#include "net.h"
#include "string.h"
-extern struct gengetopt_args_info conf;
/** pointer to the shared memory area */
extern struct misc_meta_data *mmd;
static void *mysql_ptr = NULL;
-
static int com_cam(int, int, char **);
static int com_cdb(int, int, char **);
static int com_cs(int, int, char **);
}
};
-static int real_query(char *query)
+static int real_query(const char *query)
{
if (!mysql_ptr)
return -E_NOTCONN;
* Use open connection given by mysql_ptr to query server. Returns a
* result pointer on succes and NULL on errors
*/
-static struct MYSQL_RES *get_result(char *query)
+static struct MYSQL_RES *get_result(const char *query)
{
void *result;
return ret;
}
-static char *escape_blob(char* old, int size)
+static char *escape_blob(const char* old, int size)
{
char *new;
return new;
}
-static char *escape_str(char* old)
+static char *escape_str(const char* old)
{
return escape_blob(old, strlen(old));
}
/*
* new attribute
*/
-static int com_na(__unused int fd, int argc, char *argv[])
+static int com_na(__a_unused int fd, int argc, char *argv[])
{
- char *q;
+ char *q, *tmp;
int ret;
- if (argc < 1)
+ if (argc < 2)
return -E_MYSQL_SYNTAX;
+ tmp = escape_str(argv[1]);
+ if (!tmp)
+ return -E_ESCAPE;
q = make_message("alter table data add %s char(1) "
- "not null default 0", argv[1]);
+ "not null default 0", tmp);
+ free(tmp);
ret = real_query(q);
free(q);
return ret;
/*
* delete attribute
*/
-static int com_da(__unused int fd, int argc, char *argv[])
+static int com_da(__a_unused int fd, int argc, char *argv[])
{
- char *q;
+ char *q, *tmp;
int ret;
- if (argc < 1)
+ if (argc < 2)
return -E_MYSQL_SYNTAX;
- q = make_message("alter table data drop %s", argv[1]);
+ tmp = escape_str(argv[1]);
+ if (!tmp)
+ return -E_ESCAPE;
+ q = make_message("alter table data drop %s", tmp);
+ free(tmp);
ret = real_query(q);
free(q);
return ret;
/* stradd/pic_add */
static int com_stradd_picadd(int fd, int argc, char *argv[])
{
- char *blob = NULL, *esc_blob = NULL, *q;
+ char *blob = NULL, *esc_blob = NULL, *q = NULL, *tmp = NULL;
const char *fmt, *del_fmt;
int ret, stradd = strcmp(argv[0], "picadd");
size_t size;
- if (argc < 1)
+ if (argc < 2)
return -E_MYSQL_SYNTAX;
if (strlen(argv[1]) >= MAXLINE - 1)
return -E_NAMETOOLONG;
fmt = "insert into pics (name, pic) values ('%s','%s')";
del_fmt="delete from pics where pic='%s'";
}
- q = make_message(del_fmt, argv[1]);
+ tmp = escape_str(argv[1]);
+ if (!tmp)
+ return -E_ESCAPE;
+ q = make_message(del_fmt, tmp);
+ free(tmp);
ret = real_query(q);
free(q);
if (ret < 0)
return ret;
if ((ret = fd2buf(fd, &blob, size)) < 0)
return ret;
- PARA_DEBUG_LOG("length: %i\n", ret);
size = ret;
if (stradd)
blob[size] = '\0';
- esc_blob = escape_blob(blob, ret);
- free(blob);
+ ret = -E_ESCAPE;
+ esc_blob = escape_blob(blob, size);
if (!esc_blob)
- return -E_TOOBIG;
- q = make_message(fmt, argv[1], esc_blob);
- free(esc_blob);
+ goto out;
+ tmp = escape_str(argv[1]);
+ if (!tmp)
+ goto out;
+ q = make_message(fmt, tmp, esc_blob);
ret = real_query(q);
+out:
+ free(blob);
+ free(esc_blob);
+ free(tmp);
free(q);
return ret;
}
void *result = NULL;
int ret;
unsigned int num_rows, num_fields;
+ char *tmp;
- if (argc < 1)
+ if (argc < 2)
return -E_MYSQL_SYNTAX;
- result = get_result(argv[1]);
+ tmp = escape_str(argv[1]);
+ if (!tmp)
+ return -E_ESCAPE;
+ result = get_result(tmp);
