Skip to content

Commit

Permalink
use proper types in API (fossar#879)
Browse files Browse the repository at this point in the history
  • Loading branch information
niol committed Mar 6, 2017
1 parent 8b14f4c commit 0d2000f
Show file tree
Hide file tree
Showing 6 changed files with 20 additions and 7 deletions.
2 changes: 1 addition & 1 deletion controllers/Sources.php
Original file line number Diff line number Diff line change
Expand Up @@ -165,7 +165,7 @@ public function write() {
unset($data['ajax']);

// check if source already exists
$id = \F3::get('PARAMS["id"]');
$id = intval(\F3::get('PARAMS["id"]'));
$sourceExists = $sourcesDao->isValid('id', $id);

// load password value if not changed for spouts containing passwords
Expand Down
7 changes: 6 additions & 1 deletion daos/mysql/Items.php
Original file line number Diff line number Diff line change
Expand Up @@ -337,7 +337,12 @@ public function get($options = []) {
$query = "$select $where_sql $order_sql LIMIT " . $options['items'] . ' OFFSET ' . $options['offset'];
}

return \F3::get('db')->exec($query, $params);
return $this->ensureRowTypes(\F3::get('db')->exec($query, $params), [
'id' => \PDO::PARAM_INT,
'unread' => \PDO::PARAM_BOOL,
'starred' => \PDO::PARAM_BOOL,
'source' => \PDO::PARAM_INT
]);
}

/**
Expand Down
11 changes: 9 additions & 2 deletions daos/mysql/Sources.php
Original file line number Diff line number Diff line change
Expand Up @@ -144,13 +144,15 @@ public function get($id = null) {
// select source by id if specified or return all sources
if (isset($id)) {
$ret = \F3::get('db')->exec('SELECT id, title, tags, spout, params, filter, error FROM ' . \F3::get('db_prefix') . 'sources WHERE id=:id', [':id' => $id]);
$this->ensureRowTypes($ret, ['id' => \PDO::PARAM_INT]);
if (isset($ret[0])) {
$ret = $ret[0];
} else {
$ret = false;
}
} else {
$ret = \F3::get('db')->exec('SELECT id, title, tags, spout, params, filter, error FROM ' . \F3::get('db_prefix') . 'sources ORDER BY error DESC, lower(title) ASC');
$this->ensureRowTypes($ret, ['id' => \PDO::PARAM_INT]);
}

return $ret;
Expand All @@ -162,13 +164,18 @@ public function get($id = null) {
* @return mixed all sources
*/
public function getWithUnread() {
return \F3::get('db')->exec('SELECT
$ret = \F3::get('db')->exec('SELECT
sources.id, sources.title, COUNT(items.id) AS unread
FROM ' . \F3::get('db_prefix') . 'sources AS sources
LEFT OUTER JOIN ' . \F3::get('db_prefix') . 'items AS items
ON (items.source=sources.id AND ' . $this->stmt->isTrue('items.unread') . ')
GROUP BY sources.id, sources.title
ORDER BY lower(sources.title) ASC');

return $this->ensureRowTypes($ret, [
'id' => \PDO::PARAM_INT,
'unread' => \PDO::PARAM_INT
]);
}

/**
Expand All @@ -194,7 +201,7 @@ public function getWithIcon() {
ON sources.id=sourceicons.source
ORDER BY ' . $this->stmt->nullFirst('sources.error', 'DESC') . ', lower(sources.title)');

return $ret;
return $this->ensureRowTypes($ret, ['id' => \PDO::PARAM_INT]);
}

/**
Expand Down
2 changes: 1 addition & 1 deletion daos/mysql/Statements.php
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ public static function insert($query, $params) {
\F3::get('db')->exec($query, $params);
$res = \F3::get('db')->exec('SELECT LAST_INSERT_ID() as lastid');

return $res[0]['lastid'];
return intval($res[0]['lastid']);
}

/**
Expand Down
3 changes: 2 additions & 1 deletion daos/mysql/Tags.php
Original file line number Diff line number Diff line change
Expand Up @@ -87,7 +87,8 @@ public function getWithUnread() {
GROUP BY tags.tag, tags.color
ORDER BY LOWER(tags.tag);';

return \F3::get('db')->exec($select);
return $this->ensureRowTypes(\F3::get('db')->exec($select),
['unread' => \PDO::PARAM_INT]);
}

/**
Expand Down
2 changes: 1 addition & 1 deletion daos/sqlite/Statements.php
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ public static function insert($query, $params) {
\F3::get('db')->exec($query, $params);
$res = \F3::get('db')->exec('SELECT last_insert_rowid() as lastid');

return $res[0]['lastid'];
return intval($res[0]['lastid']);
}

/**
Expand Down

0 comments on commit 0d2000f

Please sign in to comment.