mirror of
https://github.com/XRPLF/rippled.git
synced 2025-12-06 17:27:55 +00:00
Remove db->escape in favor of sqlEscape.
This commit is contained in:
Arthur Britto
@@ -8,14 +8,14 @@ using namespace std;
|
||||
|
||||
SqliteDatabase::SqliteDatabase(const char* host) : Database(host,"","")
|
||||
{
|
||||
mConnection=NULL;
|
||||
mCurrentStmt=NULL;
|
||||
mConnection = NULL;
|
||||
mCurrentStmt = NULL;
|
||||
}
|
||||
|
||||
void SqliteDatabase::connect()
|
||||
{
|
||||
int rc = sqlite3_open(mHost.c_str(), &mConnection);
|
||||
if( rc )
|
||||
if (rc)
|
||||
{
|
||||
cout << "Can't open database: " << mHost << " " << rc << endl;
|
||||
sqlite3_close(mConnection);
|
||||
@@ -32,8 +32,10 @@ void SqliteDatabase::disconnect()
|
||||
bool SqliteDatabase::executeSQL(const char* sql, bool fail_ok)
|
||||
{
|
||||
sqlite3_finalize(mCurrentStmt);
|
||||
|
||||
int rc = sqlite3_prepare_v2(mConnection, sql, -1, &mCurrentStmt, NULL);
|
||||
if (rc != SQLITE_OK )
|
||||
|
||||
if (SQLITE_OK != rc)
|
||||
{
|
||||
if (!fail_ok)
|
||||
{
|
||||
@@ -57,6 +59,7 @@ bool SqliteDatabase::executeSQL(const char* sql, bool fail_ok)
|
||||
else
|
||||
{
|
||||
mMoreRows = false;
|
||||
|
||||
if (!fail_ok)
|
||||
{
|
||||
#ifdef DEBUG
|
||||
@@ -106,16 +109,18 @@ void SqliteDatabase::endIterRows()
|
||||
// will return false if there are no more rows
|
||||
bool SqliteDatabase::getNextRow()
|
||||
{
|
||||
if(!mMoreRows) return(false);
|
||||
if (!mMoreRows) return(false);
|
||||
|
||||
int rc=sqlite3_step(mCurrentStmt);
|
||||
if(rc==SQLITE_ROW)
|
||||
if (rc==SQLITE_ROW)
|
||||
{
|
||||
return(true);
|
||||
}else if(rc==SQLITE_DONE)
|
||||
}
|
||||
else if (rc==SQLITE_DONE)
|
||||
{
|
||||
return(false);
|
||||
}else
|
||||
}
|
||||
else
|
||||
{
|
||||
cout << "SQL Rerror:" << rc << endl;
|
||||
return(false);
|
||||
@@ -174,28 +179,4 @@ uint64 SqliteDatabase::getBigInt(int colIndex)
|
||||
return(sqlite3_column_int64(mCurrentStmt, colIndex));
|
||||
}
|
||||
|
||||
|
||||
/* http://www.sqlite.org/lang_expr.html
|
||||
BLOB literals are string literals containing hexadecimal data and preceded by a single "x" or "X" character. For example:
|
||||
X'53514C697465'
|
||||
*/
|
||||
void SqliteDatabase::escape(const unsigned char* start, int size, std::string& retStr)
|
||||
{
|
||||
static const char toHex[16] = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9',
|
||||
'A', 'B', 'C', 'D', 'E', 'F' };
|
||||
|
||||
retStr.resize(3 + (size * 2));
|
||||
|
||||
int pos = 0;
|
||||
retStr[pos++] = 'X';
|
||||
retStr[pos++] = '\'';
|
||||
|
||||
for (int n = 0; n < size; ++n)
|
||||
{
|
||||
retStr[pos++] = toHex[start[n] >> 4];
|
||||