+ free(tmp);
if (!result)
/* return success, because it's ok to have no results */
return 1;
mysql_free_result(result);
return NULL;
}
- mysql_data_seek(result, 4); /* skip Lastplayed, Numplayed... */
+ mysql_data_seek(result, 4); /* skip Lastplayed, Numplayed... */
return result;
}
/*
* list all attributes
*/
-static int com_laa(int fd, int argc, __unused char *argv[])
+static int com_laa(int fd, int argc, __a_unused char *argv[])
{
void *result;
int ret;
- if (argc)
+ if (argc != 1)
return -E_MYSQL_SYNTAX;
result = get_all_attributes();
if (!result)
static int com_hist(int fd, int argc, char *argv[]) {
int ret;
void *result = NULL;
- char *q;
+ char *q, *atts;
unsigned int num_rows;
+ if (argc > 3)
+ return -E_MYSQL_SYNTAX;
+ if (argc > 1) {
+ char *tmp = escape_str(argv[1]);
+ if (!tmp)
+ return -E_ESCAPE;
+ atts = make_message("where %s = '1'", tmp);
+ free(tmp);
+ } else
+ atts = para_strdup(NULL);
+
q = make_message("select name, to_days(now()) - to_days(lastplayed) from "
- "data%s%s%s order by lastplayed",
- (argc < 1)? "" : " where ",
- (argc < 1)? "" : argv[1],
- (argc < 1)? "" : " = '1'");
- result = get_result(q);
+ "data %s order by lastplayed", atts);
+ free(atts);
+ result = get_result(q);
free(q);
if (!result)
return -E_NORESULT;
char *q;
int num, ret;
- if (argc < 1)
+ if (argc < 2)
num = 10;
else
num = atoi(argv[1]);
"\n\n\n"
"') from data"
);
- if (argc >= 1) {
- char *tmp = make_message("%s where name LIKE '%s'", query,
- argv[1]);
+ if (argc >= 2) {
+ char *esc = escape_str(argv[1]), *tmp;
+ ret = -E_ESCAPE;
+ if (!esc)
+ goto out;
+ tmp = make_message("%s where name LIKE '%s'", query, esc);
+ free(esc);
free(query);
query = tmp;
}
mysql_free_result(result);
ret = -E_NORESULT;
- result = get_result(query);
+ result = get_result(query);
if (!result)
goto out;
ret = -E_EMPTY_RESULT;
num_fields = mysql_num_fields(result);
if (num_fields < 5)
goto out;
- mysql_data_seek(result2, 4); /* skip Lastplayed, Numplayed... */
+ mysql_data_seek(result2, 4); /* skip Lastplayed, Numplayed... */
row = mysql_fetch_row(result);
ret = -E_NOROW;
if (!row)
goto out;
if (atts && (verbose || is_set))
atts = para_strcat(atts, verbose? "," : " ");
- if (is_set || verbose)
+ if (is_set || verbose)
atts = para_strcat(atts, row2[0]);
if (verbose)
atts = para_strcat(atts, is_set? "=\"1\"" : "=\"0\"");
- }
+ }
ret = 1;
out:
if (result2)
goto out;
q = make_message(verbose? verbose_fmt : fmt, ebn);
free(ebn);
- result = get_result(q);
+ result = get_result(q);
free(q);
if (!result)
goto out;
mysql_free_result(result);
return para_strdup("(none)");
}
+
/*
* Read stream definition of stream streamname and construct mysql
* query. Return NULL on errors. If streamname is NULL, use current
char *select_clause = NULL;
if (!streamname)
tmp = get_current_stream();
- else
- tmp = para_strdup(streamname);
+ else {
+ tmp = escape_str(streamname);
+ if (!tmp)
+ return NULL;
+ }
if (!strcmp(tmp, "(none)")) {
free(tmp);
if (filename) {
char *ret, *ebn = escaped_basename(filename);
+ if (!ebn)
+ return NULL;
ret = make_message("select to_days(now()) - "
"to_days(lastplayed) from data "
"where name = '%s'", ebn);
free(tmp2);
continue;
}
- if (!strcmp(command, "score:"))
+ if (!score && !strcmp(command, "score:"))
score = s_a_r_list(macro_list, arg);
}
if (!score) {
goto write_query;
}
select_clause = para_strdup(with_path?
