mirrors/Piwigo
1
0
Fork 0
mirror of https://github.com/Piwigo/Piwigo.git synced 2025-04-27 11:49:56 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

fixes #1343 remove auto-escape of reserved keywords on MySQL 8

Browse source 
ie no more adding backticks around "rank" and "groups". Too many collateral damages.
This commit is contained in:
plegall 2021-08-03 19:27:31 +02:00
parent 9a840edf66
commit 1ec5a2933c
8 changed files with 15 additions and 32 deletions
Download patch file Download diff file Expand all files Collapse all files

2
admin/configuration.php
View file

@ -122,7 +122,7 @@ $sort_fields = array(
'hit ASC' => l10n('Visits, low → high'), 'hit ASC' => l10n('Visits, low → high'),
'id ASC' => l10n('Numeric identifier, 1 → 9'), 'id ASC' => l10n('Numeric identifier, 1 → 9'),
'id DESC' => l10n('Numeric identifier, 9 → 1'), 'id DESC' => l10n('Numeric identifier, 9 → 1'),
'rank ASC' => l10n('Manual sort order'), '`rank` ASC' => l10n('Manual sort order'),
); );
$comments_order = array( $comments_order = array(

2
admin/element_set_ranks.php
View file

@ -71,7 +71,7 @@ if (isset($_POST['submit']))
} }
elseif ($image_order_choice=='rank') elseif ($image_order_choice=='rank')
{ {
$image_order = 'rank ASC'; $image_order = '`rank` ASC';
} }
$query = ' $query = '
UPDATE '.CATEGORIES_TABLE.' UPDATE '.CATEGORIES_TABLE.'

2
include/category_cats.inc.php
View file

@ -49,7 +49,7 @@ $query.= '
if ('recent_cats' != $page['section']) if ('recent_cats' != $page['section'])
{ {
$query.= ' $query.= '
ORDER BY rank'; ORDER BY `rank`';
} }
$result = pwg_query($query); $result = pwg_query($query);

2
include/dblayer/functions_mysql.inc.php
View file

@ -61,7 +61,7 @@ function pwg_get_db_version()
return mysql_get_server_info(); return mysql_get_server_info();
} }
function pwg_query($query, $escape_reserved_words=true) function pwg_query($query)
{ {
global $conf,$page,$debug,$t2; global $conf,$page,$debug,$t2;

19
include/dblayer/functions_mysqli.inc.php
View file

@ -124,27 +124,10 @@ function pwg_get_db_version()
* @param string $query * @param string $query
* @return mysqli_result|bool * @return mysqli_result|bool
*/ */
function pwg_query($query, $escape_reserved_words=true) function pwg_query($query)
{ {
global $mysqli, $conf, $page, $debug, $t2; global $mysqli, $conf, $page, $debug, $t2;
// starting with MySQL 8, rank becomes a reserved keyword, we need to escape it
if ($escape_reserved_words and preg_match('/\brank\b/', $query))
{
// first we unescape what's already escaped (to avoid double escaping)
$query = preg_replace('/`rank`/', 'rank', $query);
// then we escape the keyword
$query = preg_replace('/\brank\b/', '`rank`', $query);
}
if ($escape_reserved_words and preg_match('/\bgroups\b/', $query))
{
// first we unescape what's already escaped (to avoid double escaping)
$query = preg_replace('/`groups`/', 'groups', $query);
// then we escape the keyword
$query = preg_replace('/\bgroups\b/', '`groups`', $query);
}
$start = microtime(true); $start = microtime(true);
($result = $mysqli->query($query)) or my_error($query, $conf['die_on_sql_error']); ($result = $mysqli->query($query)) or my_error($query, $conf['die_on_sql_error']);

2
include/functions.inc.php
View file

@ -1381,7 +1381,7 @@ INSERT INTO
ON DUPLICATE KEY UPDATE value = \''.$dbValue.'\' ON DUPLICATE KEY UPDATE value = \''.$dbValue.'\'
;'; ;';
pwg_query($query, false); pwg_query($query);
if ($updateGlobal) if ($updateGlobal)
{ {

2
include/ws_functions/pwg.categories.php
View file

@ -581,7 +581,7 @@ function ws_categories_setRank($params, &$service)
{ {
// does the category really exist? // does the category really exist?
$query = ' $query = '
SELECT id, id_uppercat, rank SELECT id, id_uppercat, `rank`
FROM '.CATEGORIES_TABLE.' FROM '.CATEGORIES_TABLE.'
WHERE id IN ('.implode(',',$params['category_id']).') WHERE id IN ('.implode(',',$params['category_id']).')
;'; ;';

16
include/ws_functions/pwg.images.php
View file

@ -112,9 +112,9 @@ DELETE
if ($search_current_ranks) if ($search_current_ranks)
{ {
$query = ' $query = '
SELECT category_id, MAX(rank) AS max_rank SELECT category_id, MAX(`rank`) AS max_rank
FROM '.IMAGE_CATEGORY_TABLE.' FROM '.IMAGE_CATEGORY_TABLE.'
WHERE rank IS NOT NULL WHERE `rank` IS NOT NULL
AND category_id IN ('.implode(',', $new_cat_ids).') AND category_id IN ('.implode(',', $new_cat_ids).')
GROUP BY category_id GROUP BY category_id
;'; ;';
@ -744,7 +744,7 @@ SELECT
image_id image_id
FROM '.IMAGE_CATEGORY_TABLE.' FROM '.IMAGE_CATEGORY_TABLE.'
WHERE category_id = '.$params['category_id'].' WHERE category_id = '.$params['category_id'].'
ORDER BY rank ASC ORDER BY `rank` ASC
;'; ;';
$image_ids = query2array($query, null, 'image_id'); $image_ids = query2array($query, null, 'image_id');
@ -790,7 +790,7 @@ SELECT COUNT(*)
// what is the current higher rank for this category? // what is the current higher rank for this category?
$query = ' $query = '
SELECT MAX(rank) AS max_rank SELECT MAX(`rank`) AS max_rank
FROM '. IMAGE_CATEGORY_TABLE .' FROM '. IMAGE_CATEGORY_TABLE .'
WHERE category_id = '. $params['category_id'] .' WHERE category_id = '. $params['category_id'] .'
;'; ;';
@ -811,17 +811,17 @@ SELECT MAX(rank) AS max_rank
// update rank for all other photos in the same category // update rank for all other photos in the same category
$query = ' $query = '
UPDATE '. IMAGE_CATEGORY_TABLE .' UPDATE '. IMAGE_CATEGORY_TABLE .'
SET rank = rank + 1 SET `rank` = `rank` + 1
WHERE category_id = '. $params['category_id'] .' WHERE category_id = '. $params['category_id'] .'
AND rank IS NOT NULL AND `rank` IS NOT NULL
AND rank >= '. $params['rank'] .' AND `rank` >= '. $params['rank'] .'
;'; ;';
pwg_query($query); pwg_query($query);
// set the new rank for the photo // set the new rank for the photo
$query = ' $query = '
UPDATE '. IMAGE_CATEGORY_TABLE .' UPDATE '. IMAGE_CATEGORY_TABLE .'
SET rank = '. $params['rank'] .' SET `rank` = '. $params['rank'] .'
WHERE image_id = '. $params['image_id'] .' WHERE image_id = '. $params['image_id'] .'
AND category_id = '. $params['category_id'] .' AND category_id = '. $params['category_id'] .'
;'; ;';