From 061c7a6f552d57522e32c8369c2ce46fc22f48fa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Antonio=20Ca=C3=B1as=20Vargas?= Date: Mon, 29 Oct 2018 12:31:24 +0100 Subject: [PATCH] Version 18.9.4 --- swad_changelog.h | 3 +- swad_database.c | 17 ----- swad_database.h | 2 - swad_report.c | 30 ++++---- swad_session.c | 62 +++++------------ swad_social.c | 169 ++++++++++++++++++--------------------------- swad_survey.c | 36 ++++------ swad_test.c | 92 +++++++++++------------- swad_user.c | 16 ++--- swad_web_service.c | 33 ++++----- 10 files changed, 179 insertions(+), 281 deletions(-) diff --git a/swad_changelog.h b/swad_changelog.h index cdf2eebeb..1026cd9f7 100644 --- a/swad_changelog.h +++ b/swad_changelog.h @@ -355,10 +355,11 @@ En OpenSWAD: ps2pdf source.ps destination.pdf */ -#define Log_PLATFORM_VERSION "SWAD 18.9.3 (2018-10-29)" +#define Log_PLATFORM_VERSION "SWAD 18.9.4 (2018-10-29)" #define CSS_FILE "swad18.4.css" #define JS_FILE "swad17.17.1.js" /* + Version 18.9.4: Oct 29, 2018 Some sprintf for database queries changed by internal function. (235868 lines) Version 18.9.3: Oct 29, 2018 Some sprintf for database queries changed by internal function. (235952 lines) Version 18.9.2: Oct 29, 2018 Some sprintf for database queries changed by internal function. (235988 lines) Version 18.9.1: Oct 29, 2018 Some sprintf for database queries changed by internal function. (236049 lines) diff --git a/swad_database.c b/swad_database.c index d56220839..356935ec3 100644 --- a/swad_database.c +++ b/swad_database.c @@ -3207,13 +3207,6 @@ void DB_QueryINSERT_new (const char *MsgError) DB_ExitOnMySQLError (MsgError); } -void DB_QueryINSERT (const char *Query,const char *MsgError) - { - /***** Query database *****/ - if (mysql_query (&Gbl.mysql,Query)) - DB_ExitOnMySQLError (MsgError); - } - /*****************************************************************************/ /** Make an INSERT query in database and return code of last inserted item ***/ /*****************************************************************************/ @@ -3238,16 +3231,6 @@ long DB_QueryINSERTandReturnCode_new (const char *MsgError) return (long) mysql_insert_id (&Gbl.mysql); } -long DB_QueryINSERTandReturnCode (const char *Query,const char *MsgError) - { - /***** Query database *****/ - if (mysql_query (&Gbl.mysql,Query)) - DB_ExitOnMySQLError (MsgError); - - /***** Return the code of the inserted item *****/ - return (long) mysql_insert_id (&Gbl.mysql); - } - /*****************************************************************************/ /******************** Make an REPLACE query in database **********************/ /*****************************************************************************/ diff --git a/swad_database.h b/swad_database.h index 2616235dd..bfe3be1fd 100644 --- a/swad_database.h +++ b/swad_database.h @@ -46,10 +46,8 @@ unsigned long DB_QueryCOUNT_new (const char *MsgError); unsigned long DB_QueryCOUNT (const char *Query,const char *MsgError); void DB_QueryINSERT_new (const char *MsgError); -void DB_QueryINSERT (const char *Query,const char *MsgError); long DB_QueryINSERTandReturnCode_new (const char *MsgError); -long DB_QueryINSERTandReturnCode (const char *Query,const char *MsgError); void DB_QueryREPLACE_new (const char *MsgError); diff --git a/swad_report.c b/swad_report.c index 45d925f72..6b40ea9bf 100644 --- a/swad_report.c +++ b/swad_report.c @@ -426,29 +426,25 @@ static void Rep_CreateNewReportFile (struct Rep_Report *Report) static void Rep_CreateNewReportEntryIntoDB (const struct Rep_Report *Report) { - char Query[1024 + - NAME_MAX + - Cns_MAX_BYTES_WWW]; - /***** Insert a new user's usage report into database *****/ - sprintf (Query,"INSERT INTO usr_report" + DB_BuildQuery ("INSERT INTO usr_report" " (UsrCod,ReportTimeUTC," "UniqueDirL,UniqueDirR,Filename,Permalink)" " VALUES" " (%ld,'%04d-%02d-%02d %02d:%02d:%02d'," "'%c%c','%s','%s','%s')", - Gbl.Usrs.Me.UsrDat.UsrCod, - 1900 + Report->tm_CurrentTime.tm_year, // year - 1 + Report->tm_CurrentTime.tm_mon, // month - Report->tm_CurrentTime.tm_mday, // day of the month - Report->tm_CurrentTime.tm_hour, // hours - Report->tm_CurrentTime.tm_min, // minutes - Report->tm_CurrentTime.tm_sec, // seconds - Gbl.UniqueNameEncrypted[0], // 2 leftmost chars from a unique 43 chars base64url codified from a unique SHA-256 string - Gbl.UniqueNameEncrypted[1], - &Gbl.UniqueNameEncrypted[2], // 41 rightmost chars from a unique 43 chars base64url codified from a unique SHA-256 string - Report->FilenameReport,Report->Permalink); - DB_QueryINSERT (Query,"can not create new user's usage report"); + Gbl.Usrs.Me.UsrDat.UsrCod, + 1900 + Report->tm_CurrentTime.tm_year, // year + 1 + Report->tm_CurrentTime.tm_mon, // month + Report->tm_CurrentTime.tm_mday, // day of the month + Report->tm_CurrentTime.tm_hour, // hours + Report->tm_CurrentTime.tm_min, // minutes + Report->tm_CurrentTime.tm_sec, // seconds + Gbl.UniqueNameEncrypted[0], // 2 leftmost chars from a unique 43 chars base64url codified from a unique SHA-256 string + Gbl.UniqueNameEncrypted[1], + &Gbl.UniqueNameEncrypted[2], // 41 rightmost chars from a unique 43 chars base64url codified from a unique SHA-256 string + Report->FilenameReport,Report->Permalink); + DB_QueryINSERT_new ("can not create new user's usage report"); } /*****************************************************************************/ diff --git a/swad_session.c b/swad_session.c index b0cff4111..eeae079d6 100644 --- a/swad_session.c +++ b/swad_session.c @@ -156,31 +156,27 @@ void Ses_CloseSession (void) void Ses_InsertSessionInDB (void) { - char Query[1024 + - Cns_BYTES_SESSION_ID + - Pwd_BYTES_ENCRYPTED_PASSWORD]; - /***** Insert session in the database *****/ if (Gbl.Search.WhatToSearch == Sch_SEARCH_UNKNOWN) Gbl.Search.WhatToSearch = Sch_WHAT_TO_SEARCH_DEFAULT; - sprintf (Query,"INSERT INTO sessions" + DB_BuildQuery ("INSERT INTO sessions" " (SessionId,UsrCod,Password,Role," "CtyCod,InsCod,CtrCod,DegCod,CrsCod,LastTime,LastRefresh,WhatToSearch)" " VALUES" " ('%s',%ld,'%s',%u," "%ld,%ld,%ld,%ld,%ld,NOW(),NOW(),%u)", - Gbl.Session.Id, - Gbl.Usrs.Me.UsrDat.UsrCod, - Gbl.Usrs.Me.UsrDat.Password, - (unsigned) Gbl.Usrs.Me.Role.Logged, - Gbl.CurrentCty.Cty.CtyCod, - Gbl.CurrentIns.Ins.InsCod, - Gbl.CurrentCtr.Ctr.CtrCod, - Gbl.CurrentDeg.Deg.DegCod, - Gbl.CurrentCrs.Crs.CrsCod, - Gbl.Search.WhatToSearch); - DB_QueryINSERT (Query,"can not create session"); + Gbl.Session.Id, + Gbl.Usrs.Me.UsrDat.UsrCod, + Gbl.Usrs.Me.UsrDat.Password, + (unsigned) Gbl.Usrs.Me.Role.Logged, + Gbl.CurrentCty.Cty.CtyCod, + Gbl.CurrentIns.Ins.InsCod, + Gbl.CurrentCtr.Ctr.CtrCod, + Gbl.CurrentDeg.Deg.DegCod, + Gbl.CurrentCrs.Crs.CrsCod, + Gbl.Search.WhatToSearch); + DB_QueryINSERT_new ("can not create session"); } /*****************************************************************************/ @@ -337,47 +333,27 @@ bool Ses_GetSessionData (void) void Ses_InsertHiddenParInDB (Act_Action_t NextAction, const char *ParamName,const char *ParamValue) { - char *Query; - size_t LengthParamName; - size_t LengthParamValue; - size_t MaxLength; - /***** Before of inserting the first hidden parameter passed to the next action, delete all the parameters coming from the previous action *****/ Ses_RemoveHiddenParFromThisSession (); /***** For a unique session-action-parameter, don't insert a parameter more than one time *****/ if (ParamName) - if ((LengthParamName = strlen (ParamName))) + if (ParamName[0]) if (!Ses_CheckIfHiddenParIsAlreadyInDB (NextAction,ParamName)) { - /***** Allocate space for query *****/ - if (ParamValue) - LengthParamValue = strlen (ParamValue); - else - LengthParamValue = 0; - MaxLength = 256 + - Cns_BYTES_SESSION_ID + - LengthParamName + - LengthParamValue; - if ((Query = (char *) malloc (MaxLength + 1)) == NULL) - Lay_NotEnoughMemoryExit (); - /***** Insert parameter in the database *****/ - sprintf (Query,"INSERT INTO hidden_params" + DB_BuildQuery ("INSERT INTO hidden_params" " (SessionId,Action,ParamName,ParamValue)" " VALUES" " ('%s',%ld,'%s','%s')", - Gbl.Session.Id, - Act_GetActCod (NextAction), - ParamName, - LengthParamValue ? ParamValue : + Gbl.Session.Id, + Act_GetActCod (NextAction), + ParamName, + ParamValue ? ParamValue : ""); - DB_QueryINSERT (Query,"can not create hidden parameter"); + DB_QueryINSERT_new ("can not create hidden parameter"); Gbl.HiddenParamsInsertedIntoDB = true; - - /***** Free query *****/ - free ((void *) Query); } } diff --git a/swad_social.c b/swad_social.c index 5512b3056..db4caf7f8 100644 --- a/swad_social.c +++ b/swad_social.c @@ -137,15 +137,13 @@ static void Soc_ShowTimelineUsrHighlightingNot (long NotCod); static void Soc_GetAndShowOldTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl); static void Soc_BuildQueryToGetTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl, - Soc_WhatToGetFromTimeline_t WhatToGetFromTimeline, - char *Query); + Soc_WhatToGetFromTimeline_t WhatToGetFromTimeline); static long Soc_GetPubCodFromSession (const char *FieldName); static void Soc_UpdateLastPubCodIntoSession (void); static void Soc_UpdateFirstPubCodIntoSession (long FirstPubCod); static void Soc_DropTemporaryTablesUsedToQueryTimeline (void); -static void Soc_ShowTimeline (const char *Query,const char *Title, - long NotCodToHighlight); +static void Soc_ShowTimeline (const char *Title,long NotCodToHighlight); static void Soc_PutIconsTimeline (void); static void Soc_FormStart (Act_Action_t ActionGbl,Act_Action_t ActionUsr); @@ -156,8 +154,8 @@ static void Soc_GetParamsWhichUsrs (void); static void Soc_ShowWarningYouDontFollowAnyUser (void); -static void Soc_InsertNewPubsInTimeline (const char *Query); -static void Soc_ShowOldPubsInTimeline (const char *Query); +static void Soc_InsertNewPubsInTimeline (void); +static void Soc_ShowOldPubsInTimeline (void); static void Soc_GetDataOfSocialPublishingFromRow (MYSQL_ROW row,struct SocialPublishing *SocPub); @@ -362,15 +360,13 @@ void Soc_ShowTimelineGbl2 (void) static void Soc_ShowTimelineGblHighlightingNot (long NotCod) { extern const char *Txt_Timeline; - char Query[1024]; /***** Build query to get timeline *****/ Soc_BuildQueryToGetTimeline (Soc_TIMELINE_GBL, - Soc_GET_RECENT_TIMELINE, - Query); + Soc_GET_RECENT_TIMELINE); /***** Show timeline *****/ - Soc_ShowTimeline (Query,Txt_Timeline,NotCod); + Soc_ShowTimeline (Txt_Timeline,NotCod); /***** Drop temporary tables *****/ Soc_DropTemporaryTablesUsedToQueryTimeline (); @@ -388,18 +384,16 @@ void Soc_ShowTimelineUsr (void) static void Soc_ShowTimelineUsrHighlightingNot (long NotCod) { extern const char *Txt_Timeline_OF_A_USER; - char Query[1024]; /***** Build query to show timeline with publishings of a unique user *****/ Soc_BuildQueryToGetTimeline (Soc_TIMELINE_USR, - Soc_GET_RECENT_TIMELINE, - Query); + Soc_GET_RECENT_TIMELINE); /***** Show timeline *****/ snprintf (Gbl.Title,sizeof (Gbl.Title), Txt_Timeline_OF_A_USER, Gbl.Usrs.Other.UsrDat.FirstName); - Soc_ShowTimeline (Query,Gbl.Title,NotCod); + Soc_ShowTimeline (Gbl.Title,NotCod); /***** Drop temporary tables *****/ Soc_DropTemporaryTablesUsedToQueryTimeline (); @@ -411,8 +405,6 @@ static void Soc_ShowTimelineUsrHighlightingNot (long NotCod) void Soc_RefreshNewTimelineGbl (void) { - char Query[1024]; - if (Gbl.Session.IsOpen) // If session has been closed, do not write anything { /***** Send, before the HTML, the refresh time *****/ @@ -424,11 +416,10 @@ void Soc_RefreshNewTimelineGbl (void) /***** Build query to get timeline *****/ Soc_BuildQueryToGetTimeline (Soc_TIMELINE_GBL, - Soc_GET_ONLY_NEW_PUBS, - Query); + Soc_GET_ONLY_NEW_PUBS); /***** Show new timeline *****/ - Soc_InsertNewPubsInTimeline (Query); + Soc_InsertNewPubsInTimeline (); /***** Drop temporary tables *****/ Soc_DropTemporaryTablesUsedToQueryTimeline (); @@ -465,15 +456,12 @@ void Soc_RefreshOldTimelineUsr (void) static void Soc_GetAndShowOldTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl) { - char Query[1024]; - /***** Build query to get timeline *****/ Soc_BuildQueryToGetTimeline (TimelineUsrOrGbl, - Soc_GET_ONLY_OLD_PUBS, - Query); + Soc_GET_ONLY_OLD_PUBS); /***** Show old timeline *****/ - Soc_ShowOldPubsInTimeline (Query); + Soc_ShowOldPubsInTimeline (); /***** Drop temporary tables *****/ Soc_DropTemporaryTablesUsedToQueryTimeline (); @@ -503,8 +491,7 @@ void Soc_MarkMyNotifAsSeen (void) #define Soc_MAX_BYTES_SUBQUERY_ALREADY_EXISTS (256 - 1) static void Soc_BuildQueryToGetTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl, - Soc_WhatToGetFromTimeline_t WhatToGetFromTimeline, - char *Query) + Soc_WhatToGetFromTimeline_t WhatToGetFromTimeline) { char SubQueryPublishers[128]; char SubQueryRangeBottom[128]; @@ -535,24 +522,21 @@ static void Soc_BuildQueryToGetTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl Soc_DropTemporaryTablesUsedToQueryTimeline (); /***** Create temporary table with publishing codes *****/ - sprintf (Query,"CREATE TEMPORARY TABLE pub_codes " + DB_BuildQuery ("CREATE TEMPORARY TABLE pub_codes " "(PubCod BIGINT NOT NULL,UNIQUE INDEX(PubCod)) ENGINE=MEMORY"); - if (mysql_query (&Gbl.mysql,Query)) - DB_ExitOnMySQLError ("can not create temporary table"); + DB_Query_new ("can not create temporary table"); /***** Create temporary table with notes got in this execution *****/ - sprintf (Query,"CREATE TEMPORARY TABLE not_codes " + DB_BuildQuery ("CREATE TEMPORARY TABLE not_codes " "(NotCod BIGINT NOT NULL,INDEX(NotCod)) ENGINE=MEMORY"); - if (mysql_query (&Gbl.mysql,Query)) - DB_ExitOnMySQLError ("can not create temporary table"); + DB_Query_new ("can not create temporary table"); /***** Create temporary table with notes already present in timeline for this session *****/ - sprintf (Query,"CREATE TEMPORARY TABLE current_timeline " + DB_BuildQuery ("CREATE TEMPORARY TABLE current_timeline " "(NotCod BIGINT NOT NULL,INDEX(NotCod)) ENGINE=MEMORY" " SELECT NotCod FROM social_timelines WHERE SessionId='%s'", - Gbl.Session.Id); - if (mysql_query (&Gbl.mysql,Query)) - DB_ExitOnMySQLError ("can not create temporary table"); + Gbl.Session.Id); + DB_Query_new ("can not create temporary table"); /***** Create temporary table and subquery with potential publishers *****/ switch (TimelineUsrOrGbl) @@ -565,7 +549,7 @@ static void Soc_BuildQueryToGetTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl switch (Gbl.Social.WhichUsrs) { case Soc_FOLLOWED: // Show the