- "select concat(dir.dir, '/', dir.name) from data, dir "
- "where dir.name = data.name "
- :
- "select name from data where name is not NULL");
+ "select concat(dir.dir, '/', dir.name) from data, dir "
+ "where dir.name = data.name "
+ :
+ "select name from data where name is not NULL");
order = make_message("order by -(%s)", score);
free(score);
if (accept_opts && deny_opts) {
atts = get_atts(name, 0);
dir = get_dir(name);
/* get score */
- query = get_query(stream, name, 0);
+ query = get_query(stream, name, 0); /* FIXME: pass stream == NULL instead? */
if (!query)
goto write;
result = get_result(query);
char *name = NULL, *meta = NULL, *atts = NULL, *dir = NULL;
int ret, com_la = strcmp(argv[0], "info");
- if (argc < 1) {
+ if (argc < 2) {
ret = -E_GET_AUDIO_FILE;
if (!(name = get_current_audio_file()))
goto out;
ret = send_va_buffer(fd, "dir: %s\n" "%s\n" "attributes: %s\n",
dir? dir : "(not contained in table)", meta, atts);
out:
- if (meta)
- free(meta);
- if (atts)
- free(atts);
- if (dir)
- free(dir);
- if (name)
- free(name);
+ free(meta);
+ free(atts);
+ free(dir);
+ free(name);
return ret;
}
-static int change_stream(char *stream)
+
+static int change_stream(const char *stream)
{
char *query;
int ret;
- /* try to insert if it does not exist (compatibility) */
-// query = make_message("insert into streams (name, def) values "
-// "('current_stream', '%s')", stream);
-// real_query(query); /* ignore return value */
-// free(query);
query = make_message("update streams set def='%s' "
"where name = 'current_stream'", stream);
ret = real_query(query);
char *q, *ebn = escaped_basename(name);
int ret = -E_ESCAPE;
- if (!ebn || !*ebn)
+ if (!ebn)
goto out;
q = make_message("delete from data where name = '%s'", ebn);
real_query(q); /* ignore errors */
/*
* remove/add entries
*/
-static int com_rm_ne(__unused int fd, int argc, char *argv[])
+static int com_rm_ne(__a_unused int fd, int argc, char *argv[])
{
int ne = !strcmp(argv[0], "ne");
int i, ret;
- if (argc < 1)
+ if (argc < 2)
return -E_MYSQL_SYNTAX;
- for (i = 1; i <= argc; i++) {
+ for (i = 1; i < argc; i++) {
ret = remove_entry(argv[i]);
if (ret < 0)
return ret;
/*
* mv: rename entry
*/
-static int com_mv(__unused int fd, int argc, char *argv[])
+static int com_mv(__a_unused int fd, int argc, char *argv[])
{
char *q, *dn, *ebn1 = NULL, *ebn2 = NULL, *edn = NULL;
int ret;
- if (argc != 2)
+ if (argc != 3)
return -E_MYSQL_SYNTAX;
+ ret = -E_ESCAPE;
ebn1 = escaped_basename(argv[1]);
ebn2 = escaped_basename(argv[2]);
- dn = para_dirname(argv[2]);
- edn = escape_str(dn);
- free(dn);
- ret = -E_ESCAPE;
- if (!ebn1 || !ebn2)
+ if (!ebn1 || !ebn2 | !*ebn1 || !*ebn2)
goto out;
- remove_entry(ebn2);
+ ret = -E_MYSQL_SYNTAX;
+ if (!strcmp(ebn1, ebn2))
+ goto update_dir;
+ remove_entry(argv[2]); /* no need to escape, ignore error */
q = make_message("update data set name = '%s' where name = '%s'",
ebn2, ebn1);
ret = real_query(q);
free(q);
if (ret < 0)
goto out;
+ ret = -E_AUDIO_FILE;
+ if (!mysql_affected_rows(mysql_ptr))
+ goto out;
q = make_message("update dir set name = '%s' where name = '%s'",
