diff options
author | Oliver Tappe | 2007-05-05 17:27:26 +0200 |
---|---|---|
committer | Oliver Tappe | 2007-05-05 17:27:26 +0200 |
commit | d00ee5fe7c02a186d662f96e66e8166ba590c8fd (patch) | |
tree | 9e7bf3cf34dbbf4285df3d3cdbcb3f08278c7ea0 /config-db/OpenSLX/MetaDB | |
parent | * updated list of required PERL-modules (diff) | |
download | core-d00ee5fe7c02a186d662f96e66e8166ba590c8fd.tar.gz core-d00ee5fe7c02a186d662f96e66e8166ba590c8fd.tar.xz core-d00ee5fe7c02a186d662f96e66e8166ba590c8fd.zip |
* fixed some holes in param check, could lead to crashes
git-svn-id: http://svn.openslx.org/svn/openslx/trunk@998 95ad53e4-c205-0410-b2fa-d234c58c8868
Diffstat (limited to 'config-db/OpenSLX/MetaDB')
-rw-r--r-- | config-db/OpenSLX/MetaDB/DBI.pm | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/config-db/OpenSLX/MetaDB/DBI.pm b/config-db/OpenSLX/MetaDB/DBI.pm index 29e9bb41..75d5a001 100644 --- a/config-db/OpenSLX/MetaDB/DBI.pm +++ b/config-db/OpenSLX/MetaDB/DBI.pm @@ -335,7 +335,7 @@ sub _doInsert my $dbh = $self->{'dbh'}; my $valRow = (@$valRows)[0]; - return if !defined $valRow; + return if !defined $valRow || !scalar keys %$valRow; if ($table =~ m[_ref$]) { # reference tables do not have IDs: @@ -357,10 +357,10 @@ sub _doInsert my $cols = join ', ', keys %$valRow; my $values = join ', ', map { $self->quote($valRow->{$_}) } keys %$valRow; my $sql = "INSERT INTO $table ( $cols ) VALUES ( $values )"; + vlog 3, $sql; my $sth = $dbh->prepare($sql) or confess _tr(q[Can't insert into table <%s> (%s)], $table, $dbh->errstr); - vlog 3, $sql; $sth->execute() or confess _tr(q[Can't insert into table <%s> (%s)], $table, $dbh->errstr); @@ -394,10 +394,10 @@ sub _doDelete $sql .= $additionalWhereClause; } } + vlog 3, $sql; my $sth = $dbh->prepare($sql) or confess _tr(q[Can't delete from table <%s> (%s)], $table, $dbh->errstr); - vlog 3, $sql; $sth->execute() or confess _tr(q[Can't delete from table <%s> (%s)], $table, $dbh->errstr); @@ -414,7 +414,7 @@ sub _doUpdate my $dbh = $self->{'dbh'}; my $valRow = (@$valRows)[0]; - return if !defined $valRow; + return if !defined $valRow || !scalar keys %$valRow; my $idx = 0; foreach my $valRow (@$valRows) { @@ -432,9 +432,9 @@ sub _doUpdate if (defined $id) { $sql .= " WHERE id = ".$self->quote($id); } + vlog 3, $sql; my $sth = $dbh->prepare($sql) or confess _tr(q[Can't update table <%s> (%s)], $table, $dbh->errstr); - vlog 3, $sql; $sth->execute() or confess _tr(q[Can't update table <%s> (%s)], $table, $dbh->errstr); |