[bugs] [Bug 1224] New - Preferences cannot store binary data due to lack of quoting in PostgreSQL database

Fri Apr 18 03:53:55 PDT 2003

http://bugs.horde.org/show_bug.cgi?id=1224

*** shadow/1224	Fri Apr 18 02:53:55 2003
--- shadow/1224.tmp.808	Fri Apr 18 02:53:55 2003
***************
*** 0 ****
--- 1,58 ----
+ Bug#: 1224
+ Product: Horde
+ Version: 2.2 Stable
+ Platform: PHP Code
+ OS/Version: Linux
+ Status: NEW   
+ Resolution: 
+ Severity: normal
+ Priority: P2
+ Component: Core
+ Area: BUILD
+ AssignedTo: chuck at horde.org                            
+ ReportedBy: peter at stamfest.at               
+ URL: 
+ Summary: Preferences cannot store binary data due to lack of quoting in PostgreSQL database
+ 
+ 
+ From my horde.log:
+ 
+ Apr 17 15:16:33 HORDE [emergency] [imp] DB Error: unknown error: insert into
+ horde_prefs (pref_uid, pref_scope, pref_name, pref_value)
+ values('nico1 at customers.stamfest.com', 'imp', 'delhide', TRUE) [nativ
+ ecode=ERROR:  column "pref_value" is of type 'text' but expression is of type
+ 'boolean'
+ 
+ This is due to the fact the "TRUE" is a boolean value and the column pref_value
+ is  a string.
+ 
+ The fix is rather trivial. Here is a patch (just make sure DB quoting is done on
+ a string):
+ 
+ 
+ --- /opt/horde/lib/Prefs/sql.php        Fri Jan  3 13:48:42 2003
+ +++ sql.php     Fri Apr 18 07:51:27 2003
+ @@ -317,7 +317,7 @@
+              if ($row && !DB::isError($row)) {
+                  /* Update the existing row. */
+                  $query = 'update ' . $this->params['table'] . ' ';
+ -                $query .= 'set pref_value = ' .
+ $this->db->quote($this->getValue($name));
+ +                $query .= 'set pref_value = ' . $this->db->quote("" .
+ $this->getValue($name));
+                  $query .= ' where pref_uid = ' . $this->db->quote($this->user);
+                  $query .= ' and pref_name = ' . $this->db->quote($name);
+                  $query .= ' and pref_scope = ' . $this->db->quote($scope);
+ @@ -333,7 +333,7 @@
+                  $query .= '(pref_uid, pref_scope, pref_name, pref_value) values';
+                  $query .= '(' . $this->db->quote($this->user) . ', ';
+                  $query .= $this->db->quote($scope) . ', ' .
+ $this->db->quote($name) . ', ';
+ -                $query .= $this->db->quote($this->getValue($name)) . ')';
+ +                $query .= $this->db->quote("" . $this->getValue($name)) . ')';
+                  $result = $this->db->query($query);
+  
+                  /* Return an error if the insert fails. */
+ 
+ 
+