[PHP-CVS] cvs: php-src /ext/pdo_pgsql pgsql_driver.c
pajoye Wed Apr 1 16:14:50 2009 UTC Modified files: /php-src/ext/pdo_pgsql pgsql_driver.c Log: - MFB: fix build when pqprepare does not exist http://cvs.php.net/viewvc.cgi/php-src/ext/pdo_pgsql/pgsql_driver.c?r1=1.72r2=1.73diff_format=u Index: php-src/ext/pdo_pgsql/pgsql_driver.c diff -u php-src/ext/pdo_pgsql/pgsql_driver.c:1.72 php-src/ext/pdo_pgsql/pgsql_driver.c:1.73 --- php-src/ext/pdo_pgsql/pgsql_driver.c:1.72 Sat Mar 28 03:01:38 2009 +++ php-src/ext/pdo_pgsql/pgsql_driver.cWed Apr 1 16:14:50 2009 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: pgsql_driver.c,v 1.72 2009/03/28 03:01:38 mbeccati Exp $ */ +/* $Id: pgsql_driver.c,v 1.73 2009/04/01 16:14:50 pajoye Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -233,7 +233,9 @@ efree(S-cursor_name); } spprintf(S-cursor_name, 0, pdo_pgsql_cursor_%08x, (unsigned int) stmt); +#if HAVE_PQPREPARE emulate = 1; +#endif } #if HAVE_PQPREPARE -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src /ext/pdo_pgsql pgsql_driver.c pgsql_statement.c /ext/pdo_pgsql/tests bug44861.phpt
mbeccatiSat Mar 28 03:01:38 2009 UTC Modified files: /php-src/ext/pdo_pgsql pgsql_driver.c pgsql_statement.c /php-src/ext/pdo_pgsql/testsbug44861.phpt Log: MFB: - Fixed bug #44861 (scrollable cursor don't work with pgsql) http://cvs.php.net/viewvc.cgi/php-src/ext/pdo_pgsql/pgsql_driver.c?r1=1.71r2=1.72diff_format=u Index: php-src/ext/pdo_pgsql/pgsql_driver.c diff -u php-src/ext/pdo_pgsql/pgsql_driver.c:1.71 php-src/ext/pdo_pgsql/pgsql_driver.c:1.72 --- php-src/ext/pdo_pgsql/pgsql_driver.c:1.71 Sat Mar 28 02:34:02 2009 +++ php-src/ext/pdo_pgsql/pgsql_driver.cSat Mar 28 03:01:38 2009 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: pgsql_driver.c,v 1.71 2009/03/28 02:34:02 mbeccati Exp $ */ +/* $Id: pgsql_driver.c,v 1.72 2009/03/28 03:01:38 mbeccati Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -232,13 +232,13 @@ if (S-cursor_name) { efree(S-cursor_name); } - /* TODO: check how scrollable cursors related to prepared statements */ spprintf(S-cursor_name, 0, pdo_pgsql_cursor_%08x, (unsigned int) stmt); + emulate = 1; } #if HAVE_PQPREPARE - if (driver_options) { + else if (driver_options) { if (pdo_attr_lval(driver_options, PDO_PGSQL_ATTR_DISABLE_NATIVE_PREPARED_STATEMENT, 0 TSRMLS_CC) == 1) { emulate = 1; http://cvs.php.net/viewvc.cgi/php-src/ext/pdo_pgsql/pgsql_statement.c?r1=1.51r2=1.52diff_format=u Index: php-src/ext/pdo_pgsql/pgsql_statement.c diff -u php-src/ext/pdo_pgsql/pgsql_statement.c:1.51 php-src/ext/pdo_pgsql/pgsql_statement.c:1.52 --- php-src/ext/pdo_pgsql/pgsql_statement.c:1.51Sat Mar 28 02:34:02 2009 +++ php-src/ext/pdo_pgsql/pgsql_statement.c Sat Mar 28 03:01:38 2009 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: pgsql_statement.c,v 1.51 2009/03/28 02:34:02 mbeccati Exp $ */ +/* $Id: pgsql_statement.c,v 1.52 2009/03/28 03:01:38 mbeccati Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -129,6 +129,24 @@ S-current_row = 0; + if (S-cursor_name) { + char *q = NULL; + spprintf(q, 0, DECLARE %s SCROLL CURSOR WITH HOLD FOR %s, S-cursor_name, stmt-active_query_string); + S-result = PQexec(H-server, q); + efree(q); + + /* check if declare failed */ + status = PQresultStatus(S-result); + if (status != PGRES_COMMAND_OK status != PGRES_TUPLES_OK) { + pdo_pgsql_error_stmt(stmt, status, pdo_pgsql_sqlstate(S-result)); + return 0; + } + + /* fetch to be able to get the number of tuples later, but don't advance the cursor pointer */ + spprintf(q, 0, FETCH FORWARD 0 FROM %s, S-cursor_name); + S-result = PQexec(H-server, q); + efree(q); + } else #if HAVE_PQPREPARE if (S-stmt_name) { /* using a prepared statement */ @@ -182,12 +200,7 @@ 0); } else #endif - if (S-cursor_name) { - char *q = NULL; - spprintf(q, 0, DECLARE %s CURSOR FOR %s, S-cursor_name, stmt-active_query_string); - S-result = PQexec(H-server, q); - efree(q); - } else { + { S-result = PQexec(H-server, stmt-active_query_string); } status = PQresultStatus(S-result); @@ -350,19 +363,23 @@ pdo_pgsql_stmt *S = (pdo_pgsql_stmt*)stmt-driver_data; if (S-cursor_name) { - char *ori_str; + char *ori_str = NULL; char *q = NULL; ExecStatusType status; switch (ori) { - case PDO_FETCH_ORI_NEXT:ori_str = FORWARD; break; - case PDO_FETCH_ORI_PRIOR: ori_str = BACKWARD; break; - case PDO_FETCH_ORI_REL: ori_str = RELATIVE; break; + case PDO_FETCH_ORI_NEXT:spprintf(ori_str, 0, NEXT); break; + case PDO_FETCH_ORI_PRIOR: spprintf(ori_str, 0, BACKWARD); break; + case PDO_FETCH_ORI_FIRST: spprintf(ori_str, 0, FIRST); break; + case PDO_FETCH_ORI_LAST:spprintf(ori_str, 0, LAST); break; + case PDO_FETCH_ORI_ABS: spprintf(ori_str, 0, ABSOLUTE %ld, offset); break; + case PDO_FETCH_ORI_REL: spprintf(ori_str, 0, RELATIVE %ld, offset); break; default: return 0; } - spprintf(q, 0, FETCH
[PHP-CVS] cvs: php-src /ext/pdo_pgsql pgsql_driver.c
iliaa Tue Dec 4 13:07:30 2007 UTC Modified files: /php-src/ext/pdo_pgsql pgsql_driver.c Log: MFB: Fixed bug #43493 (pdo_pgsql does not send username on connect when password is not available) http://cvs.php.net/viewvc.cgi/php-src/ext/pdo_pgsql/pgsql_driver.c?r1=1.66r2=1.67diff_format=u Index: php-src/ext/pdo_pgsql/pgsql_driver.c diff -u php-src/ext/pdo_pgsql/pgsql_driver.c:1.66 php-src/ext/pdo_pgsql/pgsql_driver.c:1.67 --- php-src/ext/pdo_pgsql/pgsql_driver.c:1.66 Mon Jan 1 09:29:28 2007 +++ php-src/ext/pdo_pgsql/pgsql_driver.cTue Dec 4 13:07:30 2007 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: pgsql_driver.c,v 1.66 2007/01/01 09:29:28 sebastian Exp $ */ +/* $Id: pgsql_driver.c,v 1.67 2007/12/04 13:07:30 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -493,14 +493,14 @@ } /* support both full connection string connection string + login and/or password */ - if (!dbh-username || !dbh-password) { - conn_str = (char *) dbh-data_source; - } else if (dbh-username dbh-password) { + if (dbh-username dbh-password) { spprintf(conn_str, 0, %s user=%s password=%s, dbh-data_source, dbh-username, dbh-password); } else if (dbh-username) { spprintf(conn_str, 0, %s user=%s, dbh-data_source, dbh-username); - } else { + } else if (dbh-password) { spprintf(conn_str, 0, %s password=%s, dbh-data_source, dbh-password); + } else { + conn_str = (char *) dbh-data_source; } H-server = PQconnectdb(conn_str); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src /ext/pdo_pgsql pgsql_driver.c