retStr[pos++] = toHex[start[n] & 0x0f];
|
||||
}
|
||||
retStr[pos] = '\'';
|
||||
}
|
||||
|
||||
// vim:ts=4
|
||||
|
||||
@@ -38,8 +38,6 @@ public:
|
||||
int getBinary(int colIndex,unsigned char* buf,int maxSize);
|
||||
std::vector<unsigned char> getBinary(int colIndex);
|
||||
uint64 getBigInt(int colIndex);
|
||||
|
||||
void escape(const unsigned char* start,int size,std::string& retStr);
|
||||
};
|
||||
|
||||
// vim:ts=4
|
||||
|
||||
@@ -185,12 +185,4 @@ char* Database::getSingleDBValueStr(const char* sql,std::string& retStr)
|
||||
}
|
||||
#endif
|
||||
|
||||
std::string Database::escape(const std::string strValue)
|
||||
{
|
||||
std::string strReturn;
|
||||
|
||||
escape(reinterpret_cast<const unsigned char*>(strValue.c_str()), strValue.size(), strReturn);
|
||||
|
||||
return strReturn;
|
||||
}
|
||||
// vim:ts=4
|
||||
|
||||
@@ -37,9 +37,6 @@ public:
|
||||
|
||||
std::string& getPass(){ return(mDBPass); }
|
||||
|
||||
virtual void escape(const unsigned char* start,int size,std::string& retStr)=0;
|
||||
std::string escape(const std::string strValue);
|
||||
|
||||
// returns true if the query went ok
|
||||
virtual bool executeSQL(const char* sql, bool fail_okay=false)=0;
|
||||
|
||||
|
||||
@@ -532,7 +532,7 @@ bool ConnectionPool::peerScanSet(const std::string& strIp, int iPort)
|
||||
db->executeSQL(str(boost::format("UPDATE PeerIps SET ScanNext=%d,ScanInterval=%d WHERE IpPort=%s;")
|
||||
% iToSeconds(tpNext)
|
||||
% iInterval
|
||||
% db->escape(strIpPort)));
|
||||
% sqlEscape(strIpPort)));
|
||||
|
||||
bScanDirty = true;
|
||||
}
|
||||
@@ -632,8 +632,8 @@ void ConnectionPool::peerVerified(Peer::ref peer)
|
||||
ScopedLock sl(theApp->getWalletDB()->getDBLock());
|
||||
Database *db=theApp->getWalletDB()->getDB();
|
||||
|
||||
db->executeSQL(str(boost::format("UPDATE PeerIps SET ScanNext=NULL,ScanInterval=0 WHERE IpPort=%s;")
|
||||
% db->escape(strIpPort)));
|
||||
db->executeSQL(boost::str(boost::format("UPDATE PeerIps SET ScanNext=NULL,ScanInterval=0 WHERE IpPort=%s;")
|
||||
% sqlEscape(strIpPort)));
|
||||
// XXX Check error.
|
||||
}
|
||||
|
||||
@@ -726,10 +726,10 @@ void ConnectionPool::scanRefresh()
|
||||
ScopedLock sl(theApp->getWalletDB()->getDBLock());
|
||||
Database *db=theApp->getWalletDB()->getDB();
|
||||
|
||||
db->executeSQL(str(boost::format("UPDATE PeerIps SET ScanNext=%d,ScanInterval=%d WHERE IpPort=%s;")
|
||||
db->executeSQL(boost::str(boost::format("UPDATE PeerIps SET ScanNext=%d,ScanInterval=%d WHERE IpPort=%s;")
|
||||
% iToSeconds(tpNext)
|
||||
% iInterval
|
||||
% db->escape(strIpPort)));
|
||||
% sqlEscape(strIpPort)));
|
||||
// XXX Check error.
