On Tue, Apr 26, 2011 at 10:10 AM, Lukas Fleischer <archlinux@cryptocrack.de> wrote:
On Mon, Apr 25, 2011 at 10:21:55PM -0700, elij wrote:
when converting to postgres, each mysql_real_escape_string instance had to be changed, which was tedious. Centralizing the escape mechanism code would allow for much easier porting, in the same way that db_query provides a lightweight query abstraction. --- web/html/account.php | 2 +- web/html/addvote.php | 10 +++++----- web/html/logout.php | 2 +- web/html/passreset.php | 4 ++-- web/html/pkgsubmit.php | 36 ++++++++++++++++++------------------ web/html/voters.php | 2 +- web/lib/acctfuncs.inc | 26 +++++++++++++------------- web/lib/aur.inc | 30 ++++++++++++++++++------------ web/lib/aurjson.class.php | 8 ++++---- web/lib/pkgfuncs.inc | 12 ++++++------ web/lib/stats.inc | 2 +- web/template/pkg_comment_form.php | 2 +- 12 files changed, 71 insertions(+), 65 deletions(-)
Sounds like a good idea as well, but I'm not sure if this makes a lot of sense if we keep any other mysql_*() invocations. I'd say we should use some proper database abstraction layers if we aim at database independent code...
Well, one has to start somewhere to get said abstraction layer, and this seems like as good as any start. It is the most-used function [1], with "result row processing functions" coming in next. So this patch gets a +1 from me, and eventually we can have a set of db_* functions we are able to use, can move to a db_mysql.inc file, and go from there. -Dan [1] dmcgee@clifden ~/projects/aur (master) $ find -name '*.php' | xargs grep -R --color -o -h 'mysql_[^( ]*(' * | sort | uniq -c | sort -n 1 mysql_connect( 1 mysql_init( 1 mysql_library_end( 1 mysql_library_init( 1 mysql_real_connect( 1 mysql_store_result( 2 mysql_affected_rows( 2 mysql_close( 2 mysql_insert_id( 3 mysql_fetch_array( 3 mysql_free_result( 4 mysql_fetch_object( 5 mysql_result( 5 mysql_select_db( 6 mysql_error( 10 mysql_die( 10 mysql_query( 25 mysql_fetch_row( 36 mysql_fetch_assoc( 38 mysql_num_rows( 99 mysql_real_escape_string(