iliaa Mon Dec 18 17:56:51 2006 UTC Modified files: /php-src/ext/pdo_pgsql pgsql_driver.c Log: MFB: Fixed bug #39845 (Persistent connections generate a warning in pdo_pgsql). http://cvs.php.net/viewvc.cgi/php-src/ext/pdo_pgsql/pgsql_driver.c?r1=1.64r2=1.65diff_format=u Index: php-src/ext/pdo_pgsql/pgsql_driver.c diff -u php-src/ext/pdo_pgsql/pgsql_driver.c:1.64 php-src/ext/pdo_pgsql/pgsql_driver.c:1.65 --- php-src/ext/pdo_pgsql/pgsql_driver.c:1.64 Sat Dec 16 18:27:43 2006 +++ php-src/ext/pdo_pgsql/pgsql_driver.cMon Dec 18 17:56:51 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: pgsql_driver.c,v 1.64 2006/12/16 18:27:43 bjori Exp $ */ +/* $Id: pgsql_driver.c,v 1.65 2006/12/18 17:56:51 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -450,6 +450,11 @@ return pdo_pgsql_transaction_cmd(ROLLBACK, dbh TSRMLS_CC); } +static int pdo_pgsql_set_attr(pdo_dbh_t *dbh, long attr, zval *val TSRMLS_DC) +{ + return 0; +} + static struct pdo_dbh_methods pgsql_methods = { pgsql_handle_closer, pgsql_handle_preparer, @@ -458,7 +463,7 @@ pgsql_handle_begin, pgsql_handle_commit, pgsql_handle_rollback, - NULL, /* set_attr */ + pdo_pgsql_set_attr, pdo_pgsql_last_insert_id, pdo_pgsql_fetch_error_func, pdo_pgsql_get_attribute, -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src /ext/pdo_pgsql pgsql_driver.c /ext/standard basic_functions.c
bjori Sat Dec 16 18:27:43 2006 UTC Modified files: /php-src/ext/standard basic_functions.c /php-src/ext/pdo_pgsql pgsql_driver.c Log: Fix ZTS build http://cvs.php.net/viewvc.cgi/php-src/ext/standard/basic_functions.c?r1=1.833r2=1.834diff_format=u Index: php-src/ext/standard/basic_functions.c diff -u php-src/ext/standard/basic_functions.c:1.833 php-src/ext/standard/basic_functions.c:1.834 --- php-src/ext/standard/basic_functions.c:1.833Fri Dec 15 23:28:10 2006 +++ php-src/ext/standard/basic_functions.c Sat Dec 16 18:27:43 2006 @@ -17,7 +17,7 @@ +--+ */ -/* $Id: basic_functions.c,v 1.833 2006/12/15 23:28:10 andrei Exp $ */ +/* $Id: basic_functions.c,v 1.834 2006/12/16 18:27:43 bjori Exp $ */ #include php.h #include php_streams.h @@ -5573,6 +5573,7 @@ zval *ini_array = va_arg(args, zval *); int module_number = va_arg(args, int); zval *option; + TSRMLS_FETCH(); if (module_number != 0 ini_entry-module_number != module_number) { return 0; @@ -5707,7 +5708,7 @@ char *temp; int temp_len; - zend_unicode_to_string(UG(utf8_conv), temp, temp_len, new_value.u, new_value_len); + zend_unicode_to_string(UG(utf8_conv), temp, temp_len, new_value.u, new_value_len TSRMLS_CC); new_value.s = temp; new_value_len = temp_len; } http://cvs.php.net/viewvc.cgi/php-src/ext/pdo_pgsql/pgsql_driver.c?r1=1.63r2=1.64diff_format=u Index: php-src/ext/pdo_pgsql/pgsql_driver.c diff -u php-src/ext/pdo_pgsql/pgsql_driver.c:1.63 php-src/ext/pdo_pgsql/pgsql_driver.c:1.64 --- php-src/ext/pdo_pgsql/pgsql_driver.c:1.63 Wed Nov 29 15:47:41 2006 +++ php-src/ext/pdo_pgsql/pgsql_driver.cSat Dec 16 18:27:43 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: pgsql_driver.c,v 1.63 2006/11/29 15:47:41 iliaa Exp $ */ +/* $Id: pgsql_driver.c,v 1.64 2006/12/16 18:27:43 bjori Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -87,7 +87,7 @@ } if (!dbh-methods) { - zend_throw_exception_ex(php_pdo_get_exception(TSRMLS_C), 0 TSRMLS_CC, SQLSTATE[%s] [%d] %s, + zend_throw_exception_ex(php_pdo_get_exception(), 0 TSRMLS_CC, SQLSTATE[%s] [%d] %s, *pdo_err, einfo-errcode, einfo-errmsg); } -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src /ext/pdo_pgsql pgsql_driver.c /ext/pgsql pgsql.c
iliaa Wed Nov 29 15:47:41 2006 UTC Modified files: /php-src/ext/pgsql pgsql.c /php-src/ext/pdo_pgsql pgsql_driver.c Log: MFB: Fixed bug #39663 (Memory leak in pg_get_notify() and a possible memory corruption on Windows in pgsql and pdo_pgsql extensions). http://cvs.php.net/viewvc.cgi/php-src/ext/pgsql/pgsql.c?r1=1.359r2=1.360diff_format=u Index: php-src/ext/pgsql/pgsql.c diff -u php-src/ext/pgsql/pgsql.c:1.359 php-src/ext/pgsql/pgsql.c:1.360 --- php-src/ext/pgsql/pgsql.c:1.359 Mon Nov 13 22:11:02 2006 +++ php-src/ext/pgsql/pgsql.c Wed Nov 29 15:47:41 2006 @@ -20,7 +20,7 @@ +--+ */ -/* $Id: pgsql.c,v 1.359 2006/11/13 22:11:02 iliaa Exp $ */ +/* $Id: pgsql.c,v 1.360 2006/11/29 15:47:41 iliaa Exp $ */ #include stdlib.h @@ -3597,7 +3597,7 @@ to = (char *)PQescapeBytea((unsigned char*)from, from_len, to_len); RETVAL_STRINGL(to, to_len-1, 1); /* to_len includes addtional '\0' */ - free(to); + PQfreemem(to); } /* }}} */ @@ -4335,6 +4335,7 @@ add_assoc_string(return_value, message, pgsql_notify-relname, 1); add_assoc_long(return_value, pid, pgsql_notify-be_pid); } + PQfreemem(pgsql_notify); } /* }}} */ @@ -5140,7 +5141,7 @@ Z_STRLEN_P(new_val) = to_len-1; /* PQescapeBytea's to_len includes additional '\0' */ Z_STRVAL_P(new_val) = emalloc(to_len); memcpy(Z_STRVAL_P(new_val), tmp, to_len); - free(tmp); + PQfreemem(tmp); php_pgsql_add_quotes(new_val, 1 TSRMLS_CC); } http://cvs.php.net/viewvc.cgi/php-src/ext/pdo_pgsql/pgsql_driver.c?r1=1.62r2=1.63diff_format=u Index: php-src/ext/pdo_pgsql/pgsql_driver.c diff -u php-src/ext/pdo_pgsql/pgsql_driver.c:1.62 php-src/ext/pdo_pgsql/pgsql_driver.c:1.63 --- php-src/ext/pdo_pgsql/pgsql_driver.c:1.62 Fri Oct 6 22:34:29 2006 +++ php-src/ext/pdo_pgsql/pgsql_driver.cWed Nov 29 15:47:41 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: pgsql_driver.c,v 1.62 2006/10/06 22:34:29 iliaa Exp $ */ +/* $Id: pgsql_driver.c,v 1.63 2006/11/29 15:47:41 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -267,7 +267,7 @@ (*quoted)[0] = '\''; (*quoted)[*quotedlen-1] = '\''; (*quoted)[*quotedlen] = '\0'; - free(escaped); + PQfreemem(escaped); break; default: *quoted = safe_emalloc(2, unquotedlen, 3); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src /ext/pdo_pgsql pgsql_driver.c pgsql_statement.c
