| Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
|
|
5.20.0 was released in November 2015, everybody should have migrated
by now...
|
|
|
|
|
|
Packagist.org complained about invalid data in composer.json:
'License "LGPL-2.1" is a deprecated SPDX license identifier, use
"LGPL-2.1-only" or "LGPL-2.1-or-later" instead'.
README.md and LICENCE.md were updated accordingly.
|
|
To avoid unwanted information disclosure if an error occurs when
loading a database driver, we should not output the full path in the
error message.
Fixes #389
|
|
Fixes #371
Signed-off-by: Damien Regad <dregad@mantisbt.org>
Changes from original pull request:
- suppress errors in _connect() also
- commit message reworded
|
|
|
|
This way if the connection fails, the error can be captured and used as
intended. Without this, mysqli_real_connect() triggers a PHP warning.
Fixes #348
|
|
We had a problem in our app using the pdo_sqlsrv driver with PHP 7 that
manifested itself by a ODBC32.dll crash at the end of a PHP request
(see issue: https://github.com/Microsoft/msphpsql/issues/434).
It seems the dll tried to free a statement after the connection had been
disconnected.
We looked at our code and the ADOdb code to see if a reference to a
statement could imply that it would be garbage-collected after the PDO
disconnection.
We found that `ADODB_pdo#_query` returns a statement to
`ADOConnection#_Execute` which stores it in its `_queryID` property and
never empties it explicitly.
Setting it to `false` in `ADOConnection#Close` seems to fix the problem
in our app.
Fixes #379
|
|
Fixes #316
|
|
Add SetAutoCommit() method for PDO drivers.
Avoids PDO Error: The auto-commit mode cannot be changed for this driver
Fixes #347
|
|
Currently the _ADODB_ALIAS_ is only used for postgres and mysql, but
it's also necessary for mssql, otherwise the query assigned to
$rewritesql on line 422 fails and produces the following warning:
PHP Warning (2): mssql_query(): message: Incorrect syntax near ')'.
(severity 15) in /usr/share/php/adodb/drivers/adodb-mssql.inc.php on
line 832
Fixes #359
Signed-off-by: Damien Regad <dregad@mantisbt.org>
Original commit amended to split long line.
|
|
Given year can only be less than 3000 or greater than 1000.
Fixes #375
|
|
|
|
|
|
Regression introduced by 7c758c3cbb9ecc639f5744d991e8a6d5c35e5be4.
Fixes #305
|
|
|
|
Includes fixes to 5.20.2 and 5.20.4 that were modified after release, so
that the changelog is aligned with the master branch.
|
|
With MSSQL it is not possible to drop or alter a column with an
existing constraint. The constraint has to be removed before the
operation takes place.
In 'datadict-mssqlnative.inc.php' AlterColumnSQL is commented out and
DropColumnSQL doesn't care.
This tries to fix the problem with the smallest possible impact:
- Fix DropColumnSQL(), to allow the drop even with a constraint on that
given column. We drop, so any default doesn't matter.
- Fix AlterColumnSql(), to allow changes if (and only if !) either a
'new' default is given for an existing default, or there is no
existing one at all. So something like
'ALTER TABLE t ALTER COLUMN c INT NOT NULL'
with an existing constraint on c will still fail since it can't be
determined if keeping or removing the constraint is implied here.
Fixes #290 via #297
Changes to original commit:
- split long lines, whitespace
- Added commit message text from issue #290's description
Signed-off-by: Damien Regad <dregad@mantisbt.org>
|
|
The ADOdb_oci8::SelectLimit() method performs Oracle-specific query
optimization, manipulating the SQL to apply hints in a way that is not
compatible with the oci8po driver, due to conversion of query
parameters ('?' vs oci8 native ':xx').
To avoid the problem, we define the SelectLimit() method directly in
ADODB_oci8po, and rely on the slower ADOConnection::SelectLimit()
method from the base class.
