Home Explore Help
Register Sign In
biotorrents
/
Gazelle
forked from Oppaitime/Gazelle
Watch 2
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 2 Wiki Activity
Browse Source

You need the exact DOI or it fails

pjc 5 years ago
parent
f102122729
commit
1e4f6ff49a
2 changed files with 16 additions and 16 deletions
Split View Show Diff Stats
  1. 14
    15
      classes/mysql.class.php
  2. 2
    1
      sections/upload/upload_handle.php

+ 14
- 15
classes/mysql.class.php View File 

@@ -1,4 +1,5 @@
1 1 
 <?
2 
+
2 3 
 //-----------------------------------------------------------------------------------
3 4 
 /////////////////////////////////////////////////////////////////////////////////////
4 5 
 /*//-- MySQL wrapper class ----------------------------------------------------------
 
@@ -46,7 +47,6 @@ db_string($str);
46 47 
   USE THIS FUNCTION EVERY TIME YOU USE AN UNVALIDATED USER-SUPPLIED VALUE IN
47 48 
   A DATABASE QUERY!
48 49
49 
-
50 50 
 //--------- Advanced usage ---------------------------------------------------------
51 51
52 52 
 * The conventional way of retrieving a row from a result set is as follows:
 
@@ -111,7 +111,6 @@ set_query_id($ResultSet)
111 111
112 112 
   Of course, this example is contrived, but you get the point.
113 113
114 
-
115 114 
 -------------------------------------------------------------------------------------
116 115 
 *///---------------------------------------------------------------------------------
117 116 
 
@@ -119,12 +118,12 @@ if (!extension_loaded('mysqli')) {
119 118 
   die('Mysqli Extension not loaded.');
120 119 
 }
121 120
122 
-//Handles escaping
121 
+// Handles escaping
123 122 
 function db_string($String, $DisableWildcards = false) {
124 123 
   global $DB;
125 
-  //Escape
124 
+  // Escape
126 125 
   $String = $DB->escape_str($String);
127 
-  //Remove user input wildcards
126 
+  // Remove user input wildcards
128 127 
   if ($DisableWildcards) {
129 128 
     $String = str_replace(array('%','_'), array('\%','\_'), $String);
130 129 
   }
 
@@ -144,7 +143,7 @@ function db_array($Array, $DontEscape = [], $Quote = false) {
144 143 
   return $Array;
145 144 
 }
146 145
147 
-//TODO: revisit access levels once Drone is replaced by ZeRobot
146 
+// @todo Revisit access levels once Drone is replaced by ZeRobot
148 147 
 class DB_MYSQL {
149 148 
   public $LinkID = false;
150 149 
   protected $QueryID = false;
 
@@ -262,8 +261,8 @@ class DB_MYSQL {
262 261 
       $this->QueryID = mysqli_stmt_get_result($this->StatementID);
263 262
264 263 
       if (DEBUG_MODE) {
265 
-        // in DEBUG_MODE, return the full trace on a SQL error (super useful
266 
-        // for debugging). do not attempt to retry to query
264 
+        // In DEBUG_MODE, return the full trace on a SQL error (super useful
265 
+        // For debugging). do not attempt to retry to query
267 266 
         if (!$this->QueryID) {
268 267 
           echo '<pre>' . mysqli_error($this->LinkID) . '<br><br>';
269 268 
           debug_print_backtrace();
 
@@ -329,8 +328,8 @@ class DB_MYSQL {
329 328 
   }
330 329
331 330 
   /*
332 
-   * returns an integer with the number of rows found
333 
-   * returns a string if the number of rows found exceeds MAXINT
331 
+   * Returns an integer with the number of rows found
332 
+   * Returns a string if the number of rows found exceeds MAXINT
334 333 
    */
335 334 
   function record_count() {
336 335 
     if ($this->QueryID) {
 
@@ -339,8 +338,8 @@ class DB_MYSQL {
339 338 
   }
340 339
341 340 
   /*
342 
-   * returns true if the query exists and there were records found
343 
-   * returns false if the query does not exist or if there were 0 records returned
341 
+   * Returns true if the query exists and there were records found
342 
+   * Returns false if the query does not exist or if there were 0 records returned
344 343 
    */
345 344 
   function has_results() {
346 345 
     return ($this->QueryID && $this->record_count() !== 0);
 
@@ -356,7 +355,7 @@ class DB_MYSQL {
356 355 
     return mysqli_get_host_info($this->LinkID);
357 356 
   }
358 357
359 
-  // You should use db_string() instead.
358 
+  // You should use db_string() instead
360 359 
   function escape_str($Str) {
361 360 
     $this->connect(0);
362 361 
     if (is_array($Str)) {
 
@@ -428,7 +427,7 @@ class DB_MYSQL {
428 427
429 428 
   /**
430 429 
    * This function determines whether the last query caused warning messages
431 
-   * and stores them in $this->Queries.
430 
+   * and stores them in $this->Queries
432 431 
    */
433 432 
   function warnings() {
434 433 
     $Warnings = [];
 
@@ -436,7 +435,7 @@ class DB_MYSQL {
436 435 
       $e = mysqli_get_warnings($this->LinkID);
437 436 
       do {
438 437 
         if ($e->errno == 1592) {
439 
-          // 1592: Unsafe statement written to the binary log using statement format since BINLOG_FORMAT = STATEMENT.
438 
+          // 1592: Unsafe statement written to the binary log using statement format since BINLOG_FORMAT = STATEMENT
440 439 
           continue;
441 440 
         }
442 441 
         $Warnings[] = 'Code ' . $e->errno . ': ' . display_str($e->message);

+ 2
- 1
sections/upload/upload_handle.php View File 

@@ -449,12 +449,12 @@ if (!isset($GroupID) || !$GroupID) {
449 449 
     $Cache->increment('stats_group_count');
450 450
451 451 
     // Add screenshots
452 
+    // @todo Clear DB_MYSQL::exec_prepared_query() errors
452 453 
     $Screenshots = explode("\n", $T['Screenshots']);
453 454 
     $Screenshots = array_map('trim', $Screenshots);
454 455
455 456 
     $Screenshots = array_filter($Screenshots, function ($s) {
456 457 
         return preg_match('/^'.DOI_REGEX.'$/i', $s);
457 
-        #return preg_match('/^'.IMAGE_REGEX.'$/i', $s);
458 458 
     });
459 459
460 460 
     $Screenshots = array_unique($Screenshots);
 
@@ -467,6 +467,7 @@ if (!isset($GroupID) || !$GroupID) {
467 467 
         (GroupID, UserID, Time, Image)
468 468 
       VALUES (?, ?, NOW(), ?)", $GroupID, $LoggedUser['ID'], $Screenshot);
469 469 
         foreach ($Screenshots as $Screenshot) {
470 
+            $DB->db_string($Screenshot); # Maybe unnecessary
470 471 
             $DB->exec_prepared_query();
471 472 
         }
472 473 
     }

Write Preview
Loading…
Cancel
Save