timeline of the users I follow - sprintf (Query,"CREATE TEMPORARY TABLE publishers " + DB_BuildQuery ("CREATE TEMPORARY TABLE publishers " "(UsrCod INT NOT NULL,UNIQUE INDEX(UsrCod)) ENGINE=MEMORY" " SELECT %ld AS UsrCod" " UNION" @@ -573,8 +557,8 @@ static void Soc_BuildQueryToGetTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl " FROM usr_follow WHERE FollowerCod=%ld", Gbl.Usrs.Me.UsrDat.UsrCod, Gbl.Usrs.Me.UsrDat.UsrCod); - if (mysql_query (&Gbl.mysql,Query)) - DB_ExitOnMySQLError ("can not create temporary table"); + DB_Query_new ("can not create temporary table"); + sprintf (SubQueryPublishers,"social_pubs.PublisherCod=publishers.UsrCod AND "); break; case Soc_ALL_USRS: // Show the timeline of all users @@ -729,35 +713,35 @@ static void Soc_BuildQueryToGetTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl switch (TimelineUsrOrGbl) { case Soc_TIMELINE_USR: // Show the timeline of a user - sprintf (Query,"SELECT PubCod,NotCod FROM social_pubs" + DB_BuildQuery ("SELECT PubCod,NotCod FROM social_pubs" " WHERE %s%s%s%s" " ORDER BY PubCod DESC LIMIT 1", - SubQueryRangeBottom,SubQueryRangeTop, - SubQueryPublishers, - SubQueryAlreadyExists); + SubQueryRangeBottom,SubQueryRangeTop, + SubQueryPublishers, + SubQueryAlreadyExists); break; case Soc_TIMELINE_GBL: // Show the global timeline switch (Gbl.Social.WhichUsrs) { case Soc_FOLLOWED: // Show the timeline of the users I follow - sprintf (Query,"SELECT PubCod,NotCod FROM social_pubs,publishers" + DB_BuildQuery ("SELECT PubCod,NotCod FROM social_pubs,publishers" " WHERE %s%s%s%s" " ORDER BY social_pubs.PubCod DESC LIMIT 1", - SubQueryRangeBottom,SubQueryRangeTop, - SubQueryPublishers, - SubQueryAlreadyExists); + SubQueryRangeBottom,SubQueryRangeTop, + SubQueryPublishers, + SubQueryAlreadyExists); break; case Soc_ALL_USRS: // Show the timeline of all users - sprintf (Query,"SELECT PubCod,NotCod FROM social_pubs" + DB_BuildQuery ("SELECT PubCod,NotCod FROM social_pubs" " WHERE %s%s%s" " ORDER BY PubCod DESC LIMIT 1", - SubQueryRangeBottom,SubQueryRangeTop, - SubQueryAlreadyExists); + SubQueryRangeBottom,SubQueryRangeTop, + SubQueryAlreadyExists); break; } break; } - if (DB_QuerySELECT (Query,&mysql_res,"can not get publishing") == 1) + if (DB_QuerySELECT_new (&mysql_res,"can not get publishing") == 1) { /* Get code of social publishing */ row = mysql_fetch_row (mysql_res); @@ -771,16 +755,16 @@ static void Soc_BuildQueryToGetTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl if (PubCod > 0) { - sprintf (Query,"INSERT INTO pub_codes SET PubCod=%ld",PubCod); - DB_QueryINSERT (Query,"can not store publishing code"); + DB_BuildQuery ("INSERT INTO pub_codes SET PubCod=%ld",PubCod); + DB_QueryINSERT_new ("can not store publishing code"); RangePubsToGet.Top = PubCod; // Narrow the range for the next iteration /* Get social note code (row[1]) */ NotCod = Str_ConvertStrCodToLongCod (row[1]); - sprintf (Query,"INSERT INTO not_codes SET NotCod=%ld",NotCod); - DB_QueryINSERT (Query,"can not store note code"); - sprintf (Query,"INSERT INTO current_timeline SET NotCod=%ld",NotCod); - DB_QueryINSERT (Query,"can not store note code"); + DB_BuildQuery ("INSERT INTO not_codes SET NotCod=%ld",NotCod); + DB_QueryINSERT_new ("can not store note code"); + DB_BuildQuery ("INSERT INTO current_timeline SET NotCod=%ld",NotCod); + DB_QueryINSERT_new ("can not store note code"); } else // Nothing got ==> abort loop break; // Last publishing @@ -795,7 +779,7 @@ static void Soc_BuildQueryToGetTimeline (Soc_TimelineUsrOrGbl_t TimelineUsrOrGbl Soc_AddNotesJustRetrievedToTimelineThisSession (); /***** Build query to show timeline including the users I am following *****/ - sprintf (Query,"SELECT PubCod,NotCod,PublisherCod,PubType,UNIX_TIMESTAMP(TimePublish)" + DB_BuildQuery ("SELECT PubCod,NotCod,PublisherCod,PubType,UNIX_TIMESTAMP(TimePublish)" " FROM social_pubs WHERE PubCod IN " "(SELECT PubCod FROM pub_codes)" " ORDER BY PubCod DESC"); @@ -904,8 +888,7 @@ static void Soc_DropTemporaryTablesUsedToQueryTimeline (void) | |_____| \ |_____| */ -static void Soc_ShowTimeline (const char *Query,const char *Title, - long NotCodToHighlight) +static void Soc_ShowTimeline (const char *Title,long NotCodToHighlight) { extern const char *Hlp_SOCIAL_Timeline; MYSQL_RES *mysql_res; @@ -918,7 +901,7 @@ static void Soc_ShowTimeline (const char *Query,const char *Title, bool ItsMe = Usr_ItsMe (Gbl.Usrs.Other.UsrDat.UsrCod); /***** Get publishings from database *****/ - NumPubsGot = DB_QuerySELECT (Query,&mysql_res,"can not get timeline"); + NumPubsGot = DB_QuerySELECT_new (&mysql_res,"can not get timeline"); /***** Start box *****/ Box_StartBox (Soc_WIDTH_TIMELINE,Title,Soc_PutIconsTimeline, @@ -1107,7 +1090,7 @@ static void Soc_ShowWarningYouDontFollowAnyUser (void) /*****************************************************************************/ // The publishings are inserted as list elements of a hidden list -static void Soc_InsertNewPubsInTimeline (const char *Query) +static void Soc_InsertNewPubsInTimeline (void) { MYSQL_RES *mysql_res; MYSQL_ROW row; @@ -1117,7 +1100,7 @@ static void Soc_InsertNewPubsInTimeline (const char *Query) struct SocialNote SocNot; /***** Get new publishings timeline from database *****/ - NumPubsGot = DB_QuerySELECT (Query,&mysql_res,"can not get timeline"); + NumPubsGot = DB_QuerySELECT_new (&mysql_res,"can not get timeline"); /***** List new publishings timeline *****/ for (NumPub = 0; @@ -1147,7 +1130,7 @@ static void Soc_InsertNewPubsInTimeline (const char *Query) /*****************************************************************************/ // The publishings are inserted as list elements of a hidden list -static void Soc_ShowOldPubsInTimeline (const char *Query) +static void Soc_ShowOldPubsInTimeline (void) { MYSQL_RES *mysql_res; MYSQL_ROW row; @@ -1157,7 +1140,7 @@ static void Soc_ShowOldPubsInTimeline (const char *Query) struct SocialNote SocNot; /***** Get old publishings timeline from database *****/ - NumPubsGot = DB_QuerySELECT (Query,&mysql_res,"can not get timeline"); + NumPubsGot = DB_QuerySELECT_new (&mysql_res,"can not get timeline"); /***** List old publishings in timeline *****/ for (NumPub = 0; @@ -2957,7 +2940,6 @@ static long Soc_ReceiveComment (void) extern const char *Txt_The_original_post_no_longer_exists; char Content[Cns_MAX_BYTES_LONG_TEXT + 1]; struct Image Image; - char *Query; struct SocialNote SocNot; struct SocialPublishing SocPub; @@ -2983,14 +2965,6 @@ static long Soc_ReceiveComment (void) if (Content[0] || // Text not empty Image.Name[0]) // An image is attached { - /***** Allocate space for query *****/ - if ((Query = (char *) malloc (256 + - strlen (Content) + - Img_BYTES_NAME + - Img_MAX_BYTES_TITLE + - Cns_MAX_BYTES_WWW)) == NULL) - Lay_NotEnoughMemoryExit (); - /***** Check if image is received and processed *****/ if (Image.Action == Img_ACTION_NEW_IMAGE && // Upload new image Image.Status == Img_FILE_PROCESSED) // The new image received has been processed @@ -3005,21 +2979,18 @@ static long Soc_ReceiveComment (void) Soc_PublishSocialNoteInTimeline (&SocPub); // Set SocPub.PubCod /* Insert comment content in the database */ - sprintf (Query,"INSERT INTO social_comments" + DB_BuildQuery ("INSERT INTO social_comments" " (PubCod,Content,ImageName,ImageTitle,ImageURL)" " VALUES" " (%ld,'%s','%s','%s','%s')", - SocPub.PubCod, - Content, - Image.Name, - (Image.Name[0] && // Save image title only if image attached - Image.Title) ? Image.Title : "", - (Image.Name[0] && // Save image URL only if image attached - Image.URL ) ? Image.URL : ""); - DB_QueryINSERT (Query,"can not store comment content"); - - /***** Free space used for query *****/ - free ((void *) Query); + SocPub.PubCod, + Content, + Image.Name, + (Image.Name[0] && // Save image title only if image attached + Image.Title) ? Image.Title : "", + (Image.Name[0] && // Save image URL only if image attached + Image.URL ) ? Image.URL : ""); + DB_QueryINSERT_new ("can not store comment content"); /***** Store notifications about the new comment *****/ Ntf_StoreNotifyEventsToAllUsrs (Ntf_EVENT_TIMELINE_COMMENT,SocPub.PubCod); @@ -3162,7 +3133,6 @@ void Soc_FavSocialNoteUsr (void) static long Soc_FavSocialNote (void) { extern const char *Txt_The_original_post_no_longer_exists; - char Query[256]; struct SocialNote SocNot; bool ItsMe; long OriginalPubCod; @@ -3179,13 +3149,13 @@ static long Soc_FavSocialNote (void) Gbl.Usrs.Me.UsrDat.UsrCod)) // I have not yet favourited the note { /***** Mark as favourite in database *****/ - sprintf (Query,"INSERT IGNORE INTO social_notes_fav" + DB_BuildQuery ("INSERT IGNORE INTO social_notes_fav" " (NotCod,UsrCod,TimeFav)" " VALUES" " (%ld,%ld,NOW())", - SocNot.NotCod, - Gbl.Usrs.Me.UsrDat.UsrCod); - DB_QueryINSERT (Query,"can not favourite social note"); + SocNot.NotCod, + Gbl.Usrs.Me.UsrDat.UsrCod); + DB_QueryINSERT_new ("can not favourite social note"); /* Update number of times this social note is favourited */ SocNot.NumFavs = Soc_GetNumTimesANoteHasBeenFav (&SocNot); @@ -3251,7 +3221,6 @@ static long Soc_FavSocialComment (void) extern const char *Txt_The_comment_no_longer_exists; struct SocialComment SocCom; bool ItsMe; - char Query[256]; /***** Initialize image *****/ Img_ImageConstructor (&SocCom.Image); @@ -3268,13 +3237,13 @@ static long Soc_FavSocialComment (void) Gbl.Usrs.Me.UsrDat.UsrCod)) // I have not yet favourited the comment { /***** Mark as favourite in database *****/ - sprintf (Query,"INSERT IGNORE INTO social_comments_fav" + DB_BuildQuery ("INSERT IGNORE INTO