Also, to avoid issues with prepared statements causing PHP to throw a
Warning: "oci_execute(): supplied resource is not a valid oci8
statement resource", we retrieve the prepared statement's SQL and pass
it on to ADOConnection::SelectLimit().
Fixes #282
|
|
The method incorrectly returned -1 for success instead of 0. In
addition, the method attempted to distinguish between warnings and
errors produced by the SQL Server parameter "WarningsReturnAsErrors"
when logging was enabled, but in ADOdb logging this parameter is always
set false so the code was removed.
Fixes #298
|
|
Use 'adodbseq' everywhere
|
|
Incorrect forwarding of parameter values from GenID() to GenID2008/2012
forced the sequence name to the default of 'adodbseq'.
Fixes #300
|
|
Fixes #302
|
|
|
|
This modified regex allows matching of empty strings and is much more
efficient than the original one.
A better fix for this will be available in v5.21
Fixes #185
|
|
Removes the extra assignment of $seq when calling CreateSequence2012()
(possibly leftover from a copy/paste ?) which was causing the code to
always use the default 'adodbseq' sequence.
Fixes #295
|
|
|
|
Removes the unnecessary upper bound on the server version check.
Fixes #294
|
|
The code in ServerVersion() method now only calls preg_match() once.
|
|
sequences
Backported from master (b28cafea05d0c88018dd0c980ba024de1e54192f).
|
|
The property is referenced in MetaColumns(), and calling this method
causes an 'Undefined property' PHP Notice to be thrown.
Fixes #289
|
|
Allow indexed or associative array for bindvars.
Fixes #288
Signed-off-by: Damien Regad <dregad@mantisbt.org>
|
|
|
|
|
|
|
|
The OCIFetchinto function is causing segfaults on php7 - probably
because the fields array is not initialised or it is optimised out. This
fixes just changes to use the safer function oci_fetch_array instead.
Fixes #259
Signed-off-by: Damien Regad <dregad@mantisbt.org>
|
|
The PDO driver was relying on ADOConnection::qstr() for quoting strings.
An application relying on qstr() to manually prepare SQL statements
rather than using parameterized queries may be vulnerable to SQL
injection attacks, as demonstrated by @jdavidlists.
This commit delegates string quoting to PDO::quote() when a connection
is available. If not, it simply replaces single quotes by the value of
$replaceQuote property.
Fixes #226
|
|
When a schema is specified in $showSchema, the function generates an
invalid where clause:
WHERE TABLE_SCHEMA= from myschema
^
should be 'myschema'
Fixes #275
|
|
The generated query is broken with the default method arguments.
Fixes #275
Signed-off-by: Damien Regad <dregad@mantisbt.org>
Original commit changed to use single quotes, added issue reference.
|
|
|
|
|
|
It is only used for development purposes and is not necessary for normal
ADOdb operations.
Issue #274
|
|
This issue was reported by JPCERT Coordination Center (JPCERT/CC) with
reference JVN#48237713.
The root cause is a foreach loop processing all GET parameters and
blindly assigning them to variables, allowing an attacker to
replace contents of global variables.
This limits variable processing using a regex matching those used in
testdatabases.inc.php (i.e. beginning with 'test' or 'no').
Fixes #274
|
|
|
|
When the old ADOdb extension is installed and a more recent version of
ADOdb is running, a PHP warning 'undefined constant
ADODB_ASSOC_CASE_NATIVE' is thrown.
The PHP Extension is obsolete and unsupported, so we shouldn't even try
to run when it is loaded.
This commit will cause ADOdb to exit with an error (or throw an
exception if adodb-exceptions.inc.php has been included) if the
Extension is detected.
Fixes #269
|
|
Messages with newline cause uncaught exceptions to be displayed as
follows (note the single ' where the message is expected):
$ php -r 'throw new exception("blah\n");'
Fatal error: Uncaught exception 'Exception' with message ' in Command line code on line 1
Fixes #273
|
|
|