From d8b181cd844401ee8587bac99a101fcc532fcacf Mon Sep 17 00:00:00 2001 From: Thomas Tanghus Date: Tue, 26 Jun 2012 17:54:00 +0200 Subject: [PATCH] Added error checking on all db queries. --- apps/contacts/index.php | 3 + apps/contacts/lib/addressbook.php | 99 ++++++++++++++++++++++------- apps/contacts/lib/vcard.php | 101 ++++++++++++++++++++++-------- 3 files changed, 152 insertions(+), 51 deletions(-) diff --git a/apps/contacts/index.php b/apps/contacts/index.php index f6b37409ea7..0b4f89b30c0 100644 --- a/apps/contacts/index.php +++ b/apps/contacts/index.php @@ -15,6 +15,9 @@ OCP\App::checkAppEnabled('contacts'); // Get active address books. This creates a default one if none exists. $ids = OC_Contacts_Addressbook::activeIds(OCP\USER::getUser()); $contacts = OC_Contacts_VCard::all($ids); +if($contacts === false) { + OCP\Util::writeLog('contacts','index.html: No contacts found.',OCP\Util::DEBUG); +} $addressbooks = OC_Contacts_Addressbook::active(OCP\USER::getUser()); diff --git a/apps/contacts/lib/addressbook.php b/apps/contacts/lib/addressbook.php index 878d8835f94..86a41b18cf3 100644 --- a/apps/contacts/lib/addressbook.php +++ b/apps/contacts/lib/addressbook.php @@ -41,11 +41,18 @@ class OC_Contacts_Addressbook{ /** * @brief Returns the list of addressbooks for a specific user. * @param string $uid - * @return array + * @return array or false. */ public static function all($uid){ - $stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*contacts_addressbooks WHERE userid = ? ORDER BY displayname' ); - $result = $stmt->execute(array($uid)); + try { + $stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*contacts_addressbooks WHERE userid = ? ORDER BY displayname' ); + $result = $stmt->execute(array($uid)); + } catch(Exception $e) { + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.' exception: '.$e->getMessage(),OCP\Util::ERROR); + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.' uid: '.$uid,OCP\Util::DEBUG); + return false; + } + $addressbooks = array(); while( $row = $result->fetchRow()){ @@ -68,15 +75,36 @@ class OC_Contacts_Addressbook{ /** * @brief Gets the data of one address book * @param integer $id - * @return associative array + * @return associative array or false. */ public static function find($id){ - $stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*contacts_addressbooks WHERE id = ?' ); - $result = $stmt->execute(array($id)); + try { + $stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*contacts_addressbooks WHERE id = ?' ); + $result = $stmt->execute(array($id)); + } catch(Exception $e) { + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', exception: '.$e->getMessage(),OCP\Util::ERROR); + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', id: '.$id,OCP\Util::DEBUG); + return false; + } return $result->fetchRow(); } + /** + * @brief Adds default address book + * @return $id ID of the newly created addressbook or false on error. + */ + public static function addDefault($uid = null){ + if(is_null($uid)) { + $uid = OCP\USER::getUser(); + } + $id = self::add($uid,'default','Default Address Book'); + if($id !== false) { + self::setActive($id, true); + } + return $id; + } + /** * @brief Creates a new address book * @param string $userid @@ -84,17 +112,22 @@ class OC_Contacts_Addressbook{ * @param string $description * @return insertid */ - public static function add($userid,$name,$description=''){ - $all = self::all($userid); + public static function add($uid,$name,$description=''){ + $all = self::all($uid); $uris = array(); foreach($all as $i){ $uris[] = $i['uri']; } $uri = self::createURI($name, $uris ); - - $stmt = OCP\DB::prepare( 'INSERT INTO *PREFIX*contacts_addressbooks (userid,displayname,uri,description,ctag) VALUES(?,?,?,?,?)' ); - $result = $stmt->execute(array($userid,$name,$uri,$description,1)); + try { + $stmt = OCP\DB::prepare( 'INSERT INTO *PREFIX*contacts_addressbooks (userid,displayname,uri,description,ctag) VALUES(?,?,?,?,?)' ); + $result = $stmt->execute(array($uid,$name,$uri,$description,1)); + } catch(Exception $e) { + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', exception: '.$e->getMessage(),OCP\Util::ERROR); + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', uid: '.