@@ -88,9 +88,8 @@ class OC_Connector_Sabre_Locks extends Sabre_DAV_Locks_Backend_Abstract { | |||
} | |||
$query.=')'; | |||
$stmt = OC_DB::prepare( $query ); | |||
$result = $stmt->execute( $params ); | |||
$result = OC_DB::executeAudited( $query, $params ); | |||
$lockList = array(); | |||
while( $row = $result->fetchRow()) { | |||
@@ -127,14 +126,17 @@ class OC_Connector_Sabre_Locks extends Sabre_DAV_Locks_Backend_Abstract { | |||
$locks = $this->getLocks($uri, false); | |||
$exists = false; | |||
foreach($locks as $lock) { | |||
if ($lock->token == $lockInfo->token) $exists = true; | |||
if ($lock->token == $lockInfo->token) { | |||
$exists = true; | |||
break; | |||
} | |||
} | |||
if ($exists) { | |||
$query = OC_DB::prepare( 'UPDATE `*PREFIX*locks`' | |||
.' SET `owner` = ?, `timeout` = ?, `scope` = ?, `depth` = ?, `uri` = ?, `created` = ?' | |||
.' WHERE `userid` = ? AND `token` = ?' ); | |||
$result = $query->execute( array( | |||
$sql = 'UPDATE `*PREFIX*locks`' | |||
.' SET `owner` = ?, `timeout` = ?, `scope` = ?, `depth` = ?, `uri` = ?, `created` = ?' | |||
.' WHERE `userid` = ? AND `token` = ?'; | |||
$result = OC_DB::executeAudited( $sql, array( | |||
$lockInfo->owner, | |||
$lockInfo->timeout, | |||
$lockInfo->scope, | |||
@@ -145,10 +147,10 @@ class OC_Connector_Sabre_Locks extends Sabre_DAV_Locks_Backend_Abstract { | |||
$lockInfo->token) | |||
); | |||
} else { | |||
$query = OC_DB::prepare( 'INSERT INTO `*PREFIX*locks`' | |||
.' (`userid`,`owner`,`timeout`,`scope`,`depth`,`uri`,`created`,`token`)' | |||
.' VALUES (?,?,?,?,?,?,?,?)' ); | |||
$result = $query->execute( array( | |||
$sql = 'INSERT INTO `*PREFIX*locks`' | |||
.' (`userid`,`owner`,`timeout`,`scope`,`depth`,`uri`,`created`,`token`)' | |||
.' VALUES (?,?,?,?,?,?,?,?)'; | |||
$result = OC_DB::executeAudited( $sql, array( | |||
OC_User::getUser(), | |||
$lockInfo->owner, | |||
$lockInfo->timeout, | |||
@@ -173,8 +175,8 @@ class OC_Connector_Sabre_Locks extends Sabre_DAV_Locks_Backend_Abstract { | |||
*/ | |||
public function unlock($uri, Sabre_DAV_Locks_LockInfo $lockInfo) { | |||
$query = OC_DB::prepare( 'DELETE FROM `*PREFIX*locks` WHERE `userid` = ? AND `uri` = ? AND `token` = ?' ); | |||
$result = $query->execute( array(OC_User::getUser(), $uri, $lockInfo->token)); | |||
$sql = 'DELETE FROM `*PREFIX*locks` WHERE `userid` = ? AND `uri` = ? AND `token` = ?'; | |||
$result = OC_DB::executeAudited( $sql, array(OC_User::getUser(), $uri, $lockInfo->token)); | |||
return $result->numRows() === 1; | |||
@@ -460,7 +460,7 @@ class OC_DB { | |||
$row = $result->fetchRow(); | |||
self::raiseExceptionOnError($row, 'fetching row for insertid failed'); | |||
return $row['id']; | |||
} else if( $type === 'mssql') { | |||
} else if( $type === 'mssql' || $type === 'oci') { | |||
if($table !== null) { | |||
$prefix = OC_Config::getValue( "dbtableprefix", "oc_" ); | |||
$table = str_replace( '*PREFIX*', $prefix, $table ); | |||
@@ -594,6 +594,11 @@ class OC_DB { | |||
$CONFIG_DBTYPE = OC_Config::getValue( "dbtype", "sqlite" ); | |||
self::connectScheme(); | |||
if(OC_Config::getValue('dbtype', 'sqlite')==='oci') { | |||
//set dbname, it is unset because oci uses 'service' to connect | |||
self::$schema->db->database_name=self::$schema->db->dsn['username']; | |||
} | |||
// read file | |||
$content = file_get_contents( $file ); | |||
@@ -617,6 +622,12 @@ class OC_DB { | |||
$content = str_replace( '<default>0000-00-00 00:00:00</default>', | |||
'<default>CURRENT_TIMESTAMP</default>', $content ); | |||
} | |||
if(OC_Config::getValue('dbtype', 'sqlite')==='oci') { | |||
unset($previousSchema['charset']); //or MDB2 tries SHUTDOWN IMMEDIATE | |||
$oldname = $previousSchema['name']; | |||
$previousSchema['name']=OC_Config::getValue( "dbuser", $oldname ); | |||
//TODO check identifiers are at most 30 chars long | |||
} | |||
file_put_contents( $file2, $content ); | |||
