diff --git a/swad_changelog.h b/swad_changelog.h index ce7d02ca5..730ae3541 100644 --- a/swad_changelog.h +++ b/swad_changelog.h @@ -355,10 +355,11 @@ En OpenSWAD: ps2pdf source.ps destination.pdf */ -#define Log_PLATFORM_VERSION "SWAD 18.7.39 (2018-10-24)" +#define Log_PLATFORM_VERSION "SWAD 18.7.40 (2018-10-24)" #define CSS_FILE "swad18.4.css" #define JS_FILE "swad17.17.1.js" /* + Version 18.7.40: Oct 24, 2018 Some sprintf for database queries changed by asprintf. (238060 lines) Version 18.7.39: Oct 24, 2018 Some sprintf for database queries changed by asprintf. (238037 lines) Version 18.7.38: Oct 24, 2018 Some sprintf for database queries changed by asprintf. (237986 lines) Version 18.7.37: Oct 24, 2018 Some sprintf for database queries changed by asprintf. (237926 lines) diff --git a/swad_place.c b/swad_place.c index d5f115edd..78affa9dc 100644 --- a/swad_place.c +++ b/swad_place.c @@ -25,7 +25,9 @@ /********************************** Headers **********************************/ /*****************************************************************************/ +#define _GNU_SOURCE // For asprintf #include // For NULL +#include // For asprintf #include // For calloc #include // For string functions @@ -281,7 +283,7 @@ static void Plc_PutIconToViewPlacesWhenEditing (void) void Plc_GetListPlaces (void) { char OrderBySubQuery[256]; - char Query[1024]; + char *Query; MYSQL_RES *mysql_res; MYSQL_ROW row; unsigned long NumRows; @@ -298,25 +300,26 @@ void Plc_GetListPlaces (void) sprintf (OrderBySubQuery,"NumCtrs DESC,FullName"); break; } - sprintf (Query,"(SELECT places.PlcCod,places.ShortName,places.FullName,COUNT(*) AS NumCtrs" - " FROM places,centres" - " WHERE places.InsCod=%ld" - " AND places.PlcCod=centres.PlcCod" - " AND centres.InsCod=%ld" - " GROUP BY places.PlcCod)" - " UNION " - "(SELECT PlcCod,ShortName,FullName,0 AS NumCtrs" - " FROM places" - " WHERE InsCod=%ld" - " AND PlcCod NOT IN" - " (SELECT DISTINCT PlcCod FROM centres WHERE InsCod=%ld))" - " ORDER BY %s", - Gbl.CurrentIns.Ins.InsCod, - Gbl.CurrentIns.Ins.InsCod, - Gbl.CurrentIns.Ins.InsCod, - Gbl.CurrentIns.Ins.InsCod, - OrderBySubQuery); - NumRows = DB_QuerySELECT (Query,&mysql_res,"can not get places"); + if (asprintf (&Query,"(SELECT places.PlcCod,places.ShortName,places.FullName,COUNT(*) AS NumCtrs" + " FROM places,centres" + " WHERE places.InsCod=%ld" + " AND places.PlcCod=centres.PlcCod" + " AND centres.InsCod=%ld" + " GROUP BY places.PlcCod)" + " UNION " + "(SELECT PlcCod,ShortName,FullName,0 AS NumCtrs" + " FROM places" + " WHERE InsCod=%ld" + " AND PlcCod NOT IN" + " (SELECT DISTINCT PlcCod FROM centres WHERE InsCod=%ld))" + " ORDER BY %s", + Gbl.CurrentIns.Ins.InsCod, + Gbl.CurrentIns.Ins.InsCod, + Gbl.CurrentIns.Ins.InsCod, + Gbl.CurrentIns.Ins.InsCod, + OrderBySubQuery) < 0) + Lay_NotEnoughMemoryExit (); + NumRows = DB_QuerySELECT_free (Query,&mysql_res,"can not get places"); /***** Count number of rows in result *****/ if (NumRows) // Places found... @@ -369,7 +372,7 @@ void Plc_GetDataOfPlaceByCod (struct Place *Plc) { extern const char *Txt_Place_unspecified; extern const char *Txt_Another_place; - char