$uid,OCP\Util::DEBUG); + return false; + } return OCP\DB::insertid('*PREFIX*contacts_addressbooks'); } @@ -105,13 +138,20 @@ class OC_Contacts_Addressbook{ * @param string $uri * @param string $name * @param string $description - * @return insertid + * @return insertid or false */ public static function addFromDAVData($principaluri,$uri,$name,$description){ - $userid = self::extractUserID($principaluri); + $uid = self::extractUserID($principaluri); - $stmt = OCP\DB::prepare( 'INSERT INTO *PREFIX*contacts_addressbooks (userid,displayname,uri,description,ctag) VALUES(?,?,?,?,?)' ); - $result = $stmt->execute(array($userid,$name,$uri,$description,1)); + try { + $stmt = OCP\DB::prepare('INSERT INTO *PREFIX*contacts_addressbooks (userid,displayname,uri,description,ctag) VALUES(?,?,?,?,?)'); + $result = $stmt->execute(array($uid,$name,$uri,$description,1)); + } catch(Exception $e) { + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', exception: '.$e->getMessage(),OCP\Util::ERROR); + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', uid: '.$uid,OCP\Util::DEBUG); + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', uri: '.$uri,OCP\Util::DEBUG); + return false; + } return OCP\DB::insertid('*PREFIX*contacts_addressbooks'); } @@ -134,8 +174,14 @@ class OC_Contacts_Addressbook{ $description = $addressbook['description']; } - $stmt = OCP\DB::prepare( 'UPDATE *PREFIX*contacts_addressbooks SET displayname=?,description=?, ctag=ctag+1 WHERE id=?' ); - $result = $stmt->execute(array($name,$description,$id)); + try { + $stmt = OCP\DB::prepare('UPDATE *PREFIX*contacts_addressbooks SET displayname=?,description=?, ctag=ctag+1 WHERE id=?'); + $result = $stmt->execute(array($name,$description,$id)); + } catch(Exception $e) { + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', exception: '.$e->getMessage(),OCP\Util::ERROR); + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', id: '.$id,OCP\Util::DEBUG); + return false; + } return true; } @@ -172,8 +218,7 @@ class OC_Contacts_Addressbook{ if(!$prefbooks){ $addressbooks = OC_Contacts_Addressbook::all($uid); if(count($addressbooks) == 0){ - $id = OC_Contacts_Addressbook::add($uid,'default','Default Address Book'); - self::setActive($id, true); + self::addDefault($uid); } } $prefbooks = OCP\Config::getUserValue($uid,'contacts','openaddressbooks',null); @@ -186,6 +231,9 @@ class OC_Contacts_Addressbook{ * @return array */ public static function active($uid){ + if(is_null($uid)){ + $uid = OCP\USER::getUser(); + } $active = self::activeIds($uid); $addressbooks = array(); $ids_sql = join(',', array_fill(0, count($active), '?')); @@ -194,15 +242,18 @@ class OC_Contacts_Addressbook{ $stmt = OCP\DB::prepare( $prep ); $result = $stmt->execute($active); } catch(Exception $e) { - OCP\Util::writeLog('contacts','OC_Contacts_Addressbook:active:, exception: '.$e->getMessage(),OCP\Util::ERROR); - OCP\Util::writeLog('contacts','OC_Contacts_Addressbook:active, ids: '.join(',', $active),OCP\Util::DEBUG); - OCP\Util::writeLog('contacts','OC_Contacts_Addressbook::active, SQL:'.$prep,OCP\Util::DEBUG); + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', exception: '.$e->getMessage(),OCP\Util::ERROR); + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', uid: '.$uid,OCP\Util::DEBUG); + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', ids: '.join(',', $active),OCP\Util::DEBUG); + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', SQL:'.$prep,OCP\Util::DEBUG); } while( $row = $result->fetchRow()){ $addressbooks[] = $row; } - + if(!count($addressbooks)) { + self::addDefault($uid); + } return $addressbooks; } @@ -260,7 +311,7 @@ class OC_Contacts_Addressbook{ $stmt = OCP\DB::prepare( 'DELETE FROM *PREFIX*contacts_addressbooks WHERE id = ?' ); $stmt->execute(array($id)); } catch(Exception $e) { - OCP\Util::writeLog('contacts','OC_Contacts_Addressbook:delete:, exception for '.$id.': '.$e->getMessage(),OCP\Util::ERROR); + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', exception for '.$id.': '.$e->getMessage(),OCP\Util::ERROR); return false; } diff --git a/apps/contacts/lib/vcard.php b/apps/contacts/lib/vcard.php index 22c546b2c4c..bf22be0de74 100644 --- a/apps/contacts/lib/vcard.php +++ b/apps/contacts/lib/vcard.php @@ -42,32 +42,37 @@ class OC_Contacts_VCard{ /** * @brief Returns all cards of an address book * @param integer $id - * @return array + * @return array|false * * The cards are associative arrays. You'll find the original vCard in * ['carddata'] */ public static function all($id){ $result = null; - if(is_array($id)) { + if(is_array($id) && count($id)) { $id_sql = join(',', array_fill(0, count($id), '?')); $prep = 'SELECT * FROM *PREFIX*contacts_cards WHERE addressbookid IN ('.