mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #3690 from owncloud/use_execute_audited_in_filecache 

use executeAudited in files cache
This commit is contained in:
Thomas Müller 2013-06-13 13:55:55 -07:00
parent 2a58cf8117 54f9477f34
commit 8edb56de05
7 changed files with 99 additions and 122 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
lib/files/cache/backgroundwatcher.php vendored
View File

@ -18,8 +18,8 @@ class BackgroundWatcher {
if (!is_null(self::$folderMimetype)) { if (!is_null(self::$folderMimetype)) {
return self::$folderMimetype; return self::$folderMimetype;
} }
$query = \OC_DB::prepare('SELECT `id` FROM `*PREFIX*mimetypes` WHERE `mimetype` = ?'); $sql = 'SELECT `id` FROM `*PREFIX*mimetypes` WHERE `mimetype` = ?';
$result = $query->execute(array('httpd/unix-directory')); $result = \OC_DB::executeAudited($sql, array('httpd/unix-directory'));
$row = $result->fetchRow(); $row = $result->fetchRow();
return $row['id']; return $row['id'];
} }
@ -59,11 +59,11 @@ class BackgroundWatcher {
*/ */
static private function getNextFileId($previous, $folder) { static private function getNextFileId($previous, $folder) {
if ($folder) { if ($folder) {
$query = \OC_DB::prepare('SELECT `fileid` FROM `*PREFIX*filecache` WHERE `fileid` > ? AND `mimetype` = ' . self::getFolderMimetype() . ' ORDER BY `fileid` ASC', 1); $stmt = \OC_DB::prepare('SELECT `fileid` FROM `*PREFIX*filecache` WHERE `fileid` > ? AND `mimetype` = ? ORDER BY `fileid` ASC', 1);
} else { } else {
$query = \OC_DB::prepare('SELECT `fileid` FROM `*PREFIX*filecache` WHERE `fileid` > ? AND `mimetype` != ' . self::getFolderMimetype() . ' ORDER BY `fileid` ASC', 1); $stmt = \OC_DB::prepare('SELECT `fileid` FROM `*PREFIX*filecache` WHERE `fileid` > ? AND `mimetype` != ? ORDER BY `fileid` ASC', 1);
} }
$result = $query->execute(array($previous)); $result = \OC_DB::executeAudited($stmt, array($previous,self::getFolderMimetype()));
if ($row = $result->fetchRow()) { if ($row = $result->fetchRow()) {
return $row['fileid']; return $row['fileid'];
} else { } else {

113
lib/files/cache/cache.php vendored
View File

@ -65,13 +65,11 @@ class Cache {
*/ */
public function getMimetypeId($mime) { public function getMimetypeId($mime) {
if (!isset($this->mimetypeIds[$mime])) { if (!isset($this->mimetypeIds[$mime])) {
$query = \OC_DB::prepare('SELECT `id` FROM `*PREFIX*mimetypes` WHERE `mimetype` = ?'); $result = \OC_DB::executeAudited('SELECT `id` FROM `*PREFIX*mimetypes` WHERE `mimetype` = ?', array($mime));
$result = $query->execute(array($mime));
if ($row = $result->fetchRow()) { if ($row = $result->fetchRow()) {
$this->mimetypeIds[$mime] = $row['id']; $this->mimetypeIds[$mime] = $row['id'];
} else { } else {
$query = \OC_DB::prepare('INSERT INTO `*PREFIX*mimetypes`(`mimetype`) VALUES(?)'); $result = \OC_DB::executeAudited('INSERT INTO `*PREFIX*mimetypes`(`mimetype`) VALUES(?)', array($mime));
$query->execute(array($mime));
$this->mimetypeIds[$mime] = \OC_DB::insertid('*PREFIX*mimetypes'); $this->mimetypeIds[$mime] = \OC_DB::insertid('*PREFIX*mimetypes');
} }
$this->mimetypes[$this->mimetypeIds[$mime]] = $mime; $this->mimetypes[$this->mimetypeIds[$mime]] = $mime;
@ -81,8 +79,8 @@ class Cache {
public function getMimetype($id) { public function getMimetype($id) {
if (!isset($this->mimetypes[$id])) { if (!isset($this->mimetypes[$id])) {
$query = \OC_DB::prepare('SELECT `mimetype` FROM `*PREFIX*mimetypes` WHERE `id` = ?'); $sql = 'SELECT `mimetype` FROM `*PREFIX*mimetypes` WHERE `id` = ?';
$result = $query->execute(array($id)); $result = \OC_DB::executeAudited($sql, array($id));
if ($row = $result->fetchRow()) { if ($row = $result->fetchRow()) {
$this->mimetypes[$id] = $row['mimetype']; $this->mimetypes[$id] = $row['mimetype'];
} else { } else {
@ -109,10 +107,10 @@ class Cache {
$where = 'WHERE `fileid` = ?'; $where = 'WHERE `fileid` = ?';
$params = array($file); $params = array($file);
} }
$query = \OC_DB::prepare( $sql = 'SELECT `fileid`, `storage`, `path`, `parent`, `name`, `mimetype`, `mimepart`, `size`, `mtime`,