Query[1024]; + char *Query; MYSQL_RES *mysql_res; MYSQL_ROW row; unsigned long NumRows; @@ -397,22 +400,23 @@ void Plc_GetDataOfPlaceByCod (struct Place *Plc) else if (Plc->PlcCod > 0) { /***** Get data of a place from database *****/ - sprintf (Query,"(SELECT places.ShortName,places.FullName,COUNT(*)" - " FROM places,centres" - " WHERE places.PlcCod=%ld" - " AND places.PlcCod=centres.PlcCod" - " AND centres.PlcCod=%ld" - " GROUP BY places.PlcCod)" - " UNION " - "(SELECT ShortName,FullName,0" - " FROM places" - " WHERE PlcCod=%ld" - " AND PlcCod NOT IN" - " (SELECT DISTINCT PlcCod FROM centres))", - Plc->PlcCod, - Plc->PlcCod, - Plc->PlcCod); - NumRows = DB_QuerySELECT (Query,&mysql_res,"can not get data of a place"); + if (asprintf (&Query,"(SELECT places.ShortName,places.FullName,COUNT(*)" + " FROM places,centres" + " WHERE places.PlcCod=%ld" + " AND places.PlcCod=centres.PlcCod" + " AND centres.PlcCod=%ld" + " GROUP BY places.PlcCod)" + " UNION " + "(SELECT ShortName,FullName,0" + " FROM places" + " WHERE PlcCod=%ld" + " AND PlcCod NOT IN" + " (SELECT DISTINCT PlcCod FROM centres))", + Plc->PlcCod, + Plc->PlcCod, + Plc->PlcCod) < 0) + Lay_NotEnoughMemoryExit (); + NumRows = DB_QuerySELECT_free (Query,&mysql_res,"can not get data of a place"); /***** Count number of rows in result *****/ if (NumRows) // Place found... @@ -556,7 +560,7 @@ void Plc_RemovePlace (void) { extern const char *Txt_To_remove_a_place_you_must_first_remove_all_centres_of_that_place; extern const char *Txt_Place_X_removed; - char Query[128]; + char *Query; struct Place Plc; /***** Get place code *****/ @@ -572,9 +576,10 @@ void Plc_RemovePlace (void) else // Place has no centres ==> remove it { /***** Remove place *****/ - sprintf (Query,"DELETE FROM places WHERE PlcCod=%ld", - Plc.PlcCod); - DB_QueryDELETE (Query,"can not remove a place"); + if (asprintf (&Query,"DELETE FROM places WHERE PlcCod=%ld", + Plc.PlcCod) < 0) + Lay_NotEnoughMemoryExit (); + DB_QueryDELETE_free (Query,"can not remove a place"); /***** Write message to show the change made *****/ snprintf (Gbl.Alert.Txt,sizeof (Gbl.Alert.Txt), @@ -704,13 +709,14 @@ static void Plc_RenamePlace (Cns_ShrtOrFullName_t ShrtOrFullName) static bool Plc_CheckIfPlaceNameExists (const char *FieldName,const char *Name,long PlcCod) { - char Query[256 + Plc_MAX_BYTES_PLACE_FULL_NAME]; + char *Query; /***** Get number of places with a name from database *****/ - sprintf (Query,"SELECT COUNT(*) FROM places" - " WHERE InsCod=%ld AND %s='%s' AND PlcCod<>%ld", - Gbl.CurrentIns.Ins.InsCod,FieldName,Name,PlcCod); - return (DB_QueryCOUNT (Query,"can not check if the name of a place already existed") != 0); + if (asprintf (&Query,"SELECT COUNT(*) FROM places" + " WHERE InsCod=%ld AND %s='%s' AND PlcCod<>%ld", + Gbl.CurrentIns.Ins.InsCod,FieldName,Name,PlcCod) < 0) + Lay_NotEnoughMemoryExit (); + return (DB_QueryCOUNT_free (Query,"can not check if the name of a place already existed") != 0); } /*****************************************************************************/ @@ -719,12 +725,13 @@ static bool Plc_CheckIfPlaceNameExists (const char *FieldName,const char *Name,l static void Plc_UpdatePlcNameDB (long PlcCod,const char *FieldName,const char *NewPlcName) { - char Query[128 + Plc_MAX_BYTES_PLACE_FULL_NAME]; + char *Query; /***** Update place changing old name by new name */ - sprintf (Query,"UPDATE places SET %s='%s' WHERE PlcCod=%ld", - FieldName,NewPlcName,PlcCod); - DB_QueryUPDATE (Query,"can not update the name of a place"); + if (asprintf (&Query,"UPDATE places SET %s='%s' WHERE PlcCod=%ld", + FieldName,NewPlcName,PlcCod) < 0) + Lay_NotEnoughMemoryExit (); + DB_QueryUPDATE_free (Query,"can not update the name of a place"); } /*****************************************************************************/ @@ -873,17 +880,16 @@ void Plc_RecFormNewPlace (void) static void Plc_CreatePlace (struct Place *Plc) { extern const char *Txt_Created_new_place_X; - char Query[256 + - Plc_MAX_BYTES_PLACE_SHRT_NAME + - Plc_MAX_BYTES_PLACE_FULL_NAME]; + char *Query; /***** Create a new place *****/ - sprintf (Query,"INSERT INTO places" - " (InsCod,ShortName,FullName)" - " VALUES" - " (%ld,'%s','%s')", - Gbl.CurrentIns.Ins.InsCod,Plc->ShrtName,Plc->FullName); - DB_QueryINSERT (Query,"can not create place"); + if (asprintf (&Query,"INSERT INTO places" + " (InsCod,ShortName,FullName)" + " VALUES" + " (%ld,'%s','%s')", + Gbl.CurrentIns.Ins.InsCod,Plc->ShrtName,Plc->FullName) < 0) + Lay_NotEnoughMemoryExit (); + DB_QueryINSERT_free (Query,"can not create place"); /***** Write success message *****/ snprintf (Gbl.Alert.Txt,sizeof (Gbl.Alert.Txt), diff --git a/swad_plugin.c b/swad_plugin.c index 4cbd9f602..48cb7355e 100644 --- a/swad_plugin.c +++ b/swad_plugin.c @@ -28,9 +28,10 @@ TODO: Check if web service is called from an authorized IP. /********************************* Headers ***********************************/ /*****************************************************************************/ +#define _GNU_SOURCE // For asprintf #include // For NULL #include // For boolean type -#include // For fprintf +#include // For asprintf, fprintf #include // For calloc, free #include @@ -183,7 +184,7 @@ void Plg_EditPlugins (void) static void Plg_GetListPlugins (void) { - char Query[256]; + char *Query; MYSQL_RES *mysql_res; MYSQL_ROW row; unsigned long NumRows; @@ -191,9 +192,10 @@ static void Plg_GetListPlugins (void) struct Plugin *Plg; /***** Get plugins from database *****/ - sprintf (Query,"SELECT PlgCod,Name,Description,Logo,AppKey,URL,IP" - " FROM plugins ORDER BY Name"); - NumRows = DB_QuerySELECT (Query,&mysql_res,"can not get plugins"); + if (asprintf (&Query,"SELECT PlgCod,Name,Description,Logo,AppKey,URL,IP" + " FROM plugins ORDER BY Name") < 0) + Lay_NotEnoughMemoryExit (); + NumRows = DB_QuerySELECT_free (Query,&mysql_res,"can not get plugins"); /***** Count number of rows in result *****/ if (NumRows) // Plugins found... @@ -256,7 +258,7 @@ static void Plg_GetListPlugins (void) bool Plg_GetDataOfPluginByCod (struct Plugin *Plg) { - char Query[256]; + char *Query; MYSQL_RES *mysql_res; MYSQL_ROW row; unsigned long NumRows; @@ -275,11 +277,12 @@ bool Plg_GetDataOfPluginByCod (struct Plugin *Plg) // Plg->PlgCod > 0 /***** Get data of a plugin from database *****/ - sprintf (Query,"SELECT Name,Description,Logo,AppKey,URL,IP" - " FROM plugins" - " WHERE PlgCod=%ld", - Plg->PlgCod); - NumRows = DB_QuerySELECT (Query,&mysql_res,"can not get data of a plugin"); + if (asprintf (&Query,"SELECT Name,Description,Logo,AppKey,URL,IP" + " FROM plugins" + " WHERE PlgCod=%ld", + Plg->PlgCod) < 0) + Lay_NotEnoughMemoryExit (); + NumRows = DB_QuerySELECT_free (Query,&mysql_res,"can not get data of a plugin"); /***** Count number of rows in result *****/ if (NumRows) // Plugin found... @@ -487,7 +490,7 @@ long Plg_GetParamPlgCod (void) void Plg_RemovePlugin (void) { extern const char *Txt_Plugin_X_removed; - char Query[128]; + char *Query; struct Plugin Plg; /***** Get plugin code *****/ @@ -498,9 +501,10 @@ void Plg_RemovePlugin (void) Plg_GetDataOfPluginByCod (&Plg); /***** Remove plugin *****/ - sprintf (Query,"DELETE FROM plugins WHERE PlgCod=%ld", - Plg.PlgCod); - DB_QueryDELETE (Query,"can not remove a plugin"); + if (asprintf (&Query,"DELETE FROM plugins WHERE PlgCod=%ld", + Plg.PlgCod) < 0) + Lay_NotEnoughMemoryExit (); + DB_QueryDELETE_free (Query,"can not remove a plugin"); /***** Write message to show the change made *****/ snprintf (Gbl.Alert.Txt,sizeof (Gbl.Alert.Txt), @@ -522,7 +526,7 @@ void Plg_RenamePlugin (void) extern const char *Txt_The_plugin_X_already_exists; extern const char *Txt_The_plugin_X_has_been_renamed_as_Y; extern const char *Txt_The_name_of_the_plugin_X_has_not_changed; - char Query[128 + Plg_MAX_BYTES_PLUGIN_NAME]; + char *Query; struct Plugin *Plg; char NewPlgName[Plg_MAX_BYTES_PLUGIN_NAME + 1]; @@ -563,9 +567,10 @@ void Plg_RenamePlugin (void) else { /* Update the table changing old name by new name */ - sprintf (Query,"UPDATE plugins SET Name='%s' WHERE PlgCod=%ld", - NewPlgName,Plg->PlgCod); - DB_QueryUPDATE (Query,"can not update the name of a plugin"); + if (asprintf (&Query,"UPDATE plugins SET Name='%s' WHERE PlgCod=%ld", + NewPlgName,Plg->PlgCod) < 0) + Lay_NotEnoughMemoryExit (); + DB_QueryUPDATE_free (Query,"can not update the name of a plugin"); /***** Write message to show the change made *****/ snprintf (Gbl.Alert.Txt,sizeof (Gbl.Alert.Txt), @@ -595,13 +600,14 @@ void Plg_RenamePlugin (void) static bool Plg_CheckIfPluginNameExists (const char *Name,long PlgCod) { - char Query[256 + Plg_MAX_BYTES_PLUGIN_NAME]; + char *Query; /***** Get number of plugins with a name from database *****/ - sprintf (Query,"SELECT COUNT(*) FROM plugins" - " WHERE Name='%s' AND PlgCod<>%ld", - Name,PlgCod); - return (DB_QueryCOUNT (Query,"can not check if the name of a plugin already existed") != 0); + if (asprintf (&Query,"SELECT COUNT(*) FROM plugins" + " WHERE Name='%s' AND PlgCod<>%ld", + Name,PlgCod) < 0) + Lay_NotEnoughMemoryExit (); + return (DB_QueryCOUNT_free (Query,"can not check if the name of a plugin already existed") != 0); } /*****************************************************************************/ @@ -613,7 +619,7 @@ void Plg_ChangePlgDescription (void) extern const char *Txt_The_new_description_is_X; extern const char *Txt_You_can_not_leave_the_description_empty; struct