ebn2, ebn1);
ret = real_query(q);
free(q);
if (ret < 0)
goto out;
- /* do not touch table dir, return success if argv[2] is no full path */
+update_dir:
ret = 1;
- if (!edn || !*edn)
+ dn = para_dirname(argv[2]);
+ if (!dn)
+ goto out;
+ ret = -E_ESCAPE;
+ edn = escape_str(dn);
+ free(dn);
+ if (!edn)
+ goto out;
+ ret = 1;
+ if (!*edn)
goto out;
q = make_message("update dir set dir = '%s' where name = '%s'",
edn, ebn2);
-// PARA_DEBUG_LOG("q: %s\n", q);
ret = real_query(q);
free(q);
out:
- if (ebn1)
- free(ebn1);
- if (ebn2)
- free(ebn2);
- if (edn)
- free(edn);
+ free(edn);
+ free(ebn1);
+ free(ebn2);
return ret;
-
}
/*
* picass: associate pic to audio file
* snp: set numplayed
*/
-static int com_set(__unused int fd, int argc, char *argv[])
+static int com_set(__a_unused int fd, int argc, char *argv[])
{
char *q, *ebn;
long unsigned id;
int i, ret;
- char *field = strcmp(argv[0], "picass")? "numplayed" : "pic_id";
+ const char *field = strcmp(argv[0], "picass")? "numplayed" : "pic_id";
- if (argc < 2)
+ if (argc < 3)
return -E_MYSQL_SYNTAX;
id = atol(argv[1]);
- for (i = 2; i <= argc; i++) {
+ for (i = 2; i < argc; i++) {
ebn = escaped_basename(argv[i]);
if (!ebn)
return -E_ESCAPE;
/*
* picch: change entry's name in pics table
*/
-static int com_picch(__unused int fd, int argc, char *argv[])
+static int com_picch(__a_unused int fd, int argc, char *argv[])
{
int ret;
long unsigned id;
- char *q;
+ char *q, *tmp;
- if (argc != 2)
+ if (argc != 3)
return -E_MYSQL_SYNTAX;
id = atol(argv[1]);
- if (strlen(argv[2]) > MAXLINE)
- return -E_NAMETOOLONG;
- q = make_message("update pics set name = '%s' where id = %lu", argv[2], id);
+ ret = -E_ESCAPE;
+ tmp = escape_str(argv[2]);
+ if (!tmp)
+ return -E_ESCAPE;
+ q = make_message("update pics set name = '%s' where id = %lu", tmp, id);
+ free(tmp);
ret = real_query(q);
free(q);
return ret;
/*
* piclist: print list of pics in db
*/
-static int com_piclist(__unused int fd, int argc, __unused char *argv[])
+static int com_piclist(__a_unused int fd, int argc, __a_unused char *argv[])
{
void *result = NULL;
MYSQL_ROW row;
unsigned long *length;
int ret;
- if (argc)
+ if (argc != 1)
return -E_MYSQL_SYNTAX;
result = get_result("select id,name,pic from pics order by id");
if (!result)
my_ulonglong aff;
int i, ret;
- if (argc < 1)
+ if (argc < 2)
return -E_MYSQL_SYNTAX;
- for (i = 1; i <= argc; i++) {
+ for (i = 1; i < argc; i++) {
id = atol(argv[i]);
q = make_message("delete from pics where id = %lu", id);
ret = real_query(q);
int ret;
char *q, *name = NULL;
- if (argc < 1) {
+ if (argc < 2) {
ret = -E_GET_AUDIO_FILE;
name = get_current_audio_file();
} else {
}
/* strdel */
-static int com_strdel(__unused int fd, int argc, char *argv[])
+static int com_strdel(__a_unused int fd, int argc, char *argv[])
{
- char *tmp;
- int ret = -1;
+ char *q, *tmp;
+ int ret;
- if (argc < 1)
+ if (argc < 2)
return -E_MYSQL_SYNTAX;
- tmp = make_message("delete from streams where name='%s'", argv[1]);
- ret = real_query(tmp);
+ tmp = escape_str(argv[1]);
+ if (!tmp)
