[aur-dev] [PATCH 1/1] use convenience wrapper for mysql_real_escape_string to aid database portability

Dan McGee dpmcgee at gmail.com
Tue Apr 26 11:42:58 EDT 2011 

On Tue, Apr 26, 2011 at 10:10 AM, Lukas Fleischer
<archlinux at cryptocrack.de> wrote:
> On Mon, Apr 25, 2011 at 10:21:55PM -0700, elij wrote:
>> when converting to postgres, each mysql_real_escape_string instance had to be
>> changed, which was tedious. Centralizing the escape mechanism code would allow
>> for much easier porting, in the same way that db_query provides a lightweight
>> query abstraction.
>> ---
>>  web/html/account.php              |    2 +-
>>  web/html/addvote.php              |   10 +++++-----
>>  web/html/logout.php               |    2 +-
>>  web/html/passreset.php            |    4 ++--
>>  web/html/pkgsubmit.php            |   36 ++++++++++++++++++------------------
>>  web/html/voters.php               |    2 +-
>>  web/lib/acctfuncs.inc             |   26 +++++++++++++-------------
>>  web/lib/aur.inc                   |   30 ++++++++++++++++++------------
>>  web/lib/aurjson.class.php         |    8 ++++----
>>  web/lib/pkgfuncs.inc              |   12 ++++++------
>>  web/lib/stats.inc                 |    2 +-
>>  web/template/pkg_comment_form.php |    2 +-
>>  12 files changed, 71 insertions(+), 65 deletions(-)
>>
>
> Sounds like a good idea as well, but I'm not sure if this makes a lot of
> sense if we keep any other mysql_*() invocations. I'd say we should use
> some proper database abstraction layers if we aim at database
> independent code...

Well, one has to start somewhere to get said abstraction layer, and
this seems like as good as any start. It is the most-used function
[1], with "result row processing functions" coming in next. So this
patch gets a +1 from me, and eventually we can have a set of db_*
functions we are able to use, can move to a db_mysql.inc file, and go
from there.

-Dan

[1] dmcgee at clifden ~/projects/aur (master)
$ find -name '*.php' | xargs grep -R --color -o -h 'mysql_[^( ]*(' * |
sort | uniq -c | sort -n
      1 mysql_connect(
      1 mysql_init(
      1 mysql_library_end(
      1 mysql_library_init(
      1 mysql_real_connect(
      1 mysql_store_result(
      2 mysql_affected_rows(
      2 mysql_close(
      2 mysql_insert_id(
      3 mysql_fetch_array(
      3 mysql_free_result(
      4 mysql_fetch_object(
      5 mysql_result(
      5 mysql_select_db(
      6 mysql_error(
     10 mysql_die(
     10 mysql_query(
     25 mysql_fetch_row(
     36 mysql_fetch_assoc(
     38 mysql_num_rows(
     99 mysql_real_escape_string(

More information about the aur-dev mailing list