From 73839159043f9ef66de4cc3a8696c9daff19a96a Mon Sep 17 00:00:00 2001 From: Thomas Tanghus Date: Wed, 31 Oct 2012 21:37:49 +0100 Subject: [PATCH] Added more error checking to db queries. --- lib/addressbook.php | 39 ++++++++++++++++++++++++++++++++++++--- lib/vcard.php | 43 +++++++++++++++++++++++++++++++++++++++++-- 2 files changed, 77 insertions(+), 5 deletions(-) diff --git a/lib/addressbook.php b/lib/addressbook.php index b053db9f..e4271d9a 100644 --- a/lib/addressbook.php +++ b/lib/addressbook.php @@ -58,9 +58,13 @@ class Addressbook { try { $stmt = \OCP\DB::prepare( 'SELECT * FROM `*PREFIX*contacts_addressbooks` WHERE `userid` = ? ' . $active_where . ' ORDER BY `displayname`' ); $result = $stmt->execute($values); + if (\OC_DB::isError($result)) { + \OC_Log::write('contacts', __METHOD__. 'DB error: ' . \OC_DB::getErrorMessage($result), \OC_Log::ERROR); + return false; + } } catch(\Exception $e) { - \OCP\Util::writeLog('contacts', __CLASS__.'::'.__METHOD__.' exception: '.$e->getMessage(), \OCP\Util::ERROR); - \OCP\Util::writeLog('contacts', __CLASS__.'::'.__METHOD__.' uid: '.$uid, \OCP\Util::DEBUG); + \OCP\Util::writeLog('contacts', __METHOD__.' exception: '.$e->getMessage(), \OCP\Util::ERROR); + \OCP\Util::writeLog('contacts', __METHOD__.' uid: '.$uid, \OCP\Util::DEBUG); return false; } @@ -131,6 +135,10 @@ class Addressbook { try { $stmt = \OCP\DB::prepare( 'SELECT * FROM `*PREFIX*contacts_addressbooks` WHERE `id` = ?' ); $result = $stmt->execute(array($id)); + if (\OC_DB::isError($result)) { + \OC_Log::write('contacts', __METHOD__. 'DB error: ' . \OC_DB::getErrorMessage($result), \OC_Log::ERROR); + return false; + } } catch(Exception $e) { \OCP\Util::writeLog('contacts', __METHOD__.', exception: ' . $e->getMessage(), \OCP\Util::ERROR); \OCP\Util::writeLog('contacts', __METHOD__.', id: ' . $id, \OCP\Util::DEBUG); @@ -181,6 +189,10 @@ class Addressbook { try { $stmt = \OCP\DB::prepare( 'SELECT `uri` FROM `*PREFIX*contacts_addressbooks` WHERE `userid` = ? ' ); $result = $stmt->execute(array($uid)); + if (\OC_DB::isError($result)) { + \OC_Log::write('contacts', __METHOD__. 'DB error: ' . \OC_DB::getErrorMessage($result), \OC_Log::ERROR); + return false; + } } catch(Exception $e) { \OCP\Util::writeLog('contacts', __METHOD__ . ' exception: ' . $e->getMessage(), \OCP\Util::ERROR); \OCP\Util::writeLog('contacts', __METHOD__ . ' uid: ' . $uid, \OCP\Util::DEBUG); @@ -195,6 +207,10 @@ class Addressbook { try { $stmt = \OCP\DB::prepare( 'INSERT INTO `*PREFIX*contacts_addressbooks` (`userid`,`displayname`,`uri`,`description`,`ctag`) VALUES(?,?,?,?,?)' ); $result = $stmt->execute(array($uid,$name,$uri,$description,1)); + if (\OC_DB::isError($result)) { + \OC_Log::write('contacts', __METHOD__. 'DB error: ' . \OC_DB::getErrorMessage($result), \OC_Log::ERROR); + return false; + } } catch(Exception $e) { \OCP\Util::writeLog('contacts', __METHOD__.', exception: '.$e->getMessage(), \OCP\Util::ERROR); \OCP\Util::writeLog('contacts', __METHOD__.', uid: '.$uid, \OCP\Util::DEBUG); @@ -218,7 +234,11 @@ class Addressbook { try { $stmt = \OCP\DB::prepare('INSERT INTO `*PREFIX*contacts_addressbooks` ' . '(`userid`,`displayname`,`uri`,`description`,`ctag`) VALUES(?,?,?,?,?)'); - $result = $stmt->execute(array($uid,$name,$uri,$description,1)); + $result = $stmt->execute(array($uid, $name, $uri, $description, 1)); + if (\OC_DB::isError($result)) { + \OC_Log::write('contacts', __METHOD__. 