+ return -E_ESCAPE;
+ q = make_message("delete from streams where name='%s'", tmp);
free(tmp);
- if (ret < 0)
- return ret;
- tmp = get_current_stream();
- ret = 1;
- if (strcmp(tmp, "(none)") && !strcmp(tmp, argv[1]))
- ret = change_stream("(none)");
+ ret = real_query(q);
+ free(q);
return ret;
}
int ret;
unsigned int num_rows;
- if (argc > 0)
- q = make_message("select name from data where name LIKE '%s'",
- argv[1]);
- else
+ if (argc > 2)
+ return -E_MYSQL_SYNTAX;
+ if (argc > 1) {
+ char *tmp = escape_str(argv[1]);
+ if (!tmp)
+ return -E_ESCAPE;
+ q = make_message("select name from data where name like '%s'",
+ tmp);
+ free(tmp);
+ } else
q = para_strdup("select name from data");
- result = get_result(q);
+ result = get_result(q);
free(q);
if (!result)
return -E_NORESULT;
mysql_free_result(result);
return ret;
}
+
/*
* summary
*/
-static int com_summary(__unused int fd, int argc, __unused char *argv[])
+static int com_summary(__a_unused int fd, int argc, __a_unused char *argv[])
{
MYSQL_ROW row;
MYSQL_ROW row2;
const char *fmt = "select count(name) from data where %s='1'";
int ret = -E_NORESULT;
- if (argc)
+ if (argc != 1)
return -E_MYSQL_SYNTAX;
result = get_all_attributes();
if (!result)
char *buf = make_message(fmt, name);
int ret = -E_NORESULT;
- result = get_result(buf);
+ result = get_result(buf);
free(buf);
if (!result)
goto out;
ret = real_query(q);
free(q);
out:
- if (ebn)
- free(ebn);
+ free(ebn);
return ret;
}
+
/* If called as child, mmd_lock must be held */
static void update_mmd(char *info)
{
update_audio_file(name);
}
-static int com_us(__unused int fd, int argc, char *argv[])
+static int com_us(__a_unused int fd, int argc, char *argv[])
{
- if (argc != 1)
+ char *tmp;
+ int ret;
+
+ if (argc != 2)
return -E_MYSQL_SYNTAX;
- return update_audio_file(argv[1]);
+ tmp = escape_str(argv[1]);
+ if (!tmp)
+ return -E_ESCAPE;
+ ret = update_audio_file(argv[1]);
+ free(tmp);
+ return ret;
}
static void refresh_selector_info(void)
}
/* select previous/next stream */
-static int com_ps(__unused int fd, int argc, char *argv[])
+static int com_ps(__a_unused int fd, int argc, char *argv[])
{
char *query, *stream = get_current_stream();
void *result = get_result("select name from streams");
int match = -1, ret, i;
unsigned int num_rows;
- if (argc)
+ if (argc != 1)
return -E_MYSQL_SYNTAX;
ret = -E_NORESULT;
if (!result)
else
i = match < num_rows - 1? match + 1 : 0;
ret = -E_NOROW;
- mysql_data_seek(result, i);
+ mysql_data_seek(result, i);
row = mysql_fetch_row(result);
if (!row || !row[0])
goto out;
}
/* streams */
-static int com_streams(int fd, int argc, __unused char *argv[])
+static int com_streams(int fd, int argc, __a_unused char *argv[])
{
unsigned int num_rows;
int i, ret = -E_NORESULT;
void *result;
MYSQL_ROW row;
- if (argc && strcmp(argv[1], "current_stream"))
+ if (argc > 1 && strcmp(argv[1], "current_stream"))
return -E_MYSQL_SYNTAX;
- if (argc) {
+ if (argc > 1) {
char *cs = get_current_stream();
ret = send_va_buffer(fd, "%s\n", cs);
free(cs);
void *result;
int ret;
- if (argc < 1) {
+ if (argc < 2) {
