diff options
Diffstat (limited to 'ext/pgsql')
| -rw-r--r-- | ext/pgsql/pgsql.c | 26 | ||||
| -rw-r--r-- | ext/pgsql/tests/bug47199.phpt | 67 |
2 files changed, 86 insertions, 7 deletions
diff --git a/ext/pgsql/pgsql.c b/ext/pgsql/pgsql.c index af8988e60..ca2d0f944 100644 --- a/ext/pgsql/pgsql.c +++ b/ext/pgsql/pgsql.c @@ -20,7 +20,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: pgsql.c 298840 2010-05-01 18:27:42Z geissert $ */ +/* $Id: pgsql.c 305507 2010-11-18 15:22:22Z pajoye $ */ #include <stdlib.h> @@ -3339,6 +3339,10 @@ PHP_FUNCTION(pg_lo_import) WRONG_PARAM_COUNT; } + if (strlen(file_in) != name_len) { + RETURN_FALSE; + } + if (PG(safe_mode) &&(!php_checkuid(file_in, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { RETURN_FALSE; } @@ -3476,6 +3480,10 @@ PHP_FUNCTION(pg_lo_export) RETURN_FALSE; } + if (strlen(file_out) != name_len) { + RETURN_FALSE; + } + if (PG(safe_mode) &&(!php_checkuid(file_out, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { RETURN_FALSE; } @@ -5930,7 +5938,7 @@ PHP_FUNCTION(pg_insert) } /* }}} */ -static inline int build_assignment_string(smart_str *querystr, HashTable *ht, const char *pad, int pad_len TSRMLS_DC) +static inline int build_assignment_string(smart_str *querystr, HashTable *ht, int where_cond, const char *pad, int pad_len TSRMLS_DC) { HashPosition pos; uint fld_len; @@ -5949,7 +5957,11 @@ static inline int build_assignment_string(smart_str *querystr, HashTable *ht, co return -1; } smart_str_appendl(querystr, fld, fld_len - 1); - smart_str_appendc(querystr, '='); + if (where_cond && Z_TYPE_PP(val) == IS_STRING && !strcmp(Z_STRVAL_PP(val), "NULL")) { + smart_str_appends(querystr, " IS "); + } else { + smart_str_appendc(querystr, '='); + } switch(Z_TYPE_PP(val)) { case IS_STRING: @@ -6011,12 +6023,12 @@ PHP_PGSQL_API int php_pgsql_update(PGconn *pg_link, const char *table, zval *var smart_str_appends(&querystr, table); smart_str_appends(&querystr, " SET "); - if (build_assignment_string(&querystr, Z_ARRVAL_P(var_array), ",", 1 TSRMLS_CC)) + if (build_assignment_string(&querystr, Z_ARRVAL_P(var_array), 0, ",", 1 TSRMLS_CC)) goto cleanup; smart_str_appends(&querystr, " WHERE "); - if (build_assignment_string(&querystr, Z_ARRVAL_P(ids_array), " AND ", sizeof(" AND ")-1 TSRMLS_CC)) + if (build_assignment_string(&querystr, Z_ARRVAL_P(ids_array), 1, " AND ", sizeof(" AND ")-1 TSRMLS_CC)) goto cleanup; smart_str_appendc(&querystr, ';'); @@ -6112,7 +6124,7 @@ PHP_PGSQL_API int php_pgsql_delete(PGconn *pg_link, const char *table, zval *ids smart_str_appends(&querystr, table); smart_str_appends(&querystr, " WHERE "); - if (build_assignment_string(&querystr, Z_ARRVAL_P(ids_array), " AND ", sizeof(" AND ")-1 TSRMLS_CC)) + if (build_assignment_string(&querystr, Z_ARRVAL_P(ids_array), 1, " AND ", sizeof(" AND ")-1 TSRMLS_CC)) goto cleanup; smart_str_appendc(&querystr, ';'); @@ -6251,7 +6263,7 @@ PHP_PGSQL_API int php_pgsql_select(PGconn *pg_link, const char *table, zval *ids smart_str_appends(&querystr, table); smart_str_appends(&querystr, " WHERE "); - if (build_assignment_string(&querystr, Z_ARRVAL_P(ids_array), " AND ", sizeof(" AND ")-1 TSRMLS_CC)) + if (build_assignment_string(&querystr, Z_ARRVAL_P(ids_array), 1, " AND ", sizeof(" AND ")-1 TSRMLS_CC)) goto cleanup; smart_str_appendc(&querystr, ';'); diff --git a/ext/pgsql/tests/bug47199.phpt b/ext/pgsql/tests/bug47199.phpt new file mode 100644 index 000000000..5bfac0b1b --- /dev/null +++ b/ext/pgsql/tests/bug47199.phpt @@ -0,0 +1,67 @@ +--TEST-- +Bug #47199 (pg_delete fails on NULL) +--SKIPIF-- +<?php +require_once('skipif.inc'); +?> +--FILE-- +<?php + +require_once('config.inc'); + +$dbh = pg_connect($conn_str); +$tbl_name = 'test_47199'; +@pg_query("DROP TABLE $tbl_name"); +pg_query("CREATE TABLE $tbl_name (null_field INT, not_null_field INT NOT NULL)"); + +pg_insert($dbh, $tbl_name, array('null_field' => null, 'not_null_field' => 1)); +pg_insert($dbh, $tbl_name, array('null_field' => null, 'not_null_field' => 2)); + +var_dump(pg_fetch_all(pg_query('SELECT * FROM '. $tbl_name))); + +$query = pg_delete($dbh, $tbl_name, array('null_field' => NULL,'not_null_field' => 2), PGSQL_DML_STRING|PGSQL_DML_EXEC); + +echo $query, "\n"; + +$query = pg_update($dbh, $tbl_name, array('null_field' => NULL, 'not_null_field' => 0), array('not_null_field' => 1, 'null_field' => ''), PGSQL_DML_STRING|PGSQL_DML_EXEC); + +echo $query, "\n"; + +var_dump(pg_fetch_all(pg_query('SELECT * FROM '. $tbl_name))); + +@pg_query("DROP TABLE $tbl_name"); +pg_close($dbh); + +echo PHP_EOL."Done".PHP_EOL; + +?> +--EXPECTF-- +array(2) { + [0]=> + array(2) { + ["null_field"]=> + NULL + ["not_null_field"]=> + string(1) "1" + } + [1]=> + array(2) { + ["null_field"]=> + NULL + ["not_null_field"]=> + string(1) "2" + } +} +DELETE FROM test_47199 WHERE null_field IS NULL AND not_null_field=2; +UPDATE test_47199 SET null_field=NULL,not_null_field=0 WHERE not_null_field=1 AND null_field IS NULL; +array(1) { + [0]=> + array(2) { + ["null_field"]=> + NULL + ["not_null_field"]=> + string(1) "0" + } +} + +Done
\ No newline at end of file |