Merge pull request #2655 from FreshRSS/dev1.15.2

FreshRSS 1.15.2
author: Alexandre Alapetite <alexandre@alapetite.fr> 2019-11-12 10:19:57 +0100
committer: GitHub <noreply@github.com> 2019-11-12 10:19:57 +0100
commit: 09c088c62ece3b17615fb4e2addfa16663bb334f (patch)
tree: 9fe5a64e52711524bd6c327cd9db02dca83065a5 /app/Models
parent: 91cb165829badde07c42a002215cf52779d891b6 (diff)
parent: 874fce6656ce0a4fb144af672e8a31f1ec5f64f5 (diff)
4 files changed, 26 insertions, 3 deletions
diff --git a/app/Models/DatabaseDAO.php b/app/Models/DatabaseDAO.php
index 13330db23..cfb150ab1 100644
--- a/app/Models/DatabaseDAO.php
+++ b/app/Models/DatabaseDAO.php
@@ -156,7 +156,12 @@ class FreshRSS_DatabaseDAO extends Minz_ModelPdo {
 
 		foreach ($tables as $table) {
 			$sql = 'OPTIMIZE TABLE `_' . $table . '`';	//MySQL
-			$ok &= ($this->pdo->exec($sql) !== false);
+			$stm = $this->pdo->query($sql);
+			if ($stm == false || $stm->fetchAll(PDO::FETCH_ASSOC) === false) {
+				$ok = false;
+				$info = $stm == null ? $this->pdo->errorInfo() : $stm->errorInfo();
+				Minz_Log::warning(__METHOD__ . ' error: ' . $sql . ' : ' . json_encode($info));
+			}
 		}
 		return $ok;
 	}
diff --git a/app/Models/DatabaseDAOPGSQL.php b/app/Models/DatabaseDAOPGSQL.php
index 7ca7799ae..75ff8be7b 100644
--- a/app/Models/DatabaseDAOPGSQL.php
+++ b/app/Models/DatabaseDAOPGSQL.php
@@ -79,7 +79,11 @@ class FreshRSS_DatabaseDAOPGSQL extends FreshRSS_DatabaseDAOSQLite {
 
 		foreach ($tables as $table) {
 			$sql = 'VACUUM `_' . $table . '`';
-			$ok &= ($this->pdo->exec($sql) !== false);
+			if ($this->pdo->exec($sql) === false) {
+				$ok = false;
+				$info = $this->pdo->errorInfo();
+				Minz_Log::warning(__METHOD__ . ' error: ' . $sql . ' : ' . json_encode($info));
+			}
 		}
 		return $ok;
 	}
diff --git a/app/Models/DatabaseDAOSQLite.php b/app/Models/DatabaseDAOSQLite.php
index 413e7ee09..eaa2d37a7 100644
--- a/app/Models/DatabaseDAOSQLite.php
+++ b/app/Models/DatabaseDAOSQLite.php
@@ -66,6 +66,11 @@ class FreshRSS_DatabaseDAOSQLite extends FreshRSS_DatabaseDAO {
 	}
 
