return '';
}
+ // See IDatabase::select for the docs for this function
public function select( $table, $vars, $conds = '', $fname = __METHOD__,
$options = [], $join_conds = [] ) {
$sql = $this->selectSQLText( $table, $vars, $conds, $fname, $options, $join_conds );
* themselves. Pass the canonical name to such functions. This is only needed
* when calling query() directly.
*
+ * @note This function does not sanitize user input. It is not safe to use
+ * this function to escape user input.
* @param string $name Database table name
* @param string $format One of:
* quoted - Automatically pass the table name through addIdentifierQuotes()
if ( !$alias || (string)$alias === (string)$name ) {
return $name;
} else {
- return $name . ' AS ' . $alias; // PostgreSQL needs AS
+ return $name . ' AS ' . $this->addIdentifierQuotes( $alias ); // PostgreSQL needs AS
}
}
* Returns if the given identifier looks quoted or not according to
* the database convention for quoting identifiers .
*
+ * @note Do not use this to determine if untrusted input is safe.
+ * A malicious user can trick this function.
* @param string $name
* @return bool
*/
}
}
- final public function doAtomicSection( $fname, $callback ) {
- if ( !is_callable( $callback ) ) {
- throw new UnexpectedValueException( "Invalid callback." );
- };
-
+ final public function doAtomicSection( $fname, callable $callback ) {
$this->startAtomic( $fname );
try {
call_user_func_array( $callback, [ $this, $fname ] );
} elseif ( !$this->mTrxAutomatic ) {
// We want to warn about inadvertently nested begin/commit pairs, but not about
// auto-committing implicit transactions that were started by query() via DBO_TRX
- $msg = "$fname: Transaction already in progress (from {$this->mTrxFname}), " .
- " performing implicit commit!";
- wfWarn( $msg );
- wfLogDBError( $msg,
- $this->getLogContext( [
- 'method' => __METHOD__,
- 'fname' => $fname,
- ] )
+ throw new DBUnexpectedError(
+ $this,
+ "$fname: Transaction already in progress (from {$this->mTrxFname}), " .
+ " performing implicit commit!"
);
} else {
- // if the transaction was automatic and has done write operations
+ // The transaction was automatic and has done write operations
if ( $this->mTrxDoneWrites ) {
wfDebug( "$fname: Automatic transaction with writes in progress" .
" (from {$this->mTrxFname}), performing implicit commit!\n"