Ignore:
Timestamp:
Jun 5, 2006 1:14:51 AM (18 years ago)
Author:
scdev
Message:

Q - added persistant database storage to Prefs.inc.php. Modified getParam failure log type to LOG_DEBUG in all classes.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/lib/Version.inc.php

    r144 r146  
    2525        'min_days' => 7, // Keep ALL versions within this many days, even if MORE than min_qty.
    2626        'db_table' => 'version_tbl',
    27         'create_table' => true, // Automatically create table and verify columns. Better set to false after site launch.
     27
     28        // Automatically create table and verify columns. Better set to false after site launch.
     29        'create_table' => true,
    2830        'db_schema_strict' => true, // If true, makes an exact comparison of saved vs. live table schemas. If false, just checks that the saved columns are available.
    2931    );
     
    9092                $app->logMsg(sprintf('Dropping and recreating table %s.', $this->getParam('db_table')), LOG_DEBUG, __FILE__, __LINE__);
    9193            }
    92             $db->query("CREATE TABLE IF NOT EXISTS " . $this->getParam('db_table') . " (
     94            $db->query("CREATE TABLE IF NOT EXISTS " . $db->escapeString($this->getParam('db_table')) . " (
    9395                version_id int NOT NULL auto_increment,
    9496                record_table varchar(255) NOT NULL default '',
     
    151153            return $this->_params[$param];
    152154        } else {
    153             $app->logMsg(sprintf('Parameter is not set: %s', $param), LOG_NOTICE, __FILE__, __LINE__);
     155            $app->logMsg(sprintf('Parameter is not set: %s', $param), LOG_DEBUG, __FILE__, __LINE__);
    154156            return null;
    155157        }
     
    184186        // Save as new version.
    185187        $db->query("
    186             INSERT INTO " . $this->getParam('db_table') . " (
     188            INSERT INTO " . $db->escapeString($this->getParam('db_table')) . " (
    187189                record_table,
    188190                record_key,
     
    224226        // Get version data.
    225227        $qid = $db->query("
    226             SELECT * FROM " . $this->getParam('db_table') . "
     228            SELECT * FROM " . $db->escapeString($this->getParam('db_table')) . "
    227229            WHERE version_id = '" . $db->escapeString($version_id) . "'
    228230        ");
     
    284286        // Get total number of versions for this record.
    285287        $qid = $db->query("
    286             SELECT COUNT(*) FROM " . $this->getParam('db_table') . "
     288            SELECT COUNT(*) FROM " . $db->escapeString($this->getParam('db_table')) . "
    287289            WHERE record_table = '" . $db->escapeString($record_table) . "'
    288290            AND record_key = '" . $db->escapeString($record_key) . "'
     
    296298                // First query for oldest records, selecting enough to bring total number down to min_qty.
    297299                $qid = $db->query("
    298                     SELECT version_id FROM " . $this->getParam('db_table') . "
     300                    SELECT version_id FROM " . $db->escapeString($this->getParam('db_table')) . "
    299301                    WHERE record_table = '" . $db->escapeString($record_table) . "'
    300302                    AND record_key = '" . $db->escapeString($record_key) . "'
     
    307309                }
    308310                $db->query("
    309                     DELETE FROM " . $this->getParam('db_table') . "
     311                    DELETE FROM " . $db->escapeString($this->getParam('db_table')) . "
    310312                    WHERE version_id IN ('" . join("','", $old_versions) . "')
    311313                ");
     
    313315                // Delete versions older than min_days, while still keeping min_qty.
    314316                $qid = $db->query("
    315                     SELECT version_id FROM " . $this->getParam('db_table') . "
     317                    SELECT version_id FROM " . $db->escapeString($this->getParam('db_table')) . "
    316318                    WHERE record_table = '" . $db->escapeString($record_table) . "'
    317319                    AND record_key = '" . $db->escapeString($record_key) . "'
     
    326328                if (sizeof($old_versions) > 0) {
    327329                    $db->query("
    328                         DELETE FROM " . $this->getParam('db_table') . "
     330                        DELETE FROM " . $db->escapeString($this->getParam('db_table')) . "
    329331                        WHERE version_id IN ('" . join("','", $old_versions) . "')
    330332                    ");
     
    352354        $qid = $db->query("
    353355            SELECT version_id, saved_by_user_id, version_datetime, version_title
    354             FROM " . $this->getParam('db_table') . "
     356            FROM " . $db->escapeString($this->getParam('db_table')) . "
    355357            WHERE record_table = '" . $db->escapeString($record_table) . "'
    356358            AND record_key = '" . $db->escapeString($record_key) . "'
     
    382384        // Get version data.
    383385        $qid = $db->query("
    384             SELECT * FROM " . $this->getParam('db_table') . "
     386            SELECT * FROM " . $db->escapeString($this->getParam('db_table')) . "
    385387            WHERE version_id = '" . $db->escapeString($version_id) . "'
    386388        ");
     
    403405        // Get version data.
    404406        $qid = $db->query("
    405             SELECT * FROM " . $this->getParam('db_table') . "
     407            SELECT * FROM " . $db->escapeString($this->getParam('db_table')) . "
    406408            WHERE version_id = '" . $db->escapeString($version_id) . "'
    407409        ");
Note: See TracChangeset for help on using the changeset viewer.