Menu
▾
▴
[popfile-commit] engine/Classifier Bayes.pm,1.327.4.10,1.327.4.11
|
From: Manni H. <man...@us...> - 2008-03-04 12:53:38
|
Update of /cvsroot/popfile/engine/Classifier In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv12751/Classifier Modified Files: Tag: b0_22_2 Bayes.pm Log Message: Add a method that validates, prepares and executes sql statements. Index: Bayes.pm =================================================================== RCS file: /cvsroot/popfile/engine/Classifier/Bayes.pm,v retrieving revision 1.327.4.10 retrieving revision 1.327.4.11 diff -C2 -d -r1.327.4.10 -r1.327.4.11 *** Bayes.pm 24 Nov 2007 16:37:48 -0000 1.327.4.10 --- Bayes.pm 4 Mar 2008 12:53:42 -0000 1.327.4.11 *************** *** 211,215 **** # other database (e.g. MySQL, Oracle, ... ) this *should* be all # you need to change. The additional parameters user and auth are ! # needed for some databases. # # Note that the dbconnect string --- 211,215 ---- # other database (e.g. MySQL, Oracle, ... ) this *should* be all # you need to change. The additional parameters user and auth are ! # needed for some databases. # # Note that the dbconnect string *************** *** 223,227 **** # SQLite 1.05+ have some problems we are resolving. This lets us # give a nice message and then disable the version checking later ! $self->config_( 'bad_sqlite_version', '3.0.0' ); --- 223,227 ---- # SQLite 1.05+ have some problems we are resolving. This lets us # give a nice message and then disable the version checking later ! $self->config_( 'bad_sqlite_version', '3.0.0' ); *************** *** 271,275 **** # 1 = Asynchronous deletes # 2 = Backup database every hour ! $self->config_( 'sqlite_tweaks', 0xFFFFFFFF ); --- 271,275 ---- # 1 = Asynchronous deletes # 2 = Backup database every hour ! $self->config_( 'sqlite_tweaks', 0xFFFFFFFF ); *************** *** 305,312 **** $self->classified( $message[0], $message[2] ); } ! if ( $type eq 'RELSE' ) { $self->release_session_key_private__( $message[0] ); ! } if ( $type eq 'TICKD' ) { --- 305,312 ---- $self->classified( $message[0], $message[2] ); } ! if ( $type eq 'RELSE' ) { $self->release_session_key_private__( $message[0] ); ! } if ( $type eq 'TICKD' ) { *************** *** 362,371 **** # Windows and using the fork. ! if ( ( $nihongo_parser eq 'kakasi' ) && ( $^O eq 'MSWin32' ) && ! ( ( ( $self->module_config_( 'pop3', 'enabled' ) ) && ! ( $self->module_config_( 'pop3', 'force_fork' ) ) ) || ! ( ( $self->module_config_( 'nntp', 'enabled' ) ) && ! ( $self->module_config_( 'nntp', 'force_fork' ) ) ) || ! ( ( $self->module_config_( 'smtp', 'enabled' ) ) && ( $self->module_config_( 'smtp', 'force_fork' ) ) ) ) ) { $self->{parser__}->{need_kakasi_mutex__} = 1; --- 362,371 ---- # Windows and using the fork. ! if ( ( $nihongo_parser eq 'kakasi' ) && ( $^O eq 'MSWin32' ) && ! ( ( ( $self->module_config_( 'pop3', 'enabled' ) ) && ! ( $self->module_config_( 'pop3', 'force_fork' ) ) ) || ! ( ( $self->module_config_( 'nntp', 'enabled' ) ) && ! ( $self->module_config_( 'nntp', 'force_fork' ) ) ) || ! ( ( $self->module_config_( 'smtp', 'enabled' ) ) && ( $self->module_config_( 'smtp', 'force_fork' ) ) ) ) ) { $self->{parser__}->{need_kakasi_mutex__} = 1; *************** *** 430,434 **** # backup the database by copying it ! if ( ( $self->config_( 'sqlite_tweaks' ) & 2 ) && $self->{db_is_sqlite__} ) { if ( !copy( $self->{db_name__}, $self->{db_name__} . ".backup" ) ) { --- 430,434 ---- # backup the database by copying it ! if ( ( $self->config_( 'sqlite_tweaks' ) & 2 ) && $self->{db_is_sqlite__} ) { if ( !copy( $self->{db_name__}, $self->{db_name__} . ".backup" ) ) { *************** *** 453,457 **** my ( $self, $tweak, $state, $db ) = @_; ! if ( $self->{db_is_sqlite__} && ( $self->config_( 'sqlite_tweaks' ) & $tweak ) ) { --- 453,457 ---- my ( $self, $tweak, $state, $db ) = @_; ! if ( $self->{db_is_sqlite__} && ( $self->config_( 'sqlite_tweaks' ) & $tweak ) ) { *************** *** 461,465 **** my $sync = $state?'off':'normal'; $db->do( "pragma synchronous=$sync;" ); ! } } } --- 461,465 ---- my $sync = $state?'off':'normal'; $db->do( "pragma synchronous=$sync;" ); ! } } } *************** *** 631,635 **** my $userid = $self->valid_session_key__( $session ); my $bucketid = $self->{db_bucketid__}{$userid}{$bucket}{id}; ! $self->{db_delete_zero_words__}->execute( $bucketid ); return 1; --- 631,635 ---- my $userid = $self->valid_session_key__( $session ); my $bucketid = $self->{db_bucketid__}{$userid}{$bucket}{id}; ! $self->validate_sql_prepare_and_execute( $self->{db_delete_zero_words__}, $bucketid ); return 1; *************** *** 725,729 **** if ( $sqlite ) { $dbname = $self->get_user_path_( $self->config_( 'database' ) ); ! $dbpresent = ( -e $dbname ) || 0; } else { $dbname = $self->config_( 'database' ); --- 725,729 ---- if ( $sqlite ) { $dbname = $self->get_user_path_( $self->config_( 'database' ) ); ! $dbpresent = ( -e $dbname ) || 0; } else { $dbname = $self->config_( 'database' ); *************** *** 750,772 **** $self->config_( 'dbuser' ), $self->config_( 'dbauth' ) ); # PROFILE BLOCK STOP ! $self->log_( 0, "Using SQLite library version " . $self->{db__}{sqlite_version}); ! # We check to make sure we're not using DBD::SQLite 1.05 or greater # which uses SQLite V 3 If so, we'll use DBD::SQLite2 and SQLite 2.8, # which is still compatible with old databases ! if ( $self->{db__}{sqlite_version} gt $self->config_('bad_sqlite_version' ) ) { ! $self->log_( 0, "Substituting DBD::SQLite2 for DBD::SQLite 1.05" ); $self->log_( 0, "Please install DBD::SQLite2 and set dbconnect to use DBD::SQLite2" ); ! $dbconnect =~ s/SQLite:/SQLite2:/; ! undef $self->{db__}; # $self->db_disconnect__(); ! $self->{db__} = DBI->connect( $dbconnect, # PROFILE BLOCK START $self->config_( 'dbuser' ), ! $self->config_( 'dbauth' ) ); # PROFILE BLOCK STOP } --- 750,772 ---- $self->config_( 'dbuser' ), $self->config_( 'dbauth' ) ); # PROFILE BLOCK STOP ! $self->log_( 0, "Using SQLite library version " . $self->{db__}{sqlite_version}); ! # We check to make sure we're not using DBD::SQLite 1.05 or greater # which uses SQLite V 3 If so, we'll use DBD::SQLite2 and SQLite 2.8, # which is still compatible with old databases ! if ( $self->{db__}{sqlite_version} gt $self->config_('bad_sqlite_version' ) ) { ! $self->log_( 0, "Substituting DBD::SQLite2 for DBD::SQLite 1.05" ); $self->log_( 0, "Please install DBD::SQLite2 and set dbconnect to use DBD::SQLite2" ); ! $dbconnect =~ s/SQLite:/SQLite2:/; ! undef $self->{db__}; # $self->db_disconnect__(); ! $self->{db__} = DBI->connect( $dbconnect, # PROFILE BLOCK START $self->config_( 'dbuser' ), ! $self->config_( 'dbauth' ) ); # PROFILE BLOCK STOP } *************** *** 800,804 **** # ! my $sqlquotechar = $self->{db__}->get_info(29) || ''; my @tables = map { s/$sqlquotechar//g; $_ } ($self->{db__}->tables()); --- 800,804 ---- # ! my $sqlquotechar = $self->{db__}->get_info(29) || ''; my @tables = map { s/$sqlquotechar//g; $_ } ($self->{db__}->tables()); *************** *** 837,842 **** print " Saving table $table\n "; ! my $t = $self->{db__}->prepare( "select * from $table;" ); ! $t->execute; $i = 0; while ( 1 ) { --- 837,841 ---- print " Saving table $table\n "; ! my $t = $self->validate_sql_prepare_and_execute( "select * from $table;" ); $i = 0; while ( 1 ) { *************** *** 996,1001 **** # Get the mapping from parameter names to ids into a local hash ! my $h = $self->{db__}->prepare( "select name, id from bucket_template;" ); ! $h->execute; while ( my $row = $h->fetchrow_arrayref ) { $self->{db_parameterid__}{$row->[0]} = $row->[1]; --- 995,999 ---- # Get the mapping from parameter names to ids into a local hash ! my $h = $self->validate_sql_prepare_and_execute( "select name, id from bucket_template;" ); while ( my $row = $h->fetchrow_arrayref ) { $self->{db_parameterid__}{$row->[0]} = $row->[1]; *************** *** 1102,1106 **** delete $self->{db_bucketid__}{$userid}; ! $self->{db_get_buckets__}->execute( $userid ); while ( my $row = $self->{db_get_buckets__}->fetchrow_arrayref ) { $self->{db_bucketid__}{$userid}{$row->[0]}{id} = $row->[1]; --- 1100,1104 ---- delete $self->{db_bucketid__}{$userid}; ! $self->validate_sql_prepare_and_execute( $self->{db_get_buckets__}, $userid ); while ( my $row = $self->{db_get_buckets__}->fetchrow_arrayref ) { $self->{db_bucketid__}{$userid}{$row->[0]}{id} = $row->[1]; *************** *** 1109,1113 **** } ! $self->{db_get_bucket_word_counts__}->execute( $userid ); for my $b (sort keys %{$self->{db_bucketid__}{$userid}}) { --- 1107,1111 ---- } ! $self->validate_sql_prepare_and_execute( $self->{db_get_bucket_word_counts__}, $userid ); for my $b (sort keys %{$self->{db_bucketid__}{$userid}}) { *************** *** 1120,1124 **** } ! $self->{db_get_bucket_unique_counts__}->execute( $userid ); while ( my $row = $self->{db_get_bucket_unique_counts__}->fetchrow_arrayref ) { --- 1118,1122 ---- } ! $self->validate_sql_prepare_and_execute( $self->{db_get_bucket_unique_counts__}, $userid ); while ( my $row = $self->{db_get_bucket_unique_counts__}->fetchrow_arrayref ) { *************** *** 1148,1152 **** return undef if ( !defined( $userid ) ); ! $self->{db_get_wordid__}->execute( $word ); my $result = $self->{db_get_wordid__}->fetchrow_arrayref; if ( !defined( $result ) ) { --- 1146,1150 ---- return undef if ( !defined( $userid ) ); ! $self->validate_sql_prepare_and_execute( $self->{db_get_wordid__}, $word ); my $result = $self->{db_get_wordid__}->fetchrow_arrayref; if ( !defined( $result ) ) { *************** *** 1156,1160 **** my $wordid = $result->[0]; ! $self->{db_get_word_count__}->execute( $self->{db_bucketid__}{$userid}{$bucket}{id}, $wordid ); $result = $self->{db_get_word_count__}->fetchrow_arrayref; if ( defined( $result ) ) { --- 1154,1158 ---- my $wordid = $result->[0]; ! $self->validate_sql_prepare_and_execute( $self->{db_get_word_count__}, $self->{db_bucketid__}{$userid}{$bucket}{id}, $wordid ); $result = $self->{db_get_word_count__}->fetchrow_arrayref; if ( defined( $result ) ) { *************** *** 1203,1207 **** my $bucketid = $self->{db_bucketid__}{$userid}{$bucket}{id}; ! $self->{db_put_word_count__}->execute( $bucketid, $wordid, $count ); return 1; --- 1201,1205 ---- my $bucketid = $self->{db_bucketid__}{$userid}{$bucket}{id}; ! $self->validate_sql_prepare_and_execute( $self->{db_put_word_count__}, $bucketid, $wordid, $count ); return 1; *************** *** 1489,1493 **** my $bucketid = $self->{db_bucketid__}{$userid}{$bucket}{id}; ! my $h = $self->{db__}->prepare( # PROFILE BLOCK START "select magnets.val, magnets.id from magnets, users, buckets, magnet_types where buckets.id = $bucketid and --- 1487,1491 ---- my $bucketid = $self->{db_bucketid__}{$userid}{$bucket}{id}; ! my $h = $self->validate_sql_prepare_and_execute( # PROFILE BLOCK START "select magnets.val, magnets.id from magnets, users, buckets, magnet_types where buckets.id = $bucketid and *************** *** 1497,1502 **** magnet_types.mtype = '$type' and magnets.mtid = magnet_types.id order by magnets.val;" ); # PROFILE BLOCK STOP - - $h->execute; while ( my $row = $h->fetchrow_arrayref ) { push @magnets, [$row->[0], $row->[1]]; --- 1495,1498 ---- *************** *** 1589,1597 **** my $words; $words = join( ',', map( $self->{db__}->quote( $_ ), (sort keys %{$self->{parser__}{words__}}) ) ); ! $self->{get_wordids__} = $self->{db__}->prepare( # PROFILE BLOCK START "select id, word from words where word in ( $words );" ); # PROFILE BLOCK STOP - $self->{get_wordids__}->execute; my @id_list; --- 1585,1592 ---- my $words; $words = join( ',', map( $self->{db__}->quote( $_ ), (sort keys %{$self->{parser__}{words__}}) ) ); ! $self->{get_wordids__} = $self->validate_sql_prepare_and_execute( # PROFILE BLOCK START "select id, word from words where word in ( $words );" ); # PROFILE BLOCK STOP my @id_list; *************** *** 1607,1611 **** my $ids = join( ',', @id_list ); ! $self->{db_getwords__} = $self->{db__}->prepare( # PROFILE BLOCK START "select matrix.times, matrix.wordid from matrix --- 1602,1606 ---- my $ids = join( ',', @id_list ); ! $self->{db_getwords__} = $self->validate_sql_prepare_and_execute( # PROFILE BLOCK START "select matrix.times, matrix.wordid from matrix *************** *** 1613,1618 **** and matrix.bucketid = $self->{db_bucketid__}{$userid}{$bucket}{id};" ); # PROFILE BLOCK STOP - $self->{db_getwords__}->execute; - my %counts; --- 1608,1611 ---- *************** *** 1633,1637 **** if ( defined( $wordmap{$word} ) && defined( $counts{$wordmap{$word}} ) ) { ! $self->{db_put_word_count__}->execute( $self->{db_bucketid__}{$userid}{$bucket}{id}, # PROFILE BLOCK START $wordmap{$word}, $counts{$wordmap{$word}} + $subtract * $self->{parser__}->{words__}{$word} ); # PROFILE BLOCK STOP } else { --- 1626,1630 ---- if ( defined( $wordmap{$word} ) && defined( $counts{$wordmap{$word}} ) ) { ! $self->validate_sql_prepare_and_execute( $self->{db_put_word_count__}, $self->{db_bucketid__}{$userid}{$bucket}{id}, # PROFILE BLOCK START $wordmap{$word}, $counts{$wordmap{$word}} + $subtract * $self->{parser__}->{words__}{$word} ); # PROFILE BLOCK STOP } else { *************** *** 1652,1656 **** if ( $subtract == -1 ) { ! $self->{db_delete_zero_words__}->execute( $self->{db_bucketid__}{$userid}{$bucket}{id} ); } --- 1645,1649 ---- if ( $subtract == -1 ) { ! $self->validate_sql_prepare_and_execute( $self->{db_delete_zero_words__}, $self->{db_bucketid__}{$userid}{$bucket}{id} ); } *************** *** 1804,1808 **** # # Releases and invalidates the session key. Worker function that does the work ! # of release_session_key. # ****DO NOT CALL DIRECTLY**** # unless you want your session key released immediately, possibly preventing --- 1797,1801 ---- # # Releases and invalidates the session key. Worker function that does the work ! # of release_session_key. # ****DO NOT CALL DIRECTLY**** # unless you want your session key released immediately, possibly preventing *************** *** 1813,1817 **** { my ( $self, $session ) = @_; ! if ( defined( $self->{api_sessions__}{$session} ) ) { $self->log_( 1, "release_session_key releasing key $session for user $self->{api_sessions__}{$session}" ); --- 1806,1810 ---- { my ( $self, $session ) = @_; ! if ( defined( $self->{api_sessions__}{$session} ) ) { $self->log_( 1, "release_session_key releasing key $session for user $self->{api_sessions__}{$session}" ); *************** *** 1898,1902 **** my $hash = md5_hex( $user . '__popfile__' . $pwd ); ! $self->{db_get_userid__}->execute( $user, $hash ); my $result = $self->{db_get_userid__}->fetchrow_arrayref; if ( !defined( $result ) ) { --- 1891,1895 ---- my $hash = md5_hex( $user . '__popfile__' . $pwd ); ! $self->validate_sql_prepare_and_execute( $self->{db_get_userid__}, $user, $hash ); my $result = $self->{db_get_userid__}->fetchrow_arrayref; if ( !defined( $result ) ) { *************** *** 1934,1938 **** { my ( $self, $session ) = @_; ! $self->mq_post_( "RELSE", $session ); } --- 1927,1931 ---- { my ( $self, $session ) = @_; ! $self->mq_post_( "RELSE", $session ); } *************** *** 2100,2109 **** my $words; $words = join( ',', map( $self->{db__}->quote( $_ ), (sort keys %{$self->{parser__}{words__}}) ) ); ! $self->{get_wordids__} = $self->{db__}->prepare( # PROFILE BLOCK START "select id, word from words where word in ( $words ) order by id;" ); # PROFILE BLOCK STOP - $self->{get_wordids__}->execute; my @id_list; --- 2093,2101 ---- my $words; $words = join( ',', map( $self->{db__}->quote( $_ ), (sort keys %{$self->{parser__}{words__}}) ) ); ! $self->{get_wordids__} = $self->validate_sql_prepare_and_execute( # PROFILE BLOCK START "select id, word from words where word in ( $words ) order by id;" ); # PROFILE BLOCK STOP my @id_list; *************** *** 2123,2127 **** my $ids = join( ',', @id_list ); ! $self->{db_classify__} = $self->{db__}->prepare( # PROFILE BLOCK START "select matrix.times, matrix.wordid, buckets.name from matrix, buckets --- 2115,2119 ---- my $ids = join( ',', @id_list ); ! $self->{db_classify__} = $self->validate_sql_prepare_and_execute( # PROFILE BLOCK START "select matrix.times, matrix.wordid, buckets.name from matrix, buckets *************** *** 2130,2135 **** and buckets.userid = $userid;" ); # PROFILE BLOCK STOP - $self->{db_classify__}->execute; - # %matrix maps wordids and bucket names to counts # $matrix{$wordid}{$bucket} == $count --- 2122,2125 ---- *************** *** 2447,2451 **** last if ( $width_1 <=0 && $width_2 <= 0 ); ! my %row_data; --- 2437,2441 ---- last if ( $width_1 <=0 && $width_2 <= 0 ); ! my %row_data; *************** *** 3177,3181 **** return undef if ( !defined( $userid ) ); ! $self->{db_get_full_total__}->execute( $userid ); return $self->{db_get_full_total__}->fetchrow_arrayref->[0]; } --- 3167,3171 ---- return undef if ( !defined( $userid ) ); ! $self->validate_sql_prepare_and_execute( $self->{db_get_full_total__}, $userid ); return $self->{db_get_full_total__}->fetchrow_arrayref->[0]; } *************** *** 3241,3245 **** return undef if ( !defined( $userid ) ); ! $self->{db_get_unique_word_count__}->execute( $userid ); return $self->{db_get_unique_word_count__}->fetchrow_arrayref->[0]; } --- 3231,3235 ---- return undef if ( !defined( $userid ) ); ! $self->validate_sql_prepare_and_execute( $self->{db_get_unique_word_count__}, $userid ); return $self->{db_get_unique_word_count__}->fetchrow_arrayref->[0]; } *************** *** 3316,3320 **** # If there is a non-default value for this parameter then return it. ! $self->{db_get_bucket_parameter__}->execute( $self->{db_bucketid__}{$userid}{$bucket}{id}, $self->{db_parameterid__}{$parameter} ); my $result = $self->{db_get_bucket_parameter__}->fetchrow_arrayref; --- 3306,3311 ---- # If there is a non-default value for this parameter then return it. ! $self->validate_sql_prepare_and_execute( $self->{db_get_bucket_parameter__}, ! $self->{db_bucketid__}{$userid}{$bucket}{id}, $self->{db_parameterid__}{$parameter} ); my $result = $self->{db_get_bucket_parameter__}->fetchrow_arrayref; *************** *** 3323,3327 **** if ( !defined( $result ) ) { ! $self->{db_get_bucket_parameter_default__}->execute( # PROFILE BLOCK START $self->{db_parameterid__}{$parameter} ); # PROFILE BLOCK STOP $result = $self->{db_get_bucket_parameter_default__}->fetchrow_arrayref; --- 3314,3318 ---- if ( !defined( $result ) ) { ! $self->validate_sql_prepare_and_execute( $self->{db_get_bucket_parameter_default__}, # PROFILE BLOCK START $self->{db_parameterid__}{$parameter} ); # PROFILE BLOCK STOP $result = $self->{db_get_bucket_parameter_default__}->fetchrow_arrayref; *************** *** 3366,3370 **** # Exactly one row should be affected by this statement ! $self->{db_set_bucket_parameter__}->execute( $bucketid, $btid, $value ); if ( defined( $self->{db_parameters__}{$userid}{$bucket}{$parameter} ) ) { --- 3357,3361 ---- # Exactly one row should be affected by this statement ! $self->validate_sql_prepare_and_execute( $self->{db_set_bucket_parameter__}, $bucketid, $btid, $value ); if ( defined( $self->{db_parameters__}{$userid}{$bucket}{$parameter} ) ) { *************** *** 3398,3402 **** $self->{parser__}->{color_userid__} = undef; $self->{parser__}->{bayes__} = bless $self; ! my $result = $self->{parser__}->parse_file( $file, # PROFILE BLOCK START $self->global_config_( 'message_cutoff' ) ); # PROFILE BLOCK STOP --- 3389,3393 ---- $self->{parser__}->{color_userid__} = undef; $self->{parser__}->{bayes__} = bless $self; ! my $result = $self->{parser__}->parse_file( $file, # PROFILE BLOCK START $self->global_config_( 'message_cutoff' ) ); # PROFILE BLOCK STOP *************** *** 3648,3652 **** my @result; ! $self->{db_get_buckets_with_magnets__}->execute( $userid ); while ( my $row = $self->{db_get_buckets_with_magnets__}->fetchrow_arrayref ) { push @result, ($row->[0]); --- 3639,3643 ---- my @result; ! $self->validate_sql_prepare_and_execute( $self->{db_get_buckets_with_magnets__}, $userid ); while ( my $row = $self->{db_get_buckets_with_magnets__}->fetchrow_arrayref ) { push @result, ($row->[0]); *************** *** 3676,3680 **** my $bucketid = $self->{db_bucketid__}{$userid}{$bucket}{id}; ! my $h = $self->{db__}->prepare( "select magnet_types.mtype from magnet_types, magnets, buckets where magnet_types.id = magnets.mtid and magnets.bucketid = buckets.id and --- 3667,3671 ---- my $bucketid = $self->{db_bucketid__}{$userid}{$bucket}{id}; ! my $h = $self->validate_sql_prepare_and_execute( "select magnet_types.mtype from magnet_types, magnets, buckets where magnet_types.id = magnets.mtid and magnets.bucketid = buckets.id and *************** *** 3683,3687 **** order by magnet_types.mtype;" ); - $h->execute; while ( my $row = $h->fetchrow_arrayref ) { push @result, ($row->[0]); --- 3674,3677 ---- *************** *** 3758,3762 **** my $bucketid = $self->{db_bucketid__}{$userid}{$bucket}{id}; ! my $h = $self->{db__}->prepare( "select magnets.val