'DB error: ' . \OC_DB::getErrorMessage($result), \OC_Log::ERROR); + return false; + } } catch(Exception $e) { \OCP\Util::writeLog('contacts', __METHOD__.', exception: ' . $e->getMessage(), \OCP\Util::ERROR); \OCP\Util::writeLog('contacts', __METHOD__.', uid: ' . $uid, \OCP\Util::DEBUG); @@ -259,6 +279,14 @@ class Addressbook { try { $stmt = \OCP\DB::prepare('UPDATE `*PREFIX*contacts_addressbooks` SET `displayname`=?,`description`=?, `ctag`=`ctag`+1 WHERE `id`=?'); $result = $stmt->execute(array($name,$description,$id)); + if (\OC_DB::isError($result)) { + \OC_Log::write('contacts', __METHOD__. 'DB error: ' . \OC_DB::getErrorMessage($result), \OC_Log::ERROR); + throw new Exception( + App::$l10n->t( + 'There was an error updating the addressbook.' + ) + ); + } } catch(Exception $e) { \OCP\Util::writeLog('contacts', __METHOD__ . ', exception: ' . $e->getMessage(), \OCP\Util::ERROR); \OCP\Util::writeLog('contacts', __METHOD__ . ', id: ' . $id, \OCP\Util::DEBUG); @@ -301,10 +329,15 @@ class Addressbook { try { $stmt = \OCP\DB::prepare( $sql ); $result = $stmt->execute(array($id)); + if (\OC_DB::isError($result)) { + \OC_Log::write('contacts', __METHOD__. 'DB error: ' . \OC_DB::getErrorMessage($result), \OC_Log::ERROR); + return false; + } $row = $result->fetchRow(); return (bool)$row['active']; } catch(Exception $e) { \OCP\Util::writeLog('contacts', __METHOD__.', exception: ' . $e->getMessage(), \OCP\Util::ERROR); + return false; } } diff --git a/lib/vcard.php b/lib/vcard.php index 8b515323..539edfda 100644 --- a/lib/vcard.php +++ b/lib/vcard.php @@ -57,6 +57,10 @@ class VCard { try { $stmt = \OCP\DB::prepare($sql, $num, $start); $result = $stmt->execute($id); + if (\OC_DB::isError($result)) { + \OC_Log::write('contacts', __METHOD__. 'DB error: ' . \OC_DB::getErrorMessage($result), \OC_Log::ERROR); + return false; + } } catch(\Exception $e) { \OCP\Util::writeLog('contacts', __METHOD__.', exception: ' . $e->getMessage(), \OCP\Util::ERROR); \OCP\Util::writeLog('contacts', __METHOD__.', ids: ' . join(',', $id), \OCP\Util::DEBUG); @@ -68,6 +72,10 @@ class VCard { $sql = 'SELECT * FROM `*PREFIX*contacts_cards` WHERE `addressbookid` = ? ORDER BY `fullname`'; $stmt = \OCP\DB::prepare($sql, $num, $start); $result = $stmt->execute(array($id)); + if (\OC_DB::isError($result)) { + \OC_Log::write('contacts', __METHOD__. 'DB error: ' . \OC_DB::getErrorMessage($result), \OC_Log::ERROR); + return false; + } } catch(\Exception $e) { \OCP\Util::writeLog('contacts', __METHOD__.', exception: '.$e->getMessage(), \OCP\Util::ERROR); \OCP\Util::writeLog('contacts', __METHOD__.', ids: '. $id, \OCP\Util::DEBUG); @@ -98,6 +106,10 @@ class VCard { try { $stmt = \OCP\DB::prepare( 'SELECT * FROM `*PREFIX*contacts_cards` WHERE `id` = ?' ); $result = $stmt->execute(array($id)); + if (\OC_DB::isError($result)) { + \OC_Log::write('contacts', __METHOD__. 'DB error: ' . \OC_DB::getErrorMessage($result), \OC_Log::ERROR); + return false; + } } catch(\Exception $e) { \OCP\Util::writeLog('contacts', __METHOD__.', exception: '.$e->getMessage(), \OCP\Util::ERROR); \OCP\Util::writeLog('contacts', __METHOD__.', id: '. $id, \OCP\Util::DEBUG); @@ -117,6 +129,10 @@ class VCard { try { $stmt = \OCP\DB::prepare( 'SELECT * FROM `*PREFIX*contacts_cards` WHERE `addressbookid` = ? AND `uri` = ?' ); $result = $stmt->execute(array($aid,$uri)); + if (\OC_DB::isError($result)) { + \OC_Log::write('contacts', __METHOD__. 