$op = self::$schema->updateDatabase($file2, $previousSchema, array(), false); | |||
@@ -1586,10 +1586,10 @@ class Share { | |||
public static function post_removeFromGroup($arguments) { | |||
// TODO Don't call if user deleted? | |||
$query = \OC_DB::prepare('SELECT `id`, `share_type` FROM `*PREFIX*share`' | |||
.' WHERE (`share_type` = ? AND `share_with` = ?) OR (`share_type` = ? AND `share_with` = ?)'); | |||
$result = $query->execute(array(self::SHARE_TYPE_GROUP, $arguments['gid'], self::$shareTypeGroupUserUnique, | |||
$arguments['uid'])); | |||
$sql = 'SELECT `id`, `share_type` FROM `*PREFIX*share`' | |||
.' WHERE (`share_type` = ? AND `share_with` = ?) OR (`share_type` = ? AND `share_with` = ?)'; | |||
$result = \OC_DB::executeAudited($sql, array(self::SHARE_TYPE_GROUP, $arguments['gid'], | |||
self::$shareTypeGroupUserUnique, $arguments['uid'])); | |||
while ($item = $result->fetchRow()) { | |||
if ($item['share_type'] == self::SHARE_TYPE_GROUP) { | |||
// Delete all reshares by this user of the group share | |||
@@ -1601,8 +1601,8 @@ class Share { | |||
} | |||
public static function post_deleteGroup($arguments) { | |||
$query = \OC_DB::prepare('SELECT id FROM `*PREFIX*share` WHERE `share_type` = ? AND `share_with` = ?'); | |||
$result = $query->execute(array(self::SHARE_TYPE_GROUP, $arguments['gid'])); | |||
$sql = 'SELECT `id` FROM `*PREFIX*share` WHERE `share_type` = ? AND `share_with` = ?'; | |||
$result = \OC_DB::executeAudited($sql, array(self::SHARE_TYPE_GROUP, $arguments['gid'])); | |||
while ($item = $result->fetchRow()) { | |||
self::delete($item['id']); | |||
} |
@@ -4,7 +4,7 @@ class DatabaseSetupException extends Exception | |||
{ | |||
private $hint; | |||
public function __construct($message, $hint, $code = 0, Exception $previous = null) { | |||
public function __construct($message, $hint = '', $code = 0, Exception $previous = null) { | |||
$this->hint = $hint; | |||
parent::__construct($message, $code, $previous); | |||
} | |||
@@ -133,12 +133,15 @@ class OC_Setup { | |||
$dbuser = $options['dbuser']; | |||
$dbpass = $options['dbpass']; | |||
$dbname = $options['dbname']; | |||
$dbtablespace = $options['dbtablespace']; | |||
if (array_key_exists('dbtablespace', $options)) { | |||
$dbtablespace = $options['dbtablespace']; | |||
} else { | |||
$dbtablespace = 'USERS'; | |||
} | |||
$dbhost = isset($options['dbhost'])?$options['dbhost']:''; | |||
$dbtableprefix = isset($options['dbtableprefix']) ? $options['dbtableprefix'] : 'oc_'; | |||
OC_Config::setValue('dbname', $dbname); | |||
OC_Config::setValue('dbtablespace', $dbtablespace); | |||
OC_Config::setValue('dbhost', $dbhost); | |||
OC_Config::setValue('dbtableprefix', $dbtableprefix); | |||
@@ -446,7 +449,7 @@ class OC_Setup { | |||
} | |||
private static function setupOCIDatabase($dbhost, $dbuser, $dbpass, $dbname, $dbtableprefix, $dbtablespace, | |||
$username) { | |||
$username) { | |||
$l = self::getTrans(); | |||
$e_host = addslashes($dbhost); | |||
$e_dbname = addslashes($dbname); |
@@ -94,13 +94,18 @@ class Test_DBSchema extends PHPUnit_Framework_TestCase { | |||
break; | |||
case 'pgsql': | |||
$sql = "SELECT tablename AS table_name, schemaname AS schema_name " | |||
. "FROM pg_tables WHERE schemaname NOT LIKE 'pg_%' " | |||
. "FROM pg_tables WHERE schemaname NOT LIKE 'pg_%' " | |||
. "AND schemaname != 'information_schema' " | |||
. "AND tablename = '".$table."'"; | |||
$query = OC_DB::prepare($sql); | |||
$result = $query->execute(array()); | |||
$exists = $result && $result->fetchOne(); | |||
break; | |||
case 'oci': | |||
$sql = 'SELECT table_name FROM user_tables WHERE table_name = ?'; | |||
$result = \OC_DB::executeAudited($sql, array($table)); | |||
$exists = (bool)$result->fetchOne(); //oracle uses MDB2 and returns null | |||
break; | |||
case 'mssql': | |||
$sql = "SELECT * FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = '{$table}'"; | |||
$query = OC_DB::prepare($sql); |