 @@ /** * PostgreSQL 7.5 support * - * $Id: Postgres75.php,v 1.4 2004/05/14 07:56:38 chriskl Exp $ + * $Id: Postgres75.php,v 1.5 2004/05/23 04:10:20 chriskl Exp $ */ include_once('./classes/database/Postgres74.php'); @@ -45,6 +45,7 @@ class Postgres75 extends Postgres74 { $type, $length, $array, $oldtype, $comment) { $this->fieldClean($table); $this->fieldClean($column); + $this->clean($comment); // Initialise an empty SQL string $sql = ''; diff --git a/viewproperties.php b/viewproperties.php index 755dc875..eafbbc64 100755 --- a/viewproperties.php +++ b/viewproperties.php @@ -3,7 +3,7 @@ /** * List views in a database * - * $Id: viewproperties.php,v 1.3 2004/05/14 07:56:37 chriskl Exp $ + * $Id: viewproperties.php,v 1.4 2004/05/23 04:10:19 chriskl Exp $ */ // Include application functions @@ -50,8 +50,8 @@ echo "\t\t\n\t\n"; echo "\t\n\t\t{$lang['strcomment']}\n"; - echo "\t\t\n\t\n"; + echo "\t\t\n\t\n"; echo "\n"; echo "

\n"; echo "\n"; @@ -208,7 +208,8 @@ } $status = $data->alterColumn($_REQUEST['view'], $_REQUEST['column'], $_REQUEST['field'], - false, false, $_REQUEST['default'], $_REQUEST['olddefault'],$_REQUEST['comment']); + false, false, $_REQUEST['default'], $_REQUEST['olddefault'], + '', '', '', '', $_REQUEST['comment']); if ($status == 0) doDefault($lang['strcolumnaltered']); else { diff --git a/views.php b/views.php index 99a8f06b..74f491b3 100644 --- a/views.php +++ b/views.php @@ -3,7 +3,7 @@ /** * Manage views in a database * - * $Id: views.php,v 1.33 2004/05/14 01:16:13 soranzo Exp $ + * $Id: views.php,v 1.34 2004/05/23 04:10:19 chriskl Exp $ */ // Include application functions @@ -328,8 +328,8 @@ echo "\t\n\t\n"; echo "\t\n\t\t{$lang['strcomment']}\n"; - echo "\t\t\n\t\n"; + echo "\t\t\n\t\n"; echo "\n"; echo "

\n"; echo $misc->form; -- 2.39.5