diff --git a/swad_ID.c b/swad_ID.c index 11b7e70dd..8863d91c7 100644 --- a/swad_ID.c +++ b/swad_ID.c @@ -175,7 +175,6 @@ unsigned ID_GetListUsrCodsFromUsrID (struct UsrData *UsrDat, bool OnlyConfirmedIDs) { char SubQuery[256]; - char *Query; MYSQL_RES *mysql_res; MYSQL_ROW row; size_t MaxLength; @@ -191,34 +190,34 @@ unsigned ID_GetListUsrCodsFromUsrID (struct UsrData *UsrDat, /***** Allocate memory for query string *****/ MaxLength = 512 + UsrDat->IDs.Num * (1 + ID_MAX_BYTES_USR_ID + 1) - 1; - if ((Query = (char *) malloc (MaxLength + 1)) == NULL) + if ((Gbl.DB.QueryPtr = (char *) malloc (MaxLength + 1)) == NULL) Lay_NotEnoughMemoryExit (); /***** Get user's code(s) from database *****/ - Str_Copy (Query,CheckPassword ? "SELECT DISTINCT(usr_IDs.UsrCod) FROM usr_IDs,usr_data" - " WHERE usr_IDs.UsrID IN (" : - "SELECT DISTINCT(UsrCod) FROM usr_IDs" - " WHERE UsrID IN (", + Str_Copy (Gbl.DB.QueryPtr,CheckPassword ? "SELECT DISTINCT(usr_IDs.UsrCod) FROM usr_IDs,usr_data" + " WHERE usr_IDs.UsrID IN (" : + "SELECT DISTINCT(UsrCod) FROM usr_IDs" + " WHERE UsrID IN (", MaxLength); for (NumID = 0; NumID < UsrDat->IDs.Num; NumID++) { if (NumID) - Str_Concat (Query,",", + Str_Concat (Gbl.DB.QueryPtr,",", MaxLength); sprintf (SubQuery,"'%s'",UsrDat->IDs.List[NumID].ID); - Str_Concat (Query,SubQuery, + Str_Concat (Gbl.DB.QueryPtr,SubQuery, MaxLength); } - Str_Concat (Query,")", + Str_Concat (Gbl.DB.QueryPtr,")", MaxLength); if (CheckPassword) { if (OnlyConfirmedIDs) - Str_Concat (Query," AND usr_IDs.Confirmed='Y'", + Str_Concat (Gbl.DB.QueryPtr," AND usr_IDs.Confirmed='Y'", MaxLength); // Get user's code if I have written the correct password @@ -226,18 +225,14 @@ unsigned ID_GetListUsrCodsFromUsrID (struct UsrData *UsrDat, sprintf (SubQuery," AND usr_IDs.UsrCod=usr_data.UsrCod" " AND (usr_data.Password='%s' OR usr_data.Password='')", EncryptedPassword); - Str_Concat (Query,SubQuery, + Str_Concat (Gbl.DB.QueryPtr,SubQuery, MaxLength); } else if (OnlyConfirmedIDs) - Str_Concat (Query," AND Confirmed='Y'", + Str_Concat (Gbl.DB.QueryPtr," AND Confirmed='Y'", MaxLength); - ListUsrCods->NumUsrs = (unsigned) DB_QuerySELECT (Query,&mysql_res,"can not get user's codes"); - - /***** Free memory for query string *****/ - free ((void *) Query); - + ListUsrCods->NumUsrs = (unsigned) DB_QuerySELECT_new (&mysql_res,"can not get user's codes"); if (ListUsrCods->NumUsrs) { /***** Allocate space for the list of users' codes *****/ diff --git a/swad_changelog.h b/swad_changelog.h index 1b5e4ce38..35ce6a3ad 100644 --- a/swad_changelog.h +++ b/swad_changelog.h @@ -355,10 +355,12 @@ En OpenSWAD: ps2pdf source.ps destination.pdf */ -#define Log_PLATFORM_VERSION "SWAD 18.9.5 (2018-10-29)" +#define Log_PLATFORM_VERSION "SWAD 18.9.6 (2018-10-29)" #define CSS_FILE "swad18.4.css" #define JS_FILE "swad17.17.1.js" /* + Version 18.9.6: Oct 29, 2018 