diff --git a/swad_changelog.h b/swad_changelog.h index 9f2be1b60..cdf2eebeb 100644 --- a/swad_changelog.h +++ b/swad_changelog.h @@ -355,10 +355,11 @@ En OpenSWAD: ps2pdf source.ps destination.pdf */ -#define Log_PLATFORM_VERSION "SWAD 18.9.1 (2018-10-29)" +#define Log_PLATFORM_VERSION "SWAD 18.9.3 (2018-10-29)" #define CSS_FILE "swad18.4.css" #define JS_FILE "swad17.17.1.js" /* + Version 18.9.3: Oct 29, 2018 Some sprintf for database queries changed by internal function. (235952 lines) Version 18.9.2: Oct 29, 2018 Some sprintf for database queries changed by internal function. (235988 lines) Version 18.9.1: Oct 29, 2018 Some sprintf for database queries changed by internal function. (236049 lines) Version 18.9: Oct 28, 2018 Some sprintf for database queries changed by internal function. (236082 lines) diff --git a/swad_database.c b/swad_database.c index e16697906..d56220839 100644 --- a/swad_database.c +++ b/swad_database.c @@ -3269,13 +3269,6 @@ void DB_QueryREPLACE_new (const char *MsgError) DB_ExitOnMySQLError (MsgError); } -void DB_QueryREPLACE (const char *Query,const char *MsgError) - { - /***** Query database *****/ - if (mysql_query (&Gbl.mysql,Query)) - DB_ExitOnMySQLError (MsgError); - } - /*****************************************************************************/ /******************** Make a UPDATE query from database **********************/ /*****************************************************************************/ diff --git a/swad_database.h b/swad_database.h index cc1df005c..2616235dd 100644 --- a/swad_database.h +++ b/swad_database.h @@ -52,7 +52,6 @@ long DB_QueryINSERTandReturnCode_new (const char *MsgError); long DB_QueryINSERTandReturnCode (const char *Query,const char *MsgError); void DB_QueryREPLACE_new (const char *MsgError); -void DB_QueryREPLACE (const char *Query,const char *MsgError); void DB_QueryUPDATE_new (const char *MsgError); diff --git a/swad_social.c b/swad_social.c index 5b70305fe..5512b3056 100644 --- a/swad_social.c +++ b/swad_social.c @@ -1916,7 +1916,6 @@ static void Soc_GetNoteSummary (const struct SocialNote *SocNot, void Soc_StoreAndPublishSocialNote (Soc_NoteType_t NoteType,long Cod,struct SocialPublishing *SocPub) { - char Query[256]; long HieCod; // Hierarchy code (institution/centre/degree/course) switch (NoteType) @@ -1945,12 +1944,12 @@ void Soc_StoreAndPublishSocialNote (Soc_NoteType_t NoteType,long Cod,struct Soci } /***** Store social note *****/ - sprintf (Query,"INSERT INTO social_notes" + DB_BuildQuery ("INSERT INTO social_notes" " (NoteType,Cod,UsrCod,HieCod,Unavailable,TimeNote)" " VALUES" " (%u,%ld,%ld,%ld,'N',NOW())", - (unsigned) NoteType,Cod,Gbl.Usrs.Me.UsrDat.UsrCod,HieCod); - SocPub->NotCod = DB_QueryINSERTandReturnCode (Query,"can not create new social note"); + (unsigned) NoteType,Cod,Gbl.Usrs.Me.UsrDat.UsrCod,HieCod); + SocPub->NotCod = DB_QueryINSERTandReturnCode_new ("can not create new social note"); /***** Publish social note in timeline *****/ SocPub->PublisherCod = Gbl.Usrs.Me.UsrDat.UsrCod; @@ -2116,17 +2115,15 @@ void Soc_MarkSocialNotesChildrenOfFolderAsUnavailable (const char *Path) static void Soc_PublishSocialNoteInTimeline (struct SocialPublishing *SocPub) { - char Query[256]; - /***** Publish social note in timeline *****/ - sprintf (Query,"INSERT INTO social_pubs" + DB_BuildQuery ("INSERT INTO social_pubs" " (NotCod,PublisherCod,PubType,TimePublish)" " VALUES" " (%ld,%ld,%u,NOW())", - SocPub->NotCod, - SocPub->PublisherCod, - (unsigned) SocPub->PubType); - SocPub->PubCod = DB_QueryINSERTandReturnCode (Query,"can not publish social note"); + SocPub->NotCod, + SocPub->PublisherCod, + (unsigned) SocPub->PubType); + SocPub->PubCod = DB_QueryINSERTandReturnCode_new ("can not publish social note"); } /*****************************************************************************/ @@ -2270,7 +2267,6 @@ static long Soc_ReceiveSocialPost (void) { char Content[Cns_MAX_BYTES_LONG_TEXT + 1]; struct Image Image; - char *Query; long PstCod; struct SocialPublishing SocPub; @@ -2290,14 +2286,6 @@ static long Soc_ReceiveSocialPost (void) if (Content[0] || // Text not empty Image.Name[0]) // An image is attached { - /***** Allocate space for query *****/ - if ((Query = (char *) malloc (256 + - strlen (Content) + - Img_BYTES_NAME + - Img_MAX_BYTES_TITLE + - Cns_MAX_BYTES_WWW)) == NULL) - Lay_NotEnoughMemoryExit (); - /***** Check if image is received and processed *****/ if (Image.Action == Img_ACTION_NEW_IMAGE && // Upload new image Image.Status == Img_FILE_PROCESSED) // The new image received has been processed @@ -2306,24 +2294,21 @@ static long Soc_ReceiveSocialPost (void) /***** Publish *****/ /* Insert post content in the database */ - sprintf (Query,"INSERT INTO social_posts" + DB_BuildQuery ("INSERT INTO social_posts" " (Content,ImageName,ImageTitle,ImageURL)" " VALUES" " ('%s','%s','%s','%s')", - Content, - Image.Name, - (Image.Name[0] && // Save image title only if image attached - Image.Title) ? Image.Title : "", - (Image.Name[0] && // Save image URL only if image attached - Image.URL ) ? Image.URL : ""); - PstCod = DB_QueryINSERTandReturnCode (Query,"can not create post"); + Content, + Image.Name, + (Image.Name[0] && // Save image title only if image attached + Image.Title) ? Image.Title : "", + (Image.Name[0] && // Save image URL only if image attached + Image.URL ) ? Image.URL : ""); + PstCod = DB_QueryINSERTandReturnCode_new ("can not create post"); /* Insert post in social notes */ Soc_StoreAndPublishSocialNote (Soc_NOTE_SOCIAL_POST,PstCod,&SocPub); - /***** Free space used for query *****/ - free ((void *) Query); - /***** Analyze content and store notifications about mentions *****/ Str_AnalyzeTxtAndStoreNotifyEventToMentionedUsrs (SocPub.PubCod,Content); } diff --git a/swad_statistic.c b/swad_statistic.c index 663183ea6..71323635c 100644 --- a/swad_statistic.c +++ b/swad_statistic.c @@ -281,12 +281,9 @@ void Sta_GetRemoteAddr (void) /**************************** Log access in database *************************/ /*****************************************************************************/ -#define Sta_MAX_BYTES_QUERY_LOG (2048 - 1) - void Sta_LogAccess (const char *Comments) { - char Query[Sta_MAX_BYTES_QUERY_LOG + - Sch_MAX_BYTES_STRING_TO_FIND + 1]; + size_t MaxLength; long LogCod; long ActCod = Act_GetActCod (Gbl.Action.Act); Rol_Role_t RoleToStore = (Gbl.Action.Act == ActLogOut) ? Gbl.Usrs.Me.Role.LoggedBeforeCloseSession : @@ -294,121 +291,108 @@ void Sta_LogAccess (const char *Comments) /***** Insert access into database *****/ /* Log access in historical