$id_sql.') ORDER BY fullname'; try { $stmt = OCP\DB::prepare( $prep ); $result = $stmt->execute($id); } catch(Exception $e) { - OCP\Util::writeLog('contacts','OC_Contacts_VCard:all:, exception: '.$e->getMessage(),OCP\Util::ERROR); - OCP\Util::writeLog('contacts','OC_Contacts_VCard:all, ids: '.join(',', $id),OCP\Util::DEBUG); - OCP\Util::writeLog('contacts','SQL:'.$prep,OCP\Util::DEBUG); + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', exception: '.$e->getMessage(),OCP\Util::ERROR); + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', ids: '.join(',', $id),OCP\Util::DEBUG); + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.'SQL:'.$prep,OCP\Util::DEBUG); + return false; } - } elseif($id) { + } elseif(is_int($id) || is_string($id)) { try { $stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*contacts_cards WHERE addressbookid = ? ORDER BY fullname' ); $result = $stmt->execute(array($id)); } catch(Exception $e) { - OCP\Util::writeLog('contacts','OC_Contacts_VCard:all:, exception: '.$e->getMessage(),OCP\Util::DEBUG); - OCP\Util::writeLog('contacts','OC_Contacts_VCard:all, ids: '. $id,OCP\Util::DEBUG); + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', exception: '.$e->getMessage(),OCP\Util::ERROR); + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', ids: '. $id,OCP\Util::DEBUG); + return false; } + } else { + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.'. Addressbook id(s) argument is empty: '. $id,OCP\Util::DEBUG); + return false; } $cards = array(); if(!is_null($result)) { @@ -82,11 +87,17 @@ class OC_Contacts_VCard{ /** * @brief Returns a card * @param integer $id - * @return associative array + * @return associative array or false. */ public static function find($id){ - $stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*contacts_cards WHERE id = ?' ); - $result = $stmt->execute(array($id)); + try { + $stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*contacts_cards WHERE id = ?' ); + $result = $stmt->execute(array($id)); + } catch(Exception $e) { + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', exception: '.$e->getMessage(),OCP\Util::ERROR); + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', id: '. $id,OCP\Util::DEBUG); + return false; + } return $result->fetchRow(); } @@ -95,11 +106,17 @@ class OC_Contacts_VCard{ * @brief finds a card by its DAV Data * @param integer $aid Addressbook id * @param string $uri the uri ('filename') - * @return associative array + * @return associative array or false. */ public static function findWhereDAVDataIs($aid,$uri){ - $stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*contacts_cards WHERE addressbookid = ? AND uri = ?' ); - $result = $stmt->execute(array($aid,$uri)); + try { + $stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*contacts_cards WHERE addressbookid = ? AND uri = ?' ); + $result = $stmt->execute(array($aid,$uri)); + } catch(Exception $e) { + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', exception: '.$e->getMessage(), OCP\Util::ERROR); + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', aid: '.$aid.' uri'.$uri, OCP\Util::DEBUG); + return false; + } return $result->fetchRow(); } @@ -149,7 +166,13 @@ class OC_Contacts_VCard{ protected static function trueUID($aid, &$uid) { $stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*contacts_cards WHERE addressbookid = ? AND uri = ?' ); $uri = $uid.'.vcf'; - $result = $stmt->execute(array($aid,$uri)); + try { + $result = $stmt->execute(array($aid,$uri)); + } catch(Exception $e) { + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', exception: '.$e->getMessage(), OCP\Util::ERROR); + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', aid: '.$aid.' uid'.$uid, OCP\Util::DEBUG); + return false; + } if($result->numRows() > 0){ while(true) { $tmpuid = substr(md5(rand().time()),0,10); @@ -254,7 +277,7 @@ class OC_Contacts_VCard{ * @param integer $aid Addressbook id * @param OC_VObject $card vCard file * @param string $uri the uri of the card, default based on the UID - * @return insertid on success or null if no card. + * @return insertid on success or false. */ public static function add($aid, OC_VObject $card, $uri=null, $isnew=false){ if(is_null($card)){ @@ -289,7 +312,13 @@ class OC_Contacts_VCard{ $data = $card->serialize(); $stmt = OCP\DB::prepare( 'INSERT INTO *PREFIX*contacts_cards (addressbookid,fullname,carddata,uri,lastmodified) VALUES(?,?,?,?,?)' ); - $result = $stmt->execute(array($aid,$fn,$data,$uri,time())); + try { + $result = $stmt->execute(array($aid,$fn,$data,$uri,time())); + } catch(Exception $e) { + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', exception: '.