Plugin *Plg; - char Query[128 + Plg_MAX_BYTES_PLUGIN_DESCRIPTION]; + char *Query; char NewDescription[Plg_MAX_BYTES_PLUGIN_DESCRIPTION + 1]; Plg = &Gbl.Plugins.EditingPlg; @@ -630,9 +636,10 @@ void Plg_ChangePlgDescription (void) if (NewDescription[0]) { /* Update the table changing old description by new description */ - sprintf (Query,"UPDATE plugins SET Description='%s' WHERE PlgCod=%ld", - NewDescription,Plg->PlgCod); - DB_QueryUPDATE (Query,"can not update the description of a plugin"); + if (asprintf (&Query,"UPDATE plugins SET Description='%s' WHERE PlgCod=%ld", + NewDescription,Plg->PlgCod) < 0) + Lay_NotEnoughMemoryExit (); + DB_QueryUPDATE_free (Query,"can not update the description of a plugin"); /***** Write message to show the change made *****/ snprintf (Gbl.Alert.Txt,sizeof (Gbl.Alert.Txt), @@ -658,7 +665,7 @@ void Plg_ChangePlgLogo (void) extern const char *Txt_The_new_logo_is_X; extern const char *Txt_You_can_not_leave_the_logo_empty; struct Plugin *Plg; - char Query[128 + Plg_MAX_BYTES_PLUGIN_LOGO]; + char *Query; char NewLogo[Plg_MAX_BYTES_PLUGIN_LOGO + 1]; Plg = &Gbl.Plugins.EditingPlg; @@ -675,9 +682,10 @@ void Plg_ChangePlgLogo (void) if (NewLogo[0]) { /* Update the table changing old logo by new logo */ - sprintf (Query,"UPDATE plugins SET Logo='%s' WHERE PlgCod=%ld", - NewLogo,Plg->PlgCod); - DB_QueryUPDATE (Query,"can not update the logo of a plugin"); + if (asprintf (&Query,"UPDATE plugins SET Logo='%s' WHERE PlgCod=%ld", + NewLogo,Plg->PlgCod) < 0) + Lay_NotEnoughMemoryExit (); + DB_QueryUPDATE_free (Query,"can not update the logo of a plugin"); /***** Write message to show the change made *****/ snprintf (Gbl.Alert.Txt,sizeof (Gbl.Alert.Txt), @@ -703,7 +711,7 @@ void Plg_ChangePlgAppKey (void) extern const char *Txt_The_new_logo_is_X; // TODO: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! extern const char *Txt_You_can_not_leave_the_logo_empty;// TODO: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! struct Plugin *Plg; - char Query[128 + Plg_MAX_BYTES_PLUGIN_APP_KEY]; + char *Query; char NewAppKey[Plg_MAX_BYTES_PLUGIN_APP_KEY + 1]; Plg = &Gbl.Plugins.EditingPlg; @@ -720,9 +728,10 @@ void Plg_ChangePlgAppKey (void) if (NewAppKey[0]) { /* Update the table changing old application key by new application key */ - sprintf (Query,"UPDATE plugins SET AppKey='%s' WHERE PlgCod=%ld", - NewAppKey,Plg->PlgCod); - DB_QueryUPDATE (Query,"can not update the application key of a plugin"); + if (asprintf (&Query,"UPDATE plugins SET AppKey='%s' WHERE PlgCod=%ld", + NewAppKey,Plg->PlgCod) < 0) + Lay_NotEnoughMemoryExit (); + DB_QueryUPDATE_free (Query,"can not update the application key of a plugin"); /***** Write message to show the change made *****/ snprintf (Gbl.Alert.Txt,sizeof (Gbl.Alert.Txt), @@ -748,7 +757,7 @@ void Plg_ChangePlgURL (void) extern const char *Txt_The_new_URL_is_X; extern const char *Txt_You_can_not_leave_the_URL_empty; struct Plugin *Plg; - char Query[128 + Cns_MAX_BYTES_WWW]; + char *Query; char NewURL[Cns_MAX_BYTES_WWW + 1]; Plg = &Gbl.Plugins.EditingPlg; @@ -765,9 +774,10 @@ void Plg_ChangePlgURL (void) if (NewURL[0]) { /* Update the table changing old WWW by new WWW */ - sprintf (Query,"UPDATE plugins SET URL='%s' WHERE PlgCod=%ld", - NewURL,Plg->PlgCod); - DB_QueryUPDATE (Query,"can not update the URL of a plugin"); + if (asprintf (&Query,"UPDATE plugins SET URL='%s' WHERE PlgCod=%ld", + NewURL,Plg->PlgCod) < 0) + Lay_NotEnoughMemoryExit (); + DB_QueryUPDATE_free (Query,"can not update the URL of a plugin"); /***** Write message to show the change made *****/ snprintf (Gbl.Alert.Txt,sizeof (Gbl.Alert.Txt), @@ -793,7 +803,7 @@ void Plg_ChangePlgIP (void) extern const char *Txt_The_new_IP_address_is_X; extern const char *Txt_You_can_not_leave_the_IP_address_empty; struct Plugin *Plg; - char Query[128 + Cns_MAX_BYTES_IP]; + char *Query; char NewIP[Cns_MAX_BYTES_IP + 1]; Plg = &Gbl.Plugins.EditingPlg; @@ -810,9 +820,10 @@ void Plg_ChangePlgIP (void) if (NewIP[0]) { /* Update the table changing old IP by new IP */ - sprintf (Query,"UPDATE plugins SET IP='%s' WHERE PlgCod=%ld", - NewIP,Plg->PlgCod); - DB_QueryUPDATE (Query,"can not update the IP address of a plugin"); + if (asprintf (&Query,"UPDATE plugins SET IP='%s' WHERE PlgCod=%ld", + NewIP,Plg->PlgCod) < 0) + Lay_NotEnoughMemoryExit (); + DB_QueryUPDATE_free (Query,"can not update the IP address of a plugin"); /***** Write message to show the change made *****/ snprintf (Gbl.Alert.Txt,sizeof (Gbl.Alert.Txt), @@ -1050,20 +1061,19 @@ void Plg_RecFormNewPlg (void) static void Plg_CreatePlugin (struct Plugin *Plg) { extern const char *Txt_Created_new_plugin_X; - char Query[512 + Plg_MAX_BYTES_PLUGIN_NAME + - Plg_MAX_BYTES_PLUGIN_DESCRIPTION + - Plg_MAX_BYTES_PLUGIN_LOGO + - Plg_MAX_BYTES_PLUGIN_APP_KEY + - Cns_MAX_BYTES_WWW + - Cns_MAX_BYTES_IP]; + char *Query; /***** Create a new plugin *****/ - sprintf (Query,"INSERT INTO plugins" - " (Name,Description,Logo,AppKey,URL,IP)" - " VALUES" - " ('%s','%s','%s','%s','%s','%s')", - Plg->Name,Plg->Description,Plg->Logo,Plg->AppKey,Plg->URL,Plg->IP); - DB_QueryINSERT (Query,"can not create plugin"); + if (asprintf (&Query,"INSERT INTO plugins" + " (Name,Description,Logo," + "AppKey,URL,IP)" + " VALUES" + " ('%s','%s','%s'," + "'%s','%s','%s')", + Plg->Name,Plg->Description,Plg->Logo, + Plg->AppKey,Plg->URL,Plg->IP) < 0) + Lay_NotEnoughMemoryExit (); + DB_QueryINSERT_free (Query,"can not create plugin"); /***** Write success message *****/ snprintf (Gbl.Alert.Txt,sizeof (Gbl.Alert.Txt), diff --git a/swad_preference.c b/swad_preference.c index ce6cdef81..cc73a6c52 100644 --- a/swad_preference.c +++ b/swad_preference.c @@ -25,9 +25,10 @@ /********************************** Headers **********************************/ /*****************************************************************************/ +#define _GNU_SOURCE // For asprintf #include // For NULL #include // For boolean type -#include // For fprintf, etc. +#include // For asprintf, fprintf, etc. #include #include "swad_box.h" @@ -121,7 +122,7 @@ void Pre_EditPrefs (void) void Pre_GetPrefsFromIP (void) { - char Query[1024]; + char *Query; unsigned long NumRows; MYSQL_RES *mysql_res; MYSQL_ROW row; @@ -129,10 +130,11 @@ void Pre_GetPrefsFromIP (void) if (Gbl.IP[0]) { /***** Get preferences from database *****/ - sprintf (Query,"SELECT FirstDayOfWeek,DateFormat,Theme,IconSet,Menu,SideCols" - " FROM IP_prefs WHERE IP='%s'", - Gbl.IP); - if ((NumRows = DB_QuerySELECT (Query,&mysql_res,"can not get preferences"))) + if (asprintf (&Query,"SELECT FirstDayOfWeek,DateFormat,Theme,IconSet,Menu,SideCols" + " FROM IP_prefs WHERE IP='%s'", + Gbl.IP) < 0) + Lay_NotEnoughMemoryExit (); + if ((NumRows = DB_QuerySELECT_free (Query,&mysql_res,"can not get preferences"))) { if (NumRows != 1) Lay_ShowErrorAndExit ("Internal error while getting preferences."); @@ -175,39 +177,41 @@ void Pre_SetPrefsFromIP (void) { extern const char *The_ThemeId[The_NUM_THEMES]; extern const char *Ico_IconSetId[Ico_NUM_ICON_SETS]; - char Query[512]; + char *Query; /***** Update preferences from current IP in database *****/ - sprintf (Query,"REPLACE INTO IP_prefs" - " (IP,UsrCod,LastChange," - "FirstDayOfWeek,DateFormat,Theme,IconSet,Menu,SideCols)" - " VALUES" - " ('%s',%ld,NOW()," - "%u,%u,'%s','%s',%u,%u)", - Gbl.IP,Gbl.Usrs.Me.UsrDat.UsrCod, - Gbl.Prefs.FirstDayOfWeek, - (unsigned) Gbl.Prefs.DateFormat, - The_ThemeId[Gbl.Prefs.Theme], - Ico_IconSetId[Gbl.Prefs.IconSet], - (unsigned) Gbl.Prefs.Menu, - Gbl.Prefs.SideCols); - DB_QueryREPLACE (Query,"can not store preferences from current IP address"); + if (asprintf (&Query,"REPLACE INTO IP_prefs" + " (IP,UsrCod,LastChange," + "FirstDayOfWeek,DateFormat,Theme,IconSet,Menu,SideCols)" + " VALUES" + " ('%s',%ld,NOW()," + "%u,%u,'%s','%s',%u,%u)", + Gbl.IP,Gbl.Usrs.Me.UsrDat.UsrCod, + Gbl.Prefs.FirstDayOfWeek, + (unsigned) Gbl.Prefs.DateFormat, + The_ThemeId[Gbl.Prefs.Theme], + Ico_IconSetId[Gbl.Prefs.IconSet], + (unsigned) Gbl.Prefs.Menu, + Gbl.Prefs.SideCols) < 0) + Lay_NotEnoughMemoryExit (); + DB_QueryREPLACE_free (Query,"can not store preferences from current IP address"); /***** If a user is logged, update its preferences in database for all its IP's *****/ if (Gbl.Usrs.Me.Logged) { - sprintf (Query,"UPDATE IP_prefs" - " SET FirstDayOfWeek=%u,DateFormat=%u," - "Theme='%s',IconSet='%s',Menu=%u,SideCols=%u" - " WHERE UsrCod=%ld", - Gbl.Prefs.FirstDayOfWeek, - (unsigned) Gbl.Prefs.DateFormat, - The_ThemeId[Gbl.Prefs.Theme], - Ico_IconSetId[Gbl.Prefs.IconSet], - (unsigned) Gbl.Prefs.Menu, - Gbl.Prefs.SideCols, - Gbl.Usrs.Me.UsrDat.UsrCod); - DB_QueryUPDATE (Query,"can not update your preferences"); + if (asprintf (&Query,"UPDATE IP_prefs" + " SET FirstDayOfWeek=%u,DateFormat=%u," + "Theme='%s',IconSet='%s',Menu=%u,SideCols=%u" + " WHERE UsrCod=%ld", + Gbl.Prefs.FirstDayOfWeek, + (unsigned) Gbl.Prefs.DateFormat, + The_ThemeId[Gbl.Prefs.Theme], + Ico_IconSetId[Gbl.Prefs.IconSet], + (unsigned) Gbl.Prefs.Menu, + Gbl.Prefs.SideCols, + Gbl.Usrs.Me.UsrDat.UsrCod) < 0) + Lay_NotEnoughMemoryExit (); + DB_QueryUPDATE_free (Query,"can not update your preferences"); } } @@ -217,13 +221,14 @@ void Pre_SetPrefsFromIP (void) void Pre_RemoveOldPrefsFromIP (void) { - char Query[256]; + char *Query; /***** Remove old preferences *****/ - sprintf (Query,"DELETE LOW_PRIORITY FROM IP_prefs" - " WHERE LastChange