diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index fd87513ec2..a79fcc08d6 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,11 +1,15 @@ ## Submitting issues -If you have questions about how to use ownCloud, please direct these to the [mailing list][mailinglist] or our [forum][forum]. We are also available on [IRC][irc]. +If you have questions about how to install or use ownCloud, please direct these to the [mailing list][mailinglist] or our [forum][forum]. We are also available on [IRC][irc]. + +### TL;DR + + * The [issue template can be found here][template] but be aware of the different repositories! See list below. ### Guidelines -* Please search the existing issues first, it's likely that your issue was already reported. -* [Report the issue](https://github.com/owncloud/core/issues/new) using our [template][template], it includes all the informations we need to track down the issue. -* This repository is *only* for issues within the ownCloud core code. Issues in other compontents should be reported in their own repositores: +* Please search the existing issues first, it's likely that your issue was already reported or even fixed. +* This repository is *only* for issues within the ownCloud core code. This also includes the apps: files, encryption, external storage, sharing, deleted files, versions, LDAP, and WebDAV Auth +* The issues in other components should be reported in their respective repositories: - [Android client](https://github.com/owncloud/android/issues) - [iOS client](https://github.com/owncloud/ios-issues/issues) - [Desktop client](https://github.com/owncloud/mirall/issues) @@ -14,12 +18,12 @@ If you have questions about how to use ownCloud, please direct these to the [mai - [Calendar](https://github.com/owncloud/calendar/issues) - [Contacts](https://github.com/owncloud/contacts/issues) - [Mail](https://github.com/owncloud/mail/issues) + - [Media/Music](https://github.com/owncloud/media/issues) - [News](https://github.com/owncloud/news/issues) - [Notes](https://github.com/owncloud/notes/issues) - [Shorty](https://github.com/owncloud/shorty/issues) - - [other apps](https://github.com/owncloud/apps/issues) (e.g. Pictures, Music, Tasks, ...) - -If your issue appears to be a bug, and hasn't been reported, open a new issue. + - [All other apps](https://github.com/owncloud/apps/issues) (e.g. Pictures, Tasks, ...) +* Report the issue using our [template][template], it includes all the information we need to track down the issue. Help us to maximize the effort we can spend fixing issues and adding new features, by not reporting duplicate issues. @@ -34,7 +38,7 @@ Thanks for wanting to contribute source code to ownCloud. That's great! Before we're able to merge your code into the ownCloud core, you need to sign our [Contributor Agreement][agreement]. -Please read the [Developer Manuals][devmanual] to get useful infos like how to create your first application or how to test the ownCloud code with phpunit. +Please read the [Developer Manuals][devmanual] to learn how to create your first application or how to test the ownCloud code with PHPUnit. [agreement]: http://owncloud.org/about/contributor-agreement/ [devmanual]: http://owncloud.org/dev/ diff --git a/lib/db.php b/lib/db.php index 080e895e35..cd96bcf9d3 100644 --- a/lib/db.php +++ b/lib/db.php @@ -568,10 +568,6 @@ class OC_DB { self::raiseExceptionOnError($definition,'Failed to parse the database definition'); - // Die in case something went wrong - if( $definition instanceof MDB2_Schema_Error ) { - OC_Template::printErrorPage( $definition->getMessage().': '.