iliaa Mon May 8 14:33:23 2006 UTC Modified files: /php-src/ext/pdo_pgsql pgsql_driver.c pgsql_statement.c Log: MFB: Fixed memory leaks when working with cursors in PDO PostgreSQL driver. http://cvs.php.net/viewcvs.cgi/php-src/ext/pdo_pgsql/pgsql_driver.c?r1=1.58r2=1.59diff_format=u Index: php-src/ext/pdo_pgsql/pgsql_driver.c diff -u php-src/ext/pdo_pgsql/pgsql_driver.c:1.58 php-src/ext/pdo_pgsql/pgsql_driver.c:1.59 --- php-src/ext/pdo_pgsql/pgsql_driver.c:1.58 Tue Mar 14 11:14:05 2006 +++ php-src/ext/pdo_pgsql/pgsql_driver.cMon May 8 14:33:23 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: pgsql_driver.c,v 1.58 2006/03/14 11:14:05 edink Exp $ */ +/* $Id: pgsql_driver.c,v 1.59 2006/05/08 14:33:23 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -155,6 +155,9 @@ PDO_CURSOR_FWDONLY TSRMLS_CC) == PDO_CURSOR_SCROLL; if (scrollable) { + if (S-cursor_name) { + efree(S-cursor_name); + } /* TODO: check how scrollable cursors related to prepared statements */ spprintf(S-cursor_name, 0, pdo_pgsql_cursor_%08x, (unsigned int) stmt); } http://cvs.php.net/viewcvs.cgi/php-src/ext/pdo_pgsql/pgsql_statement.c?r1=1.36r2=1.37diff_format=u Index: php-src/ext/pdo_pgsql/pgsql_statement.c diff -u php-src/ext/pdo_pgsql/pgsql_statement.c:1.36 php-src/ext/pdo_pgsql/pgsql_statement.c:1.37 --- php-src/ext/pdo_pgsql/pgsql_statement.c:1.36Fri Mar 17 22:17:15 2006 +++ php-src/ext/pdo_pgsql/pgsql_statement.c Mon May 8 14:33:23 2006 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: pgsql_statement.c,v 1.36 2006/03/17 22:17:15 tony2001 Exp $ */ +/* $Id: pgsql_statement.c,v 1.37 2006/05/08 14:33:23 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -241,6 +241,7 @@ spprintf(q, 0, FETCH %s %ld FROM %s, ori_str, offset, S-cursor_name); S-result = PQexec(S-H-server, q); + efree(q); status = PQresultStatus(S-result); if (status != PGRES_COMMAND_OK status != PGRES_TUPLES_OK) { -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src /ext/pdo_pgsql pgsql_driver.c
edink Tue Mar 14 11:14:05 2006 UTC Modified files: /php-src/ext/pdo_pgsql pgsql_driver.c Log: MFB: Fixed build http://cvs.php.net/viewcvs.cgi/php-src/ext/pdo_pgsql/pgsql_driver.c?r1=1.57r2=1.58diff_format=u Index: php-src/ext/pdo_pgsql/pgsql_driver.c diff -u php-src/ext/pdo_pgsql/pgsql_driver.c:1.57 php-src/ext/pdo_pgsql/pgsql_driver.c:1.58 --- php-src/ext/pdo_pgsql/pgsql_driver.c:1.57 Sun Jan 29 17:36:12 2006 +++ php-src/ext/pdo_pgsql/pgsql_driver.cTue Mar 14 11:14:05 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: pgsql_driver.c,v 1.57 2006/01/29 17:36:12 iliaa Exp $ */ +/* $Id: pgsql_driver.c,v 1.58 2006/03/14 11:14:05 edink Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -223,13 +223,14 @@ pdo_pgsql_db_handle *H = (pdo_pgsql_db_handle *)dbh-driver_data; PGresult *res; long ret = 1; + ExecStatusType qs; if (!(res = PQexec(H-server, sql))) { /* fatal error */ pdo_pgsql_error(dbh, PGRES_FATAL_ERROR, NULL); return -1; } - ExecStatusType qs = PQresultStatus(res); + qs = PQresultStatus(res); if (qs != PGRES_COMMAND_OK qs != PGRES_TUPLES_OK) { pdo_pgsql_error(dbh, qs, pdo_pgsql_sqlstate(res)); PQclear(res); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src /ext/pdo_pgsql pgsql_driver.c
iliaa Sun Jan 29 17:36:12 2006 UTC Modified files: /php-src/ext/pdo_pgsql pgsql_driver.c Log: MFB51: Fixed bug #36176 (PDO_PGSQL - PDO::exec() does not return number of rows affected by the operation). http://cvs.php.net/viewcvs.cgi/php-src/ext/pdo_pgsql/pgsql_driver.c?r1=1.56r2=1.57diff_format=u Index: php-src/ext/pdo_pgsql/pgsql_driver.c diff -u php-src/ext/pdo_pgsql/pgsql_driver.c:1.56 php-src/ext/pdo_pgsql/pgsql_driver.c:1.57 --- php-src/ext/pdo_pgsql/pgsql_driver.c:1.56 Sun Jan 1 13:09:53 2006 +++ php-src/ext/pdo_pgsql/pgsql_driver.cSun Jan 29 17:36:12 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: pgsql_driver.c,v 1.56 2006/01/01 13:09:53 sniper Exp $ */ +/* $Id: pgsql_driver.c,v 1.57 2006/01/29 17:36:12 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -222,23 +222,26 @@ { pdo_pgsql_db_handle *H = (pdo_pgsql_db_handle *)dbh-driver_data; PGresult *res; + long ret = 1; if (!(res = PQexec(H-server, sql))) { /* fatal error */ pdo_pgsql_error(dbh, PGRES_FATAL_ERROR, NULL); return -1; - } else { - ExecStatusType qs = PQresultStatus(res); - if (qs != PGRES_COMMAND_OK qs != PGRES_TUPLES_OK) { - pdo_pgsql_error(dbh, qs, pdo_pgsql_sqlstate(res)); - PQclear(res); - return -1; - } - H-pgoid = PQoidValue(res); + } + ExecStatusType qs = PQresultStatus(res); + if (qs != PGRES_COMMAND_OK qs != PGRES_TUPLES_OK) { + pdo_pgsql_error(dbh, qs, pdo_pgsql_sqlstate(res)); PQclear(res); + return -1; } + H-pgoid = PQoidValue(res); +#if HAVE_PQCMDTUPLES + ret = atol(PQcmdTuples(res)); +#endif + PQclear(res); - return 1; + return ret; } static int pgsql_handle_quoter(pdo_dbh_t *dbh, const char *unquoted, int unquotedlen, char **quoted, int *quotedlen, enum pdo_param_type paramtype TSRMLS_DC) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src /ext/pdo_pgsql pgsql_driver.c pgsql_statement.c
iliaa Sat Jul 9 00:54:07 2005 EDT Modified files: /php-src/ext/pdo_pgsql pgsql_driver.c pgsql_statement.c Log: Added cursor closer handler. Fixed memory leak. http://cvs.php.net/diff.php/php-src/ext/pdo_pgsql/pgsql_driver.c?r1=1.50r2=1.51ty=u Index: php-src/ext/pdo_pgsql/pgsql_driver.c diff -u php-src/ext/pdo_pgsql/pgsql_driver.c:1.50 php-src/ext/pdo_pgsql/pgsql_driver.c:1.51 --- php-src/ext/pdo_pgsql/pgsql_driver.c:1.50 Fri Jul 8 11:27:34 2005 +++ php-src/ext/pdo_pgsql/pgsql_driver.cSat Jul 9 00:54:04 2005 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: pgsql_driver.c,v 1.50 2005/07/08 15:27:34 wez Exp $ */ +/* $Id: pgsql_driver.c,v 1.51 2005/07/09 04:54:04 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -184,6 +184,7 @@ case PGRES_COMMAND_OK: case PGRES_TUPLES_OK: /* it worked */ + PQclear(res); return 1; case PGRES_BAD_RESPONSE: @@ -191,6 +192,7 @@ * PDO emulate it */ efree(S-stmt_name); S-stmt_name = NULL; + PQclear(res); break; default: http://cvs.php.net/diff.php/php-src/ext/pdo_pgsql/pgsql_statement.c?r1=1.29r2=1.30ty=u Index: php-src/ext/pdo_pgsql/pgsql_statement.c diff -u php-src/ext/pdo_pgsql/pgsql_statement.c:1.29 php-src/ext/pdo_pgsql/pgsql_statement.c:1.30 --- php-src/ext/pdo_pgsql/pgsql_statement.c:1.29Fri Jul 8 16:45:19 2005 +++ php-src/ext/pdo_pgsql/pgsql_statement.c Sat Jul 9 00:54:04 2005 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: pgsql_statement.c,v 1.29 2005/07/08 20:45:19 wez Exp $ */ +/* $Id: pgsql_statement.c,v 1.30 2005/07/09 04:54:04 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -498,6 +498,11 @@ return 1; } +static int pdo_pgsql_stmt_cursor_closer(pdo_stmt_t *stmt TSRMLS_DC) +{ + return 1; +} + struct pdo_stmt_methods pgsql_stmt_methods = { pgsql_stmt_dtor, pgsql_stmt_execute, @@ -508,7 +513,8 @@ NULL, /* set_attr */ NULL, /* get_attr */ pgsql_stmt_get_column_meta, - NULL /* next_rowset */ + NULL, /* next_rowset */ + pdo_pgsql_stmt_cursor_closer }; /* -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] cvs: php-src /ext/pdo_pgsql pgsql_driver.c