'SELECT `fileid`, `storage`, `path`, `parent`, `name`, `mimetype`, `mimepart`, `size`, `mtime`, `storage_mtime`, `encrypted`, `unencrypted_size`, `etag` `storage_mtime`, `encrypted`, `unencrypted_size`, `etag`
FROM `*PREFIX*filecache` ' . $where); FROM `*PREFIX*filecache` ' . $where;
$result = $query->execute($params); $result = \OC_DB::executeAudited($sql, $params);
$data = $result->fetchRow(); $data = $result->fetchRow();
//FIXME hide this HACK in the next database layer, or just use doctrine and get rid of MDB2 and PDO //FIXME hide this HACK in the next database layer, or just use doctrine and get rid of MDB2 and PDO
@ -153,14 +151,10 @@ class Cache {
public function getFolderContents($folder) { public function getFolderContents($folder) {
$fileId = $this->getId($folder); $fileId = $this->getId($folder);
if ($fileId > -1) { if ($fileId > -1) {
$query = \OC_DB::prepare( $sql = 'SELECT `fileid`, `storage`, `path`, `parent`, `name`, `mimetype`, `mimepart`, `size`, `mtime`,
'SELECT `fileid`, `storage`, `path`, `parent`, `name`, `mimetype`, `mimepart`, `size`, `mtime`, `storage_mtime`, `encrypted`, `unencrypted_size`, `etag` `storage_mtime`, `encrypted`, `unencrypted_size`, `etag`
FROM `*PREFIX*filecache` WHERE `parent` = ? ORDER BY `name` ASC'); FROM `*PREFIX*filecache` WHERE `parent` = ? ORDER BY `name` ASC';
$result = \OC_DB::executeAudited($sql,array($fileId));
$result = $query->execute(array($fileId));
if (\OC_DB::isError($result)) {
\OCP\Util::writeLog('cache', 'getFolderContents failed: ' . $result->getMessage(), \OCP\Util::ERROR);
}
$files = $result->fetchAll(); $files = $result->fetchAll();
foreach ($files as &$file) { foreach ($files as &$file) {
$file['mimetype'] = $this->getMimetype($file['mimetype']); $file['mimetype'] = $this->getMimetype($file['mimetype']);
@ -214,12 +208,9 @@ class Cache {
$params[] = $this->getNumericStorageId(); $params[] = $this->getNumericStorageId();
$valuesPlaceholder = array_fill(0, count($queryParts), '?'); $valuesPlaceholder = array_fill(0, count($queryParts), '?');
$query = \OC_DB::prepare('INSERT INTO `*PREFIX*filecache`(' . implode(', ', $queryParts) . ')' $sql = 'INSERT INTO `*PREFIX*filecache` (' . implode(', ', $queryParts) . ')'
. ' VALUES(' . implode(', ', $valuesPlaceholder) . ')'); . ' VALUES (' . implode(', ', $valuesPlaceholder) . ')';
$result = $query->execute($params); \OC_DB::executeAudited($sql, $params);
if (\OC_DB::isError($result)) {
\OCP\Util::writeLog('cache', 'Insert to cache failed: ' . $result->getMessage(), \OCP\Util::ERROR);
}
return (int)\OC_DB::insertid('*PREFIX*filecache'); return (int)\OC_DB::insertid('*PREFIX*filecache');
} }
@ -246,9 +237,8 @@ class Cache {
list($queryParts, $params) = $this->buildParts($data); list($queryParts, $params) = $this->buildParts($data);
$params[] = $id; $params[] = $id;
$query = \OC_DB::prepare('UPDATE `*PREFIX*filecache` SET ' . implode(' = ?, ', $queryParts) . '=?' $sql = 'UPDATE `*PREFIX*filecache` SET ' . implode(' = ?, ', $queryParts) . '=? WHERE `fileid` = ?';
. ' WHERE `fileid` = ?'); \OC_DB::executeAudited($sql, $params);
$query->execute($params);
} }
/** /**
@ -295,9 +285,8 @@ class Cache {
$pathHash = md5($file); $pathHash = md5($file);
$query = \OC_DB::prepare('SELECT `fileid` FROM `*PREFIX*filecache` WHERE `storage` = ? AND `path_hash` = ?'); $sql = 'SELECT `fileid` FROM `*PREFIX*filecache` WHERE `storage` = ? AND `path_hash` = ?';
$result = $query->execute(array($this->getNumericStorageId(), $pathHash)); $result = \OC_DB::executeAudited($sql, array($this->getNumericStorageId(), $pathHash));
if ($row = $result->fetchRow()) { if ($row = $result->fetchRow()) {
return $row['fileid']; return $row['fileid'];
} else { } else {
@ -346,8 +335,9 @@ class Cache {
$this->remove($child['path']); $this->remove($child['path']);
} }
} }
$query = \OC_DB::prepare('DELETE FROM `*PREFIX*filecache` WHERE `fileid` = ?');
$query->execute(array($entry['fileid'])); $sql = 'DELETE FROM `*PREFIX*filecache` WHERE `fileid` = ?';