social_comments_fav" " (PubCod,UsrCod,TimeFav)" " VALUES" " (%ld,%ld,NOW())", - SocCom.PubCod, - Gbl.Usrs.Me.UsrDat.UsrCod); - DB_QueryINSERT (Query,"can not favourite social comment"); + SocCom.PubCod, + Gbl.Usrs.Me.UsrDat.UsrCod); + DB_QueryINSERT_new ("can not favourite social comment"); /* Update number of times this social comment is favourited */ SocCom.NumFavs = Soc_GetNumTimesACommHasBeenFav (&SocCom); @@ -4750,13 +4719,11 @@ static void Soc_ClearTimelineThisSession (void) static void Soc_AddNotesJustRetrievedToTimelineThisSession (void) { - char Query[256 + Cns_BYTES_SESSION_ID]; - - sprintf (Query,"INSERT IGNORE INTO social_timelines" + DB_BuildQuery ("INSERT IGNORE INTO social_timelines" " (SessionId,NotCod)" " SELECT DISTINCTROW '%s',NotCod FROM not_codes", - Gbl.Session.Id); - DB_QueryINSERT (Query,"can not insert social notes in timeline"); + Gbl.Session.Id); + DB_QueryINSERT_new ("can not insert social notes in timeline"); } /*****************************************************************************/ diff --git a/swad_survey.c b/swad_survey.c index b44ad3593..2af52a3dd 100644 --- a/swad_survey.c +++ b/swad_survey.c @@ -2255,25 +2255,22 @@ static void Svy_CreateSurvey (struct Survey *Svy,const char *Txt) { extern const char *Sco_ScopeDB[Sco_NUM_SCOPES]; extern const char *Txt_Created_new_survey_X; - char Query[1024 + - Svy_MAX_BYTES_SURVEY_TITLE + - Cns_MAX_BYTES_TEXT]; /***** Create a new survey *****/ - sprintf (Query,"INSERT INTO surveys" + DB_BuildQuery ("INSERT INTO surveys" " (Scope,Cod,Hidden,Roles,UsrCod,StartTime,EndTime,Title,Txt)" " VALUES" " ('%s',%ld,'N',%u,%ld," "FROM_UNIXTIME(%ld),FROM_UNIXTIME(%ld)," "'%s','%s')", - Sco_ScopeDB[Svy->Scope],Svy->Cod, - Svy->Roles, - Gbl.Usrs.Me.UsrDat.UsrCod, - Svy->TimeUTC[Svy_START_TIME], - Svy->TimeUTC[Svy_END_TIME ], - Svy->Title, - Txt); - Svy->SvyCod = DB_QueryINSERTandReturnCode (Query,"can not create new survey"); + Sco_ScopeDB[Svy->Scope],Svy->Cod, + Svy->Roles, + Gbl.Usrs.Me.UsrDat.UsrCod, + Svy->TimeUTC[Svy_START_TIME], + Svy->TimeUTC[Svy_END_TIME ], + Svy->Title, + Txt); + Svy->SvyCod = DB_QueryINSERTandReturnCode_new ("can not create new survey"); /***** Create groups *****/ if (Gbl.CurrentCrs.Grps.LstGrpsSel.NumGrps) @@ -2397,7 +2394,6 @@ void Svy_RemoveGroupsOfType (long GrpTypCod) static void Svy_CreateGrps (long SvyCod) { unsigned NumGrpSel; - char Query[256]; /***** Create groups of the survey *****/ for (NumGrpSel = 0; @@ -2405,12 +2401,12 @@ static void Svy_CreateGrps (long SvyCod) NumGrpSel++) { /* Create group */ - sprintf (Query,"INSERT INTO svy_grp" + DB_BuildQuery ("INSERT INTO svy_grp" " (SvyCod,GrpCod)" " VALUES" " (%ld,%ld)", - SvyCod,Gbl.CurrentCrs.Grps.LstGrpsSel.GrpCods[NumGrpSel]); - DB_QueryINSERT (Query,"can not associate a group to a survey"); + SvyCod,Gbl.CurrentCrs.Grps.LstGrpsSel.GrpCods[NumGrpSel]); + DB_QueryINSERT_new ("can not associate a group to a survey"); } } @@ -3759,14 +3755,12 @@ static void Svy_IncreaseAnswerInDB (long QstCod,unsigned AnsInd) static void Svy_RegisterIHaveAnsweredSvy (long SvyCod) { - char Query[256]; - - sprintf (Query,"INSERT INTO svy_users" + DB_BuildQuery ("INSERT INTO svy_users" " (SvyCod,UsrCod)" " VALUES" " (%ld,%ld)", - SvyCod,Gbl.Usrs.Me.UsrDat.UsrCod); - DB_QueryINSERT (Query,"can not register that you have answered the survey"); + SvyCod,Gbl.Usrs.Me.UsrDat.UsrCod); + DB_QueryINSERT_new ("can not register that you have answered the survey"); } /*****************************************************************************/ diff --git a/swad_test.c b/swad_test.c index 7c0a32440..bedf5d579 100644 --- a/swad_test.c +++ b/swad_test.c @@ -6294,15 +6294,13 @@ static long Tst_GetTagCodFromTagTxt (const char *TagTxt) static long Tst_CreateNewTag (long CrsCod,const char *TagTxt) { - char Query[256 + Tst_MAX_BYTES_TAG]; - /***** Insert new tag into tst_tags table *****/ - sprintf (Query,"INSERT INTO tst_tags" + DB_BuildQuery ("INSERT INTO tst_tags" " (CrsCod,ChangeTime,TagTxt,TagHidden)" " VALUES" " (%ld,NOW(),'%s','N')", - CrsCod,TagTxt); - return DB_QueryINSERTandReturnCode (Query,"can not create new tag"); + CrsCod,TagTxt); + return DB_QueryINSERTandReturnCode_new ("can not create new tag"); } /*****************************************************************************/ @@ -6596,7 +6594,6 @@ static void Tst_InsertOrUpdateQstIntoDB (void) static void Tst_InsertTagsIntoDB (void) { - char Query[256]; unsigned NumTag; unsigned TagIdx; long TagCod; @@ -6613,12 +6610,12 @@ static void Tst_InsertTagsIntoDB (void) TagCod = Tst_CreateNewTag (Gbl.CurrentCrs.Crs.CrsCod,Gbl.Test.Tags.Txt[NumTag]); /***** Insert tag in tst_question_tags *****/ - sprintf (Query,"INSERT INTO tst_question_tags" + DB_BuildQuery ("INSERT INTO tst_question_tags" " (QstCod,TagCod,TagInd)" " VALUES" " (%ld,%ld,%u)", - Gbl.Test.QstCod,TagCod,TagIdx); - DB_QueryINSERT (Query,"can not create tag"); + Gbl.Test.QstCod,TagCod,TagIdx); + DB_QueryINSERT_new ("can not create tag"); TagIdx++; } @@ -6646,14 +6643,14 @@ static void Tst_InsertAnswersIntoDB (void) switch (Gbl.Test.AnswerType) { case Tst_ANS_INT: - sprintf (Query,"INSERT INTO tst_answers" + DB_BuildQuery ("INSERT INTO tst_answers" " (QstCod,AnsInd,Answer,Feedback," "ImageName,ImageTitle,ImageURL,Correct)" " VALUES" " (%ld,0,%ld,'','','','','Y')", - Gbl.Test.QstCod, - Gbl.Test.Answer.Integer); - DB_QueryINSERT (Query,"can not create answer"); + Gbl.Test.QstCod, + Gbl.Test.Answer.Integer); + DB_QueryINSERT_new ("can not create answer"); break; case Tst_ANS_FLOAT: Str_SetDecimalPointToUS (); // To print the floating point as a dot @@ -6661,26 +6658,26 @@ static void Tst_InsertAnswersIntoDB (void) i < 2; i++) { - sprintf (Query,"INSERT INTO tst_answers" + DB_BuildQuery ("INSERT INTO tst_answers" " (QstCod,AnsInd,Answer,Feedback," "ImageName,ImageTitle,ImageURL,Correct)" " VALUES" " (%ld,%u,'%lg','','','','','Y')", - Gbl.Test.QstCod,i, - Gbl.Test.Answer.FloatingPoint[i]); - DB_QueryINSERT (Query,"can not create answer"); + Gbl.Test.QstCod,i, + Gbl.Test.Answer.FloatingPoint[i]); + DB_QueryINSERT_new ("can not create answer"); } Str_SetDecimalPointToLocal (); // Return to local system break; case Tst_ANS_TRUE_FALSE: - sprintf (Query,"INSERT INTO tst_answers" + DB_BuildQuery ("INSERT INTO tst_answers" " (QstCod,AnsInd,Answer,Feedback," "ImageName,ImageTitle,ImageURL,Correct)" " VALUES" " (%ld,0,'%c','','','','','Y')", - Gbl.Test.QstCod, - Gbl.Test.Answer.TF); - DB_QueryINSERT (Query,"can not create answer"); + Gbl.Test.QstCod, + Gbl.Test.Answer.TF); + DB_QueryINSERT_new ("can not create answer"); break; case Tst_ANS_UNIQUE_CHOICE: case Tst_ANS_MULTIPLE_CHOICE: @@ -6690,20 +6687,20 @@ static void Tst_InsertAnswersIntoDB (void) NumOpt++) if (Gbl.Test.Answer.Options[NumOpt].Text[0]) { - sprintf (Query,"INSERT INTO tst_answers" + DB_BuildQuery ("INSERT INTO tst_answers" " (QstCod,AnsInd,Answer,Feedback," "ImageName,ImageTitle,ImageURL,Correct)" " VALUES" " (%ld,%u,'%s','%s','%s','%s','%s','%c')", - Gbl.Test.QstCod,NumOpt, - Gbl.Test.Answer.Options[NumOpt].Text, - Gbl.Test.Answer.Options[NumOpt].Feedback ? Gbl.Test.Answer.Options[NumOpt].Feedback : "", - Gbl.Test.Answer.Options[NumOpt].Image.Name, - Gbl.Test.Answer.Options[NumOpt].Image.Title ? Gbl.Test.Answer.Options[NumOpt].Image.Title : "", - Gbl.Test.Answer.Options[NumOpt].Image.URL ? Gbl.Test.Answer.Options[NumOpt].Image.URL : "", - Gbl.Test.Answer.Options[NumOpt].Correct ? 'Y' : - 'N'); - DB_QueryINSERT (Query,"can not create answer"); + Gbl.Test.QstCod,NumOpt, + Gbl.Test.Answer.Options[NumOpt].Text, + Gbl.Test.Answer.Options[NumOpt].Feedback ? Gbl.Test.Answer.Options[NumOpt].Feedback : "", + Gbl.Test.Answer.Options[NumOpt].Image.Name, + Gbl.Test.Answer.Options[NumOpt].Image.Title ? Gbl.Test.Answer.Options[NumOpt].Image.Title : "", + Gbl.Test.Answer.Options[NumOpt].Image.URL ? Gbl.Test.Answer.Options[NumOpt].Image.URL : "", + Gbl.Test.Answer.Options[NumOpt].Correct ? 'Y' : + 'N'); + DB_QueryINSERT_new ("can not create answer"); /* Update image status */ if (Gbl.Test.Answer.Options[NumOpt].Image.Name[0]) @@ -7538,19 +7535,17 @@ void Tst_SelDatesToSeeMyTestResults (void) static long Tst_CreateTestResultInDB (void) { - char Query[256]; - /***** Insert new test result into table *****/ - sprintf (Query,"INSERT INTO tst_exams" + DB_BuildQuery ("INSERT INTO tst_exams" " (CrsCod,UsrCod,AllowTeachers,TstTime,NumQsts)" " VALUES" " (%ld,%ld,'%c',NOW(),%u)", - Gbl.CurrentCrs.Crs.CrsCod, - Gbl.Usrs.Me.UsrDat.UsrCod, - Gbl.Test.AllowTeachers ? 'Y' : - 'N', - Gbl.Test.NumQsts); - return DB_QueryINSERTandReturnCode (Query,"can not create new test result"); + Gbl.CurrentCrs.Crs.CrsCod, + Gbl.Usrs.Me.UsrDat.UsrCod, + Gbl.Test.AllowTeachers ? 'Y' : + 'N', + Gbl.Test.NumQsts); + return DB_QueryINSERTandReturnCode_new ("can not create new test result"); } /*****************************************************************************/ @@ -8440,9 +8435,6 @@ static void Tst_GetTestResultDataByTstCod (long TstCod,time_t *TstTimeUTC, static void Tst_StoreOneTestResultQstInDB (long TstCod,long QstCod,unsigned NumQst,double Score) { - char Query[256 + - Tst_MAX_BYTES_INDEXES_ONE_QST + - Tst_MAX_BYTES_ANSWERS_ONE_QST]; char Indexes[Tst_MAX_BYTES_INDEXES_ONE_QST + 1]; char Answers[Tst_MAX_BYTES_ANSWERS_ONE_QST + 1]; @@ -8453,17 +8445,17 @@ static void Tst_StoreOneTestResultQstInDB (long TstCod,long QstCod,unsigned NumQ /***** Insert question and user's answers into database *****/ Str_SetDecimalPointToUS (); // To print the floating point as a dot - sprintf (Query,"INSERT INTO tst_exam_questions" + DB_BuildQuery ("INSERT INTO