|
||||
}
|
||||
|
||||
|
||||
@@ -95,6 +95,7 @@ void HashedObjectStore::bulkWrite()
|
||||
if (!SQL_EXISTS(db, boost::str(fExists % it->getHash().GetHex())))
|
||||
{
|
||||
char type;
|
||||
|
||||
switch(it->getType())
|
||||
{
|
||||
case hotLEDGER: type = 'L'; break;
|
||||
@@ -103,9 +104,7 @@ void HashedObjectStore::bulkWrite()
|
||||
case hotTRANSACTION_NODE: type = 'N'; break;
|
||||
default: type = 'U';
|
||||
}
|
||||
std::string rawData;
|
||||
db->escape(&(it->getData().front()), it->getData().size(), rawData);
|
||||
db->executeSQL(boost::str(fAdd % it->getHash().GetHex() % type % it->getIndex() % rawData ));
|
||||
db->executeSQL(boost::str(fAdd % it->getHash().GetHex() % type % it->getIndex() % sqlEscape(it->getData())));
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -28,7 +28,7 @@ class HashedObject : private IS_INSTANCE(HashedObject)
|
||||
public:
|
||||
typedef boost::shared_ptr<HashedObject> pointer;
|
||||
|
||||
HashedObjectType mType;
|
||||
HashedObjectType mType;
|
||||
uint256 mHash;
|
||||
uint32 mLedgerIndex;
|
||||
std::vector<unsigned char> mData;
|
||||
@@ -69,3 +69,4 @@ public:
|
||||
};
|
||||
|
||||
#endif
|
||||
// vim:ts=4
|
||||
|
||||
@@ -49,17 +49,16 @@ CKey::pointer PubKeyCache::store(const RippleAddress& id, const CKey::pointer& k
|
||||
}
|
||||
|
||||
std::vector<unsigned char> pk = key->GetPubKey();
|
||||
std::string encodedPK;
|
||||
theApp->getTxnDB()->getDB()->escape(&(pk.front()), pk.size(), encodedPK);
|
||||
|
||||
std::string sql = "INSERT INTO PubKeys (ID,PubKey) VALUES ('";
|
||||
sql += id.humanAccountID();
|
||||
sql += "',";
|
||||
sql += encodedPK;
|
||||
sql += sqlEscape(pk);
|
||||
sql.append(");");
|
||||
|
||||
ScopedLock dbl(theApp->getTxnDB()->getDBLock());
|
||||
theApp->getTxnDB()->getDB()->executeSQL(sql, true);
|
||||
|
||||
return key;
|
||||
}
|
||||
|
||||
|
||||
@@ -235,9 +235,8 @@ std::string SerializedTransaction::getMetaSQL(uint32 inLedger, const std::string
|
||||
std::string SerializedTransaction::getSQL(Serializer rawTxn, uint32 inLedger, char status) const
|
||||
{
|
||||
static boost::format bfTrans("('%s', '%s', '%s', '%d', '%d', '%c', %s)");
|
||||
std::string rTxn;
|
||||
theApp->getTxnDB()->getDB()->escape(
|
||||
reinterpret_cast<const unsigned char *>(rawTxn.getDataPtr()), rawTxn.getLength(), rTxn);
|
||||
std::string rTxn = sqlEscape(rawTxn.peekData());
|
||||
|
||||
return str(bfTrans
|
||||
% getTransactionID().GetHex() % getTransactionType() % getSourceAccount().humanAccountID()
|
||||
% getSequence() % inLedger % status % rTxn);
|
||||
@@ -247,9 +246,8 @@ std::string SerializedTransaction::getMetaSQL(Serializer rawTxn, uint32 inLedger
|
||||
const std::string& escapedMetaData) const
|
||||
{
|
||||
static boost::format bfTrans("('%s', '%s', '%s', '%d', '%d', '%c', %s, %s)");
|
||||
std::string rTxn;
|
||||
theApp->getTxnDB()->getDB()->escape(
|