\OC_DB::executeAudited($sql, array($entry['fileid']));
$permissionsCache = new Permissions($this->storageId); $permissionsCache = new Permissions($this->storageId);
$permissionsCache->remove($entry['fileid']); $permissionsCache->remove($entry['fileid']);
@ -370,32 +360,31 @@ class Cache {
if ($sourceData['mimetype'] === 'httpd/unix-directory') { if ($sourceData['mimetype'] === 'httpd/unix-directory') {
//find all child entries //find all child entries
$query = \OC_DB::prepare('SELECT `path`, `fileid` FROM `*PREFIX*filecache` WHERE `storage` = ? AND `path` LIKE ?'); $sql = 'SELECT `path`, `fileid` FROM `*PREFIX*filecache` WHERE `storage` = ? AND `path` LIKE ?';
$result = $query->execute(array($this->getNumericStorageId(), $source . '/%')); $result = \OC_DB::executeAudited($sql, array($this->getNumericStorageId(), $source . '/%'));
$childEntries = $result->fetchAll(); $childEntries = $result->fetchAll();
$sourceLength = strlen($source); $sourceLength = strlen($source);
$query = \OC_DB::prepare('UPDATE `*PREFIX*filecache` SET `path` = ?, `path_hash` = ? WHERE `fileid` = ?'); $query = \OC_DB::prepare('UPDATE `*PREFIX*filecache` SET `path` = ?, `path_hash` = ? WHERE `fileid` = ?');
foreach ($childEntries as $child) { foreach ($childEntries as $child) {
$targetPath = $target . substr($child['path'], $sourceLength); $targetPath = $target . substr($child['path'], $sourceLength);
$query->execute(array($targetPath, md5($targetPath), $child['fileid'])); \OC_DB::executeAudited($query, array($targetPath, md5($targetPath), $child['fileid']));
} }
} }
$query = \OC_DB::prepare('UPDATE `*PREFIX*filecache` SET `path` = ?, `path_hash` = ?, `name` = ?, `parent` =?' $sql = 'UPDATE `*PREFIX*filecache` SET `path` = ?, `path_hash` = ?, `name` = ?, `parent` =? WHERE `fileid` = ?';
. ' WHERE `fileid` = ?'); \OC_DB::executeAudited($sql, array($target, md5($target), basename($target), $newParentId, $sourceId));
$query->execute(array($target, md5($target), basename($target), $newParentId, $sourceId));
} }
/** /**
* remove all entries for files that are stored on the storage from the cache * remove all entries for files that are stored on the storage from the cache
*/ */
public function clear() { public function clear() {
$query = \OC_DB::prepare('DELETE FROM `*PREFIX*filecache` WHERE `storage` = ?'); $sql = 'DELETE FROM `*PREFIX*filecache` WHERE `storage` = ?';
$query->execute(array($this->getNumericStorageId())); \OC_DB::executeAudited($sql, array($this->getNumericStorageId()));
$query = \OC_DB::prepare('DELETE FROM `*PREFIX*storages` WHERE `id` = ?'); $sql = 'DELETE FROM `*PREFIX*storages` WHERE `id` = ?';
$query->execute(array($this->storageId)); \OC_DB::executeAudited($sql, array($this->storageId));
} }
/** /**
@ -408,11 +397,8 @@ class Cache {
$file = $this->normalize($file); $file = $this->normalize($file);
$pathHash = md5($file); $pathHash = md5($file);
$query = \OC_DB::prepare('SELECT `size` FROM `*PREFIX*filecache` WHERE `storage` = ? AND `path_hash` = ?'); $sql = 'SELECT `size` FROM `*PREFIX*filecache` WHERE `storage` = ? AND `path_hash` = ?';
$result = $query->execute(array($this->getNumericStorageId(), $pathHash)); $result = \OC_DB::executeAudited($sql, array($this->getNumericStorageId(), $pathHash));
if( \OC_DB::isError($result)) {
\OCP\Util::writeLog('cache', 'get status failed: ' . $result->getMessage(), \OCP\Util::ERROR);
}
if ($row = $result->fetchRow()) { if ($row = $result->fetchRow()) {
if ((int)$row['size'] === -1) { if ((int)$row['size'] === -1) {
return self::SHALLOW; return self::SHALLOW;
@ -439,11 +425,9 @@ class Cache {
// normalize pattern // normalize pattern
$pattern = $this->normalize($pattern); $pattern = $this->normalize($pattern);
$query = \OC_DB::prepare(' $sql = 'SELECT `fileid`, `storage`, `path`, `parent`, `name`, `mimetype`, `mimepart`, `size`, `mtime`, `encrypted`, `unencrypted_size`, `etag`
SELECT `fileid`, `storage`, `path`, `parent`, `name`, `mimetype`, `mimepart`, `size`, `mtime`, `encrypted`, `unencrypted_size`, `etag` FROM `*PREFIX*filecache` WHERE `name` LIKE ? AND `storage` = ?';
