From: River Tarnell Date: Fri, 30 Mar 2007 19:35:24 +0000 (+0000) Subject: if non-UTF8 string given to addQuotes(), convert to UTF-8 X-Git-Tag: 1.31.0-rc.0~53530 X-Git-Url: http://git.cyclocoop.org/%24href?a=commitdiff_plain;h=27708781ef57e0e06491f0c9c88821d1ddd82ff7;p=lhc%2Fweb%2Fwiklou.git if non-UTF8 string given to addQuotes(), convert to UTF-8 throw error if non-utf8 sql query given to doQuery() --- diff --git a/includes/DatabaseOracle.php b/includes/DatabaseOracle.php index 20aff7fae1..7bb4e15552 100644 --- a/includes/DatabaseOracle.php +++ b/includes/DatabaseOracle.php @@ -32,7 +32,7 @@ class ORAResult { $this->db =& $db; if (($this->nrows = oci_fetch_all($stmt, $this->rows, 0, -1, OCI_FETCHSTATEMENT_BY_ROW | OCI_NUM)) === false) { $e = oci_error($stmt); - $db->reportQueryError('', $e['message'], $e['code']); + $db->reportQueryError($e['message'], $e['code'], '', __FUNCTION__); return; } @@ -189,10 +189,18 @@ class DatabaseOracle extends Database { function doQuery($sql) { wfDebug("SQL: [$sql]\n"); - $this->mLastResult = $stmt = oci_parse($this->mConn, $sql); + if (!mb_check_encoding($sql)) { + throw new MWException("SQL encoding is invalid"); + } + + if (($this->mLastResult = $stmt = oci_parse($this->mConn, $sql)) === false) { + $e = oci_error($this->mConn); + $this->reportQueryError($e['message'], $e['code'], $sql, __FUNCTION__); + } + if (oci_execute($stmt, $this->execFlags()) == false) { $e = oci_error($stmt); - $this->reportQueryError($sql, $e['message'], $e['code'], ''); + $this->reportQueryError($e['message'], $e['code'], $sql, __FUNCTION__); } if (oci_statement_type($stmt) == "SELECT") return new ORAResult($this, $stmt); @@ -277,8 +285,8 @@ class DatabaseOracle extends Database { if (!is_array($options)) $options = array($options); - if (in_array('IGNORE', $options)) - $oldIgnore = $this->ignoreErrors(true); + #if (in_array('IGNORE', $options)) + # $oldIgnore = $this->ignoreErrors(true); # IGNORE is performed using single-row inserts, ignoring errors in each # FIXME: need some way to distiguish between key collision and other types of error @@ -292,8 +300,8 @@ class DatabaseOracle extends Database { //$this->ignoreErrors($oldIgnore); $retVal = true; - if (in_array('IGNORE', $options)) - $this->ignoreErrors($oldIgnore); + //if (in_array('IGNORE', $options)) + // $this->ignoreErrors($oldIgnore); return $retVal; } @@ -515,15 +523,18 @@ class DatabaseOracle extends Database { } function reportQueryError($error, $errno, $sql, $fname, $tempIgnore = false) { - # Ignore errors during error handling to avoid infinite recursion + # Ignore errors during error handling to avoid infinite + # recursion $ignore = $this->ignoreErrors(true); ++$this->mErrorCount; if ($ignore || $tempIgnore) { +echo "error ignored! query = [$sql]\n"; wfDebug("SQL ERROR (ignored): $error\n"); $this->ignoreErrors( $ignore ); } else { +echo "error!\n"; $message = "A database error has occurred\n" . "Query: $sql\n" . "Function: $fname\n" . @@ -598,6 +609,8 @@ class DatabaseOracle extends Database { } function addQuotes( $s ) { + global $wgLang; + $s = $wgLang->checkTitleEncoding($s); return "'" . $this->strencode($s) . "'"; }