summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2022-01-23Merge branch 'hotfix/5.21'Damien Regad2-33/+60
# Conflicts: # adodb.inc.php # docs/changelog.md
2022-01-22Bump version to 5.21.4v5.21.4Damien Regad1-1/+1
2022-01-22Merge branch 'hotfix/5.20' into hotfix/5.21Damien Regad1-0/+2
# Conflicts: # docs/changelog.md # drivers/adodb-postgres64.inc.php
2022-01-22Reset version to avoid merge conflictsDamien Regad130-131/+131
This reverts commit 24307597cd0f9b74c6bcd049b1b56a13c7237d21.
2022-01-22Update ChangelogDamien Regad1-1/+15
(cherry picked from commit f15d934afd96d9ef41a394116e2858c7be3d9733)
2022-01-22Methods return E_DEPRECATED with PHP8.1, see #771Mark Newnham1-0/+13
Implemented methods that return a different type to the PHP abstract need the warnings suppressed in PHP8.1. This is done using the #[\ReturnTypeWillChange] attribute. https://wiki.php.net/rfc/internal_method_return_types (cherry picked from commit b3d9a12bb6104b4859700008bb1c1cccadad564e)
2022-01-22Bump version to 5.20.21v5.20.21Damien Regad130-131/+131
2022-01-22Update ChangelogDamien Regad1-0/+14
2022-01-22Methods return E_DEPRECATED with PHP8.1, see #771Mark Newnham1-0/+13
Implemented methods that return a different type to the PHP abstract need the warnings suppressed in PHP8.1. This is done using the #[\ReturnTypeWillChange] attribute. https://wiki.php.net/rfc/internal_method_return_types (cherry picked from commit b3d9a12bb6104b4859700008bb1c1cccadad564e)
2022-01-22Merge pull request from GHSA-65mj-7c86-79jfDamien Regad1-31/+44
CVE-2021-3850: Prevent auth bypass with PostgreSQL connections
2022-01-22Merge pull request from GHSA-65mj-7c86-79jfDamien Regad1-1/+0
CVE-2021-3850: Prevent auth bypass with PostgreSQL connections (5.20 branch)
2022-01-16Add phpDocumentor3 configurationDamien Regad11-26/+60
Merge pull request #794 from dregad/phpDoc3
2022-01-16Fix reported errors in generated documentationDamien Regad8-25/+31
2022-01-16Remove irrelevant and incorrect @example tagDamien Regad1-1/+0
Referencing mssqlnative in the mysqli driver does not make sense. Moreover the tag is not well formed and causes phpDocumentor to throw an alert.
2022-01-16gitignore: exclude phpDocumentor outputDamien Regad1-0/+2
2022-01-16Add phpDocumentor3 config fileDamien Regad2-0/+27
Exclude phpdoc.xml to allow developer-specific settings, as suggested in documentation [1]. [1]: https://docs.phpdoc.org/3.0/guide/references/configuration.html
2022-01-16Add ADOConnection::releaseStatement() methodDamien Regad3-0/+29
This allows Oracle users to avoid reaching the maximum open cursors limit by releasing the statement resource allocated by oci_parse(), and prevent occurrence of an ORA-01000 error. The resource is cleared (set to null) after freeing statement, to avoid keeping a resource of type Unknown in the statement. Fixes #770
2022-01-16PHPDoc and coding guidelinesDamien Regad1-9/+19
Remove old, commented-out code
2022-01-16Prevent auth bypass with PostgreSQL connectionsDamien Regad1-22/+25
Thanks to Emmet Leahy of Sorcery Ltd for reporting this vulnerability (CVE-2021-3850). Refactoring ADODB_postgres64::_connect(): - Remove adodb_addslashes() function, which did not escape the connection parameters when they are wrapped in single quotes (root cause for the identified security issue). - Use addcslashes() instead of addslashes() to only escape `'` and `\`, to strictly follow pg_connect() documentation (addslashes() also escapes `"`) - Use an array and a foreach loop to build the connection string when given individual parameters for host:port, user, password and dbname Fixes #793
2022-01-16Prevent auth bypass with PostgreSQL connectionsDamien Regad1-1/+0
Thanks to Emmet Leahy of Sorcery Ltd for reporting this vulnerability (CVE-2021-3850). This is a minimalistic approach to patch the issue, to reduce the risk of causing regressions in the legacy stable branch. Fixes #793
2022-01-09Merge branch 'master' of https://github.com/ADOdb/ADOdbMark Newnham6-17/+126
2022-01-09Remove usage of $php_errormsg from DB2 driver, see #791Mark Newnham1-14/+12
Use of $php_errormsg has been deprecated since PHP7.2 and removed in PHP 8. The driver now uses the db2_stmt_error() function to retrieve the last error instead of relying on the assigned $php_errormsg value. Warnings from ADOdb also no longer assign the value.
