valvin
/
ttrss
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

rssutils: forbid question marks in tsvector data, PDO gets confused sometimes even by quoted ?s

This commit is contained in:
Andrew Dolgov 2017-12-03 10:10:01 +03:00
parent 64312bfd71
commit 49a888ecce
2 changed files with 27 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
classes/rssutils.php
View File

@ -973,29 +973,39 @@ class RSSUtils {
_debug("resulting RID: $entry_ref_id, IID: $entry_int_id", $debug_enabled); _debug("resulting RID: $entry_ref_id, IID: $entry_int_id", $debug_enabled);
if (DB_TYPE == "pgsql") { if (DB_TYPE == "pgsql") {
$tsvector_combined = mb_substr($entry_title . ' ' . strip_tags(str_replace('<', ' <', $entry_content)), $tsvector_combined = mb_substr($entry_title . ' ' .
preg_replace('/[<\?\:]/', ' ', strip_tags($entry_content)),
0, 1000000); 0, 1000000);
$tsvector_qpart = "tsvector_combined = to_tsvector('$feed_language', ".$pdo->quote($tsvector_combined)."),"; $tsvector_qpart = "tsvector_combined = to_tsvector(".$pdo->quote($feed_language).", ".$pdo->quote($tsvector_combined)."),";
} else { } else {
$tsvector_qpart = ""; $tsvector_qpart = "";
} }
$sth = $pdo->prepare("UPDATE ttrss_entries //_debug($tsvector_qpart);
SET title = ?,
content = ?,
content_hash = ?,
updated = ?,
$tsvector_qpart
num_comments = ?,
plugin_data = ?,
author = ?,
lang = ?
WHERE id = ?");
$sth->execute([$entry_title, $entry_content, $entry_current_hash, $entry_timestamp_fmt, $sth = $pdo->prepare("UPDATE ttrss_entries
(int)$num_comments, $entry_plugin_data, $entry_author, $entry_language, $ref_id]); SET title = :title,
$tsvector_qpart
content = :content,
content_hash = :content_hash,
updated = :updated,
num_comments = :num_comments,
plugin_data = :plugin_data,
author = :author,
lang = :lang
WHERE id = :id");
$sth->execute([":title" => $entry_title,
":content" => $entry_content,
":content_hash" => $entry_current_hash,
":updated" => $entry_timestamp_fmt,
":num_comments" => (int)$num_comments,
":plugin_data" => $entry_plugin_data,
":author" => $entry_author,
":lang" => $entry_language,
":id" => $ref_id]);
// update aux data // update aux data
$sth = $pdo->prepare("UPDATE ttrss_user_entries $sth = $pdo->prepare("UPDATE ttrss_user_entries

3
update.php
View File

@ -367,7 +367,8 @@
while (true) { while (true) {
while ($line = $sth->fetch()) { while ($line = $sth->fetch()) {
$tsvector_combined = mb_substr($line['title'] . ' ' . strip_tags(str_replace('<', ' <', $line['content'])), $tsvector_combined = mb_substr($line['title'] . ' ' .
preg_replace('/[<\?\:]/', ' ', strip_tags($line['content'])),
0, 1000000); 0, 1000000);
$usth->execute([$tsvector_combined, $line['id']]); $usth->execute([$tsvector_combined, $line['id']]);