Some sprintf for database queries changed by internal function. + Internal changes in messages. (235787 lines) Version 18.9.5: Oct 29, 2018 Some sprintf for database queries changed by internal function. (235775 lines) Version 18.9.4: Oct 29, 2018 Some sprintf for database queries changed by internal function. (235868 lines) Version 18.9.3: Oct 29, 2018 Some sprintf for database queries changed by internal function. (235952 lines) diff --git a/swad_info.c b/swad_info.c index a715cd6af..62f8746d5 100644 --- a/swad_info.c +++ b/swad_info.c @@ -1702,18 +1702,16 @@ static void Inf_GetInfoTxtFromDB (long CrsCod,Inf_InfoType_t InfoType, char InfoTxtHTML[Cns_MAX_BYTES_LONG_TEXT + 1], char InfoTxtMD[Cns_MAX_BYTES_LONG_TEXT + 1]) { - char *Query; MYSQL_RES *mysql_res; MYSQL_ROW row; unsigned long NumRows; /***** Get info source for a specific type of course information (bibliography, FAQ, links or evaluation) from database *****/ - if (asprintf (&Query,"SELECT InfoTxtHTML,InfoTxtMD FROM crs_info_txt" - " WHERE CrsCod=%ld AND InfoType='%s'", - CrsCod,Inf_NamesInDBForInfoType[InfoType]) < 0) - Lay_NotEnoughMemoryExit (); - NumRows = DB_QuerySELECT (Query,&mysql_res,"can not get info text"); + DB_BuildQuery ("SELECT InfoTxtHTML,InfoTxtMD FROM crs_info_txt" + " WHERE CrsCod=%ld AND InfoType='%s'", + CrsCod,Inf_NamesInDBForInfoType[InfoType]); + NumRows = DB_QuerySELECT_new (&mysql_res,"can not get info text"); /***** The result of the query must have one row or none *****/ if (NumRows == 1) diff --git a/swad_institution.c b/swad_institution.c index 66ad516b2..fb6e3de2c 100644 --- a/swad_institution.c +++ b/swad_institution.c @@ -2512,7 +2512,7 @@ unsigned Ins_GetNumInssWithUsrs (Rol_Role_t Role,const char *SubQuery) /*****************************************************************************/ // Returns number of institutions found -unsigned Ins_ListInssFound (const char *Query) +unsigned Ins_ListInssFound (void) { extern const char *Txt_institution; extern const char *Txt_institutions; @@ -2523,7 +2523,7 @@ unsigned Ins_ListInssFound (const char *Query) struct Instit Ins; /***** Query database *****/ - if ((NumInss = (unsigned) DB_QuerySELECT (Query,&mysql_res,"can not get institutions"))) + if ((NumInss = (unsigned) DB_QuerySELECT_new (&mysql_res,"can not get institutions"))) { /***** Start box and table *****/ /* Number of institutions found */ diff --git a/swad_institution.h b/swad_institution.h index 6f6381cb1..2596ae565 100644 --- a/swad_institution.h +++ b/swad_institution.h @@ -139,6 +139,6 @@ unsigned Ins_GetNumInssWithDegs (const char *SubQuery); unsigned Ins_GetNumInssWithCrss (const char *SubQuery); unsigned Ins_GetNumInssWithUsrs (Rol_Role_t Role,const char *SubQuery); -unsigned Ins_ListInssFound (const char *Query); +unsigned Ins_ListInssFound (void); #endif diff --git a/swad_message.c b/swad_message.c