Hi Ilia, Would you please revert this change? Saving one malloc/free in a function that has to query DB server anyway is not going to give you much performance improvement, while other methods are not portable across different PostgreSQL versions. Edin On Thursday 07 July 2005 02:52, Ilia Alshanetsky wrote: iliaa Wed Jul 6 20:52:20 2005 EDT Modified files: /php-src/ext/pdo_pgsql pgsql_driver.c Log: Faster sequence id retrieval. http://cvs.php.net/diff.php/php-src/ext/pdo_pgsql/pgsql_driver.c?r1=1.46r2 =1.47ty=u Index: php-src/ext/pdo_pgsql/pgsql_driver.c diff -u php-src/ext/pdo_pgsql/pgsql_driver.c:1.46 php-src/ext/pdo_pgsql/pgsql_driver.c:1.47 --- php-src/ext/pdo_pgsql/pgsql_driver.c:1.46 Fri Jul 1 18:43:16 2005 +++ php-src/ext/pdo_pgsql/pgsql_driver.c Wed Jul 6 20:52:19 2005 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: pgsql_driver.c,v 1.46 2005/07/01 22:43:16 edink Exp $ */ +/* $Id: pgsql_driver.c,v 1.47 2005/07/07 00:52:19 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -210,15 +210,16 @@ *len = spprintf(id, 0, %ld, (long) H-pgoid); } else { PGresult *res; - char *name_escaped, *q; - size_t l = strlen(name); + char *q; ExecStatusType status; - name_escaped = safe_emalloc(l, 2, 1); - PQescapeString(name_escaped, name, l); - spprintf(q, 0, SELECT CURRVAL('%s'), name_escaped); + /* SQL injection protection */ + if (strchr(name, '\'')) { + return NULL; + } + + spprintf(q, sizeof(SELECT CURRVAL('')) + strlen(name), SELECT CURRVAL('%s'), name); res = PQexec(H-server, q); - efree(name_escaped); efree(q); status = PQresultStatus(res); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] cvs: php-src /ext/pdo_pgsql pgsql_driver.c
Edink, It is malloc + PQescapeString + free, which in most cases are completely unnecessary. While as Christopher demonstrates sequence name could contain special chars, I'd wager that is a VERY uncommon situation. Ilia Edin Kadribasic wrote: Hi Ilia, Would you please revert this change? Saving one malloc/free in a function that has to query DB server anyway is not going to give you much performance improvement, while other methods are not portable across different PostgreSQL versions. Edin On Thursday 07 July 2005 02:52, Ilia Alshanetsky wrote: iliaa Wed Jul 6 20:52:20 2005 EDT Modified files: /php-src/ext/pdo_pgsql pgsql_driver.c Log: Faster sequence id retrieval. http://cvs.php.net/diff.php/php-src/ext/pdo_pgsql/pgsql_driver.c?r1=1.46r2 =1.47ty=u Index: php-src/ext/pdo_pgsql/pgsql_driver.c diff -u php-src/ext/pdo_pgsql/pgsql_driver.c:1.46 php-src/ext/pdo_pgsql/pgsql_driver.c:1.47 --- php-src/ext/pdo_pgsql/pgsql_driver.c:1.46 Fri Jul 1 18:43:16 2005 +++ php-src/ext/pdo_pgsql/pgsql_driver.c Wed Jul 6 20:52:19 2005 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: pgsql_driver.c,v 1.46 2005/07/01 22:43:16 edink Exp $ */ +/* $Id: pgsql_driver.c,v 1.47 2005/07/07 00:52:19 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -210,15 +210,16 @@ *len = spprintf(id, 0, %ld, (long) H-pgoid); } else { PGresult *res; - char *name_escaped, *q; - size_t l = strlen(name); + char *q; ExecStatusType status; - name_escaped = safe_emalloc(l, 2, 1); - PQescapeString(name_escaped, name, l); - spprintf(q, 0, SELECT CURRVAL('%s'), name_escaped); + /* SQL injection protection */ + if (strchr(name, '\'')) { + return NULL; + } + + spprintf(q, sizeof(SELECT CURRVAL('')) + strlen(name), SELECT CURRVAL('%s'), name); res = PQexec(H-server, q); - efree(name_escaped); efree(q); status = PQresultStatus(res); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] cvs: php-src /ext/pdo_pgsql pgsql_driver.c
How about using a stack variable for this temporary allocation? On 7/7/05, Ilia Alshanetsky [EMAIL PROTECTED] wrote: Edink, It is malloc + PQescapeString + free, which in most cases are completely unnecessary. While as Christopher demonstrates sequence name could contain special chars, I'd wager that is a VERY uncommon situation. Ilia Edin Kadribasic wrote: Hi Ilia, Would you please revert this change? Saving one malloc/free in a function that has to query DB server anyway is not going to give you much performance improvement, while other methods are not portable across different PostgreSQL versions. Edin On Thursday 07 July 2005 02:52, Ilia Alshanetsky wrote: iliaa Wed Jul 6 20:52:20 2005 EDT Modified files: /php-src/ext/pdo_pgsql pgsql_driver.c Log: Faster sequence id retrieval. http://cvs.php.net/diff.php/php-src/ext/pdo_pgsql/pgsql_driver.c?r1=1.46r2 =1.47ty=u Index: php-src/ext/pdo_pgsql/pgsql_driver.c diff -u php-src/ext/pdo_pgsql/pgsql_driver.c:1.46 php-src/ext/pdo_pgsql/pgsql_driver.c:1.47 --- php-src/ext/pdo_pgsql/pgsql_driver.c:1.46 Fri Jul 1 18:43:16 2005 +++ php-src/ext/pdo_pgsql/pgsql_driver.c Wed Jul 6 20:52:19 2005 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: pgsql_driver.c,v 1.46 2005/07/01 22:43:16 edink Exp $ */ +/* $Id: pgsql_driver.c,v 1.47 2005/07/07 00:52:19 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -210,15 +210,16 @@ *len = spprintf(id, 0, %ld, (long) H-pgoid); } else { PGresult *res; - char *name_escaped, *q; - size_t l = strlen(name); + char *q; ExecStatusType status; - name_escaped = safe_emalloc(l, 2, 1); - PQescapeString(name_escaped, name, l); - spprintf(q, 0, SELECT CURRVAL('%s'), name_escaped); + /* SQL injection protection */ + if (strchr(name, '\'')) { + return NULL; + } + + spprintf(q, sizeof(SELECT CURRVAL('')) + strlen(name), SELECT CURRVAL('%s'), name); res = PQexec(H-server, q); - efree(name_escaped); efree(q); status = PQresultStatus(res); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] cvs: php-src /ext/pdo_pgsql pgsql_driver.c
