Properly prepare insertIfNotExist queries.
This commit is contained in:
parent
c2a49b5c1f
commit
1c3f5ba6ef
27
lib/db.php
27
lib/db.php
|
@ -633,18 +633,20 @@ class OC_DB {
|
||||||
$type = self::$type;
|
$type = self::$type;
|
||||||
|
|
||||||
$query = '';
|
$query = '';
|
||||||
|
$inserts = array_values($input);
|
||||||
// differences in escaping of table names ('`' for mysql) and getting the current timestamp
|
// differences in escaping of table names ('`' for mysql) and getting the current timestamp
|
||||||
if( $type == 'sqlite' || $type == 'sqlite3' ) {
|
if( $type == 'sqlite' || $type == 'sqlite3' ) {
|
||||||
// NOTE: For SQLite we have to use this clumsy approach
|
// NOTE: For SQLite we have to use this clumsy approach
|
||||||
// otherwise all fieldnames used must have a unique key.
|
// otherwise all fieldnames used must have a unique key.
|
||||||
$query = 'SELECT * FROM "' . $table . '" WHERE ';
|
$query = 'SELECT * FROM "' . $table . '" WHERE ';
|
||||||
foreach($input as $key => $value) {
|
foreach($input as $key => $value) {
|
||||||
$query .= $key . " = '" . $value . '\' AND ';
|
$query .= $key . ' = ? AND ';
|
||||||
}
|
}
|
||||||
$query = substr($query, 0, strlen($query) - 5);
|
$query = substr($query, 0, strlen($query) - 5);
|
||||||
try {
|
try {
|
||||||
$stmt = self::prepare($query);
|
$stmt = self::prepare($query);
|
||||||
$result = $stmt->execute();
|
$result = $stmt->execute($inserts);
|
||||||
|
|
||||||
} catch(PDOException $e) {
|
} catch(PDOException $e) {
|
||||||
$entry = 'DB Error: "'.$e->getMessage() . '"<br />';
|
$entry = 'DB Error: "'.$e->getMessage() . '"<br />';
|
||||||
$entry .= 'Offending command was: ' . $query . '<br />';
|
$entry .= 'Offending command was: ' . $query . '<br />';
|
||||||
|
@ -653,27 +655,28 @@ class OC_DB {
|
||||||
OC_Template::printErrorPage( $entry );
|
OC_Template::printErrorPage( $entry );
|
||||||
}
|
}
|
||||||
|
|
||||||
if($result->numRows() == 0) {
|
if((int)$result->numRows() === 0) {
|
||||||
$query = 'INSERT INTO "' . $table . '" ("'
|
$query = 'INSERT INTO "' . $table . '" ("'
|
||||||
. implode('","', array_keys($input)) . '") VALUES("'
|
. implode('","', array_keys($input)) . '") VALUES('
|
||||||
. implode('","', array_values($input)) . '")';
|
. str_repeat('?,', count($input)-1).'? ' . ')';
|
||||||
} else {
|
} else {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
} elseif( $type == 'pgsql' || $type == 'oci' || $type == 'mysql' || $type == 'mssql') {
|
} elseif( $type == 'pgsql' || $type == 'oci' || $type == 'mysql' || $type == 'mssql') {
|
||||||
$query = 'INSERT INTO `' .$table . '` ('
|
$query = 'INSERT INTO `' .$table . '` (`'
|
||||||
. implode(',', array_keys($input)) . ') SELECT \''
|
. implode('`,`', array_keys($input)) . '`) SELECT '
|
||||||
. implode('\',\'', array_values($input)) . '\' FROM ' . $table . ' WHERE ';
|
. str_repeat('?,', count($input)-1).'? ' // Is there a prettier alternative?
|
||||||
|
. 'FROM ' . $table . ' WHERE ';
|
||||||
|
|
||||||
foreach($input as $key => $value) {
|
foreach($input as $key => $value) {
|
||||||
$query .= $key . " = '" . $value . '\' AND ';
|
$query .= '`' . $key . '` = ? AND ';
|
||||||
}
|
}
|
||||||
$query = substr($query, 0, strlen($query) - 5);
|
$query = substr($query, 0, strlen($query) - 5);
|
||||||
$query .= ' HAVING COUNT(*) = 0';
|
$query .= ' HAVING COUNT(*) = 0';
|
||||||
|
$inserts = array_merge($inserts, $inserts);
|
||||||
}
|
}
|
||||||
|
|
||||||
// TODO: oci should be use " (quote) instead of ` (backtick).
|
// TODO: oci should be use " (quote) instead of ` (backtick)?
|
||||||
//OC_Log::write('core', __METHOD__ . ', type: ' . $type . ', query: ' . $query, OC_Log::DEBUG);
|
|
||||||
|
|
||||||
try {
|
try {
|
||||||
$result = self::prepare($query);
|
$result = self::prepare($query);
|
||||||
|
@ -685,7 +688,7 @@ class OC_DB {
|
||||||
OC_Template::printErrorPage( $entry );
|
OC_Template::printErrorPage( $entry );
|
||||||
}
|
}
|
||||||
|
|
||||||
return $result->execute();
|
return $result->execute($inserts);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
Loading…
Reference in New Issue