$definition->getUserInfo() ); - } if(OC_Config::getValue('dbtype', 'sqlite')==='oci') { unset($definition['charset']); //or MDB2 tries SHUTDOWN IMMEDIATE $oldname = $definition['name']; @@ -921,7 +917,7 @@ class OC_DB { } } /** - * check if a result is an error, writes a log entry and throws an exception, works with MDB2 and PDOException + * check if a result is an error and throws an exception, works with MDB2 and PDOException * @param mixed $result * @param string message * @return void @@ -934,7 +930,7 @@ class OC_DB { } else { $message .= ', Root cause:' . self::getErrorMessage($result); } - throw new DatabaseException($message, getErrorCode($result)); + throw new DatabaseException($message, self::getErrorCode($result)); } } diff --git a/lib/files/cache/backgroundwatcher.php b/lib/files/cache/backgroundwatcher.php index 8e68f41cf4..923804f48d 100644 --- a/lib/files/cache/backgroundwatcher.php +++ b/lib/files/cache/backgroundwatcher.php @@ -18,8 +18,8 @@ class BackgroundWatcher { if (!is_null(self::$folderMimetype)) { return self::$folderMimetype; } - $query = \OC_DB::prepare('SELECT `id` FROM `*PREFIX*mimetypes` WHERE `mimetype` = ?'); - $result = $query->execute(array('httpd/unix-directory')); + $sql = 'SELECT `id` FROM `*PREFIX*mimetypes` WHERE `mimetype` = ?'; + $result = \OC_DB::executeAudited($sql, array('httpd/unix-directory')); $row = $result->fetchRow(); return $row['id']; } @@ -59,11 +59,11 @@ class BackgroundWatcher { */ static private function getNextFileId($previous, $folder) { if ($folder) { - $query = \OC_DB::prepare('SELECT `fileid` FROM `*PREFIX*filecache` WHERE `fileid` > ? AND `mimetype` = ' . self::getFolderMimetype() . ' ORDER BY `fileid` ASC', 1); + $stmt = \OC_DB::prepare('SELECT `fileid` FROM `*PREFIX*filecache` WHERE `fileid` > ? AND `mimetype` = ? ORDER BY `fileid` ASC', 1); } else { - $query = \OC_DB::prepare('SELECT `fileid` FROM `*PREFIX*filecache` WHERE `fileid` > ? AND `mimetype` != ' . self::getFolderMimetype() . ' ORDER BY `fileid` ASC', 1); + $stmt = \OC_DB::prepare('SELECT `fileid` FROM `*PREFIX*filecache` WHERE `fileid` > ? AND `mimetype` != ? ORDER BY `fileid` ASC', 1); } - $result = $query->execute(array($previous)); + $result = \OC_DB::executeAudited($stmt, array($previous,self::getFolderMimetype())); if ($row = $result->fetchRow()) { return $row['fileid']; } else { diff --git a/lib/files/cache/cache.php b/lib/files/cache/cache.php index 5b2fcfaadf..3818fdbd84 100644 --- a/lib/files/cache/cache.php +++ b/lib/files/cache/cache.php @@ -65,13 +65,11 @@ class Cache { */ public function getMimetypeId($mime) { if (!isset($this->mimetypeIds[$mime])) { - $query = \OC_DB::prepare('SELECT `id` FROM `*PREFIX*mimetypes` WHERE `mimetype` = ?'); - $result = $query->execute(array($mime)); + $result = \OC_DB::executeAudited('SELECT `id` FROM `*PREFIX*mimetypes` WHERE `mimetype` = ?', array($mime)); if ($row = $result->fetchRow()) { $this->mimetypeIds[$mime] = $row['id']; } else { - $query = \OC_DB::prepare('INSERT INTO `*PREFIX*mimetypes`(`mimetype`) VALUES(?)'); - $query->execute(array($mime)); + $result = \OC_DB::executeAudited('INSERT INTO `*PREFIX*mimetypes`(`mimetype`) VALUES(?)', array($mime)); $this->mimetypeIds[$mime] = \OC_DB::insertid('*PREFIX*mimetypes'); } $this->mimetypes[$this->mimetypeIds[$mime]] = $mime; @@ -81,8 +79,8 @@ class Cache { public function getMimetype($id) { if (!isset($this->mimetypes[$id])) { - $query = \OC_DB::prepare('SELECT `mimetype` FROM `*PREFIX*mimetypes` WHERE `id` = ?'); - $result = $query->execute(array($id)); + $sql = 'SELECT `mimetype` FROM `*PREFIX*mimetypes` WHERE `id` = ?'; + $result = \OC_DB::executeAudited($sql, array($id)); if ($row = $result->fetchRow()) { $this->mimetypes[$id] = $row['mimetype']; } else { @@ -109,10 +107,10 @@ class Cache { $where = 'WHERE `fileid` = ?'; $params = array($file); } - $query = \OC_DB::prepare( - 'SELECT `fileid`, `storage`, `path`, `parent`, `name`, `mimetype`, `mimepart`, `size`, `mtime`, `storage_mtime`, `encrypted`, `unencrypted_size`, `etag` - FROM `*PREFIX*filecache` ' . $where); - $result = $query->execute($params); + $sql = 'SELECT `fileid`, `storage`, `path`, `parent`, `name`, `mimetype`, `mimepart`, `size`, `mtime`, + `storage_mtime`, `encrypted`, `unencrypted_size`, `etag` + FROM `*PREFIX*filecache` ' . $where; + $result = \OC_DB::executeAudited($sql, $params); $data = $result->fetchRow(); //FIXME hide this HACK in the next database layer, or just use doctrine and get rid of MDB2 and PDO @@ -153,14 +151,10 @@ class Cache { public function getFolderContents($folder) { $fileId = $this->getId($folder); if ($fileId > -1) { - $query = \OC_DB::prepare( - 'SELECT `fileid`, `storage`, `path`, `parent`, `name`, `mimetype`, `mimepart`, `size`, `mtime`, `storage_mtime`, `encrypted`, `unencrypted_size`, `etag` - FROM `*PREFIX*filecache` WHERE `parent` = ? ORDER BY `name` ASC'); - - $result = $query->execute(array($fileId)); - if (\OC_DB::isError($result)) { - \OCP\Util::writeLog('cache', 'getFolderContents failed: ' . $result->getMessage(), \OCP\Util::ERROR); - } + $sql = 'SELECT `fileid`, `storage`, `path`, `parent`, `name`, `mimetype`, `mimepart`, `size`, `mtime`, + `storage_mtime`, `encrypted`, `unencrypted_size`, `etag` + FROM `*PREFIX*filecache` WHERE `parent` = ? ORDER BY `name` ASC'; + $result = \OC_DB::executeAudited($sql,array($fileId)); $files = $result->fetchAll(); foreach ($files as &$file) { $file['mimetype'] = $this->getMimetype($file['mimetype']); @@ -214,12 +208,9 @@ class Cache { $params[] = $this->getNumericStorageId(); $valuesPlaceholder = array_fill(0, count($queryParts), '?'); - $query = \OC_DB::prepare('INSERT INTO `*PREFIX*filecache`(' . implode(', ', $queryParts) . ')' - . ' VALUES(' . implode(', ', $valuesPlaceholder) . ')'); - $result = $query->execute($params); - if (\OC_DB::isError($result)) { - \OCP\Util::writeLog('cache', 'Insert to cache failed: ' . $result->getMessage(), \OCP\Util::ERROR); - } + $sql = 'INSERT INTO `*PREFIX*filecache` (' . implode(', ', $queryParts) . ')' + . ' VALUES (' . implode(', ', $valuesPlaceholder) . ')'; + \OC_DB::executeAudited($sql, $params); return (int)\OC_DB::insertid('*PREFIX*filecache'); } @@ -246,9 +237,8 @@ class Cache { list($queryParts, $params) = $this->buildParts($data); $params[] = $id; - $query = \OC_DB::prepare('UPDATE `*PREFIX*filecache` SET ' . implode(' = ?, ', $queryParts) . '=?' - . ' WHERE `fileid` = ?'); - $query->execute($params); + $sql = 'UPDATE `*PREFIX*filecache` SET ' . implode(' = ?, ', $queryParts) . '=? WHERE `fileid` = ?'; + \OC_DB::executeAudited($sql, $params); } /** @@ -295,9 +285,8 @@ class Cache { $pathHash = md5($file); - $query = \OC_DB::prepare('SELECT `fileid` FROM `*PREFIX*filecache` WHERE `storage` = ? AND `path_hash` = ?'); - $result = $query->execute(array($this->getNumericStorageId(), $pathHash)); - + $sql = 'SELECT `fileid` FROM `*PREFIX*filecache` WHERE `storage` = ? AND `path_hash` = ?'; + $result = \OC_DB::executeAudited($sql, array($this->getNumericStorageId(), $pathHash)); if ($row = $result->fetchRow()) { return $row['fileid']; } else { @@ -346,8 +335,9 @@ class Cache { $this->remove($child['path']); } } - $query = \OC_DB::prepare('DELETE FROM `*PREFIX*filecache` WHERE `fileid` = ?'); - $query->execute(array($entry['fileid'])); + + $sql = 'DELETE FROM `*PREFIX*filecache` WHERE `fileid` = ?'; + \OC_DB::executeAudited($sql, array($entry['fileid'])); $permissionsCache = new Permissions($this->storageId); $permissionsCache->remove($entry['fileid']); @@ -370,32 +360,31 @@ class Cache { if ($sourceData['mimetype'] === 'httpd/unix-directory') { //find all child entries - $query = \OC_DB::prepare('SELECT `path`, `fileid` FROM `*PREFIX*filecache` WHERE `storage` = ? AND `path` LIKE ?'); - $result = $query->execute(array($this->getNumericStorageId(), $source . '/%')); + $sql = 'SELECT `path`, `fileid` FROM `*PREFIX*filecache` WHERE `storage` = ? AND `path` LIKE ?'; + $result = \OC_DB::executeAudited($sql, array($this->getNumericStorageId(), $source . '/%')); $childEntries = $result->fetchAll(); $sourceLength = strlen($source); $query = \OC_DB::prepare('UPDATE `*PREFIX*filecache` SET `path` = ?, `path_hash` = ? WHERE `fileid` = ?'); foreach ($childEntries as $child) { $targetPath = $target . substr($child['path'], $sourceLength); - $query->execute(array($targetPath, md5($targetPath), $child['fileid'])); + \OC_DB::executeAudited($query, array($targetPath, md5($targetPath), $child['fileid'])); } } - $query = \OC_DB::prepare('UPDATE `*PREFIX*filecache` SET `path` = ?, `path_hash` = ?, `name` = ?, `parent` =?' - . ' WHERE `fileid` = ?'); - $query->execute(array($target, md5($target), basename($target), $newParentId, $sourceId)); + $sql = 'UPDATE `*PREFIX*filecache` SET `path` = ?, `path_hash` = ?, `name` = ?, `parent` =? WHERE `fileid` = ?'; + \OC_DB::executeAudited($sql, array($target, md5($target), basename($target), $newParentId, $sourceId)); } /** * remove all entries for files that are stored on the storage from the cache */ public function clear() { - $query = \OC_DB::prepare('DELETE FROM `*PREFIX*filecache` WHERE `storage` = ?'); - $query->execute(array($this->getNumericStorageId())); + $sql = 'DELETE FROM `*PREFIX*filecache` WHERE `storage` = ?'; + \OC_DB::executeAudited($sql, array($this->getNumericStorageId())); - $query = \OC_DB::prepare('DELETE FROM `*PREFIX*storages` WHERE `id` = ?'); - $query->execute(array($this->storageId)); + $sql = 'DELETE FROM `*PREFIX*storages` WHERE `id` = ?'; + \OC_DB::executeAudited($sql, array($this->storageId)); } /** @@ -408,11 +397,8 @@ class Cache { $file = $this->normalize($file); $pathHash = md5($file); - $query = \OC_DB::prepare('SELECT `size` FROM `*PREFIX*filecache` WHERE `storage` = ? AND `path_hash` = ?'); - $result = $query->execute(array($this->getNumericStorageId(), $pathHash)); - if( \OC_DB::isError($result)) { - \OCP\Util::writeLog('cache', 'get status failed: ' . $result->getMessage(), \OCP\Util::ERROR); - } + $sql = 'SELECT `size` FROM `*PREFIX*filecache` WHERE `storage` = ? AND `path_hash` = ?'; + $result = \OC_DB::executeAudited($sql, array($this->getNumericStorageId(), $pathHash)); if ($row = $result->fetchRow()) { if ((int)$row['size'] === -1) { return self::SHALLOW; @@ -439,11 +425,9 @@ class Cache { // normalize pattern $pattern = $this->normalize($pattern); - $query = \OC_DB::prepare(' - SELECT `fileid`, `storage`, `path`, `parent`, `name`, `mimetype`, `mimepart`, `size`, `mtime`, `encrypted`, `unencrypted_size`, `etag` - FROM `*PREFIX*filecache` WHERE `name` LIKE ? AND `storage` = ?' - ); - $result = $query->execute(array($pattern, $this->getNumericStorageId())); + $sql = 'SELECT `fileid`, `storage`, `path`, `parent`, `name`, `mimetype`, `mimepart`, `size`, `mtime`, `encrypted`, `unencrypted_size`, `etag` + FROM `*PREFIX*filecache` WHERE `name` LIKE ? AND `storage` = ?'; + $result = \OC_DB::executeAudited($sql, array($pattern, $this->getNumericStorageId())); $files = array(); while ($row = $result->fetchRow()) { $row['mimetype'] = $this->getMimetype($row['mimetype']); @@ -465,12 +449,10 @@ class Cache { } else { $where = '`mimepart` = ?'; } - $query = \OC_DB::prepare(' - SELECT `fileid`, `storage`, `path`, `parent`, `name`, `mimetype`, `mimepart`, `size`, `mtime`, `encrypted`, `unencrypted_size`, `etag` - FROM `*PREFIX*filecache` WHERE ' . $where . ' AND `storage` = ?' - ); + $sql = 'SELECT `fileid`, `storage`, `path`, `parent`, `name`, `mimetype`, `mimepart`, `size`, `mtime`, `encrypted`, `unencrypted_size`, `etag` + FROM `*PREFIX*filecache` WHERE ' . $where . ' AND `storage` = ?'; $mimetype = $this->getMimetypeId($mimetype); - $result = $query->execute(array($mimetype, $this->getNumericStorageId())); + $result = \OC_DB::executeAudited($sql, array($mimetype, $this->getNumericStorageId())); $files = array(); while ($row = $result->fetchRow()) { $row['mimetype'] = $this->getMimetype($row['mimetype']); @@ -507,8 +489,8 @@ class Cache { if ($id === -1) { return 0; } - $query = \OC_DB::prepare('SELECT `size` FROM `*PREFIX*filecache` WHERE `parent` = ? AND `storage` = ?'); - $result = $query->execute(array($id, $this->getNumericStorageId())); + $sql = 'SELECT `size` FROM `*PREFIX*filecache` WHERE `parent` = ? AND `storage` = ?'; + $result = \OC_DB::executeAudited($sql, array($id, $this->getNumericStorageId())); $totalSize = 0; $hasChilds = 0; while ($row = $result->fetchRow()) { @@ -534,8 +516,8 @@ class Cache { * @return int[] */ public function getAll() { - $query = \OC_DB::prepare('SELECT `fileid` FROM `*PREFIX*filecache` WHERE `storage` = ?'); - $result = $query->execute(array($this->getNumericStorageId())); + $sql = 'SELECT `fileid` FROM `*PREFIX*filecache` WHERE `storage` = ?'; + $result = \OC_DB::executeAudited($sql, array($this->getNumericStorageId())); $ids = array(); while ($row = $result->fetchRow()) { $ids[] = $row['fileid']; @@ -555,10 +537,7 @@ class Cache { public function getIncomplete() { $query = \OC_DB::prepare('SELECT `path` FROM `*PREFIX*filecache`' . ' WHERE `storage` = ? AND `size` = -1 ORDER BY `fileid` DESC',1); - $result = $query->execute(array($this->getNumericStorageId())); - if (\OC_DB::isError($result)) { - \OCP\Util::writeLog('cache', 'getIncomplete failed: ' . $result->getMessage(), \OCP\Util::ERROR); - } + $result = \OC_DB::executeAudited($query, array($this->getNumericStorageId())); if ($row = $result->fetchRow()) { return $row['path']; } else { @@ -573,8 +552,8 @@ class Cache { * @return array, first element holding the storage id, second the path */ static public function getById($id) { - $query = \OC_DB::prepare('SELECT `storage`, `path` FROM `*PREFIX*filecache` WHERE `fileid` = ?'); - $result = $query->execute(array($id)); + $sql = 'SELECT `storage`, `path` FROM `*PREFIX*filecache` WHERE `fileid` = ?'; + $result = \OC_DB::executeAudited($sql, array($id)); if ($row = $result->fetchRow()) { $numericId = $row['storage']; $path = $row['path']; diff --git a/lib/files/cache/legacy.php b/lib/files/cache/legacy.php index ab8ae6dfad..8eed1f67a5 100644 --- a/lib/files/cache/legacy.php +++ b/lib/files/cache/legacy.php @@ -26,8 +26,8 @@ class Legacy { * @return int */ function getCount() { - $query = \OC_DB::prepare('SELECT COUNT(`id`) AS `count` FROM `*PREFIX*fscache` WHERE `user` = ?'); - $result = $query->execute(array($this->user)); + $sql = 'SELECT COUNT(`id`) AS `count` FROM `*PREFIX*fscache` WHERE `user` = ?'; + $result = \OC_DB::executeAudited($sql, array($this->user)); if ($row = $result->fetchRow()) { return $row['count']; } else { @@ -74,11 +74,11 @@ class Legacy { */ function get($path) { if (is_numeric($path)) { - $query = \OC_DB::prepare('SELECT * FROM `*PREFIX*fscache` WHERE `id` = ?'); + $sql = 'SELECT * FROM `*PREFIX*fscache` WHERE `id` = ?'; } else { - $query = \OC_DB::prepare('SELECT * FROM `*PREFIX*fscache` WHERE `path` = ?'); + $sql = 'SELECT * FROM `*PREFIX*fscache` WHERE `path` = ?'; } - $result = $query->execute(array($path)); + $result = \OC_DB::executeAudited($sql, array($path)); $data = $result->fetchRow(); $data['etag'] = $this->getEtag($data['path'], $data['user']); return $data; @@ -111,7 +111,7 @@ class Legacy { if(is_null($query)){ $query = \OC_DB::prepare('SELECT `propertyvalue` FROM `*PREFIX*properties` WHERE `userid` = ? AND `propertypath` = ? AND `propertyname` = \'{DAV:}getetag\''); } - $result = $query->execute(array($user, '/' . $relativePath)); + $result = \OC_DB::executeAudited($query,array($user, '/' . $relativePath)); if ($row = $result->fetchRow()) { return trim($row['propertyvalue'], '"'); } else { @@ -126,8 +126,7 @@ class Legacy { * @return array */ function getChildren($id) { - $query = \OC_DB::prepare('SELECT * FROM `*PREFIX*fscache` WHERE `parent` = ?'); - $result = $query->execute(array($id)); + $result = \OC_DB::executeAudited('SELECT * FROM `*PREFIX*fscache` WHERE `parent` = ?', array($id)); $data = $result->fetchAll(); foreach ($data as $i => $item) { $data[$i]['etag'] = $this->getEtag($item['path'], $item['user']); diff --git a/lib/files/cache/permissions.php b/lib/files/cache/permissions.php index 29c30b0f36..2e2bdb20b7 100644 --- a/lib/files/cache/permissions.php +++ b/lib/files/cache/permissions.php @@ -33,8 +33,8 @@ class Permissions { * @return int (-1 if file no permissions set) */ public function get($fileId, $user) { - $query = \OC_DB::prepare('SELECT `permissions` FROM `*PREFIX*permissions` WHERE `user` = ? AND `fileid` = ?'); - $result = $query->execute(array($user, $fileId)); + $sql = 'SELECT `permissions` FROM `*PREFIX*permissions` WHERE `user` = ? AND `fileid` = ?'; + $result = \OC_DB::executeAudited($sql, array($user, $fileId)); if ($row = $result->fetchRow()) { return $row['permissions']; } else { @@ -51,13 +51,11 @@ class Permissions { */ public function set($fileId, $user, $permissions) { if (self::get($fileId, $user) !== -1) { - $query = \OC_DB::prepare('UPDATE `*PREFIX*permissions` SET `permissions` = ?' - . ' WHERE `user` = ? AND `fileid` = ?'); + $sql = 'UPDATE `*PREFIX*permissions` SET `permissions` = ? WHERE `user` = ? AND `fileid` = ?'; } else { - $query = \OC_DB::prepare('INSERT INTO `*PREFIX*permissions`(`permissions`, `user`, `fileid`)' - . ' VALUES(?, ?,? )'); + $sql = 'INSERT INTO `*PREFIX*permissions`(`permissions`, `user`, `fileid`) VALUES(?, ?,? )'; } - $query->execute(array($permissions, $user, $fileId)); + \OC_DB::executeAudited($sql, array($permissions, $user, $fileId)); } /** @@ -75,9 +73,9 @@ class Permissions { $params[] = $user; $inPart = implode(', ', array_fill(0, count($fileIds), '?')); - $query = \OC_DB::prepare('SELECT `fileid`, `permissions` FROM `*PREFIX*permissions`' - . ' WHERE `fileid` IN (' . $inPart . ') AND `user` = ?'); - $result = $query->execute($params); + $sql = 'SELECT `fileid`, `permissions` FROM `*PREFIX*permissions`' + . ' WHERE `fileid` IN (' . $inPart . ') AND `user` = ?'; + $result = \OC_DB::executeAudited($sql, $params); $filePermissions = array(); while ($row = $result->fetchRow()) { $filePermissions[$row['fileid']] = $row['permissions']; @@ -93,11 +91,12 @@ class Permissions { * @return int[] */ public function getDirectoryPermissions($parentId, $user) { - $query = \OC_DB::prepare('SELECT `*PREFIX*permissions`.`fileid`, `permissions` - FROM `*PREFIX*permissions` INNER JOIN `*PREFIX*filecache` ON `*PREFIX*permissions`.`fileid` = `*PREFIX*filecache`.`fileid` - WHERE `*PREFIX*filecache`.`parent` = ? AND `*PREFIX*permissions`.`user` = ?'); + $sql = 'SELECT `*PREFIX*permissions`.`fileid`, `permissions` + FROM `*PREFIX*permissions` + INNER JOIN `*PREFIX*filecache` ON `*PREFIX*permissions`.`fileid` = `*PREFIX*filecache`.`fileid` + WHERE `*PREFIX*filecache`.`parent` = ? AND `*PREFIX*permissions`.