FROM `*PREFIX*filecache` WHERE `name` LIKE ? AND `storage` = ?' $result = \OC_DB::executeAudited($sql, array($pattern, $this->getNumericStorageId()));
);
$result = $query->execute(array($pattern, $this->getNumericStorageId()));
$files = array(); $files = array();
while ($row = $result->fetchRow()) { while ($row = $result->fetchRow()) {
$row['mimetype'] = $this->getMimetype($row['mimetype']); $row['mimetype'] = $this->getMimetype($row['mimetype']);
@ -465,12 +449,10 @@ class Cache {
} else { } else {
$where = '`mimepart` = ?'; $where = '`mimepart` = ?';
} }
$query = \OC_DB::prepare(' $sql = 'SELECT `fileid`, `storage`, `path`, `parent`, `name`, `mimetype`, `mimepart`, `size`, `mtime`, `encrypted`, `unencrypted_size`, `etag`
SELECT `fileid`, `storage`, `path`, `parent`, `name`, `mimetype`, `mimepart`, `size`, `mtime`, `encrypted`, `unencrypted_size`, `etag` FROM `*PREFIX*filecache` WHERE ' . $where . ' AND `storage` = ?';
FROM `*PREFIX*filecache` WHERE ' . $where . ' AND `storage` = ?'
);
$mimetype = $this->getMimetypeId($mimetype); $mimetype = $this->getMimetypeId($mimetype);
$result = $query->execute(array($mimetype, $this->getNumericStorageId())); $result = \OC_DB::executeAudited($sql, array($mimetype, $this->getNumericStorageId()));
$files = array(); $files = array();
while ($row = $result->fetchRow()) { while ($row = $result->fetchRow()) {
$row['mimetype'] = $this->getMimetype($row['mimetype']); $row['mimetype'] = $this->getMimetype($row['mimetype']);
@ -507,8 +489,8 @@ class Cache {
if ($id === -1) { if ($id === -1) {
return 0; return 0;
} }
$query = \OC_DB::prepare('SELECT `size` FROM `*PREFIX*filecache` WHERE `parent` = ? AND `storage` = ?'); $sql = 'SELECT `size` FROM `*PREFIX*filecache` WHERE `parent` = ? AND `storage` = ?';
$result = $query->execute(array($id, $this->getNumericStorageId())); $result = \OC_DB::executeAudited($sql, array($id, $this->getNumericStorageId()));
$totalSize = 0; $totalSize = 0;
$hasChilds = 0; $hasChilds = 0;
while ($row = $result->fetchRow()) { while ($row = $result->fetchRow()) {
@ -534,8 +516,8 @@ class Cache {
* @return int[] * @return int[]
*/ */
public function getAll() { public function getAll() {
$query = \OC_DB::prepare('SELECT `fileid` FROM `*PREFIX*filecache` WHERE `storage` = ?'); $sql = 'SELECT `fileid` FROM `*PREFIX*filecache` WHERE `storage` = ?';
$result = $query->execute(array($this->getNumericStorageId())); $result = \OC_DB::executeAudited($sql, array($this->getNumericStorageId()));
$ids = array(); $ids = array();
while ($row = $result->fetchRow()) { while ($row = $result->fetchRow()) {
$ids[] = $row['fileid']; $ids[] = $row['fileid'];
@ -555,10 +537,7 @@ class Cache {
public function getIncomplete() { public function getIncomplete() {
$query = \OC_DB::prepare('SELECT `path` FROM `*PREFIX*filecache`' $query = \OC_DB::prepare('SELECT `path` FROM `*PREFIX*filecache`'
. ' WHERE `storage` = ? AND `size` = -1 ORDER BY `fileid` DESC',1); . ' WHERE `storage` = ? AND `size` = -1 ORDER BY `fileid` DESC',1);
$result = $query->execute(array($this->getNumericStorageId())); $result = \OC_DB::executeAudited($query, array($this->getNumericStorageId()));
if (\OC_DB::isError($result)) {
\OCP\Util::writeLog('cache', 'getIncomplete failed: ' . $result->getMessage(), \OCP\Util::ERROR);
}
if ($row = $result->fetchRow()) { if ($row = $result->fetchRow()) {
return $row['path']; return $row['path'];
} else { } else {
@ -573,8 +552,8 @@ class Cache {
* @return array, first element holding the storage id, second the path * @return array, first element holding the storage id, second the path
*/ */
static public function getById($id) { static public function getById($id) {
$query = \OC_DB::prepare('SELECT `storage`, `path` FROM `*PREFIX*filecache` WHERE `fileid` = ?'); $sql = 'SELECT `storage`, `path` FROM `*PREFIX*filecache` WHERE `fileid` = ?';
$result = $query->execute(array($id)); $result = \OC_DB::executeAudited($sql, array($id));