Oh, that's a different story then... At 01:54 PM 7/7/2005 +0800, Christopher Kings-Lynne wrote: It does impose a v7.4 and above libpq requirement, however. Chris Andi Gutmans wrote: Yeah, definitely seems like PQexecParams is the safest and easiest way of doing so. In general, I'm always in favor of using bound parameters exactly for this reason. Andi At 10:44 AM 7/7/2005 +0800, Christopher Kings-Lynne wrote: By the way, using PQexecParams is by far the easiest fastest and safest way of doing this... Chris Ilia Alshanetsky wrote: iliaa Wed Jul 6 22:17:21 2005 EDT Modified files: /php-src/ext/pdo_pgsql pgsql_driver.c Log: Leave it up to the user to decide if to escape the sequence name or not. http://cvs.php.net/diff.php/php-src/ext/pdo_pgsql/pgsql_driver.c?r1=1.47r2=1.48ty=u Index: php-src/ext/pdo_pgsql/pgsql_driver.c diff -u php-src/ext/pdo_pgsql/pgsql_driver.c:1.47 php-src/ext/pdo_pgsql/pgsql_driver.c:1.48 --- php-src/ext/pdo_pgsql/pgsql_driver.c:1.47 Wed Jul 6 20:52:19 2005 +++ php-src/ext/pdo_pgsql/pgsql_driver.cWed Jul 6 22:17:20 2005 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: pgsql_driver.c,v 1.47 2005/07/07 00:52:19 iliaa Exp $ */ +/* $Id: pgsql_driver.c,v 1.48 2005/07/07 02:17:20 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -213,11 +213,6 @@ char *q; ExecStatusType status; - /* SQL injection protection */ - if (strchr(name, '\'')) { - return NULL; - } - spprintf(q, sizeof(SELECT CURRVAL('')) + strlen(name), SELECT CURRVAL('%s'), name); res = PQexec(H-server, q); efree(q); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] cvs: php-src /ext/pdo_pgsql pgsql_driver.c
It is malloc + PQescapeString + free, which in most cases are completely unnecessary. While as Christopher demonstrates sequence name could contain special chars, I'd wager that is a VERY uncommon situation. Uncommon is totally irrelevant. Stable, robust code is what is. What is this - the Cross your fingers and hope it works programming language?? Chris -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src /ext/pdo_pgsql pgsql_driver.c
iliaa Wed Jul 6 20:52:20 2005 EDT Modified files: /php-src/ext/pdo_pgsql pgsql_driver.c Log: Faster sequence id retrieval. http://cvs.php.net/diff.php/php-src/ext/pdo_pgsql/pgsql_driver.c?r1=1.46r2=1.47ty=u Index: php-src/ext/pdo_pgsql/pgsql_driver.c diff -u php-src/ext/pdo_pgsql/pgsql_driver.c:1.46 php-src/ext/pdo_pgsql/pgsql_driver.c:1.47 --- php-src/ext/pdo_pgsql/pgsql_driver.c:1.46 Fri Jul 1 18:43:16 2005 +++ php-src/ext/pdo_pgsql/pgsql_driver.cWed Jul 6 20:52:19 2005 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: pgsql_driver.c,v 1.46 2005/07/01 22:43:16 edink Exp $ */ +/* $Id: pgsql_driver.c,v 1.47 2005/07/07 00:52:19 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -210,15 +210,16 @@ *len = spprintf(id, 0, %ld, (long) H-pgoid); } else { PGresult *res; - char *name_escaped, *q; - size_t l = strlen(name); + char *q; ExecStatusType status; - name_escaped = safe_emalloc(l, 2, 1); - PQescapeString(name_escaped, name, l); - spprintf(q, 0, SELECT CURRVAL('%s'), name_escaped); + /* SQL injection protection */ + if (strchr(name, '\'')) { + return NULL; + } + + spprintf(q, sizeof(SELECT CURRVAL('')) + strlen(name), SELECT CURRVAL('%s'), name); res = PQexec(H-server, q); - efree(name_escaped); efree(q); status = PQresultStatus(res); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] cvs: php-src /ext/pdo_pgsql pgsql_driver.c
Christopher Kings-Lynne wrote: I don't get this at all? How come you reject sequences that contain apostrophes? Have you ever tried creating a sequence with an apostrophes in its name in PostgreSQL? Ilia -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src /ext/pdo_pgsql pgsql_driver.c
iliaa Wed Jul 6 22:17:21 2005 EDT Modified files: /php-src/ext/pdo_pgsql pgsql_driver.c Log: Leave it up to the user to decide if to escape the sequence name or not. http://cvs.php.net/diff.php/php-src/ext/pdo_pgsql/pgsql_driver.c?r1=1.47r2=1.48ty=u Index: php-src/ext/pdo_pgsql/pgsql_driver.c diff -u php-src/ext/pdo_pgsql/pgsql_driver.c:1.47 php-src/ext/pdo_pgsql/pgsql_driver.c:1.48 --- php-src/ext/pdo_pgsql/pgsql_driver.c:1.47 Wed Jul 6 20:52:19 2005 +++ php-src/ext/pdo_pgsql/pgsql_driver.cWed Jul 6 22:17:20 2005 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: pgsql_driver.c,v 1.47 2005/07/07 00:52:19 iliaa Exp $ */ +/* $Id: pgsql_driver.c,v 1.48 2005/07/07 02:17:20 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -213,11 +213,6 @@ char *q; ExecStatusType status; - /* SQL injection protection */ - if (strchr(name, '\'')) { - return NULL; - } - spprintf(q, sizeof(SELECT CURRVAL('')) + strlen(name), SELECT CURRVAL('%s'), name); res = PQexec(H-server, q); efree(q); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] cvs: php-src /ext/pdo_pgsql pgsql_driver.c
Thanks for the suggestion, I'll look into it tomorrow morning. Ilia Christopher Kings-Lynne wrote: By the way, using PQexecParams is by far the easiest fastest and safest way of doing this... Chris Ilia Alshanetsky wrote: iliaaWed Jul 6 22:17:21 2005 EDT Modified files: /php-src/ext/pdo_pgsql pgsql_driver.c Log: Leave it up to the user to decide if to escape the sequence name or not. http://cvs.php.net/diff.php/php-src/ext/pdo_pgsql/pgsql_driver.c?r1=1.47r2=1.48ty=u Index: php-src/ext/pdo_pgsql/pgsql_driver.c diff -u php-src/ext/pdo_pgsql/pgsql_driver.c:1.47 php-src/ext/pdo_pgsql/pgsql_driver.c:1.48 --- php-src/ext/pdo_pgsql/pgsql_driver.c:1.47Wed Jul 6 20:52:19 2005 +++ php-src/ext/pdo_pgsql/pgsql_driver.cWed Jul 6 22:17:20 2005 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: pgsql_driver.c,v 1.47 2005/07/07 00:52:19 iliaa Exp $ */ +/* $Id: pgsql_driver.c,v 1.48 2005/07/07 02:17:20 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -213,11 +213,6 @@ char *q; ExecStatusType status; -/* SQL injection protection */ -if (strchr(name, '\'')) { -return NULL; -} - spprintf(q, sizeof(SELECT CURRVAL('')) + strlen(name), SELECT CURRVAL('%s'), name); res = PQexec(H-server, q); efree(q); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] cvs: php-src /ext/pdo_pgsql pgsql_driver.c