from magnets, magnet_types where magnets.bucketid = $bucketid and magnets.id != 0 and --- 3748,3752 ---- my $bucketid = $self->{db_bucketid__}{$userid}{$bucket}{id}; ! my $h = $self->validate_sql_prepare_and_execute( "select magnets.val from magnets, magnet_types where magnets.bucketid = $bucketid and magnets.id != 0 and *************** *** 3764,3768 **** magnet_types.mtype = '$type' order by magnets.val;" ); - $h->execute; while ( my $row = $h->fetchrow_arrayref ) { push @result, ($row->[0]); --- 3754,3757 ---- *************** *** 3822,3828 **** my %result; ! my $h = $self->{db__}->prepare( "select magnet_types.mtype, magnet_types.header from magnet_types order by mtype;" ); - $h->execute; while ( my $row = $h->fetchrow_arrayref ) { $result{$row->[0]} = $row->[1]; --- 3811,3816 ---- my %result; ! my $h = $self->validate_sql_prepare_and_execute( "select magnet_types.mtype, magnet_types.header from magnet_types order by mtype;" ); while ( my $row = $h->fetchrow_arrayref ) { $result{$row->[0]} = $row->[1]; *************** *** 3948,3951 **** --- 3936,4019 ---- } + + #---------------------------------------------------------------------------- + # + # validate_sql_prepare_and_execute + # + # This method will prepare sql statements and execute them. + # The statement itself and any binding parameters are also + # tested for possible null-characters (\x00). + # If you pass in a handle to a prepared statement, the statement + # will be executed and possible binding-parameters are checked. + # + # $statement The sql statement to prepare or the prepared statement handle + # @args The (optional) list of binding parameters + # + # Returns the result of prepare() + #---------------------------------------------------------------------------- + sub validate_sql_prepare_and_execute { + my $self = shift; + my $sql_or_sth = shift; + my @args = @_; + + my $dbh = $self->db(); + my $sth = undef; + + # Is this a statement-handle or a sql string? + if ( (ref $sql_or_sth) =~ m/^DBI::/ ) { + $sth = $sql_or_sth; + } + else { + my $sql = $sql_or_sth; + $sql = $self->check_for_nullbytes( $sql ); + $sth = $dbh->prepare( $sql ); + } + + my $execute_result = undef; + + # Any binding-params? + if ( @args ) { + foreach my $arg ( @args ) { + $arg = $self->check_for_nullbytes( $arg ); + } + $execute_result = $sth->execute( @args ); + } + else { + $execute_result = $sth->execute(); + } + + unless ( $execute_result ) { + my ( $package, $file, $line ) = caller; + $self->log_( 0, "DBI::execute failed. Called from package '$package' ($file), line $line." ); + } + + return $sth; + } + + + #---------------------------------------------------------------------------- + # + # check_for_nullbytes + # + # Will check a passed-in string for possible null-bytes and log and error + # message in case a null-byte is found. + # + # Will return the string with any null-bytes removed. + #---------------------------------------------------------------------------- + sub check_for_nullbytes { + my $self = shift; + my $string = shift; + + my $backup = $string; + + if ( my $count = ( $string =~ s/\x00//g ) ) { + my ( $package, $file, $line ) = caller( 1 ); + $self->log_( 0, "Found $count null-character(s) in string '$backup'. Called from package '$package' ($file), line $line." ); + } + + return $string; + } + + #---------------------------------------------------------------------------- #---------------------------------------------------------------------------- |