if ($row = $result->fetchRow()) { if ($row = $result->fetchRow()) {
$numericId = $row['storage']; $numericId = $row['storage'];
$path = $row['path']; $path = $row['path'];

15
lib/files/cache/legacy.php vendored
View File

@ -26,8 +26,8 @@ class Legacy {
* @return int * @return int
*/ */
function getCount() { function getCount() {
$query = \OC_DB::prepare('SELECT COUNT(`id`) AS `count` FROM `*PREFIX*fscache` WHERE `user` = ?'); $sql = 'SELECT COUNT(`id`) AS `count` FROM `*PREFIX*fscache` WHERE `user` = ?';
$result = $query->execute(array($this->user)); $result = \OC_DB::executeAudited($sql, array($this->user));
if ($row = $result->fetchRow()) { if ($row = $result->fetchRow()) {
return $row['count']; return $row['count'];
} else { } else {
@ -74,11 +74,11 @@ class Legacy {
*/ */
function get($path) { function get($path) {
if (is_numeric($path)) { if (is_numeric($path)) {
$query = \OC_DB::prepare('SELECT * FROM `*PREFIX*fscache` WHERE `id` = ?'); $sql = 'SELECT * FROM `*PREFIX*fscache` WHERE `id` = ?';
} else { } else {
$query = \OC_DB::prepare('SELECT * FROM `*PREFIX*fscache` WHERE `path` = ?'); $sql = 'SELECT * FROM `*PREFIX*fscache` WHERE `path` = ?';
} }
$result = $query->execute(array($path)); $result = \OC_DB::executeAudited($sql, array($path));
$data = $result->fetchRow(); $data = $result->fetchRow();
$data['etag'] = $this->getEtag($data['path'], $data['user']); $data['etag'] = $this->getEtag($data['path'], $data['user']);
return $data; return $data;
@ -111,7 +111,7 @@ class Legacy {
if(is_null($query)){ if(is_null($query)){
$query = \OC_DB::prepare('SELECT `propertyvalue` FROM `*PREFIX*properties` WHERE `userid` = ? AND `propertypath` = ? AND `propertyname` = \'{DAV:}getetag\''); $query = \OC_DB::prepare('SELECT `propertyvalue` FROM `*PREFIX*properties` WHERE `userid` = ? AND `propertypath` = ? AND `propertyname` = \'{DAV:}getetag\'');
} }
$result = $query->execute(array($user, '/' . $relativePath)); $result = \OC_DB::executeAudited($query,array($user, '/' . $relativePath));
if ($row = $result->fetchRow()) { if ($row = $result->fetchRow()) {
return trim($row['propertyvalue'], '"'); return trim($row['propertyvalue'], '"');
} else { } else {
@ -126,8 +126,7 @@ class Legacy {
* @return array * @return array
*/ */
function getChildren($id) { function getChildren($id) {
$query = \OC_DB::prepare('SELECT * FROM `*PREFIX*fscache` WHERE `parent` = ?'); $result = \OC_DB::executeAudited('SELECT * FROM `*PREFIX*fscache` WHERE `parent` = ?', array($id));
$result = $query->execute(array($id));
$data = $result->fetchAll(); $data = $result->fetchAll();
foreach ($data as $i => $item) { foreach ($data as $i => $item) {
$data[$i]['etag'] = $this->getEtag($item['path'], $item['user']); $data[$i]['etag'] = $this->getEtag($item['path'], $item['user']);

40
lib/files/cache/permissions.php vendored
View File

@ -33,8 +33,8 @@ class Permissions {
* @return int (-1 if file no permissions set) * @return int (-1 if file no permissions set)
*/ */
public function get($fileId, $user) { public function get($fileId, $user) {
$query = \OC_DB::prepare('SELECT `permissions` FROM `*PREFIX*permissions` WHERE `user` = ? AND `fileid` = ?'); $sql = 'SELECT `permissions` FROM `*PREFIX*permissions` WHERE `user` = ? AND `fileid` = ?';
$result = $query->execute(array($user, $fileId)); $result = \OC_DB::executeAudited($sql, array($user, $fileId));
if ($row = $result->fetchRow()) { if ($row = $result->fetchRow()) {
return $row['permissions']; return $row['permissions'];
} else { } else {
@ -51,13 +51,11 @@ class Permissions {
*/ */
public function set($fileId, $user, $permissions) { public function set($fileId, $user, $permissions) {
if (self::get($fileId, $user) !== -1) { if (self::get($fileId, $user) !== -1) {
$query = \OC_DB::prepare('UPDATE `*PREFIX*permissions` SET `permissions` = ?' $sql = 'UPDATE `*PREFIX*permissions` SET `permissions` = ? WHERE `user` = ? AND `fileid` = ?';
. ' WHERE `user` = ? AND `fileid` = ?');
} else { } else {
