[svn-commits] tilghman: branch tilghman/adaptive_realtime r116757 - /team/tilghman/adaptive...

SVN commits to the Digium repositories svn-commits at lists.digium.com
Thu May 15 20:03:45 CDT 2008


Author: tilghman
Date: Thu May 15 20:03:45 2008
New Revision: 116757

URL: http://svn.digium.com/view/asterisk?view=rev&rev=116757
Log:
Check on updates to ensure the needed fields exist

Modified:
    team/tilghman/adaptive_realtime/res/res_config_pgsql.c

Modified: team/tilghman/adaptive_realtime/res/res_config_pgsql.c
URL: http://svn.digium.com/view/asterisk/team/tilghman/adaptive_realtime/res/res_config_pgsql.c?view=diff&rev=116757&r1=116756&r2=116757
==============================================================================
--- team/tilghman/adaptive_realtime/res/res_config_pgsql.c (original)
+++ team/tilghman/adaptive_realtime/res/res_config_pgsql.c Thu May 15 20:03:45 2008
@@ -470,16 +470,26 @@
 	return cfg;
 }
 
-static int update_pgsql(const char *database, const char *table, const char *keyfield,
+static int update_pgsql(const char *database, const char *tablename, const char *keyfield,
 						const char *lookup, va_list ap)
 {
 	PGresult *result = NULL;
 	int numrows = 0, pgerror;
-	char sql[256], escapebuf[513];
+	char escapebuf[513];
 	const char *newparam, *newval;
-
-	if (!table) {
+	struct ast_str *sql = ast_str_create(100);
+	struct tables *table;
+	struct columns *column = NULL;
+
+	if (!tablename) {
 		ast_log(LOG_WARNING, "PostgreSQL RealTime: No table specified.\n");
+		ast_free(sql);
+		return -1;
+	}
+
+	if (!(table = find_table(tablename))) {
+		ast_log(LOG_ERROR, "Table '%s' does not exist!!\n", tablename);
+		ast_free(sql);
 		return -1;
 	}
 
@@ -493,6 +503,22 @@
 			PQfinish(pgsqlConn);
 			pgsqlConn = NULL;
 		};
+		ast_mutex_unlock(&table->lock);
+		ast_free(sql);
+		return -1;
+	}
+
+	/* Check that the column exists in the table */
+	AST_LIST_TRAVERSE(&table->columns, column, list) {
+		if (strcmp(column->name, newparam) == 0) {
+			break;
+		}
+	}
+
+	if (!column) {
+		ast_log(LOG_ERROR, "PostgreSQL RealTime: Updating on column '%s', but that column does not exist within the table '%s'!\n", newparam, tablename);
+		ast_mutex_unlock(&table->lock);
+		ast_free(sql);
 		return -1;
 	}
 
@@ -503,50 +529,68 @@
 	if (pgerror) {
 		ast_log(LOG_ERROR, "Postgres detected invalid input: '%s'\n", newval);
 		va_end(ap);
-		return -1;
-	}
-	snprintf(sql, sizeof(sql), "UPDATE %s SET %s = '%s'", table, newparam, escapebuf);
+		ast_mutex_unlock(&table->lock);
+		ast_free(sql);
+		return -1;
+	}
+	ast_str_set(&sql, 0, "UPDATE %s SET %s = '%s'", tablename, newparam, escapebuf);
 
 	while ((newparam = va_arg(ap, const char *))) {
 		newval = va_arg(ap, const char *);
+
+		/* If the column is not within the table, then skip it */
+		AST_LIST_TRAVERSE(&table->columns, column, list) {
+			if (strcmp(column->name, newparam) == 0) {
+				break;
+			}
+		}
+
+		if (!column) {
+			ast_log(LOG_WARNING, "Attempted to update column '%s' in table '%s', but column does not exist!\n", newparam, tablename);
+			continue;
+		}
 