tst_exam_questions" " (TstCod,QstCod,QstInd,Score,Indexes,Answers)" " VALUES" " (%ld,%ld,%u,'%lf','%s','%s')", - TstCod,QstCod, - NumQst, // 0, 1, 2, 3... - Score, - Indexes, - Answers); + TstCod,QstCod, + NumQst, // 0, 1, 2, 3... + Score, + Indexes, + Answers); Str_SetDecimalPointToLocal (); // Return to local system - DB_QueryINSERT (Query,"can not insert a question of a test result"); + DB_QueryINSERT_new ("can not insert a question of a test result"); } /*****************************************************************************/ diff --git a/swad_user.c b/swad_user.c index 5344b0431..fb057538c 100644 --- a/swad_user.c +++ b/swad_user.c @@ -3380,19 +3380,17 @@ void Usr_UpdateMyLastData (void) static void Usr_InsertMyLastData (void) { - char Query[256]; - /***** Insert my last accessed course, tab and time of click in database *****/ - sprintf (Query,"INSERT INTO usr_last" + DB_BuildQuery ("INSERT INTO usr_last" " (UsrCod,WhatToSearch,LastCrs,LastTab,LastTime,LastAccNotif)" " VALUES" " (%ld,%u,%ld,%u,NOW(),FROM_UNIXTIME(%ld))", - Gbl.Usrs.Me.UsrDat.UsrCod, - (unsigned) Sch_SEARCH_ALL, - Gbl.CurrentCrs.Crs.CrsCod, - (unsigned) Gbl.Action.Tab, - (long) (time_t) 0); // The user never accessed to notifications - DB_QueryINSERT (Query,"can not insert last user's data"); + Gbl.Usrs.Me.UsrDat.UsrCod, + (unsigned) Sch_SEARCH_ALL, + Gbl.CurrentCrs.Crs.CrsCod, + (unsigned) Gbl.Action.Tab, + (long) (time_t) 0); // The user never accessed to notifications + DB_QueryINSERT_new ("can not insert last user's data"); } /*****************************************************************************/ diff --git a/swad_web_service.c b/swad_web_service.c index 1e3584048..70d901670 100644 --- a/swad_web_service.c +++ b/swad_web_service.c @@ -447,7 +447,6 @@ static int Svc_GenerateNewWSKey (long UsrCod, char WSKey[Svc_BYTES_WS_KEY + 1]) { int ReturnCode; - char Query[512]; /***** Remove expired web service keys *****/ if ((ReturnCode = Svc_RemoveOldWSKeys ()) != SOAP_OK) @@ -458,20 +457,19 @@ static int Svc_GenerateNewWSKey (long UsrCod, Svc_BYTES_WS_KEY); /***** Check that key does not exist in database *****/ - sprintf (Query,"SELECT COUNT(*) FROM ws_keys WHERE WSKey='%s'", - WSKey); - if (DB_QueryCOUNT (Query,"can not get existence of key")) + DB_BuildQuery ("SELECT COUNT(*) FROM ws_keys WHERE WSKey='%s'",WSKey); + if (DB_QueryCOUNT_new ("can not get existence of key")) return soap_receiver_fault (Gbl.soap, "Error when generating key", "Generated key already existed in database"); /***** Insert key into database *****/ - sprintf (Query,"INSERT INTO ws_keys" + DB_BuildQuery ("INSERT INTO ws_keys" " (WSKey,UsrCod,PlgCod,LastTime)" " VALUES" " ('%s',%ld,%ld,NOW())", - WSKey,UsrCod,Gbl.WebService.PlgCod); - DB_QueryINSERT (Query,"can not insert new key"); + WSKey,UsrCod,Gbl.WebService.PlgCod); + DB_QueryINSERT_new ("can not insert new key"); return SOAP_OK; } @@ -3446,7 +3444,6 @@ int swad__sendNotice (struct soap *soap, struct swad__sendNoticeOutput *sendNoticeOut) // output { int ReturnCode; - char Query[512 + Cns_MAX_BYTES_TEXT]; long NotCod; /***** Initializations *****/ @@ -3486,15 +3483,15 @@ int swad__sendNotice (struct soap *soap, /***** Insert notice in the database *****/ /* Build query */ - sprintf (Query,"INSERT INTO notices" + DB_BuildQuery ("INSERT INTO notices" " (CrsCod,UsrCod,CreatTime,Content,Status)" " VALUES" " (%ld,%ld,NOW(),'%s',%u)", - Gbl.CurrentCrs.Crs.CrsCod,Gbl.Usrs.Me.UsrDat.UsrCod, - body,(unsigned) Not_ACTIVE_NOTICE); + Gbl.CurrentCrs.Crs.CrsCod,Gbl.Usrs.Me.UsrDat.UsrCod, + body,(unsigned) Not_ACTIVE_NOTICE); /* Get the code of the inserted item */ - NotCod = DB_QueryINSERTandReturnCode (Query,"can not create message"); + NotCod = DB_QueryINSERTandReturnCode_new ("can not create message"); /***** Create notifications *****/ // TODO: create notifications @@ -4076,10 +4073,8 @@ int swad__getTrivialQuestion (struct soap *soap, /* if (Gbl.Usrs.Me.UsrDat.UsrCod == 19543) { - char QueryDebug[512 * 1024]; - - sprintf (QueryDebug,"INSERT INTO debug (DebugTime,Txt) VALUES (NOW(),'degrees = %s')",degrees); - DB_QueryINSERT (QueryDebug,"Error inserting in debug table"); + DB_BuildQuery ("INSERT INTO debug (DebugTime,Txt) VALUES (NOW(),'degrees = %s')",degrees); + DB_QueryINSERT_new ("Error inserting in debug table"); } */ while (*Ptr) @@ -4154,10 +4149,8 @@ int swad__getTrivialQuestion (struct soap *soap, /* if (Gbl.Usrs.Me.UsrDat.UsrCod == 19543) { - char QueryDebug[512 * 1024]; - - sprintf (QueryDebug,"INSERT INTO debug (DebugTime,Txt) VALUES (NOW(),'Una pregunta devuelta')"); - DB_QueryINSERT (QueryDebug,"Error inserting in debug table"); + DB_BuildQuery ("INSERT INTO debug (DebugTime,Txt) VALUES (NOW(),'Una pregunta devuelta')"); + DB_QueryINSERT_new ("Error inserting in debug table"); } */ /* Get next question */