$query = \OC_DB::prepare('INSERT INTO `*PREFIX*permissions`(`permissions`, `user`, `fileid`)' $sql = 'INSERT INTO `*PREFIX*permissions`(`permissions`, `user`, `fileid`) VALUES(?, ?,? )';
. ' VALUES(?, ?,? )');
} }
$query->execute(array($permissions, $user, $fileId)); \OC_DB::executeAudited($sql, array($permissions, $user, $fileId));
} }
/** /**
@ -75,9 +73,9 @@ class Permissions {
$params[] = $user; $params[] = $user;
$inPart = implode(', ', array_fill(0, count($fileIds), '?')); $inPart = implode(', ', array_fill(0, count($fileIds), '?'));
$query = \OC_DB::prepare('SELECT `fileid`, `permissions` FROM `*PREFIX*permissions`' $sql = 'SELECT `fileid`, `permissions` FROM `*PREFIX*permissions`'
. ' WHERE `fileid` IN (' . $inPart . ') AND `user` = ?'); . ' WHERE `fileid` IN (' . $inPart . ') AND `user` = ?';
$result = $query->execute($params); $result = \OC_DB::executeAudited($sql, $params);
$filePermissions = array(); $filePermissions = array();
while ($row = $result->fetchRow()) { while ($row = $result->fetchRow()) {
$filePermissions[$row['fileid']] = $row['permissions']; $filePermissions[$row['fileid']] = $row['permissions'];
@ -93,11 +91,12 @@ class Permissions {
* @return int[] * @return int[]
*/ */
public function getDirectoryPermissions($parentId, $user) { public function getDirectoryPermissions($parentId, $user) {
$query = \OC_DB::prepare('SELECT `*PREFIX*permissions`.`fileid`, `permissions` $sql = 'SELECT `*PREFIX*permissions`.`fileid`, `permissions`
FROM `*PREFIX*permissions` INNER JOIN `*PREFIX*filecache` ON `*PREFIX*permissions`.`fileid` = `*PREFIX*filecache`.`fileid` FROM `*PREFIX*permissions`
WHERE `*PREFIX*filecache`.`parent` = ? AND `*PREFIX*permissions`.`user` = ?'); INNER JOIN `*PREFIX*filecache` ON `*PREFIX*permissions`.`fileid` = `*PREFIX*filecache`.`fileid`
WHERE `*PREFIX*filecache`.`parent` = ? AND `*PREFIX*permissions`.`user` = ?';
$result = $query->execute(array($parentId, $user)); $result = \OC_DB::executeAudited($sql, array($parentId, $user));
$filePermissions = array(); $filePermissions = array();
while ($row = $result->fetchRow()) { while ($row = $result->fetchRow()) {
$filePermissions[$row['fileid']] = $row['permissions']; $filePermissions[$row['fileid']] = $row['permissions'];
@ -113,18 +112,17 @@ class Permissions {
*/ */
public function remove($fileId, $user = null) { public function remove($fileId, $user = null) {
if (is_null($user)) { if (is_null($user)) {
$query = \OC_DB::prepare('DELETE FROM `*PREFIX*permissions` WHERE `fileid` = ?'); \OC_DB::executeAudited('DELETE FROM `*PREFIX*permissions` WHERE `fileid` = ?', array($fileId));
$query->execute(array($fileId));
} else { } else {
$query = \OC_DB::prepare('DELETE FROM `*PREFIX*permissions` WHERE `fileid` = ? AND `user` = ?'); $sql = 'DELETE FROM `*PREFIX*permissions` WHERE `fileid` = ? AND `user` = ?';
$query->execute(array($fileId, $user)); \OC_DB::executeAudited($sql, array($fileId, $user));
} }
} }
public function removeMultiple($fileIds, $user) { public function removeMultiple($fileIds, $user) {
$query = \OC_DB::prepare('DELETE FROM `*PREFIX*permissions` WHERE `fileid` = ? AND `user` = ?'); $query = \OC_DB::prepare('DELETE FROM `*PREFIX*permissions` WHERE `fileid` = ? AND `user` = ?');
foreach ($fileIds as $fileId) { foreach ($fileIds as $fileId) {
$query->execute(array($fileId, $user)); \OC_DB::executeAudited($query, array($fileId, $user));
} }
} }
@ -134,8 +132,8 @@ class Permissions {
* @param int $fileId * @param int $fileId
*/ */
public function getUsers($fileId) { public function getUsers($fileId) {
$query = \OC_DB::prepare('SELECT `user` FROM `*PREFIX*permissions` WHERE `fileid` = ?'); $sql = 'SELECT `user` FROM `*PREFIX*permissions` WHERE `fileid` = ?';
$result = $query->execute(array($fileId)); $result = \OC_DB::executeAudited($sql, array($fileId));
$users = array(); $users = array();
while ($row = $result->fetchRow()) { while ($row = $result->fetchRow()) {
$users[] = $row['user']; $users[] = $row['user'];

13
lib/files/cache/storage.php vendored
View File

@ -32,13 +32,13 @@ class Storage {