index d33f68448..1229a2642 100644 --- a/swad_message.c +++ b/swad_message.c @@ -25,8 +25,10 @@ /********************************* Headers ***********************************/ /*****************************************************************************/ +#define _GNU_SOURCE // For asprintf #include // For PATH_MAX #include // For NULL +#include // For asprintf #include // For free #include // For string functions #include // For time @@ -87,8 +89,7 @@ static void Msg_PutFormMsgUsrs (char Content[Cns_MAX_BYTES_LONG_TEXT + 1]); static void Msg_ShowSentOrReceivedMessages (void); static unsigned long Msg_GetNumUsrsBannedByMe (void); static void Msg_PutLinkToViewBannedUsers(void); -static void Msg_ConstructQueryToSelectSentOrReceivedMsgs (char Query[Msg_MAX_BYTES_MESSAGES_QUERY + 1], - long UsrCod, +static void Msg_ConstructQueryToSelectSentOrReceivedMsgs (long UsrCod, long FilterCrsCod, const char *FilterFromToSubquery); @@ -1344,16 +1345,15 @@ static long Msg_InsertNewMsg (const char *Subject,const char *Content, static unsigned long Msg_DelSomeRecOrSntMsgsUsr (Msg_TypeOfMessages_t TypeOfMessages,long UsrCod, long FilterCrsCod,const char *FilterFromToSubquery) { - char Query[Msg_MAX_BYTES_MESSAGES_QUERY + 1]; MYSQL_RES *mysql_res; MYSQL_ROW row; unsigned long MsgNum,NumMsgs; long MsgCod; /***** Get some of the messages received or sent by this user from database *****/ - Msg_ConstructQueryToSelectSentOrReceivedMsgs (Query,UsrCod, + Msg_ConstructQueryToSelectSentOrReceivedMsgs (UsrCod, FilterCrsCod,FilterFromToSubquery); - NumMsgs = DB_QuerySELECT (Query,&mysql_res,"can not get list of messages"); + NumMsgs = DB_QuerySELECT_new (&mysql_res,"can not get list of messages"); /***** Delete each message *****/ for (MsgNum = 0; @@ -1668,7 +1668,6 @@ static void Msg_ShowSentOrReceivedMessages (void) extern const char *Txt_Filter; extern const char *Txt_Update_messages; char FilterFromToSubquery[Msg_MAX_BYTES_MESSAGES_QUERY + 1]; - char Query[Msg_MAX_BYTES_MESSAGES_QUERY + 1]; MYSQL_RES *mysql_res; MYSQL_ROW row; unsigned long NumRow; @@ -1721,9 +1720,9 @@ static void Msg_ShowSentOrReceivedMessages (void) } /***** Get messages from database *****/ - Msg_ConstructQueryToSelectSentOrReceivedMsgs (Query,Gbl.Usrs.Me.UsrDat.UsrCod, + Msg_ConstructQueryToSelectSentOrReceivedMsgs (Gbl.Usrs.Me.UsrDat.UsrCod, Gbl.Msg.FilterCrsCod,FilterFromToSubquery); - NumRows = DB_QuerySELECT (Query,&mysql_res,"can not get messages"); + NumRows = DB_QuerySELECT_new (&mysql_res,"can not get messages"); Gbl.Msg.NumMsgs = (unsigned) NumRows; /***** Start box with messages *****/ @@ -1858,18 +1857,13 @@ static void Msg_PutLinkToViewBannedUsers(void) /********* Generate a query to select messages received or sent **************/ /*****************************************************************************/ -static void