$e->getMessage(), OCP\Util::ERROR); + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', aid: '.$aid.' uri'.$uri, OCP\Util::DEBUG); + return false; + } $newid = OCP\DB::insertid('*PREFIX*contacts_cards'); OC_Contacts_Addressbook::touch($aid); @@ -325,8 +354,8 @@ class OC_Contacts_VCard{ $result = $stmt->execute(array($data,time(),$object[0])); //OCP\Util::writeLog('contacts','OC_Contacts_VCard::updateDataByID, id: '.$object[0].': '.$object[1],OCP\Util::DEBUG); } catch(Exception $e) { - OCP\Util::writeLog('contacts','OC_Contacts_VCard::updateDataByID:, exception: '.$e->getMessage(),OCP\Util::DEBUG); - OCP\Util::writeLog('contacts','OC_Contacts_VCard::updateDataByID, id: '.$object[0],OCP\Util::DEBUG); + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', exception: '.$e->getMessage(),OCP\Util::ERROR); + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', id: '.$object[0],OCP\Util::DEBUG); } } } @@ -357,7 +386,13 @@ class OC_Contacts_VCard{ $data = $card->serialize(); $stmt = OCP\DB::prepare( 'UPDATE *PREFIX*contacts_cards SET fullname = ?,carddata = ?, lastmodified = ? WHERE id = ?' ); - $result = $stmt->execute(array($fn,$data,time(),$id)); + try { + $result = $stmt->execute(array($fn,$data,time(),$id)); + } catch(Exception $e) { + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', exception: '.$e->getMessage(), OCP\Util::ERROR); + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', id'.$id, OCP\Util::DEBUG); + return false; + } OC_Contacts_Addressbook::touch($oldcard['addressbookid']); OC_Hook::emit('OC_Contacts_VCard', 'post_updateVCard', $id); @@ -390,7 +425,13 @@ class OC_Contacts_VCard{ // FIXME: Add error checking. OC_Hook::emit('OC_Contacts_VCard', 'pre_deleteVCard', array('aid' => null, 'id' => $id, 'uri' => null)); $stmt = OCP\DB::prepare( 'DELETE FROM *PREFIX*contacts_cards WHERE id = ?' ); - $stmt->execute(array($id)); + try { + $stmt->execute(array($id)); + } catch(Exception $e) { + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', exception: '.$e->getMessage(), OCP\Util::ERROR); + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', id: '.$id, OCP\Util::DEBUG); + return false; + } return true; } @@ -405,7 +446,13 @@ class OC_Contacts_VCard{ // FIXME: Add error checking. Deleting a card gives an Kontact/Akonadi error. OC_Hook::emit('OC_Contacts_VCard', 'pre_deleteVCard', array('aid' => $aid, 'id' => null, 'uri' => $uri)); $stmt = OCP\DB::prepare( 'DELETE FROM *PREFIX*contacts_cards WHERE addressbookid = ? AND uri=?' ); - $stmt->execute(array($aid,$uri)); + try { + $stmt->execute(array($aid,$uri)); + } catch(Exception $e) { + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', exception: '.$e->getMessage(), OCP\Util::ERROR); + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', aid: '.$aid.' uri: '.$uri, OCP\Util::DEBUG); + return false; + } OC_Contacts_Addressbook::touch($aid); return true; @@ -546,9 +593,9 @@ class OC_Contacts_VCard{ $vals = array_merge((array)$aid, $id); $result = $stmt->execute($vals); } catch(Exception $e) { - OCP\Util::writeLog('contacts','OC_Contacts_VCard::moveToAddressBook:, exception: '.$e->getMessage(),OCP\Util::DEBUG); - OCP\Util::writeLog('contacts','OC_Contacts_VCard::moveToAddressBook, ids: '.join(',', $vals),OCP\Util::DEBUG); - OCP\Util::writeLog('contacts','SQL:'.$prep,OCP\Util::DEBUG); + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', exception: '.$e->getMessage(),OCP\Util::ERROR); + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', ids: '.join(',', $vals),OCP\Util::DEBUG); + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', SQL:'.$prep,OCP\Util::DEBUG); return false; } } else { @@ -556,8 +603,8 @@ class OC_Contacts_VCard{ $stmt = OCP\DB::prepare( 'UPDATE *PREFIX*contacts_cards SET addressbookid = ? WHERE id = ?' ); $result = $stmt->execute(array($aid, $id)); } catch(Exception $e) { - OCP\Util::writeLog('contacts','OC_Contacts_VCard::moveToAddressBook:, exception: '.$e->getMessage(),OCP\Util::DEBUG); - OCP\Util::writeLog('contacts','OC_Contacts_VCard::moveToAddressBook, id: '.$id,OCP\Util::DEBUG); + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.', exception: '.$e->getMessage(),OCP\Util::DEBUG); + OCP\Util::writeLog('contacts',__CLASS__.'::'.__METHOD__.' id: '.$id,OCP\Util::DEBUG); return false; } } -- 2.39.5