$this->storageId = md5($this->storageId); $this->storageId = md5($this->storageId);
} }
$query = \OC_DB::prepare('SELECT `numeric_id` FROM `*PREFIX*storages` WHERE `id` = ?'); $sql = 'SELECT `numeric_id` FROM `*PREFIX*storages` WHERE `id` = ?';
$result = $query->execute(array($this->storageId)); $result = \OC_DB::executeAudited($sql, array($this->storageId));
if ($row = $result->fetchRow()) { if ($row = $result->fetchRow()) {
$this->numericId = $row['numeric_id']; $this->numericId = $row['numeric_id'];
} else { } else {
$query = \OC_DB::prepare('INSERT INTO `*PREFIX*storages`(`id`) VALUES(?)'); $sql = 'INSERT INTO `*PREFIX*storages` (`id`) VALUES(?)';
$query->execute(array($this->storageId)); \OC_DB::executeAudited($sql, array($this->storageId));
$this->numericId = \OC_DB::insertid('*PREFIX*storages'); $this->numericId = \OC_DB::insertid('*PREFIX*storages');
} }
} }
@ -48,8 +48,9 @@ class Storage {
} }
public static function getStorageId($numericId) { public static function getStorageId($numericId) {
$query = \OC_DB::prepare('SELECT `id` FROM `*PREFIX*storages` WHERE `numeric_id` = ?');
$result = $query->execute(array($numericId)); $sql = 'SELECT `id` FROM `*PREFIX*storages` WHERE `numeric_id` = ?';
$result = \OC_DB::executeAudited($sql, array($numericId));
if ($row = $result->fetchRow()) { if ($row = $result->fetchRow()) {
return $row['id']; return $row['id'];
} else { } else {

4
lib/files/cache/upgrade.php vendored
View File

@ -78,7 +78,7 @@ class Upgrade {
VALUES(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)'); VALUES(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)');
} }
if (!$this->inCache($data['storage'], $data['path_hash'], $data['id'])) { if (!$this->inCache($data['storage'], $data['path_hash'], $data['id'])) {
$insertQuery->execute(array($data['id'], $data['storage'], \OC_DB::executeAudited($insertQuery, array($data['id'], $data['storage'],
$data['path'], $data['path_hash'], $data['parent'], $data['name'], $data['path'], $data['path_hash'], $data['parent'], $data['name'],
$data['mimetype'], $data['mimepart'], $data['size'], $data['mtime'], $data['encrypted'], $data['etag'])); $data['mimetype'], $data['mimepart'], $data['size'], $data['mtime'], $data['encrypted'], $data['etag']));
} }
@ -97,7 +97,7 @@ class Upgrade {
if(is_null($query)) { if(is_null($query)) {
$query = \OC_DB::prepare('SELECT `fileid` FROM `*PREFIX*filecache` WHERE (`storage` = ? AND `path_hash` = ?) OR `fileid` = ?'); $query = \OC_DB::prepare('SELECT `fileid` FROM `*PREFIX*filecache` WHERE (`storage` = ? AND `path_hash` = ?) OR `fileid` = ?');
} }
$result = $query->execute(array($storage, $pathHash, $id)); $result = \OC_DB::executeAudited($query, array($storage, $pathHash, $id));
return (bool)$result->fetchRow(); return (bool)$result->fetchRow();
} }

26
lib/files/mapper.php
View File

@ -53,11 +53,9 @@ class Mapper
} }
if ($isLogicPath) { if ($isLogicPath) {
$query = \OC_DB::prepare('DELETE FROM `*PREFIX*file_map` WHERE `logic_path` LIKE ?'); \OC_DB::executeAudited('DELETE FROM `*PREFIX*file_map` WHERE `logic_path` LIKE ?', array($path));
$query->execute(array($path));
} else { } else {
$query = \OC_DB::prepare('DELETE FROM `*PREFIX*file_map` WHERE `physic_path` LIKE ?'); \OC_DB::executeAudited('DELETE FROM `*PREFIX*file_map` WHERE `physic_path` LIKE ?', array($path));
$query->execute(array($path));
} }
} }
@ -73,8 +71,8 @@ class Mapper
$physicPath1 = $this->logicToPhysical($path1, true); $physicPath1 = $this->logicToPhysical($path1, true);
$physicPath2 = $this->logicToPhysical($path2, true); $physicPath2 = $this->logicToPhysical($path2, true);
$query = \OC_DB::prepare('SELECT * FROM `*PREFIX*file_map` WHERE `logic_path` LIKE ?'); $sql = 'SELECT * FROM `*PREFIX*file_map` WHERE `logic_path` LIKE ?';
$result = $query->execute(array($path1.'%')); $result = \OC_DB::executeAudited($sql, array($path1.'%'));
$updateQuery = \OC_DB::prepare('UPDATE `*PREFIX*file_map`' $updateQuery = \OC_DB::prepare('UPDATE `*PREFIX*file_map`'
.' SET `logic_path` = ?' .' SET `logic_path` = ?'