Msg_ConstructQueryToSelectSentOrReceivedMsgs (char Query[Msg_MAX_BYTES_MESSAGES_QUERY + 1], - long UsrCod, +static void Msg_ConstructQueryToSelectSentOrReceivedMsgs (long UsrCod, long FilterCrsCod, const char *FilterFromToSubquery) { - char SubQuery[Msg_MAX_BYTES_MESSAGES_QUERY + 1]; - char *PtrQuery; + char *SubQuery; const char *StrUnreadMsg; - PtrQuery = Gbl.Msg.FilterContent[0] ? SubQuery : - Query; - if (FilterCrsCod > 0) // If origin course selected switch (Gbl.Msg.TypeOfMessages) { @@ -1877,58 +1871,70 @@ static void Msg_ConstructQueryToSelectSentOrReceivedMsgs (char Query[Msg_MAX_BYT StrUnreadMsg = (Gbl.Msg.ShowOnlyUnreadMsgs ? " AND msg_rcv.Open='N'" : ""); if (FilterFromToSubquery[0]) - sprintf (PtrQuery,"(SELECT msg_rcv.MsgCod" - " FROM msg_rcv,msg_snt,usr_data" - " WHERE msg_rcv.UsrCod=%ld%s" - " AND msg_rcv.MsgCod=msg_snt.MsgCod" - " AND msg_snt.CrsCod=%ld" - " AND msg_snt.UsrCod=usr_data.UsrCod%s)" - " UNION " - "(SELECT msg_rcv.MsgCod" - " FROM msg_rcv,msg_snt_deleted,usr_data" - " WHERE msg_rcv.UsrCod=%ld%s" - " AND msg_rcv.MsgCod=msg_snt_deleted.MsgCod" - " AND msg_snt_deleted.CrsCod=%ld" - " AND msg_snt_deleted.UsrCod=usr_data.UsrCod%s)", - UsrCod,StrUnreadMsg,FilterCrsCod,FilterFromToSubquery, - UsrCod,StrUnreadMsg,FilterCrsCod,FilterFromToSubquery); + { + if (asprintf (&SubQuery,"(SELECT msg_rcv.MsgCod" + " FROM msg_rcv,msg_snt,usr_data" + " WHERE msg_rcv.UsrCod=%ld%s" + " AND msg_rcv.MsgCod=msg_snt.MsgCod" + " AND msg_snt.CrsCod=%ld" + " AND msg_snt.UsrCod=usr_data.UsrCod%s)" + " UNION " + "(SELECT msg_rcv.MsgCod" + " FROM msg_rcv,msg_snt_deleted,usr_data" + " WHERE msg_rcv.UsrCod=%ld%s" + " AND msg_rcv.MsgCod=msg_snt_deleted.MsgCod" + " AND msg_snt_deleted.CrsCod=%ld" + " AND msg_snt_deleted.UsrCod=usr_data.UsrCod%s)", + UsrCod,StrUnreadMsg,FilterCrsCod,FilterFromToSubquery, + UsrCod,StrUnreadMsg,FilterCrsCod,FilterFromToSubquery) < 0) + Lay_NotEnoughMemoryExit (); + } else - sprintf (PtrQuery,"(SELECT msg_rcv.MsgCod" - " FROM msg_rcv,msg_snt" - " WHERE msg_rcv.UsrCod=%ld%s" - " AND msg_rcv.MsgCod=msg_snt.MsgCod" - " AND msg_snt.CrsCod=%ld)" - " UNION " - "(SELECT msg_rcv.MsgCod" - " FROM msg_rcv,msg_snt_deleted" - " WHERE msg_rcv.UsrCod=%ld%s" - " AND msg_rcv.MsgCod=msg_snt_deleted.MsgCod" - " AND msg_snt_deleted.CrsCod=%ld)", - UsrCod,StrUnreadMsg,FilterCrsCod, - UsrCod,StrUnreadMsg,FilterCrsCod); + { + if (asprintf (&SubQuery,"(SELECT msg_rcv.MsgCod" + " FROM msg_rcv,msg_snt" + " WHERE msg_rcv.UsrCod=%ld%s" + " AND msg_rcv.MsgCod=msg_snt.MsgCod" + " AND msg_snt.CrsCod=%ld)" + " UNION " + "(SELECT msg_rcv.MsgCod" + " FROM msg_rcv,msg_snt_deleted" + " WHERE msg_rcv.UsrCod=%ld%s" + " AND msg_rcv.MsgCod=msg_snt_deleted.MsgCod" + " AND msg_snt_deleted.CrsCod=%ld)", + UsrCod,StrUnreadMsg,FilterCrsCod, + UsrCod,StrUnreadMsg,FilterCrsCod) < 0) + Lay_NotEnoughMemoryExit (); + } break; case Msg_MESSAGES_SENT: if (FilterFromToSubquery[0]) - sprintf (PtrQuery,"(SELECT DISTINCT msg_snt.MsgCod" - " FROM msg_snt,msg_rcv,usr_data" - " WHERE msg_snt.UsrCod=%ld" - " AND msg_snt.CrsCod=%ld" - " AND msg_snt.MsgCod=msg_rcv.MsgCod" - " AND msg_rcv.UsrCod=usr_data.UsrCod%s)" - " UNION " - "(SELECT DISTINCT msg_snt.MsgCod" - " FROM msg_snt,msg_rcv_deleted,usr_data" - " WHERE msg_snt.UsrCod=%ld" - " AND msg_snt.CrsCod=%ld" - " AND msg_snt.MsgCod=msg_rcv_deleted.MsgCod" - " AND msg_rcv_deleted.UsrCod=usr_data.UsrCod%s)", - UsrCod,FilterCrsCod,FilterFromToSubquery, - UsrCod,FilterCrsCod,FilterFromToSubquery); + { + if (asprintf (&SubQuery,"(SELECT DISTINCT msg_snt.MsgCod" + " FROM msg_snt,msg_rcv,usr_data" + " WHERE msg_snt.UsrCod=%ld" + " AND msg_snt.CrsCod=%ld" + " AND msg_snt.MsgCod=msg_rcv.MsgCod" + " AND msg_rcv.UsrCod=usr_data.UsrCod%s)" + " UNION " + "(SELECT DISTINCT msg_snt.MsgCod" + " FROM msg_snt,msg_rcv_deleted,usr_data" + " WHERE msg_snt.UsrCod=%ld" + " AND msg_snt.CrsCod=%ld" + " AND msg_snt.MsgCod=msg_rcv_deleted.MsgCod" + " AND msg_rcv_deleted.UsrCod=usr_data.UsrCod%s)", + UsrCod,FilterCrsCod,FilterFromToSubquery, + UsrCod,FilterCrsCod,FilterFromToSubquery) < 0) + Lay_NotEnoughMemoryExit (); + } else - sprintf (PtrQuery,"SELECT MsgCod" - " FROM msg_snt" - " WHERE UsrCod=%ld AND CrsCod=%ld", - UsrCod,FilterCrsCod); + { + if (asprintf (&SubQuery,"SELECT MsgCod" + " FROM msg_snt" + " WHERE UsrCod=%ld AND CrsCod=%ld", + UsrCod,FilterCrsCod) < 0) + Lay_NotEnoughMemoryExit (); + } break; default: // Not aplicable here break; @@ -1941,50 +1947,58 @@ static void Msg_ConstructQueryToSelectSentOrReceivedMsgs (char Query[Msg_MAX_BYT { StrUnreadMsg = (Gbl.Msg.ShowOnlyUnreadMsgs ? " AND msg_rcv.Open='N'" : ""); - sprintf (PtrQuery,"(SELECT msg_rcv.MsgCod" - " FROM msg_rcv,msg_snt,usr_data" - " WHERE msg_rcv.UsrCod=%ld%s" - " AND msg_rcv.MsgCod=msg_snt.MsgCod" - " AND msg_snt.UsrCod=usr_data.UsrCod%s)" - " UNION " - "(SELECT msg_rcv.MsgCod" - " FROM msg_rcv,msg_snt_deleted,usr_data" - " WHERE msg_rcv.UsrCod=%ld%s" - " AND msg_rcv.MsgCod=msg_snt_deleted.MsgCod" - " AND msg_snt_deleted.UsrCod=usr_data.UsrCod%s)", - UsrCod,StrUnreadMsg,FilterFromToSubquery, - UsrCod,StrUnreadMsg,FilterFromToSubquery); + if (asprintf (&SubQuery,"(SELECT msg_rcv.MsgCod" + " FROM msg_rcv,msg_snt,usr_data" + " WHERE msg_rcv.UsrCod=%ld%s" + " AND msg_rcv.MsgCod=msg_snt.MsgCod" + " AND msg_snt.UsrCod=usr_data.UsrCod%s)" + " UNION " + "(SELECT msg_rcv.MsgCod" + " FROM msg_rcv,msg_snt_deleted,usr_data" + " WHERE msg_rcv.UsrCod=%ld%s" + " AND msg_rcv.MsgCod=msg_snt_deleted.MsgCod" + " AND msg_snt_deleted.UsrCod=usr_data.UsrCod%s)", + UsrCod,StrUnreadMsg,FilterFromToSubquery, + UsrCod,StrUnreadMsg,FilterFromToSubquery) < 0) + Lay_NotEnoughMemoryExit (); } else { StrUnreadMsg = (Gbl.Msg.ShowOnlyUnreadMsgs ? " AND Open='N'" : ""); - sprintf (PtrQuery,"SELECT