From: Thomas Citharel <tcit@tcit.fr>
Date: Sat, 18 Jul 2015 10:01:26 +0000 (+0200)
Subject: fixed a postgresql-related bug, more database functions secured and add an exception... 
X-Git-Tag: 1.9.1^2~9
X-Git-Url: https://git.immae.eu/?a=commitdiff_plain;h=828d008bed8ef9abba047df16e5e09d8133bd3f3;p=github%2Fwallabag%2Fwallabag.git

fixed a postgresql-related bug, more database functions secured and add an exception for sqlite at installation
---

diff --git a/inc/poche/Database.class.php b/inc/poche/Database.class.php
index 3b1f0af2..7ec1602d 100755
--- a/inc/poche/Database.class.php
+++ b/inc/poche/Database.class.php
@@ -454,20 +454,28 @@ class Database {
 
     public function getPreviousArticle($id, $user_id) 
     {
-        $sql = "SELECT id FROM entries WHERE id = (SELECT max(id) FROM entries WHERE id < ? AND is_read=0) AND user_id=? AND is_read=0";
+        $sqlcondition = "is_read=0";
+        if (STORAGE == 'postgres') {
+            $sqlcondition = "is_read=false";
+        }
+        $sql = "SELECT id FROM entries WHERE id = (SELECT max(id) FROM entries WHERE id < ? AND " . $sqlcondition . ") AND user_id=? AND " . $sqlcondition;
         $params = array($id, $user_id);
         $query = $this->executeQuery($sql, $params);
-        $id_entry = $query->fetchAll();
+        $id_entry = ($query) ? $query->fetchAll() : false;
         $id = ($query) ? $id_entry[0][0] : false;
         return $id;
     }
 
     public function getNextArticle($id, $user_id) 
     {
-        $sql = "SELECT id FROM entries WHERE id = (SELECT min(id) FROM entries WHERE id > ? AND is_read=0) AND user_id=? AND is_read=0";
+        $sqlcondition = "is_read=0";
+        if (STORAGE == 'postgres') {
+            $sqlcondition = "is_read=false";
+        }
+        $sql = "SELECT id FROM entries WHERE id = (SELECT min(id) FROM entries WHERE id > ? AND " . $sqlcondition . ") AND user_id=? AND " . $sqlcondition;
         $params = array($id, $user_id);
         $query = $this->executeQuery($sql, $params);
-        $id_entry = $query->fetchAll();
+        $id_entry = ($query) ? $query->fetchAll() : false;
         $id = ($query) ? $id_entry[0][0] : false;
         return $id;
     }
diff --git a/install/index.php b/install/index.php
index bb351095..ea5d7d47 100755
--- a/install/index.php
+++ b/install/index.php
@@ -94,10 +94,14 @@ else if (isset($_POST['install'])) {
                 $errors[] = 'Impossible to create the SQLite database file. Please check your file permissions.';
             }
             else {
-                $db_path = 'sqlite:' . realpath('') . '/db/poche.sqlite';
-                $handle = new PDO($db_path);
-                $handle->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
-                $sql_structure = "";
+                try {
+                    $db_path = 'sqlite:' . realpath('') . '/db/poche.sqlite';
+                    $handle = new PDO($db_path);
+                    $handle->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+                    $sql_structure = "";
+                } catch (PDOException $e) {
+                    $errors[] = "SQLite has encountered an issue : " . $e->getMessage();
+                }
             }
         } else {
             // MySQL and Postgre