`user` = ?'; - $result = $query->execute(array($parentId, $user)); + $result = \OC_DB::executeAudited($sql, array($parentId, $user)); $filePermissions = array(); while ($row = $result->fetchRow()) { $filePermissions[$row['fileid']] = $row['permissions']; @@ -113,18 +112,17 @@ class Permissions { */ public function remove($fileId, $user = null) { if (is_null($user)) { - $query = \OC_DB::prepare('DELETE FROM `*PREFIX*permissions` WHERE `fileid` = ?'); - $query->execute(array($fileId)); + \OC_DB::executeAudited('DELETE FROM `*PREFIX*permissions` WHERE `fileid` = ?', array($fileId)); } else { - $query = \OC_DB::prepare('DELETE FROM `*PREFIX*permissions` WHERE `fileid` = ? AND `user` = ?'); - $query->execute(array($fileId, $user)); + $sql = 'DELETE FROM `*PREFIX*permissions` WHERE `fileid` = ? AND `user` = ?'; + \OC_DB::executeAudited($sql, array($fileId, $user)); } } public function removeMultiple($fileIds, $user) { $query = \OC_DB::prepare('DELETE FROM `*PREFIX*permissions` WHERE `fileid` = ? AND `user` = ?'); foreach ($fileIds as $fileId) { - $query->execute(array($fileId, $user)); + \OC_DB::executeAudited($query, array($fileId, $user)); } } @@ -134,8 +132,8 @@ class Permissions { * @param int $fileId */ public function getUsers($fileId) { - $query = \OC_DB::prepare('SELECT `user` FROM `*PREFIX*permissions` WHERE `fileid` = ?'); - $result = $query->execute(array($fileId)); + $sql = 'SELECT `user` FROM `*PREFIX*permissions` WHERE `fileid` = ?'; + $result = \OC_DB::executeAudited($sql, array($fileId)); $users = array(); while ($row = $result->fetchRow()) { $users[] = $row['user']; diff --git a/lib/files/cache/storage.php b/lib/files/cache/storage.php index 72de376798..8a9e47ca36 100644 --- a/lib/files/cache/storage.php +++ b/lib/files/cache/storage.php @@ -32,13 +32,13 @@ class Storage { $this->storageId = md5($this->storageId); } - $query = \OC_DB::prepare('SELECT `numeric_id` FROM `*PREFIX*storages` WHERE `id` = ?'); - $result = $query->execute(array($this->storageId)); + $sql = 'SELECT `numeric_id` FROM `*PREFIX*storages` WHERE `id` = ?'; + $result = \OC_DB::executeAudited($sql, array($this->storageId)); if ($row = $result->fetchRow()) { $this->numericId = $row['numeric_id']; } else { - $query = \OC_DB::prepare('INSERT INTO `*PREFIX*storages`(`id`) VALUES(?)'); - $query->execute(array($this->storageId)); + $sql = 'INSERT INTO `*PREFIX*storages` (`id`) VALUES(?)'; + \OC_DB::executeAudited($sql, array($this->storageId)); $this->numericId = \OC_DB::insertid('*PREFIX*storages'); } } @@ -48,8 +48,9 @@ class Storage { } public static function getStorageId($numericId) { - $query = \OC_DB::prepare('SELECT `id` FROM `*PREFIX*storages` WHERE `numeric_id` = ?'); - $result = $query->execute(array($numericId)); + + $sql = 'SELECT `id` FROM `*PREFIX*storages` WHERE `numeric_id` = ?'; + $result = \OC_DB::executeAudited($sql, array($numericId)); if ($row = $result->fetchRow()) { return $row['id']; } else { diff --git a/lib/files/cache/upgrade.php b/lib/files/cache/upgrade.php index ca044ba81d..cfb9a11731 100644 --- a/lib/files/cache/upgrade.php +++ b/lib/files/cache/upgrade.php @@ -78,7 +78,7 @@ class Upgrade { VALUES(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)'); } if (!$this->inCache($data['storage'], $data['path_hash'], $data['id'])) { - $insertQuery->execute(array($data['id'], $data['storage'], + \OC_DB::executeAudited($insertQuery, array($data['id'], $data['storage'], $data['path'], $data['path_hash'], $data['parent'], $data['name'], $data['mimetype'], $data['mimepart'], $data['size'], $data['mtime'], $data['encrypted'], $data['etag'])); } @@ -97,7 +97,7 @@ class Upgrade { if(is_null($query)) { $query = \OC_DB::prepare('SELECT `fileid` FROM `*PREFIX*filecache` WHERE (`storage` = ? AND `path_hash` = ?) OR `fileid` = ?'); } - $result = $query->execute(array($storage, $pathHash, $id)); + $result = \OC_DB::executeAudited($query, array($storage, $pathHash, $id)); return (bool)$result->fetchRow(); } diff --git