MsgCod" - " FROM msg_rcv" - " WHERE UsrCod=%ld%s", - UsrCod,StrUnreadMsg); + if (asprintf (&SubQuery,"SELECT MsgCod" + " FROM msg_rcv" + " WHERE UsrCod=%ld%s", + UsrCod,StrUnreadMsg) < 0) + Lay_NotEnoughMemoryExit (); } break; case Msg_MESSAGES_SENT: if (FilterFromToSubquery[0]) - sprintf (PtrQuery,"(SELECT msg_snt.MsgCod" - " FROM msg_snt,msg_rcv,usr_data" - " WHERE msg_snt.UsrCod=%ld" - " AND msg_snt.MsgCod=msg_rcv.MsgCod" - " AND msg_rcv.UsrCod=usr_data.UsrCod%s)" - " UNION " - "(SELECT msg_snt.MsgCod" - " FROM msg_snt,msg_rcv_deleted,usr_data" - " WHERE msg_snt.UsrCod=%ld" - " AND msg_snt.MsgCod=msg_rcv_deleted.MsgCod" - " AND msg_rcv_deleted.UsrCod=usr_data.UsrCod%s)", - UsrCod,FilterFromToSubquery, - UsrCod,FilterFromToSubquery); + { + if (asprintf (&SubQuery,"(SELECT msg_snt.MsgCod" + " FROM msg_snt,msg_rcv,usr_data" + " WHERE msg_snt.UsrCod=%ld" + " AND msg_snt.MsgCod=msg_rcv.MsgCod" + " AND msg_rcv.UsrCod=usr_data.UsrCod%s)" + " UNION " + "(SELECT msg_snt.MsgCod" + " FROM msg_snt,msg_rcv_deleted,usr_data" + " WHERE msg_snt.UsrCod=%ld" + " AND msg_snt.MsgCod=msg_rcv_deleted.MsgCod" + " AND msg_rcv_deleted.UsrCod=usr_data.UsrCod%s)", + UsrCod,FilterFromToSubquery, + UsrCod,FilterFromToSubquery) < 0) + Lay_NotEnoughMemoryExit (); + } else - sprintf (PtrQuery,"SELECT MsgCod" - " FROM msg_snt" - " WHERE UsrCod=%ld", - UsrCod); + { + if (asprintf (&SubQuery,"SELECT MsgCod" + " FROM msg_snt" + " WHERE UsrCod=%ld", + UsrCod) < 0) + Lay_NotEnoughMemoryExit (); + } break; default: // Not aplicable here break; @@ -1992,14 +2006,19 @@ static void Msg_ConstructQueryToSelectSentOrReceivedMsgs (char Query[Msg_MAX_BYT if (Gbl.Msg.FilterContent[0]) /* Match against the content written in filter form */ - sprintf (Query,"SELECT MsgCod" - " FROM msg_content" - " WHERE MsgCod IN (SELECT MsgCod FROM (%s) AS M)" - " AND MATCH (Subject,Content) AGAINST ('%s')", - SubQuery,Gbl.Msg.FilterContent); + DB_BuildQuery ("SELECT MsgCod" + " FROM msg_content" + " WHERE MsgCod IN (SELECT MsgCod FROM (%s) AS M)" + " AND MATCH (Subject,Content) AGAINST ('%s')" + " ORDER BY MsgCod DESC", // End the query ordering the result from most recent message to oldest + SubQuery,Gbl.Msg.FilterContent); + else + DB_BuildQuery ("%s" + " ORDER BY MsgCod DESC", // End the query ordering the result from most recent message to oldest + SubQuery); - /* End the query ordering the result from most recent message to oldest */ - Str_Concat (Query," ORDER BY MsgCod DESC",Msg_MAX_BYTES_MESSAGES_QUERY); + /***** Free memory used for subquery *****/ + free ((void *) SubQuery); } /*****************************************************************************/ diff --git a/swad_project.c b/swad_project.c index 91ef2d222..8d5204b60 100644 --- a/swad_project.c +++ b/swad_project.c @@ -169,7 +169,7 @@ static void Prj_PutFormsToRemEditOnePrj (long PrjCod,Prj_HiddenVisibl_t