'DB error: ' . \OC_DB::getErrorMessage($result), \OC_Log::ERROR); + return false; + } } catch(\Exception $e) { \OCP\Util::writeLog('contacts', __METHOD__.', exception: '.$e->getMessage(), \OCP\Util::ERROR); \OCP\Util::writeLog('contacts', __METHOD__.', aid: '.$aid.' uri'.$uri, \OCP\Util::DEBUG); @@ -179,6 +195,10 @@ class VCard { $uri = $uid.'.vcf'; try { $result = $stmt->execute(array($aid,$uri)); + if (\OC_DB::isError($result)) { + \OC_Log::write('contacts', __METHOD__. 'DB error: ' . \OC_DB::getErrorMessage($result), \OC_Log::ERROR); + return false; + } } catch(Exception $e) { \OCP\Util::writeLog('contacts', __METHOD__.', exception: '.$e->getMessage(), \OCP\Util::ERROR); \OCP\Util::writeLog('contacts', __METHOD__.', aid: '.$aid.' uid'.$uid, \OCP\Util::DEBUG); @@ -337,7 +357,11 @@ class VCard { $data = $card->serialize(); $stmt = \OCP\DB::prepare( 'INSERT INTO `*PREFIX*contacts_cards` (`addressbookid`,`fullname`,`carddata`,`uri`,`lastmodified`) VALUES(?,?,?,?,?)' ); try { - $result = $stmt->execute(array($aid,$fn,$data,$uri,time())); + $result = $stmt->execute(array($aid, $fn, $data, $uri, time())); + if (\OC_DB::isError($result)) { + \OC_Log::write('contacts', __METHOD__. 'DB error: ' . \OC_DB::getErrorMessage($result), \OC_Log::ERROR); + return false; + } } catch(\Exception $e) { \OCP\Util::writeLog('contacts', __METHOD__.', exception: '.$e->getMessage(), \OCP\Util::ERROR); \OCP\Util::writeLog('contacts', __METHOD__.', aid: '.$aid.' uri'.$uri, \OCP\Util::DEBUG); @@ -389,6 +413,9 @@ class VCard { $data = $vcard->serialize(); try { $result = $stmt->execute(array($data,time(),$object[0])); + if (\OC_DB::isError($result)) { + \OC_Log::write('contacts', __METHOD__. 'DB error: ' . \OC_DB::getErrorMessage($result), \OC_Log::ERROR); + } //OCP\Util::writeLog('contacts','OCA\Contacts\VCard::updateDataByID, id: '.$object[0].': '.$object[1],OCP\Util::DEBUG); } catch(Exception $e) { \OCP\Util::writeLog('contacts', __METHOD__.', exception: '.$e->getMessage(), \OCP\Util::ERROR); @@ -457,7 +484,11 @@ class VCard { $data = $card->serialize(); $stmt = \OCP\DB::prepare( 'UPDATE `*PREFIX*contacts_cards` SET `fullname` = ?,`carddata` = ?, `lastmodified` = ? WHERE `id` = ?' ); try { - $result = $stmt->execute(array($fn,$data,time(),$id)); + $result = $stmt->execute(array($fn, $data, time(), $id)); + if (\OC_DB::isError($result)) { + \OC_Log::write('contacts', __METHOD__. 'DB error: ' . \OC_DB::getErrorMessage($result), \OC_Log::ERROR); + return false; + } } catch(\Exception $e) { \OCP\Util::writeLog('contacts', __METHOD__.', exception: ' . $e->getMessage(), \OCP\Util::ERROR); @@ -806,6 +837,10 @@ class VCard { //$aid = array($aid); $vals = array_merge((array)$aid, $id); $result = $stmt->execute($vals); + if (\OC_DB::isError($result)) { + \OC_Log::write('contacts', __METHOD__. 'DB error: ' . \OC_DB::getErrorMessage($result), \OC_Log::ERROR); + return false; + } } catch(\Exception $e) { \OCP\Util::writeLog('contacts', __METHOD__.', exception: '.$e->getMessage(), \OCP\Util::ERROR); \OCP\Util::writeLog('contacts', __METHOD__.', ids: '.join(',', $vals), \OCP\Util::DEBUG); @@ -832,6 +867,10 @@ class VCard { } try { $result = $stmt->execute(array($aid, $id)); + if (\OC_DB::isError($result)) { + \OC_Log::write('contacts', __METHOD__. 'DB error: ' . \OC_DB::getErrorMessage($result), \OC_Log::ERROR); + return false; + } } catch(\Exception $e) { \OCP\Util::writeLog('contacts', __METHOD__.', exception: '.$e->getMessage(), \OCP\Util::DEBUG); \OCP\Util::writeLog('contacts', __METHOD__.' id: '.$id, \OCP\Util::DEBUG);