ret = -E_GET_STREAM;
name = get_current_stream();
} else {
static int com_cs(int fd, int argc, char *argv[])
{
int ret, stream_change;
- char *query;
+ char *query, *stream = NULL;
char *old_stream = get_current_stream();
int csp = !strcmp(argv[0], "csp");
- if (!argc) {
- ret = -E_MYSQL_SYNTAX;
+ ret = -E_MYSQL_SYNTAX;
+ if (argc > 2)
+ goto out;
+ if (argc == 1) {
if (csp)
goto out;
ret = send_va_buffer(fd, "%s\n", old_stream);
goto out;
}
ret = -E_GET_QUERY;
- query = get_query(argv[1], NULL, 0); /* test if stream is valid */
+ /* test if stream is valid, no need to escape argv[1] */
+ query = get_query(argv[1], NULL, 0);
if (!query)
goto out;
free(query);
/* stream is ok */
- stream_change = strcmp(argv[1], old_stream);
+ stream = escape_str(argv[1]);
+ if (!stream)
+ goto out;
+ stream_change = strcmp(stream, old_stream);
if (stream_change) {
- ret = change_stream(argv[1]);
+ ret = change_stream(stream);
if (ret < 0)
goto out;
refresh_selector_info();
ret = 1;
out:
free(old_stream);
+ free(stream);
return ret;
}
char *query, *stream, *tmp;
unsigned int num_rows, num;
- if (argc < 1)
+ if (argc < 2)
return -E_MYSQL_SYNTAX;
num = atoi(argv[1]);
if (!num)
return -E_MYSQL_SYNTAX;
- stream = (argc == 1)? get_current_stream() : para_strdup(argv[2]);
+ if (argc == 2) {
+ stream = get_current_stream();
+ if (!stream)
+ return -E_GET_STREAM;
+ } else {
+ stream = escape_str(argv[2]);
+ if (!stream)
+ return -E_ESCAPE;
+ }
tmp = get_query(stream, NULL, 0);
+ free(stream);
+ if (!tmp)
+ return -E_GET_QUERY;
query = make_message("%s limit %d", tmp, num);
free(tmp);
- ret = -E_GET_QUERY;
- free(stream);
- if (!query)
- goto out;
ret = -E_NORESULT;
result = get_result(query);
free(query);
int i, ret;
char *atts = NULL, *name;
- if (argc < 1)
+ if (argc < 2)
return -E_MYSQL_SYNTAX;
- for (i = 1; i <= argc; i++) {
+ for (i = 1; i < argc; i++) {
int unset = 0;
- char *tmp, *p =argv[i];
+ char *esc, *tmp, *p =argv[i];
int len = strlen(p);
if (!len)
goto no_more_atts;
}
p[len - 1] = '\0';
- tmp = make_message("%s%s='%s'", atts? "," : "", p,
+ esc = escape_str(p);
+ if (!esc)
+ return -E_ESCAPE;
+ tmp = make_message("%s%s='%s'", atts? "," : "", esc,
unset? "0" : "1");
+ free(esc);
atts = para_strcat(atts, tmp);
free(tmp);
}
no_more_atts:
if (!atts)
return -E_NOATTS;
- if (i > argc) { /* no name given, use current af */
+ if (i >= argc) { /* no name given, use current af */
ret = -E_GET_AUDIO_FILE;
if (!(name = get_current_audio_file()))
goto out;
}
refresh_selector_info();
out:
+ free(atts);
return ret;
}
char *name = NULL, *meta = NULL, *atts = NULL;
int i, ret;
- if (argc < 2)
+ if (argc < 3)
return -E_MYSQL_SYNTAX;
if (!(name = escaped_basename(argv[1])))
return -E_ESCAPE;
ret = -E_META;
if (!(meta = get_meta(name, 0)))
goto out;
- for (i = 2; i <= argc; i++) {
+ for (i = 2; i < argc; i++) {
char *ebn, *q;
ret = -E_ESCAPE;
if (!(ebn = escaped_basename(argv[i])))
/*
* verify / clean
*/
-static int com_vrfy(int fd, int argc, __unused char *argv[])
+static int com_vrfy(int fd, int argc, __a_unused char *argv[])
{
char *query;