log (log_full) */ - sprintf (Query,"INSERT INTO log_full " + DB_BuildQuery ("INSERT INTO log_full " "(ActCod,CtyCod,InsCod,CtrCod,DegCod,CrsCod,UsrCod," "Role,ClickTime,TimeToGenerate,TimeToSend,IP)" " VALUES " "(%ld,%ld,%ld,%ld,%ld,%ld,%ld," "%u,NOW(),%ld,%ld,'%s')", - ActCod, - Gbl.CurrentCty.Cty.CtyCod, - Gbl.CurrentIns.Ins.InsCod, - Gbl.CurrentCtr.Ctr.CtrCod, - Gbl.CurrentDeg.Deg.DegCod, - Gbl.CurrentCrs.Crs.CrsCod, - Gbl.Usrs.Me.UsrDat.UsrCod, - (unsigned) RoleToStore, - Gbl.TimeGenerationInMicroseconds, - Gbl.TimeSendInMicroseconds, - Gbl.IP); - if (Gbl.WebService.IsWebService) - { - if (mysql_query (&Gbl.mysql,Query)) - Svc_Exit ("can not log access (full)"); - LogCod = (long) mysql_insert_id (&Gbl.mysql); - } - else - LogCod = DB_QueryINSERTandReturnCode (Query,"can not log access (full)"); + ActCod, + Gbl.CurrentCty.Cty.CtyCod, + Gbl.CurrentIns.Ins.InsCod, + Gbl.CurrentCtr.Ctr.CtrCod, + Gbl.CurrentDeg.Deg.DegCod, + Gbl.CurrentCrs.Crs.CrsCod, + Gbl.Usrs.Me.UsrDat.UsrCod, + (unsigned) RoleToStore, + Gbl.TimeGenerationInMicroseconds, + Gbl.TimeSendInMicroseconds, + Gbl.IP); + LogCod = DB_QueryINSERTandReturnCode_new ("can not log access (full)"); /* Log access in recent log (log_recent) */ - sprintf (Query,"INSERT INTO log_recent " + DB_BuildQuery ("INSERT INTO log_recent " "(LogCod,ActCod,CtyCod,InsCod,CtrCod,DegCod,CrsCod,UsrCod," "Role,ClickTime,TimeToGenerate,TimeToSend,IP)" " VALUES " "(%ld,%ld,%ld,%ld,%ld,%ld,%ld,%ld," "%u,NOW(),%ld,%ld,'%s')", - LogCod,ActCod, - Gbl.CurrentCty.Cty.CtyCod, - Gbl.CurrentIns.Ins.InsCod, - Gbl.CurrentCtr.Ctr.CtrCod, - Gbl.CurrentDeg.Deg.DegCod, - Gbl.CurrentCrs.Crs.CrsCod, - Gbl.Usrs.Me.UsrDat.UsrCod, - (unsigned) RoleToStore, - Gbl.TimeGenerationInMicroseconds, - Gbl.TimeSendInMicroseconds, - Gbl.IP); - if (Gbl.WebService.IsWebService) - { - if (mysql_query (&Gbl.mysql,Query)) - Svc_Exit ("can not log access (recent)"); - } - else - DB_QueryINSERT (Query,"can not log access (recent)"); + LogCod,ActCod, + Gbl.CurrentCty.Cty.CtyCod, + Gbl.CurrentIns.Ins.InsCod, + Gbl.CurrentCtr.Ctr.CtrCod, + Gbl.CurrentDeg.Deg.DegCod, + Gbl.CurrentCrs.Crs.CrsCod, + Gbl.Usrs.Me.UsrDat.UsrCod, + (unsigned) RoleToStore, + Gbl.TimeGenerationInMicroseconds, + Gbl.TimeSendInMicroseconds, + Gbl.IP); + DB_QueryINSERT_new ("can not log access (recent)"); if (Comments) { - /* Log comments */ - sprintf (Query,"INSERT INTO log_comments" - " (LogCod,Comments)" - " VALUES" - " (%ld,'", - LogCod); - Str_AddStrToQuery (Query,Comments,sizeof (Query)); - Str_Concat (Query,"')", - Sta_MAX_BYTES_QUERY_LOG); + /* Allocate space for query */ + MaxLength = 512 + strlen (Comments); + if ((Gbl.DB.QueryPtr = (char *) malloc (MaxLength + 1)) == NULL) + Lay_NotEnoughMemoryExit (); - if (Gbl.WebService.IsWebService) - { - if (mysql_query (&Gbl.mysql,Query)) - Svc_Exit ("can not log access (comments)"); - } - else - DB_QueryINSERT (Query,"can not log access (comments)"); + /* Log comments */ + snprintf (Gbl.DB.QueryPtr,MaxLength, + "INSERT INTO log_comments" + " (LogCod,Comments)" + " VALUES" + " (%ld,'", + LogCod); + Str_AddStrToQuery (Gbl.DB.QueryPtr,Comments,MaxLength); + Str_Concat (Gbl.DB.QueryPtr,"')", + MaxLength); + + DB_QueryINSERT_new ("can not log access (comments)"); } if (Gbl.Search.LogSearch && Gbl.Search.Str[0]) { - /* Log