Leave it up to the user to decide if to escape the sequence name or not. What was wrong with the original coding? Can't you juse leave teh PQescapeString in there? Chris http://cvs.php.net/diff.php/php-src/ext/pdo_pgsql/pgsql_driver.c?r1=1.47r2=1.48ty=u Index: php-src/ext/pdo_pgsql/pgsql_driver.c diff -u php-src/ext/pdo_pgsql/pgsql_driver.c:1.47 php-src/ext/pdo_pgsql/pgsql_driver.c:1.48 --- php-src/ext/pdo_pgsql/pgsql_driver.c:1.47 Wed Jul 6 20:52:19 2005 +++ php-src/ext/pdo_pgsql/pgsql_driver.cWed Jul 6 22:17:20 2005 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: pgsql_driver.c,v 1.47 2005/07/07 00:52:19 iliaa Exp $ */ +/* $Id: pgsql_driver.c,v 1.48 2005/07/07 02:17:20 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -213,11 +213,6 @@ char *q; ExecStatusType status; - /* SQL injection protection */ - if (strchr(name, '\'')) { - return NULL; - } - spprintf(q, sizeof(SELECT CURRVAL('')) + strlen(name), SELECT CURRVAL('%s'), name); res = PQexec(H-server, q); efree(q); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] cvs: php-src /ext/pdo_pgsql pgsql_driver.c
By the way, using PQexecParams is by far the easiest fastest and safest way of doing this... Chris Ilia Alshanetsky wrote: iliaa Wed Jul 6 22:17:21 2005 EDT Modified files: /php-src/ext/pdo_pgsql pgsql_driver.c Log: Leave it up to the user to decide if to escape the sequence name or not. http://cvs.php.net/diff.php/php-src/ext/pdo_pgsql/pgsql_driver.c?r1=1.47r2=1.48ty=u Index: php-src/ext/pdo_pgsql/pgsql_driver.c diff -u php-src/ext/pdo_pgsql/pgsql_driver.c:1.47 php-src/ext/pdo_pgsql/pgsql_driver.c:1.48 --- php-src/ext/pdo_pgsql/pgsql_driver.c:1.47 Wed Jul 6 20:52:19 2005 +++ php-src/ext/pdo_pgsql/pgsql_driver.cWed Jul 6 22:17:20 2005 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: pgsql_driver.c,v 1.47 2005/07/07 00:52:19 iliaa Exp $ */ +/* $Id: pgsql_driver.c,v 1.48 2005/07/07 02:17:20 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -213,11 +213,6 @@ char *q; ExecStatusType status; - /* SQL injection protection */ - if (strchr(name, '\'')) { - return NULL; - } - spprintf(q, sizeof(SELECT CURRVAL('')) + strlen(name), SELECT CURRVAL('%s'), name); res = PQexec(H-server, q); efree(q); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] cvs: php-src /ext/pdo_pgsql pgsql_driver.c
I don't get this at all? How come you reject sequences that contain apostrophes? Chris Ilia Alshanetsky wrote: iliaa Wed Jul 6 20:52:20 2005 EDT Modified files: /php-src/ext/pdo_pgsql pgsql_driver.c Log: Faster sequence id retrieval. http://cvs.php.net/diff.php/php-src/ext/pdo_pgsql/pgsql_driver.c?r1=1.46r2=1.47ty=u Index: php-src/ext/pdo_pgsql/pgsql_driver.c diff -u php-src/ext/pdo_pgsql/pgsql_driver.c:1.46 php-src/ext/pdo_pgsql/pgsql_driver.c:1.47 --- php-src/ext/pdo_pgsql/pgsql_driver.c:1.46 Fri Jul 1 18:43:16 2005 +++ php-src/ext/pdo_pgsql/pgsql_driver.cWed Jul 6 20:52:19 2005 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: pgsql_driver.c,v 1.46 2005/07/01 22:43:16 edink Exp $ */ +/* $Id: pgsql_driver.c,v 1.47 2005/07/07 00:52:19 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -210,15 +210,16 @@ *len = spprintf(id, 0, %ld, (long) H-pgoid); } else { PGresult *res; - char *name_escaped, *q; - size_t l = strlen(name); + char *q; ExecStatusType status; - name_escaped = safe_emalloc(l, 2, 1); - PQescapeString(name_escaped, name, l); - spprintf(q, 0, SELECT CURRVAL('%s'), name_escaped); + /* SQL injection protection */ + if (strchr(name, '\'')) { + return NULL; + } + + spprintf(q, sizeof(SELECT CURRVAL('')) + strlen(name), SELECT CURRVAL('%s'), name); res = PQexec(H-server, q); - efree(name_escaped); efree(q); status = PQresultStatus(res); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] cvs: php-src /ext/pdo_pgsql pgsql_driver.c
Have you ever tried creating a sequence with an apostrophes in its name in PostgreSQL? Easily, and don't forget about schema qualification either: test=# create sequence isn't this grand?; CREATE SEQUENCE test=# \ds List of relations Schema |Name | Type | Owner +-+--+- public | isn't this grand? | sequence | chriskl (1 row) test=# select nextval('isn''t this grand?'); nextval - 1 (1 row) test=# select currval('isn''t this grand?'); currval - 1 (1 row) test=# select currval('public.isn''t this grand?'); currval - 1 (1 row) Chris -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] cvs: php-src /ext/pdo_pgsql pgsql_driver.c
Yeah, definitely seems like PQexecParams is the safest and easiest way of doing so. In general, I'm always in favor of using bound parameters exactly for this reason. Andi At 10:44 AM 7/7/2005 +0800, Christopher Kings-Lynne wrote: By the way, using PQexecParams is by far the easiest fastest and safest way of doing this... Chris Ilia Alshanetsky wrote: iliaa Wed Jul 6 22:17:21 2005 EDT Modified files: /php-src/ext/pdo_pgsql pgsql_driver.c Log: Leave it up to the user to decide if to escape the sequence name or not. http://cvs.php.net/diff.php/php-src/ext/pdo_pgsql/pgsql_driver.c?r1=1.47r2=1.48ty=u Index: php-src/ext/pdo_pgsql/pgsql_driver.c diff -u php-src/ext/pdo_pgsql/pgsql_driver.c:1.47 php-src/ext/pdo_pgsql/pgsql_driver.c:1.48 --- php-src/ext/pdo_pgsql/pgsql_driver.c:1.47 Wed Jul 6 20:52:19 2005 +++ php-src/ext/pdo_pgsql/pgsql_driver.cWed Jul 6 22:17:20 2005 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: pgsql_driver.c,v 1.47 2005/07/07 00:52:19 iliaa Exp $ */ +/* $Id: pgsql_driver.c,v 1.48 2005/07/07 02:17:20 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -213,11 +213,6 @@ char *q; ExecStatusType status; - /* SQL injection protection */ - if (strchr(name, '\'')) { - return NULL; - } - spprintf(q, sizeof(SELECT CURRVAL('')) + strlen(name), SELECT CURRVAL('%s'), name); res = PQexec(H-server, q); efree(q); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] cvs: php-src /ext/pdo_pgsql pgsql_driver.c