||||
reinterpret_cast<const unsigned char *>(rawTxn.getDataPtr()), rawTxn.getLength(), rTxn);
|
||||
std::string rTxn = sqlEscape(rawTxn.peekData());
|
||||
|
||||
return str(bfTrans
|
||||
% getTransactionID().GetHex() % getTransactionType() % getSourceAccount().humanAccountID()
|
||||
% getSequence() % inLedger % status % rTxn % escapedMetaData);
|
||||
|
||||
@@ -306,8 +306,8 @@ void UniqueNodeList::scoreCompute()
|
||||
|
||||
ScopedLock sl(theApp->getWalletDB()->getDBLock());
|
||||
|
||||
SQL_FOREACH(db, str(boost::format("SELECT Referral FROM ValidatorReferrals WHERE Validator=%s ORDER BY Entry;")
|
||||
% db->escape(strValidator)))
|
||||
SQL_FOREACH(db, boost::str(boost::format("SELECT Referral FROM ValidatorReferrals WHERE Validator=%s ORDER BY Entry;")
|
||||
% sqlEscape(strValidator)))
|
||||
{
|
||||
std::string strReferral = db->getStrBinary("Referral");
|
||||
int iReferral;
|
||||
@@ -399,7 +399,7 @@ void UniqueNodeList::scoreCompute()
|
||||
|
||||
for (int iNode=vsnNodes.size(); iNode--;)
|
||||
{
|
||||
vstrPublicKeys[iNode] = db->escape(vsnNodes[iNode].strValidator);
|
||||
vstrPublicKeys[iNode] = sqlEscape(vsnNodes[iNode].strValidator);
|
||||
}
|
||||
|
||||
SQL_FOREACH(db, str(boost::format("SELECT PublicKey,Seen FROM TrustedNodes WHERE PublicKey IN (%s);")
|
||||
@@ -478,7 +478,7 @@ void UniqueNodeList::scoreCompute()
|
||||
int iEntry = 0;
|
||||
|
||||
SQL_FOREACH(db, str(boost::format("SELECT IP,Port FROM IpReferrals WHERE Validator=%s ORDER BY Entry;")
|
||||
% db->escape(strValidator)))
|
||||
% sqlEscape(strValidator)))
|
||||
{
|
||||
score iPoints = iBase * (iEntries - iEntry) / iEntries;
|
||||
int iPort;
|
||||
@@ -510,7 +510,7 @@ void UniqueNodeList::scoreCompute()
|
||||
score iPoints = ipScore.second;
|
||||
|
||||
vstrValues.push_back(str(boost::format("(%s,%d,'%c')")
|
||||
% db->escape(strIpPort)
|
||||
% sqlEscape(strIpPort)
|
||||
% iPoints
|
||||
% vsValidator));
|
||||
}
|
||||
@@ -649,7 +649,7 @@ void UniqueNodeList::processIps(const std::string& strSite, const RippleAddress&
|
||||
if (bValid)
|
||||
{
|
||||
vstrValues[iValues] = str(boost::format("(%s,%d,%s,%d)")
|
||||
% strEscNodePublic % iValues % db->escape(strIP) % iPort);
|
||||
% strEscNodePublic % iValues % sqlEscape(strIP) % iPort);
|
||||
iValues++;
|
||||
}
|
||||
else
|
||||
@@ -1153,8 +1153,8 @@ bool UniqueNodeList::getSeedDomains(const std::string& strDomain, seedDomain& ds
|
||||
bool bResult;
|
||||
Database* db=theApp->getWalletDB()->getDB();
|
||||
|
||||
std::string strSql = str(boost::format("SELECT * FROM SeedDomains WHERE Domain=%s;")
|
||||
% db->escape(strDomain));
|
||||
std::string strSql = boost::str(boost::format("SELECT * FROM SeedDomains WHERE Domain=%s;")
|
||||
% sqlEscape(strDomain));
|
||||
|
||||
ScopedLock sl(theApp->getWalletDB()->getDBLock());
|
||||
|
||||
