if non-UTF8 string given to addQuotes(), convert to UTF-8

throw error if non-utf8 sql query given to doQuery()

diff --git a/includes/DatabaseOracle.php b/includes/DatabaseOracle.php
index 20aff7f..7bb4e15 100644 (file)
--- a/includes/DatabaseOracle.php
+++ b/includes/DatabaseOracle.php
@@ -32,7 +32,7 @@ class ORAResult {
                $this->db =& $db;
                if (($this->nrows = oci_fetch_all($stmt, $this->rows, 0, -1, OCI_FETCHSTATEMENT_BY_ROW | OCI_NUM)) === false) {
                        $e = oci_error($stmt);
-                       $db->reportQueryError('', $e['message'], $e['code']);
+                       $db->reportQueryError($e['message'], $e['code'], '', __FUNCTION__);
                        return;
                }
 
@@ -189,10 +189,18 @@ class DatabaseOracle extends Database {
 
        function doQuery($sql) {
                wfDebug("SQL: [$sql]\n");
-               $this->mLastResult = $stmt = oci_parse($this->mConn, $sql);
+               if (!mb_check_encoding($sql)) {
+                       throw new MWException("SQL encoding is invalid");
+               }
+
+               if (($this->mLastResult = $stmt = oci_parse($this->mConn, $sql)) === false) {
+                       $e = oci_error($this->mConn);
+                       $this->reportQueryError($e['message'], $e['code'], $sql, __FUNCTION__);
+               }
+               
                if (oci_execute($stmt, $this->execFlags()) == false) {
                        $e = oci_error($stmt);
-                       $this->reportQueryError($sql, $e['message'], $e['code'], '');
+                       $this->reportQueryError($e['message'], $e['code'], $sql, __FUNCTION__);
                }
                if (oci_statement_type($stmt) == "SELECT")
                        return new ORAResult($this, $stmt);
@@ -277,8 +285,8 @@ class DatabaseOracle extends Database {
                if (!is_array($options))
                        $options = array($options);
 
-               if (in_array('IGNORE', $options))
-                       $oldIgnore = $this->ignoreErrors(true);
+               #if (in_array('IGNORE', $options))
+               #       $oldIgnore = $this->ignoreErrors(true);
 
                # IGNORE is performed using single-row inserts, ignoring errors in each
                # FIXME: need some way to distiguish between key collision and other types of error
@@ -292,8 +300,8 @@ class DatabaseOracle extends Database {
                //$this->ignoreErrors($oldIgnore);
                $retVal = true;
 
-               if (in_array('IGNORE', $options))
-                       $this->ignoreErrors($oldIgnore);
+               //if (in_array('IGNORE', $options))
+               //      $this->ignoreErrors($oldIgnore);
 
                return $retVal;
        }
@@ -515,15 +523,18 @@ class DatabaseOracle extends Database {
        }
 
        function reportQueryError($error, $errno, $sql, $fname, $tempIgnore = false) {
-               # Ignore errors during error handling to avoid infinite recursion
+               # Ignore errors during error handling to avoid infinite 
+               # recursion
                $ignore = $this->ignoreErrors(true);
                ++$this->mErrorCount;
 
                if ($ignore || $tempIgnore) {
+echo "error ignored! query = [$sql]\n";
                        wfDebug("SQL ERROR (ignored): $error\n");
                        $this->ignoreErrors( $ignore );
                }
                else {
+echo "error!\n";
                        $message = "A database error has occurred\n" .
                                "Query: $sql\n" .
                                "Function: $fname\n" .
@@ -598,6 +609,8 @@ class DatabaseOracle extends Database {
        }
 
        function addQuotes( $s ) {
+       global  $wgLang;
+               $s = $wgLang->checkTitleEncoding($s);
                return "'" . $this->strencode($s) . "'";
        }