Hidden, static bool Prj_CheckIfICanEditProject (long PrjCod); -static void Prj_GetDataOfProject (struct Project *Prj,const char *Query); +static void Prj_GetDataOfProject (struct Project *Prj); static void Prj_ResetProject (struct Project *Prj); static void Prj_RequestCreatOrEditPrj (long PrjCod); @@ -2508,19 +2508,16 @@ long Prj_GetCourseOfProject (long PrjCod) void Prj_GetDataOfProjectByCod (struct Project *Prj) { - char *Query; - if (Prj->PrjCod > 0) { /***** Build query *****/ - if (asprintf (&Query,"SELECT PrjCod,CrsCod,DptCod,Hidden,Preassigned,NumStds,Proposal," - "UNIX_TIMESTAMP(CreatTime)," - "UNIX_TIMESTAMP(ModifTime)," - "Title,Description,Knowledge,Materials,URL" - " FROM projects" - " WHERE PrjCod=%ld AND CrsCod=%ld", - Prj->PrjCod,Gbl.CurrentCrs.Crs.CrsCod) < 0) - Lay_NotEnoughMemoryExit (); + DB_BuildQuery ("SELECT PrjCod,CrsCod,DptCod,Hidden,Preassigned,NumStds,Proposal," + "UNIX_TIMESTAMP(CreatTime)," + "UNIX_TIMESTAMP(ModifTime)," + "Title,Description,Knowledge,Materials,URL" + " FROM projects" + " WHERE PrjCod=%ld AND CrsCod=%ld", + Prj->PrjCod,Gbl.CurrentCrs.Crs.CrsCod); /* row[ 0]: PrjCod row[ 1]: CrsCod @@ -2539,7 +2536,7 @@ void Prj_GetDataOfProjectByCod (struct Project *Prj) */ /***** Get data of project *****/ - Prj_GetDataOfProject (Prj,Query); + Prj_GetDataOfProject (Prj); } else { @@ -2553,7 +2550,7 @@ void Prj_GetDataOfProjectByCod (struct Project *Prj) /**************************** Get project data *******************************/ /*****************************************************************************/ -static void Prj_GetDataOfProject (struct Project *Prj,const char *Query) +static void Prj_GetDataOfProject (struct Project *Prj) { MYSQL_RES *mysql_res; MYSQL_ROW row; @@ -2564,7 +2561,7 @@ static void Prj_GetDataOfProject (struct Project *Prj,const char *Query) Prj_ResetProject (Prj); /***** Get data of project from database *****/ - if (DB_QuerySELECT (Query,&mysql_res,"can not get project data")) // Project found... + if (DB_QuerySELECT_new (&mysql_res,"can not get project data")) // Project found... { /* Get row */ row = mysql_fetch_row (mysql_res); diff --git a/swad_report.c b/swad_report.c index 6b40ea9bf..a2508e0b2 100644 --- a/swad_report.c +++ b/swad_report.c @@ -778,7 +778,6 @@ static void Rep_WriteSectionHitsPerAction (struct Rep_Report *Report) extern const char *Txt_Hits_per_action; extern const char *Txt_TABS_TXT[Tab_NUM_TABS]; extern const char *Txt_Other_actions; - char Query[512]; MYSQL_RES *mysql_res; MYSQL_ROW row; unsigned long NumRows; @@ -795,13 +794,13 @@ static void Rep_WriteSectionHitsPerAction (struct Rep_Report *Report) Txt_Hits_per_action); /***** Make the query *****/ - sprintf (Query,"SELECT SQL_NO_CACHE ActCod,COUNT(*) AS N FROM log_full" + DB_BuildQuery ("SELECT SQL_NO_CACHE ActCod,COUNT(*) AS N FROM log_full" " WHERE