.' , `logic_path_hash` = ?' .' , `logic_path_hash` = ?'
@ -88,7 +86,8 @@ class Mapper
$newPhysic = $physicPath2.$this->stripRootFolder($currentPhysic, $physicPath1); $newPhysic = $physicPath2.$this->stripRootFolder($currentPhysic, $physicPath1);
if ($path1 !== $currentLogic) { if ($path1 !== $currentLogic) {
try { try {
$updateQuery->execute(array($newLogic, md5($newLogic), $newPhysic, md5($newPhysic), $currentLogic)); \OC_DB::executeAudited($updateQuery, array($newLogic, md5($newLogic), $newPhysic, md5($newPhysic),
$currentLogic));
} catch (\Exception $e) { } catch (\Exception $e) {
error_log('Mapper::Copy failed '.$currentLogic.' -> '.$newLogic.'\n'.$e); error_log('Mapper::Copy failed '.$currentLogic.' -> '.$newLogic.'\n'.$e);
throw $e; throw $e;
@ -123,8 +122,8 @@ class Mapper
private function resolveLogicPath($logicPath) { private function resolveLogicPath($logicPath) {
$logicPath = $this->stripLast($logicPath); $logicPath = $this->stripLast($logicPath);
$query = \OC_DB::prepare('SELECT * FROM `*PREFIX*file_map` WHERE `logic_path_hash` = ?'); $sql = 'SELECT * FROM `*PREFIX*file_map` WHERE `logic_path_hash` = ?';
$result = $query->execute(array(md5($logicPath))); $result = \OC_DB::executeAudited($sql, array(md5($logicPath)));
$result = $result->fetchRow(); $result = $result->fetchRow();
if ($result === false) { if ($result === false) {
return null; return null;
@ -135,8 +134,8 @@ class Mapper
private function resolvePhysicalPath($physicalPath) { private function resolvePhysicalPath($physicalPath) {
$physicalPath = $this->stripLast($physicalPath); $physicalPath = $this->stripLast($physicalPath);
$query = \OC_DB::prepare('SELECT * FROM `*PREFIX*file_map` WHERE `physic_path_hash` = ?'); $sql = \OC_DB::prepare('SELECT * FROM `*PREFIX*file_map` WHERE `physic_path_hash` = ?');
$result = $query->execute(array(md5($physicalPath))); $result = \OC_DB::executeAudited($sql, array(md5($physicalPath)));
$result = $result->fetchRow(); $result = $result->fetchRow();
return $result['logic_path']; return $result['logic_path'];
@ -163,8 +162,9 @@ class Mapper
} }
private function insert($logicPath, $physicalPath) { private function insert($logicPath, $physicalPath) {
$query = \OC_DB::prepare('INSERT INTO `*PREFIX*file_map`(`logic_path`, `physic_path`, `logic_path_hash`, `physic_path_hash`) VALUES(?, ?, ?, ?)'); $sql = 'INSERT INTO `*PREFIX*file_map` (`logic_path`, `physic_path`, `logic_path_hash`, `physic_path_hash`)
$query->execute(array($logicPath, $physicalPath, md5($logicPath), md5($physicalPath))); VALUES (?, ?, ?, ?)';
\OC_DB::executeAudited($sql, array($logicPath, $physicalPath, md5($logicPath), md5($physicalPath)));
} }
public function slugifyPath($path, $index=null) { public function slugifyPath($path, $index=null) {