It does impose a v7.4 and above libpq requirement, however. Chris Andi Gutmans wrote: Yeah, definitely seems like PQexecParams is the safest and easiest way of doing so. In general, I'm always in favor of using bound parameters exactly for this reason. Andi At 10:44 AM 7/7/2005 +0800, Christopher Kings-Lynne wrote: By the way, using PQexecParams is by far the easiest fastest and safest way of doing this... Chris Ilia Alshanetsky wrote: iliaa Wed Jul 6 22:17:21 2005 EDT Modified files: /php-src/ext/pdo_pgsql pgsql_driver.c Log: Leave it up to the user to decide if to escape the sequence name or not. http://cvs.php.net/diff.php/php-src/ext/pdo_pgsql/pgsql_driver.c?r1=1.47r2=1.48ty=u Index: php-src/ext/pdo_pgsql/pgsql_driver.c diff -u php-src/ext/pdo_pgsql/pgsql_driver.c:1.47 php-src/ext/pdo_pgsql/pgsql_driver.c:1.48 --- php-src/ext/pdo_pgsql/pgsql_driver.c:1.47 Wed Jul 6 20:52:19 2005 +++ php-src/ext/pdo_pgsql/pgsql_driver.cWed Jul 6 22:17:20 2005 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: pgsql_driver.c,v 1.47 2005/07/07 00:52:19 iliaa Exp $ */ +/* $Id: pgsql_driver.c,v 1.48 2005/07/07 02:17:20 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -213,11 +213,6 @@ char *q; ExecStatusType status; - /* SQL injection protection */ - if (strchr(name, '\'')) { - return NULL; - } - spprintf(q, sizeof(SELECT CURRVAL('')) + strlen(name), SELECT CURRVAL('%s'), name); res = PQexec(H-server, q); efree(q); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src /ext/pdo_pgsql pgsql_driver.c
edink Fri Jul 1 17:54:52 2005 EDT Modified files: /php-src/ext/pdo_pgsql pgsql_driver.c Log: Added support for fetching current value of a sequence when the optional sequence name has been passed to PDO::lastInsertId() http://cvs.php.net/diff.php/php-src/ext/pdo_pgsql/pgsql_driver.c?r1=1.43r2=1.44ty=u Index: php-src/ext/pdo_pgsql/pgsql_driver.c diff -u php-src/ext/pdo_pgsql/pgsql_driver.c:1.43 php-src/ext/pdo_pgsql/pgsql_driver.c:1.44 --- php-src/ext/pdo_pgsql/pgsql_driver.c:1.43 Wed Jun 29 20:07:42 2005 +++ php-src/ext/pdo_pgsql/pgsql_driver.cFri Jul 1 17:54:50 2005 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: pgsql_driver.c,v 1.43 2005/06/30 00:07:42 iliaa Exp $ */ +/* $Id: pgsql_driver.c,v 1.44 2005/07/01 21:54:50 edink Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -207,14 +207,43 @@ { pdo_pgsql_db_handle *H = (pdo_pgsql_db_handle *)dbh-driver_data; char *id = NULL; - + if (H-pgoid == InvalidOid) { return NULL; } - /* TODO: if name != NULL, pull out last value for that sequence/column */ + if (name == NULL) { + *len = spprintf(id, 0, %ld, (long) H-pgoid); + } else { + PGresult *res; + char *name_escaped, *q; + size_t l = strlen(name); + ExecStatusType status; + + name_escaped = safe_emalloc(l, 2, 1); + PQescapeString(name_escaped, name, l); + spprintf(q, 0, SELECT CURRVAL('%s'), name_escaped); + res = PQexec(H-server, q); + efree(name_escaped); + efree(q); + status = PQresultStatus(res); + + if (res (status == PGRES_TUPLES_OK)) { + id = estrdup((char *)PQgetvalue(res, 0, 0)); + *len = PQgetlength(res, 0, 0); + } else { +#if HAVE_PQRESULTERRORFIELD + char * sqlstate = PQresultErrorField(res, PG_DIAG_SQLSTATE); + pdo_pgsql_error(dbh, status, (const char *)sqlstate); +#else + pdo_pgsql_error(dbh, status, NULL); +#endif + } - *len = spprintf(id, 0, %ld, (long) H-pgoid); + if (res) { + PQclear(res); + } + } return id; } -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src /ext/pdo_pgsql pgsql_driver.c pgsql_statement.c php_pdo_pgsql_int.h
edink Fri Jul 1 18:30:55 2005 EDT Modified files: /php-src/ext/pdo_pgsql pgsql_driver.c pgsql_statement.c php_pdo_pgsql_int.h Log: Fold PQresultErrorField() into a macro http://cvs.php.net/diff.php/php-src/ext/pdo_pgsql/pgsql_driver.c?r1=1.44r2=1.45ty=u Index: php-src/ext/pdo_pgsql/pgsql_driver.c diff -u php-src/ext/pdo_pgsql/pgsql_driver.c:1.44 php-src/ext/pdo_pgsql/pgsql_driver.c:1.45 --- php-src/ext/pdo_pgsql/pgsql_driver.c:1.44 Fri Jul 1 17:54:50 2005 +++ php-src/ext/pdo_pgsql/pgsql_driver.cFri Jul 1 18:30:55 2005 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: pgsql_driver.c,v 1.44 2005/07/01 21:54:50 edink Exp $ */ +/* $Id: pgsql_driver.c,v 1.45 2005/07/01 22:30:55 edink Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -160,12 +160,7 @@ } else { ExecStatusType qs = PQresultStatus(res); if (qs != PGRES_COMMAND_OK qs != PGRES_TUPLES_OK) { -#if HAVE_PQRESULTERRORFIELD - char * sqlstate = PQresultErrorField(res, PG_DIAG_SQLSTATE); - pdo_pgsql_error(dbh, qs, (const char *)sqlstate); -#else - pdo_pgsql_error(dbh, qs, NULL); -#endif + pdo_pgsql_error(dbh, qs, pdo_pgsql_sqlstate(res)); PQclear(res); return -1; } @@ -232,12 +227,7 @@ id = estrdup((char *)PQgetvalue(res, 0, 0)); *len = PQgetlength(res, 0, 0); } else { -#if HAVE_PQRESULTERRORFIELD - char * sqlstate = PQresultErrorField(res, PG_DIAG_SQLSTATE); - pdo_pgsql_error(dbh, status, (const char *)sqlstate); -#else - pdo_pgsql_error(dbh, status, NULL); -#endif + pdo_pgsql_error(dbh, status, pdo_pgsql_sqlstate(res)); } if (res) { http://cvs.php.net/diff.php/php-src/ext/pdo_pgsql/pgsql_statement.c?r1=1.22r2=1.23ty=u Index: php-src/ext/pdo_pgsql/pgsql_statement.c diff -u php-src/ext/pdo_pgsql/pgsql_statement.c:1.22 php-src/ext/pdo_pgsql/pgsql_statement.c:1.23 --- php-src/ext/pdo_pgsql/pgsql_statement.c:1.22Wed May 18 18:40:56 2005 +++ php-src/ext/pdo_pgsql/pgsql_statement.c Fri Jul 1 18:30:55 2005 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: pgsql_statement.c,v 1.22 2005/05/18 22:40:56 iliaa Exp $ */ +/* $Id: pgsql_statement.c,v 1.23 2005/07/01 22:30:55 edink Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -97,13 +97,7 @@ status = PQresultStatus(S-result); if (status != PGRES_COMMAND_OK status != PGRES_TUPLES_OK) { -#if HAVE_PQRESULTERRORFIELD - char * sqlstate = PQresultErrorField(S-result, PG_DIAG_SQLSTATE); - pdo_pgsql_error_stmt(stmt, status, (const char *)sqlstate); -#else - pdo_pgsql_error_stmt(stmt, status, NULL); -#endif - + pdo_pgsql_error_stmt(stmt, status, pdo_pgsql_sqlstate(S-result)); return 0; } @@ -151,12 +145,7 @@ status = PQresultStatus(S-result); if (status != PGRES_COMMAND_OK status != PGRES_TUPLES_OK) { -#if HAVE_PQRESULTERRORFIELD - char * sqlstate = PQresultErrorField(S-result, PG_DIAG_SQLSTATE); - pdo_pgsql_error_stmt(stmt, status, (const char *)sqlstate); -#else - pdo_pgsql_error_stmt(stmt, status, NULL); -#endif + pdo_pgsql_error_stmt(stmt, status, pdo_pgsql_sqlstate(S-result)); return 0; } http://cvs.php.net/diff.php/php-src/ext/pdo_pgsql/php_pdo_pgsql_int.h?r1=1.10r2=1.11ty=u