ClickTime>=FROM_UNIXTIME(%ld) AND UsrCod=%ld" " GROUP BY ActCod ORDER BY N DESC LIMIT %u", - (long) Report->UsrFigures.FirstClickTimeUTC, - Gbl.Usrs.Me.UsrDat.UsrCod, - Rep_MAX_ACTIONS); - NumRows = DB_QuerySELECT (Query,&mysql_res,"can not get clicks"); + (long) Report->UsrFigures.FirstClickTimeUTC, + Gbl.Usrs.Me.UsrDat.UsrCod, + Rep_MAX_ACTIONS); + NumRows = DB_QuerySELECT_new (&mysql_res,"can not get clicks"); /***** Compute maximum number of hits per action *****/ Rep_ComputeMaxAndTotalHits (&Report->Hits,NumRows,mysql_res,1); @@ -927,11 +926,10 @@ static void Rep_WriteSectionHistoricCourses (struct Rep_Report *Report) static void Rep_GetMaxHitsPerYear (struct Rep_Report *Report) { - char Query[1024]; MYSQL_RES *mysql_res; MYSQL_ROW row; - sprintf (Query,"SELECT MAX(N) FROM (" + DB_BuildQuery ("SELECT MAX(N) FROM (" // Clicks without course selected --------------------------- "SELECT " "-1 AS CrsCod," @@ -960,14 +958,14 @@ static void Rep_GetMaxHitsPerYear (struct Rep_Report *Report) " GROUP BY CrsCod,Year,Role" // ---------------------------------------------------------- ") AS hits_per_crs_year", - (unsigned) Rol_UNK, - (long) Report->UsrFigures.FirstClickTimeUTC, - Gbl.Usrs.Me.UsrDat.UsrCod, - (long) Report->UsrFigures.FirstClickTimeUTC, - Gbl.Usrs.Me.UsrDat.UsrCod, - (unsigned) Rol_STD, - (unsigned) Rol_TCH); - DB_QuerySELECT (Query,&mysql_res,"can not get last question index"); + (unsigned) Rol_UNK, + (long) Report->UsrFigures.FirstClickTimeUTC, + Gbl.Usrs.Me.UsrDat.UsrCod, + (long) Report->UsrFigures.FirstClickTimeUTC, + Gbl.Usrs.Me.UsrDat.UsrCod, + (unsigned) Rol_STD, + (unsigned) Rol_TCH); + DB_QuerySELECT_new (&mysql_res,"can not get last question index"); /***** Get number of users *****/ Report->MaxHitsPerYear = 0; diff --git a/swad_search.c b/swad_search.c index 25aa6f8fd..0343d2f47 100644 --- a/swad_search.c +++ b/swad_search.c @@ -655,7 +655,6 @@ static unsigned Sch_SearchInstitutionsInDB (const char *RangeQuery) { extern const char *Txt_STR_LANG_ID[1 + Txt_NUM_LANGUAGES]; char SearchQuery[Sch_MAX_BYTES_SEARCH_QUERY + 1]; - char Query[1024 + Sch_MAX_BYTES_SEARCH_QUERY * 2]; /***** Check scope *****/ if (Gbl.Scope.Current != Sco_SCOPE_CTR && @@ -667,15 +666,15 @@ static unsigned Sch_SearchInstitutionsInDB (const char *RangeQuery) if (Sch_BuildSearchQuery (SearchQuery,"institutions.FullName",NULL,NULL)) { /***** Query database and list institutions found *****/ - sprintf (Query,"SELECT institutions.InsCod" + DB_BuildQuery ("SELECT institutions.InsCod" " FROM institutions,countries" " WHERE %s" " AND institutions.CtyCod=countries.CtyCod" "%s" " ORDER BY institutions.FullName,countries.Name_%s", - SearchQuery,RangeQuery, - Txt_STR_LANG_ID[Gbl.Prefs.Language]); - return Ins_ListInssFound (Query); + SearchQuery,RangeQuery, + Txt_STR_LANG_ID[Gbl.Prefs.Language]); + return Ins_ListInssFound (); } return 0;