[aur-dev] [PATCH 1/1] use convenience wrapper for mysql_real_escape_string to aid database portability
Dan McGee
dpmcgee at gmail.com
Tue Apr 26 11:42:58 EDT 2011
On Tue, Apr 26, 2011 at 10:10 AM, Lukas Fleischer
<archlinux at cryptocrack.de> wrote:
> On Mon, Apr 25, 2011 at 10:21:55PM -0700, elij wrote:
>> when converting to postgres, each mysql_real_escape_string instance had to be
>> changed, which was tedious. Centralizing the escape mechanism code would allow
>> for much easier porting, in the same way that db_query provides a lightweight
>> query abstraction.
>> ---
>> web/html/account.php | 2 +-
>> web/html/addvote.php | 10 +++++-----
>> web/html/logout.php | 2 +-
>> web/html/passreset.php | 4 ++--
>> web/html/pkgsubmit.php | 36 ++++++++++++++++++------------------
>> web/html/voters.php | 2 +-
>> web/lib/acctfuncs.inc | 26 +++++++++++++-------------
>> web/lib/aur.inc | 30 ++++++++++++++++++------------
>> web/lib/aurjson.class.php | 8 ++++----
>> web/lib/pkgfuncs.inc | 12 ++++++------
>> web/lib/stats.inc | 2 +-
>> web/template/pkg_comment_form.php | 2 +-
>> 12 files changed, 71 insertions(+), 65 deletions(-)
>>
>
> Sounds like a good idea as well, but I'm not sure if this makes a lot of
> sense if we keep any other mysql_*() invocations. I'd say we should use
> some proper database abstraction layers if we aim at database
> independent code...
Well, one has to start somewhere to get said abstraction layer, and
this seems like as good as any start. It is the most-used function
[1], with "result row processing functions" coming in next. So this
patch gets a +1 from me, and eventually we can have a set of db_*
functions we are able to use, can move to a db_mysql.inc file, and go
from there.
-Dan
[1] dmcgee at clifden ~/projects/aur (master)
$ find -name '*.php' | xargs grep -R --color -o -h 'mysql_[^( ]*(' * |
sort | uniq -c | sort -n
1 mysql_connect(
1 mysql_init(
1 mysql_library_end(
1 mysql_library_init(
1 mysql_real_connect(
1 mysql_store_result(
2 mysql_affected_rows(
2 mysql_close(
2 mysql_insert_id(
3 mysql_fetch_array(
3 mysql_free_result(
4 mysql_fetch_object(
5 mysql_result(
5 mysql_select_db(
6 mysql_error(
10 mysql_die(
10 mysql_query(
25 mysql_fetch_row(
36 mysql_fetch_assoc(
38 mysql_num_rows(
99 mysql_real_escape_string(
More information about the aur-dev
mailing list