From 6e4731d9f95dfb0940862f00b373f630fcafcc39 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Sun, 3 Dec 2017 10:26:38 +0300 Subject: [PATCH] plugins/af_psql_trgm: use PDO --- plugins/af_psql_trgm/init.php | 101 +++++++++++++++++++--------------- 1 file changed, 57 insertions(+), 44 deletions(-) diff --git a/plugins/af_psql_trgm/init.php b/plugins/af_psql_trgm/init.php index 7ce385f29..19653c0f3 100644 --- a/plugins/af_psql_trgm/init.php +++ b/plugins/af_psql_trgm/init.php @@ -1,6 +1,7 @@ pdo->prepare("SELECT title FROM ttrss_entries, ttrss_user_entries + WHERE ref_id = id AND id = ? AND owner_uid = ?"); + $sth->execute([$id, $owner_uid]); - $title = db_fetch_result($result, 0, "title"); + if ($row = $sth->fetch()) { - print "

$title

"; + $title = $row['title']; - $title = db_escape_string($title); - $result = db_query("SELECT ttrss_entries.id AS id, + print "

$title

"; + + $sth = $this->pdo->prepare("SELECT ttrss_entries.id AS id, feed_id, ttrss_entries.title AS title, updated, link, @@ -65,39 +68,43 @@ class Af_Psql_Trgm extends Plugin { ttrss_entries, ttrss_user_entries LEFT JOIN ttrss_feeds ON (ttrss_feeds.id = feed_id) WHERE ttrss_entries.id = ref_id AND - ttrss_user_entries.owner_uid = $owner_uid AND - ttrss_entries.id != $id AND + ttrss_user_entries.owner_uid = ? AND + ttrss_entries.id != ? AND date_entered >= NOW() - INTERVAL '2 weeks' ORDER BY sm DESC, date_entered DESC LIMIT 10"); - print ""; - print "
"; print ""; print "
"; @@ -121,9 +128,9 @@ class Af_Psql_Trgm extends Plugin { print_error("Database type not supported."); } else { - $result = db_query("select 'similarity'::regproc"); + $res = $this->pdo->query("select 'similarity'::regproc"); - if (db_num_rows($result) == 0) { + if (!$res->fetch()) { print_error("pg_trgm extension not found."); } @@ -246,8 +253,8 @@ class Af_Psql_Trgm extends Plugin { if (DB_TYPE != "pgsql") return $article; - $result = db_query("select 'similarity'::regproc"); - if (db_num_rows($result) == 0) return $article; + $res = $this->pdo->query("select 'similarity'::regproc"); + if (!$res->fetch()) return $article; $enable_globally = $this->host->get($this, "enable_globally"); @@ -265,18 +272,21 @@ class Af_Psql_Trgm extends Plugin { $owner_uid = $article["owner_uid"]; $entry_guid = $article["guid_hashed"]; - $title_escaped = db_escape_string($article["title"]); + $title_escaped = $article["title"]; // trgm does not return similarity=1 for completely equal strings - $result = db_query("SELECT COUNT(id) AS nequal + $sth = $this->pdo->prepare("SELECT COUNT(id) AS nequal FROM ttrss_entries, ttrss_user_entries WHERE ref_id = id AND date_entered >= NOW() - interval '3 days' AND - title = '$title_escaped' AND - guid != '$entry_guid' AND - owner_uid = $owner_uid"); + title = ? AND + guid != ? AND + owner_uid = ?"); + $sth->execute([$title_escaped, $entry_guid, $owner_uid]); + + $row = $sth->fetch(); + $nequal = $row['nequal']; - $nequal = db_fetch_result($result, 0, "nequal"); _debug("af_psql_trgm: num equals: $nequal"); if ($nequal != 0) { @@ -284,13 +294,15 @@ class Af_Psql_Trgm extends Plugin { return $article; } - $result = db_query("SELECT MAX(SIMILARITY(title, '$title_escaped')) AS ms + $sth = $this->pdo->prepare("SELECT MAX(SIMILARITY(title, ?)) AS ms FROM ttrss_entries, ttrss_user_entries WHERE ref_id = id AND date_entered >= NOW() - interval '1 day' AND - guid != '$entry_guid' AND - owner_uid = $owner_uid"); + guid != ? AND + owner_uid = ?"); + $sth->execute([$title_escaped, $entry_guid, $owner_uid]); - $similarity_result = db_fetch_result($result, 0, "ms"); + $row = $sth->fetch(); + $similarity_result = $row['ms']; _debug("af_psql_trgm: similarity result: $similarity_result"); @@ -311,9 +323,10 @@ class Af_Psql_Trgm extends Plugin { foreach ($enabled_feeds as $feed) { - $result = db_query("SELECT id FROM ttrss_feeds WHERE id = '$feed' AND owner_uid = " . $_SESSION["uid"]); + $sth = $this->pdo->prepare("SELECT id FROM ttrss_feeds WHERE id = ? AND owner_uid = ?"); + $sth->execute([$feed, $_SESSION['uid']]); - if (db_num_rows($result) != 0) { + if ($row = $sth->fetch()) { array_push($tmp, $feed); } }