 		PQescapeStringConn(pgsqlConn, escapebuf, newval, (sizeof(escapebuf) - 1) / 2, &pgerror);
 		if (pgerror) {
 			ast_log(LOG_ERROR, "Postgres detected invalid input: '%s'\n", newval);
 			va_end(ap);
+			ast_mutex_unlock(&table->lock);
+			ast_free(sql);
 			return -1;
 		}
 
-		snprintf(sql + strlen(sql), sizeof(sql) - strlen(sql), ", %s = '%s'", newparam,
-				 escapebuf);
+		ast_str_append(&sql, 0, ", %s = '%s'", newparam, escapebuf);
 	}
 	va_end(ap);
+	ast_mutex_unlock(&table->lock);
 
 	PQescapeStringConn(pgsqlConn, escapebuf, lookup, (sizeof(escapebuf) - 1) / 2, &pgerror);
 	if (pgerror) {
 		ast_log(LOG_ERROR, "Postgres detected invalid input: '%s'\n", lookup);
 		va_end(ap);
-		return -1;
-	}
-
-	snprintf(sql + strlen(sql), sizeof(sql) - strlen(sql), " WHERE %s = '%s'", keyfield,
-			 escapebuf);
-
-	ast_debug(1, "PostgreSQL RealTime: Update SQL: %s\n", sql);
+		ast_free(sql);
+		return -1;
+	}
+
+	ast_str_append(&sql, 0, " WHERE %s = '%s'", keyfield, escapebuf);
+
+	ast_debug(1, "PostgreSQL RealTime: Update SQL: %s\n", sql->str);
 
 	/* We now have our complete statement; Lets connect to the server and execute it. */
 	ast_mutex_lock(&pgsql_lock);
 	if (!pgsql_reconnect(database)) {
 		ast_mutex_unlock(&pgsql_lock);
-		return -1;
-	}
-
-	if (!(result = PQexec(pgsqlConn, sql))) {
+		ast_free(sql);
+		return -1;
+	}
+
+	if (!(result = PQexec(pgsqlConn, sql->str))) {
 		ast_log(LOG_WARNING,
 				"PostgreSQL RealTime: Failed to query database. Check debug for more info.\n");
-		ast_debug(1, "PostgreSQL RealTime: Query: %s\n", sql);
+		ast_debug(1, "PostgreSQL RealTime: Query: %s\n", sql->str);
 		ast_debug(1, "PostgreSQL RealTime: Query Failed because: %s\n", PQerrorMessage(pgsqlConn));
 		ast_mutex_unlock(&pgsql_lock);
+		ast_free(sql);
 		return -1;
 	} else {
 		ExecStatusType result_status = PQresultStatus(result);
@@ -555,18 +599,20 @@
 			&& result_status != PGRES_NONFATAL_ERROR) {
 			ast_log(LOG_WARNING,
 					"PostgreSQL RealTime: Failed to query database. Check debug for more info.\n");
-			ast_debug(1, "PostgreSQL RealTime: Query: %s\n", sql);
+			ast_debug(1, "PostgreSQL RealTime: Query: %s\n", sql->str);
 			ast_debug(1, "PostgreSQL RealTime: Query Failed because: %s (%s)\n",
 						PQresultErrorMessage(result), PQresStatus(result_status));
 			ast_mutex_unlock(&pgsql_lock);
+			ast_free(sql);
 			return -1;
 		}
 	}
 
 	numrows = atoi(PQcmdTuples(result));
 	ast_mutex_unlock(&pgsql_lock);
-
-	ast_debug(1, "PostgreSQL RealTime: Updated %d rows on table: %s\n", numrows, table);
+	ast_free(sql);
+
+	ast_debug(1, "PostgreSQL RealTime: Updated %d rows on table: %s\n", numrows, tablename);
 
 	/* From http://dev.pgsql.com/doc/pgsql/en/pgsql-affected-rows.html
 	 * An integer greater than zero indicates the number of rows affected




More information about the svn-commits mailing list