@@ -1215,15 +1215,15 @@ void UniqueNodeList::setSeedDomains(const seedDomain& sdSource, bool bNext)
|
||||
|
||||
// cLog(lsTRACE) << str(boost::format("setSeedDomains: iNext=%s tpNext=%s") % iNext % sdSource.tpNext);
|
||||
|
||||
std::string strSql = str(boost::format("REPLACE INTO SeedDomains (Domain,PublicKey,Source,Next,Scan,Fetch,Sha256,Comment) VALUES (%s, %s, %s, %d, %d, %d, '%s', %s);")
|
||||
% db->escape(sdSource.strDomain)
|
||||
% (sdSource.naPublicKey.isValid() ? db->escape(sdSource.naPublicKey.humanNodePublic()) : "NULL")
|
||||
std::string strSql = boost::str(boost::format("REPLACE INTO SeedDomains (Domain,PublicKey,Source,Next,Scan,Fetch,Sha256,Comment) VALUES (%s, %s, %s, %d, %d, %d, '%s', %s);")
|
||||
% sqlEscape(sdSource.strDomain)
|
||||
% (sdSource.naPublicKey.isValid() ? sqlEscape(sdSource.naPublicKey.humanNodePublic()) : "NULL")
|
||||
% sqlEscape(std::string(1, static_cast<char>(sdSource.vsSource)))
|
||||
% iNext
|
||||
% iScan
|
||||
% iFetch
|
||||
% sdSource.iSha256.GetHex()
|
||||
% db->escape(sdSource.strComment)
|
||||
% sqlEscape(sdSource.strComment)
|
||||
);
|
||||
|
||||
ScopedLock sl(theApp->getWalletDB()->getDBLock());
|
||||
|
||||
@@ -312,7 +312,7 @@ void ValidationCollection::doWrite()
|
||||
BOOST_FOREACH(const SerializedValidation::pointer& it, vector)
|
||||
db->executeSQL(boost::str(insVal % it->getLedgerHash().GetHex()
|
||||
% it->getSignerPublic().humanNodePublic() % it->getFlags() % it->getSignTime()
|
||||
% db->escape(strCopy(it->getSignature()))));
|
||||
% sqlEscape(it->getSignature())));
|
||||
db->executeSQL("END TRANSACTION;");
|
||||
}
|
||||
sl.lock();
|
||||
|
||||
@@ -121,7 +121,7 @@ bool Wallet::dataDelete(const std::string& strKey)
|
||||
ScopedLock sl(theApp->getRpcDB()->getDBLock());
|
||||
|
||||
return db->executeSQL(str(boost::format("DELETE FROM RPCData WHERE Key=%s;")
|
||||
% db->escape(strKey)));
|
||||
% sqlEscape(strKey)));
|
||||
}
|
||||
|
||||
bool Wallet::dataFetch(const std::string& strKey, std::string& strValue)
|
||||
@@ -133,7 +133,7 @@ bool Wallet::dataFetch(const std::string& strKey, std::string& strValue)
|
||||
bool bSuccess = false;
|
||||
|
||||
if (db->executeSQL(str(boost::format("SELECT Value FROM RPCData WHERE Key=%s;")
|
||||
% db->escape(strKey))) && db->startIterRows())
|
||||
% sqlEscape(strKey))) && db->startIterRows())
|
||||
{
|
||||
std::vector<unsigned char> vucData = db->getBinary("Value");
|
||||
strValue.assign(vucData.begin(), vucData.end());
|
||||
@@ -155,8 +155,8 @@ bool Wallet::dataStore(const std::string& strKey, const std::string& strValue)
|
||||
bool bSuccess = false;
|
||||
|
||||
return (db->executeSQL(str(boost::format("REPLACE INTO RPCData (Key, Value) VALUES (%s,%s);")
|
||||
% db->escape(strKey)
|
||||
% db->escape(strValue)
|
||||
% sqlEscape(strKey)
|
||||
% sqlEscape(strValue)
|
||||
)));
|
||||
|
||||
return bSuccess;
|
||||
|
||||
Reference in New Issue
Block a user