2022-01-08Add GitHub Security Policy (SECURITY.md)Damien Regad1-0/+45
Fixes #766
2022-01-08Merge Pull Request #784Damien Regad2-6/+48
2022-01-08Update ChangelogDamien Regad1-0/+2
2022-01-08Coding guidelinesDamien Regad1-37/+39
2022-01-08Rename _getConnection() to getConnectionById()Mike-Benoit1-4/+4
Following convention for public method. Since there was already a getConnection() function, this probably makes more sense anyways. Issue #784
2022-01-08Support calling a function upon load balancer connectionMike-Benoit1-4/+42
For things like determining replication lag and ignoring the connection if its out of spec. - Make a few methods public so they can be called outside the class, to better assist with unit tests and advanced use cases. - Don't make a connection to the database when calls to 'setcustommetatype' are made, as a connection is not needed for those calls of course. - If no connection can be established, throw exception. Fixes #784
2022-01-08Update ChangelogDamien Regad1-1/+17
2022-01-08Deprecate Database Replication add-on (#780)Damien Regad2-0/+7
2022-01-08No need to define $dsnType in ADODB_pdo anymoreDamien Regad2-4/+3
It is declared in ADOConnection since e3fa991cab89ceb9724bf8c19676a450ee62a1f8. Convert ADOConnection::$dsnType comment to PHPDoc. Issue #789
2022-01-08PHPDoc updateDamien Regad1-6/+6
2022-01-05dsnType not defined before use, see #789Mark Newnham1-0/+6
2022-01-04Memcache library does not initialize correctly, see #788Mark Newnham1-6/+8
The library does not initialize correctly when the object is created as a class variable. Initializing it to a local variable then assigning to a class variable once connected resolves the issue.
2022-01-02Add missing PostgreSQL standard datatypesMike1-0/+7
Adding UUID, NUMERIC, DECIMAL, FLOAT4 and FLOAT8. Fixes #782
2022-01-02Fix PHP Warning: Undefined array keyIoannis Igoumenos1-2/+5
Fixes #775 Signed-off-by: Damien Regad <dregad@mantisbt.org> Changes to original commit: - use $key variable instead of calling key() function again - remove unnecessary `@` operator. Signed-off-by: Damien Regad <dregad@mantisbt.org>
2022-01-02Update .mailmapDamien Regad1-0/+1
2022-01-01Prevent PHP warning if P1 or P2 happen to be an arrayMike1-0/+3
When an SQL error is triggered and ADOdb attempts to output an error message, if the parameters happen to be arrays this will prevent a PHP WARNING from occurring. Fixes #783 Co-authored-by: Mike-Benoit <mikeb@timetrex.com>
2022-01-01PHPDocDamien Regad2-12/+11
2022-01-01Fix PHP ERROR: Uncaught ArgumentCountErrorMike-Benoit1-1/+1
Too few arguments to function ADORecordSet_array::__construct(), 0 passed in adodb/adodb-csvlib.inc.php on line 79 and at least 1 expected. Regression introduced by 57186f905c9a1e49a010daf582baa9a07be826bb Fixes #772 (see PR #785) Signed-off-by: Damien Regad <dregad@mantisbt.org>
2021-12-11Fix php syntax errors found with phpstan (#774)Dianne2-3/+3
Working on an open source project that uses ADOdb. Found these errors when analysing with phpstan in preparation for PHP8 upgrade.
2021-11-27Constructor parameters are incompatible across ADOrecordset definitions, see ↵Mark Newnham1-4/+13
#771 The constructor parameters vary slightly across various usages of ADOrecordset. This standardizes them
2021-11-27Merge branch 'master' of https://github.com/ADOdb/ADOdbMark Newnham18-1709/+1774
2021-11-27Methods return E_DEPRECATED with PHP8.1, see #771Mark Newnham1-0/+13
Implemented methods that return a different type to the PHP abstract need the warnings suppressed in PHP8.1. This is done using the #[\ReturnTypeWillChange] attribute. https://wiki.php.net/rfc/internal_method_return_types
2021-11-08Update ChangelogDamien Regad1-0/+6
2021-11-08Merge _fixblobs() into _prepFields()Damien Regad2-14/+22
Following up on #767, per @Unifex's suggestion [1], removing _fixblobs() and moving its code into new _prepFields() function. Additional changes: - add PHPDoc block - protected attribute - remove return type - not really useful as in most cases success is evaluated by checking $this->fields !== false - fixed a couple remaining occurrences of is_array() checks - coding guidelines [1]: https://github.com/ADOdb/ADOdb/pull/760#issuecomment-961564909
2021-11-08Refactored ADODB_postgres7::_fixblobs() Gold2-29/+20
The call to pg_fetch_array() returns false in all cases where we would not need or want to potentially _fixblobs() and return true. A straight up boolean check is all that is needed here, no need for in_array(). Tracking through _fixblobs() is called in a number of places and how its result is checked was repeated in every case. The checks were moved into the function, which was updated to return a boolean should we want to check that. It was also noted that in every case the setting of $this->fields was identical as well so new _prepfields() method was added which sets $this->fields and calls _fixblobs(). All instances of _fixblobs() were replaced with _prepfields() and the pg_fetch_array() call deleted. Fixes #767 (replacing #760)
2021-11-07Refactor ADODB_postgres7::metaForeignKeys() case conversionDamien Regad1-3/+6
2021-11-07Uniformize metaForeignKeys() function signatureDamien Regad13-35/+45
- public visibility - camelCase - change $owner default from false to '' - add $associative param where missing - PHPDoc updates
2021-11-07WhitespaceDamien Regad7-15/+15