 	public function optimize() {
-		return $this->pdo->exec('VACUUM') !== false;
+		$ok = $this->pdo->exec('VACUUM') !== false;
+		if (!$ok) {
+			$info = $this->pdo->errorInfo();
+			Minz_Log::warning(__METHOD__ . ' error: ' . $sql . ' : ' . json_encode($info));
+		}
+		return $ok;
 	}
 }
diff --git a/app/Models/EntryDAO.php b/app/Models/EntryDAO.php
index 99e99f463..d149cfd8b 100644
--- a/app/Models/EntryDAO.php
+++ b/app/Models/EntryDAO.php
@@ -99,9 +99,12 @@ SQL;
 			$valuesTmp['guid'] = safe_ascii($valuesTmp['guid']);
 			$this->addEntryPrepared->bindParam(':guid', $valuesTmp['guid']);
 			$valuesTmp['title'] = mb_strcut($valuesTmp['title'], 0, 255, 'UTF-8');
+			$valuesTmp['title'] = safe_utf8($valuesTmp['title']);
 			$this->addEntryPrepared->bindParam(':title', $valuesTmp['title']);
 			$valuesTmp['author'] = mb_strcut($valuesTmp['author'], 0, 255, 'UTF-8');
+			$valuesTmp['author'] = safe_utf8($valuesTmp['author']);
 			$this->addEntryPrepared->bindParam(':author', $valuesTmp['author']);
+			$valuesTmp['content'] = safe_utf8($valuesTmp['content']);
 			$this->addEntryPrepared->bindParam(':content', $valuesTmp['content']);
 			$valuesTmp['link'] = substr($valuesTmp['link'], 0, 1023);
 			$valuesTmp['link'] = safe_ascii($valuesTmp['link']);
@@ -117,6 +120,7 @@ SQL;
 			$this->addEntryPrepared->bindParam(':is_favorite', $valuesTmp['is_favorite'], PDO::PARAM_INT);
 			$this->addEntryPrepared->bindParam(':id_feed', $valuesTmp['id_feed'], PDO::PARAM_INT);
 			$valuesTmp['tags'] = mb_strcut($valuesTmp['tags'], 0, 1023, 'UTF-8');
+			$valuesTmp['tags'] = safe_utf8($valuesTmp['tags']);
 			$this->addEntryPrepared->bindParam(':tags', $valuesTmp['tags']);
 
 			if ($this->hasNativeHex()) {
@@ -186,11 +190,15 @@ SQL;
 		}
 
 		$valuesTmp['guid'] = substr($valuesTmp['guid'], 0, 760);
+		$valuesTmp['guid'] = safe_ascii($valuesTmp['guid']);
 		$this->updateEntryPrepared->bindParam(':guid', $valuesTmp['guid']);
 		$valuesTmp['title'] = mb_strcut($valuesTmp['title'], 0, 255, 'UTF-8');
+		$valuesTmp['title'] = safe_utf8($valuesTmp['title']);
 		$this->updateEntryPrepared->bindParam(':title', $valuesTmp['title']);
 		$valuesTmp['author'] = mb_strcut($valuesTmp['author'], 0, 255, 'UTF-8');
+		$valuesTmp['author'] = safe_utf8($valuesTmp['author']);
 		$this->updateEntryPrepared->bindParam(':author', $valuesTmp['author']);
+		$valuesTmp['content'] = safe_utf8($valuesTmp['content']);
 		$this->updateEntryPrepared->bindParam(':content', $valuesTmp['content']);
 		$valuesTmp['link'] = substr($valuesTmp['link'], 0, 1023);
 		$valuesTmp['link'] = safe_ascii($valuesTmp['link']);
@@ -203,6 +211,7 @@ SQL;
 		}
 		$this->updateEntryPrepared->bindParam(':id_feed', $valuesTmp['id_feed'], PDO::PARAM_INT);
 		$valuesTmp['tags'] = mb_strcut($valuesTmp['tags'], 0, 1023, 'UTF-8');
+		$valuesTmp['tags'] = safe_utf8($valuesTmp['tags']);
 		$this->updateEntryPrepared->bindParam(':tags', $valuesTmp['tags']);
 
 		if ($this->hasNativeHex()) {
author	Alexandre Alapetite <alexandre@alapetite.fr>	2019-11-12 10:19:57 +0100
committer	GitHub <noreply@github.com>	2019-11-12 10:19:57 +0100
commit	09c088c62ece3b17615fb4e2addfa16663bb334f (patch)
tree	9fe5a64e52711524bd6c327cd9db02dca83065a5 /app/Models
parent	91cb165829badde07c42a002215cf52779d891b6 (diff)
parent	874fce6656ce0a4fb144af672e8a31f1ec5f64f5 (diff)