a/lib/files/mapper.php b/lib/files/mapper.php index 748b65dc4f..47abd4e52f 100644 --- a/lib/files/mapper.php +++ b/lib/files/mapper.php @@ -53,11 +53,9 @@ class Mapper } if ($isLogicPath) { - $query = \OC_DB::prepare('DELETE FROM `*PREFIX*file_map` WHERE `logic_path` LIKE ?'); - $query->execute(array($path)); + \OC_DB::executeAudited('DELETE FROM `*PREFIX*file_map` WHERE `logic_path` LIKE ?', array($path)); } else { - $query = \OC_DB::prepare('DELETE FROM `*PREFIX*file_map` WHERE `physic_path` LIKE ?'); - $query->execute(array($path)); + \OC_DB::executeAudited('DELETE FROM `*PREFIX*file_map` WHERE `physic_path` LIKE ?', array($path)); } } @@ -73,8 +71,8 @@ class Mapper $physicPath1 = $this->logicToPhysical($path1, true); $physicPath2 = $this->logicToPhysical($path2, true); - $query = \OC_DB::prepare('SELECT * FROM `*PREFIX*file_map` WHERE `logic_path` LIKE ?'); - $result = $query->execute(array($path1.'%')); + $sql = 'SELECT * FROM `*PREFIX*file_map` WHERE `logic_path` LIKE ?'; + $result = \OC_DB::executeAudited($sql, array($path1.'%')); $updateQuery = \OC_DB::prepare('UPDATE `*PREFIX*file_map`' .' SET `logic_path` = ?' .' , `logic_path_hash` = ?' @@ -88,7 +86,8 @@ class Mapper $newPhysic = $physicPath2.$this->stripRootFolder($currentPhysic, $physicPath1); if ($path1 !== $currentLogic) { try { - $updateQuery->execute(array($newLogic, md5($newLogic), $newPhysic, md5($newPhysic), $currentLogic)); + \OC_DB::executeAudited($updateQuery, array($newLogic, md5($newLogic), $newPhysic, md5($newPhysic), + $currentLogic)); } catch (\Exception $e) { error_log('Mapper::Copy failed '.$currentLogic.' -> '.$newLogic.'\n'.$e); throw $e; @@ -123,8 +122,8 @@ class Mapper private function resolveLogicPath($logicPath) { $logicPath = $this->stripLast($logicPath); - $query = \OC_DB::prepare('SELECT * FROM `*PREFIX*file_map` WHERE `logic_path_hash` = ?'); - $result = $query->execute(array(md5($logicPath))); + $sql = 'SELECT * FROM `*PREFIX*file_map` WHERE `logic_path_hash` = ?'; + $result = \OC_DB::executeAudited($sql, array(md5($logicPath))); $result = $result->fetchRow(); if ($result === false) { return null; @@ -135,8 +134,8 @@ class Mapper private function resolvePhysicalPath($physicalPath) { $physicalPath = $this->stripLast($physicalPath); - $query = \OC_DB::prepare('SELECT * FROM `*PREFIX*file_map` WHERE `physic_path_hash` = ?'); - $result = $query->execute(array(md5($physicalPath))); + $sql = \OC_DB::prepare('SELECT * FROM `*PREFIX*file_map` WHERE `physic_path_hash` = ?'); + $result = \OC_DB::executeAudited($sql, array(md5($physicalPath))); $result = $result->fetchRow(); return $result['logic_path']; @@ -163,8 +162,9 @@ class Mapper } private function insert($logicPath, $physicalPath) { - $query = \OC_DB::prepare('INSERT INTO `*PREFIX*file_map`(`logic_path`, `physic_path`, `logic_path_hash`, `physic_path_hash`) VALUES(?, ?, ?, ?)'); - $query->execute(array($logicPath, $physicalPath, md5($logicPath), md5($physicalPath))); + $sql = 'INSERT INTO `*PREFIX*file_map` (`logic_path`, `physic_path`, `logic_path_hash`, `physic_path_hash`) + VALUES (?, ?, ?, ?)'; + \OC_DB::executeAudited($sql, array($logicPath, $physicalPath, md5($logicPath), md5($physicalPath))); } public function slugifyPath($path, $index=null) { diff --git a/lib/template.php b/lib/template.php index 01f0fc28b6..ae9ea18744 100644 --- a/lib/template.php +++ b/lib/template.php @@ -547,7 +547,7 @@ class OC_Template{ $error_msg = '['.$exception->getCode().'] '.$error_msg; } $hint = $exception->getTraceAsString(); - while ($exception = $exception->previous()) { + while (method_exists($exception,'previous') && $exception = $exception->previous()) { $error_msg .= '
Caused by: '; if ($exception->getCode()) { $error_msg .= '['.$exception->getCode().'] ';