search string */ - sprintf (Query,"INSERT INTO log_search" - " (LogCod,SearchStr)" - " VALUES" - " (%ld,'", - LogCod); - Str_AddStrToQuery (Query,Gbl.Search.Str,sizeof (Query)); - Str_Concat (Query,"')", - Sta_MAX_BYTES_QUERY_LOG); + /* Allocate space for query */ + MaxLength = 512 + strlen (Gbl.Search.Str); + if ((Gbl.DB.QueryPtr = (char *) malloc (MaxLength + 1)) == NULL) + Lay_NotEnoughMemoryExit (); - if (Gbl.WebService.IsWebService) - { - if (mysql_query (&Gbl.mysql,Query)) - Svc_Exit ("can not log access (search)"); - } - else - DB_QueryINSERT (Query,"can not log access (search)"); + /* Log search string */ + snprintf (Gbl.DB.QueryPtr,MaxLength, + "INSERT INTO log_search" + " (LogCod,SearchStr)" + " VALUES" + " (%ld,'", + LogCod); + Str_AddStrToQuery (Gbl.DB.QueryPtr,Gbl.Search.Str,MaxLength); + Str_Concat (Gbl.DB.QueryPtr,"')", + MaxLength); + + DB_QueryINSERT_new ("can not log access (search)"); } if (Gbl.WebService.IsWebService) { /* Log web service plugin and function */ - sprintf (Query,"INSERT INTO log_ws" + DB_BuildQuery ("INSERT INTO log_ws" " (LogCod,PlgCod,FunCod)" " VALUES" " (%ld,%ld,%u)", - LogCod,Gbl.WebService.PlgCod,(unsigned) Gbl.WebService.Function); + LogCod,Gbl.WebService.PlgCod, + (unsigned) Gbl.WebService.Function); - if (mysql_query (&Gbl.mysql,Query)) - Svc_Exit ("can not log access (comments)"); + DB_QueryINSERT_new ("can not log access (comments)"); } else if (Gbl.Banners.BanCodClicked > 0) { /* Log banner clicked */ - sprintf (Query,"INSERT INTO log_banners" + DB_BuildQuery ("INSERT INTO log_banners" " (LogCod,BanCod)" " VALUES" " (%ld,%ld)", - LogCod,Gbl.Banners.BanCodClicked); - DB_QueryINSERT (Query,"can not log banner clicked"); + LogCod,Gbl.Banners.BanCodClicked); + DB_QueryINSERT_new ("can not log banner clicked"); } /***** Increment my number of clicks *****/ diff --git a/swad_test.c b/swad_test.c index 0f2053315..7c0a32440 100644 --- a/swad_test.c +++ b/swad_test.c @@ -2217,7 +2217,6 @@ bool Tst_CheckIfCourseHaveTestsAndPluggableIsUnknown (void) void Tst_ReceiveConfigTst (void) { extern const char *Txt_The_test_configuration_has_been_updated; - char Query[512]; /***** Get whether test are visible via plugins or not *****/ Gbl.Test.Config.Pluggable = Tst_GetPluggableFromForm (); @@ -2257,16 +2256,16 @@ void Tst_ReceiveConfigTst (void) Gbl.Test.Config.Feedback = Tst_GetFeedbackTypeFromForm (); /***** Update database *****/ - sprintf (Query,"REPLACE INTO tst_config" + DB_BuildQuery ("REPLACE INTO tst_config" " (CrsCod,Pluggable,Min,Def,Max,MinTimeNxtTstPerQst,Feedback)" " VALUES" " (%ld,'%s',%u,%u,%u,'%lu','%s')", - Gbl.CurrentCrs.Crs.CrsCod, - Tst_PluggableDB[Gbl.Test.Config.Pluggable], - Gbl.Test.Config.Min,Gbl.Test.Config.Def,Gbl.Test.Config.Max, - Gbl.Test.Config.MinTimeNxtTstPerQst, - Tst_FeedbackDB[Gbl.Test.Config.Feedback]); - DB_QueryREPLACE (Query,"can not save configuration of tests"); + Gbl.CurrentCrs.Crs.CrsCod, + Tst_PluggableDB[Gbl.Test.Config.Pluggable], + Gbl.Test.Config.Min,Gbl.Test.Config.Def,Gbl.Test.Config.Max, + Gbl.Test.Config.MinTimeNxtTstPerQst, + Tst_FeedbackDB[Gbl.Test.Config.Feedback]); + DB_QueryREPLACE_new ("can not save configuration of tests"); /***** Show confirmation message *****/ Ale_ShowAlert (Ale_SUCCESS,Txt_The_test_configuration_has_been_updated);