Index: php-src/ext/pdo_pgsql/php_pdo_pgsql_int.h diff -u php-src/ext/pdo_pgsql/php_pdo_pgsql_int.h:1.10 php-src/ext/pdo_pgsql/php_pdo_pgsql_int.h:1.11 --- php-src/ext/pdo_pgsql/php_pdo_pgsql_int.h:1.10 Tue May 17 16:08:53 2005 +++ php-src/ext/pdo_pgsql/php_pdo_pgsql_int.h Fri Jul 1 18:30:55 2005 @@ -16,12 +16,13 @@ +--+ */ -/* $Id: php_pdo_pgsql_int.h,v 1.10 2005/05/17 20:08:53 iliaa Exp $ */ +/* $Id: php_pdo_pgsql_int.h,v 1.11 2005/07/01 22:30:55 edink Exp $ */ #ifndef PHP_PDO_PGSQL_INT_H #define PHP_PDO_PGSQL_INT_H #include libpq-fe.h +#include php.h #define PHP_PDO_PGSQL_CONNECTION_FAILURE_SQLSTATE 08006 @@ -71,6 +72,12 @@ extern struct pdo_stmt_methods pgsql_stmt_methods; +#ifdef HAVE_PQRESULTERRORFIELD +#define pdo_pgsql_sqlstate(r) PQresultErrorField(r, PG_DIAG_SQLSTATE) +#else +#define pdo_pgsql_sqlstate(r) (const char *)NULL +#endif + #endif /* PHP_PDO_PGSQL_INT_H */ /* -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src /ext/pdo_pgsql pgsql_driver.c
edink Fri Jul 1 18:43:17 2005 EDT Modified files: /php-src/ext/pdo_pgsql pgsql_driver.c Log: Only check for InvalidOid when not looking up a sequence http://cvs.php.net/diff.php/php-src/ext/pdo_pgsql/pgsql_driver.c?r1=1.45r2=1.46ty=u Index: php-src/ext/pdo_pgsql/pgsql_driver.c diff -u php-src/ext/pdo_pgsql/pgsql_driver.c:1.45 php-src/ext/pdo_pgsql/pgsql_driver.c:1.46 --- php-src/ext/pdo_pgsql/pgsql_driver.c:1.45 Fri Jul 1 18:30:55 2005 +++ php-src/ext/pdo_pgsql/pgsql_driver.cFri Jul 1 18:43:16 2005 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: pgsql_driver.c,v 1.45 2005/07/01 22:30:55 edink Exp $ */ +/* $Id: pgsql_driver.c,v 1.46 2005/07/01 22:43:16 edink Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -203,11 +203,10 @@ pdo_pgsql_db_handle *H = (pdo_pgsql_db_handle *)dbh-driver_data; char *id = NULL; - if (H-pgoid == InvalidOid) { - return NULL; - } - if (name == NULL) { + if (H-pgoid == InvalidOid) { + return NULL; + } *len = spprintf(id, 0, %ld, (long) H-pgoid); } else { PGresult *res; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src /ext/pdo_pgsql pgsql_driver.c
iliaa Wed Jun 29 20:07:44 2005 EDT Modified files: /php-src/ext/pdo_pgsql pgsql_driver.c Log: Silence warnings. http://cvs.php.net/diff.php/php-src/ext/pdo_pgsql/pgsql_driver.c?r1=1.42r2=1.43ty=u Index: php-src/ext/pdo_pgsql/pgsql_driver.c diff -u php-src/ext/pdo_pgsql/pgsql_driver.c:1.42 php-src/ext/pdo_pgsql/pgsql_driver.c:1.43 --- php-src/ext/pdo_pgsql/pgsql_driver.c:1.42 Tue Jun 28 10:54:44 2005 +++ php-src/ext/pdo_pgsql/pgsql_driver.cWed Jun 29 20:07:42 2005 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: pgsql_driver.c,v 1.42 2005/06/28 14:54:44 iliaa Exp $ */ +/* $Id: pgsql_driver.c,v 1.43 2005/06/30 00:07:42 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -214,7 +214,7 @@ /* TODO: if name != NULL, pull out last value for that sequence/column */ - *len = spprintf(id, 0, %ld, H-pgoid); + *len = spprintf(id, 0, %ld, (long) H-pgoid); return id; } -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src /ext/pdo_pgsql pgsql_driver.c
iliaa Tue Jun 28 10:54:45 2005 EDT Modified files: /php-src/ext/pdo_pgsql pgsql_driver.c Log: Make exec() return FALSE on error as do other drivers. http://cvs.php.net/diff.php/php-src/ext/pdo_pgsql/pgsql_driver.c?r1=1.41r2=1.42ty=u Index: php-src/ext/pdo_pgsql/pgsql_driver.c diff -u php-src/ext/pdo_pgsql/pgsql_driver.c:1.41 php-src/ext/pdo_pgsql/pgsql_driver.c:1.42 --- php-src/ext/pdo_pgsql/pgsql_driver.c:1.41 Tue Jun 28 00:03:58 2005 +++ php-src/ext/pdo_pgsql/pgsql_driver.cTue Jun 28 10:54:44 2005 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: pgsql_driver.c,v 1.41 2005/06/28 04:03:58 iliaa Exp $ */ +/* $Id: pgsql_driver.c,v 1.42 2005/06/28 14:54:44 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -156,7 +156,7 @@ if (!(res = PQexec(H-server, sql))) { /* fatal error */ pdo_pgsql_error(dbh, PGRES_FATAL_ERROR, NULL); - return 0; + return -1; } else { ExecStatusType qs = PQresultStatus(res); if (qs != PGRES_COMMAND_OK qs != PGRES_TUPLES_OK) { @@ -167,7 +167,7 @@ pdo_pgsql_error(dbh, qs, NULL); #endif PQclear(res); - return 0; + return -1; } H-pgoid = PQoidValue(res); PQclear(res); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src /ext/pdo_pgsql pgsql_driver.c
iliaa Mon Jun 27 22:09:54 2005 EDT Modified files: /php-src/ext/pdo_pgsql pgsql_driver.c Log: fixed oid retrieval. http://cvs.php.net/diff.php/php-src/ext/pdo_pgsql/pgsql_driver.c?r1=1.39r2=1.40ty=u Index: php-src/ext/pdo_pgsql/pgsql_driver.c diff -u php-src/ext/pdo_pgsql/pgsql_driver.c:1.39 php-src/ext/pdo_pgsql/pgsql_driver.c:1.40 --- php-src/ext/pdo_pgsql/pgsql_driver.c:1.39 Wed May 18 18:40:56 2005 +++ php-src/ext/pdo_pgsql/pgsql_driver.cMon Jun 27 22:09:53 2005 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: pgsql_driver.c,v 1.39 2005/05/18 22:40:56 iliaa Exp $ */ +/* $Id: pgsql_driver.c,v 1.40 2005/06/28 02:09:53 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -215,7 +215,7 @@ /* TODO: if name != NULL, pull out last value for that sequence/column */ - *len = spprintf(id, 0, %lld, H-pgoid); + *len = spprintf(id, 0, %ld, H-pgoid); return id; } -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src /ext/pdo_pgsql pgsql_driver.c
iliaa Tue Jun 28 00:04:00 2005 EDT Modified files: /php-src/ext/pdo_pgsql pgsql_driver.c Log: Fixed double-free bug. http://cvs.php.net/diff.php/php-src/ext/pdo_pgsql/pgsql_driver.c?r1=1.40r2=1.41ty=u Index: php-src/ext/pdo_pgsql/pgsql_driver.c diff -u php-src/ext/pdo_pgsql/pgsql_driver.c:1.40 php-src/ext/pdo_pgsql/pgsql_driver.c:1.41 --- php-src/ext/pdo_pgsql/pgsql_driver.c:1.40 Mon Jun 27 22:09:53 2005 +++ php-src/ext/pdo_pgsql/pgsql_driver.cTue Jun 28 00:03:58 2005 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: pgsql_driver.c,v 1.40 2005/06/28 02:09:53 iliaa Exp $ */ +/* $Id: pgsql_driver.c,v 1.41 2005/06/28 04:03:58 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -163,7 +163,6 @@ #if HAVE_PQRESULTERRORFIELD char * sqlstate = PQresultErrorField(res, PG_DIAG_SQLSTATE); pdo_pgsql_error(dbh, qs, (const char *)sqlstate); - PQfreemem(sqlstate); #else pdo_pgsql_error(dbh, qs, NULL); #endif -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php