int ret, vrfy_mode = strcmp(argv[0], "clean");
MYSQL_ROW row;
char *escaped_name;
- if (argc)
+ if (argc != 1)
return -E_MYSQL_SYNTAX;
ret = -E_NORESULT;
result = get_result("select data.name from data left join dir on "
{
int ret = -E_TMPFILE;
char *msg = make_message("%s\t%s\n", dir, name);
-
if (fputs(msg, out_file) != EOF)
ret = 1;
free(msg);
/*
* update database
*/
-static int com_upd(int fd, int argc, __unused char *argv[])
+static int com_upd(int fd, int argc, __a_unused char *argv[])
{
char *tempname = NULL, *query = NULL;
int ret, out_fd = -1, num = 0;
unsigned int num_rows;
MYSQL_ROW row;
- if (argc)
+ if (argc != 1)
return -E_MYSQL_SYNTAX;
out_file = NULL;
tempname = para_strdup("/tmp/mysql.tmp.XXXXXX");
goto out;
if ((ret = real_query("delete from dir")) < 0)
goto out;
- query = make_message("load data infile '%s' into table dir "
+ query = make_message("load data infile '%s' ignore into table dir "
"fields terminated by '\t' lines terminated by '\n' "
"(dir, name)", tempname);
ret = real_query(query);
goto out;
}
while ((row = mysql_fetch_row(result))) {
+ char *erow;
ret = -E_NOROW;
if (!row[0])
goto out;
send_va_buffer(fd, "new entry: %s\n", row[0]);
+ erow = escape_str(row[0]);
+ if (!erow)
+ goto out;
query = make_message("insert into data (name, pic_id) values "
- "('%s','%s')", row[0], "1");
+ "('%s','%s')", erow, "1");
+ free(erow);
ret = real_query(query);
free(query);
if (ret < 0)
tmp = get_query(stream, NULL, 1);
free(stream);
+ if (!tmp)
+ goto err_out;
query = make_message("%s limit %d", tmp, num);
free(tmp);
- if (!query)
- goto err_out;
result = get_result(query);
+ free(query);
if (!result)
goto err_out;
num_rows = mysql_num_rows(result);
free(list);
list = NULL;
success:
- if (query)
- free(query);
if (result)
mysql_free_result(result);
return list;
/* create database */
static int com_cdb(int fd, int argc, char *argv[])
{
- char *query, *name;
+ char *query;
int ret;
- if (argc < 1)
- name = "paraslash";
- else {
- ret = -E_NAMETOOLONG;
- name = argv[1];
- if (strlen(name) > MAXLINE)
- goto out;
- }
if (mysql_ptr) {
PARA_INFO_LOG("%s", "closing database\n");
mysql_close(mysql_ptr);
ret = -E_MYSQL_INIT;
if (init_mysql_server() < 0 || !mysql_ptr)
goto out;
- query = make_message("create database %s", name);
+ if (argc < 2)
+ conf.mysql_database_arg = para_strdup("paraslash");
+ else {
+ ret = -E_ESCAPE;
+ conf.mysql_database_arg = escape_str(argv[1]);
+ if (!conf.mysql_database_arg)
+ goto out;
+ }
+ query = make_message("create database %s", conf.mysql_database_arg);
ret = real_query(query);
free(query);
if (ret < 0)
goto out;
/* reconnect with database just created */
mysql_close(mysql_ptr);
- conf.mysql_database_arg = para_strdup(name);
ret = -E_MYSQL_INIT;
if (init_mysql_server() < 0 || !mysql_ptr)
goto out;
if (real_query("insert into streams (name, def) values "
"('current_stream', '(none)')") < 0)
goto out;
- ret = send_va_buffer(fd, "successfully created database %s\n", name);
+ ret = send_va_buffer(fd, "successfully created database %s\n",
+ conf.mysql_database_arg);
out:
return ret;
}