secure database functions

author: Thomas Citharel <tcit@tcit.fr> 2015-07-17 22:54:57 +0200
committer: Thomas Citharel <tcit@tcit.fr> 2015-07-17 22:54:57 +0200
commit: 4a746679c899e44c214605561db2aeb5001f07cd (patch)
tree: 4d03c5e5e45464ba0770f307f6d0de72636c4e0f
parent: 7473f0cc4ab15ef8ff28169c5dec44b53131b1c3 (diff)
download: wallabag-4a746679c899e44c214605561db2aeb5001f07cd.tar.gz
wallabag-4a746679c899e44c214605561db2aeb5001f07cd.tar.zst
wallabag-4a746679c899e44c214605561db2aeb5001f07cd.zip
2 files changed, 85 insertions, 72 deletions
diff --git a/inc/poche/Database.class.php b/inc/poche/Database.class.php
index 7be7a394..28d4a232 100755
--- a/inc/poche/Database.class.php
+++ b/inc/poche/Database.class.php
@@ -156,11 +156,14 @@ class Database {
    {
        $sql = "SELECT * FROM users_config WHERE user_id = ?";
        $query = $this->executeQuery($sql, array($id));
-        $result = $query->fetchAll();
+        $result = ($query) ? $query->fetchAll() : false;
-        $user_config = array();
+        $user_config = false;
+        if ($query) {
+            $user_config = array();
-        foreach ($result as $key => $value) {
+            foreach ($result as $key => $value) {
-            $user_config[$value['name']] = $value['value'];
+                $user_config[$value['name']] = $value['value'];
+            }
        }
        return $user_config;
@@ -171,11 +174,7 @@ class Database {
        $sql = "SELECT * FROM users WHERE username=?";
        $query = $this->executeQuery($sql, array($username));
        $login = $query->fetchAll();
-        if (isset($login[0])) {
+        return (isset($login[0]) && $query) ? true : false;
-            return true;
-        } else {
-            return false;
-        }
    }
    public function login($username, $password, $isauthenticated = FALSE)
@@ -187,10 +186,10 @@ class Database {
            $sql = "SELECT * FROM users WHERE username=? AND password=?";
            $query = $this->executeQuery($sql, array($username, $password));
        }
-        $login = $query->fetchAll();
+        $login = ($query) ? $query->fetchAll() : false;
        $user = array();
-        if (isset($login[0])) {
+        if ($login[0]) {
            $user['id'] = $login[0]['id'];
            $user['username'] = $login[0]['username'];
            $user['password'] = $login[0]['password'];
@@ -243,7 +242,7 @@ class Database {
    {
        $sql = 'SELECT count(*) FROM users'.( $username ? ' WHERE username=?' : '');
        $query = $this->executeQuery($sql, ( $username ? array($username) : array()));
-        list($count) = $query->fetch();
+        list($count) = ($query) ? $query->fetch() : false;
        return $count;
    }
    
@@ -252,7 +251,7 @@ class Database {
        $sql = "SELECT * FROM users WHERE id=?";
        $query = $this->executeQuery($sql, array($userID));
        $password = $query->fetchAll();
-        return isset($password[0]['password']) ? $password[0]['password'] : null;
+        return ($query) ? $password[0]['password'] : false;
    }
    
    public function deleteUserConfig($userID)
@@ -260,18 +259,22 @@ class Database {
        $sql_action = 'DELETE from users_config WHERE user_id=?';
        $params_action = array($userID);
        $query = $this->executeQuery($sql_action, $params_action);
-        return $query;
+        return ($query) ? $query : false;
    }
    
    public function deleteTagsEntriesAndEntries($userID)
    {
        $entries = $this->retrieveAll($userID);
-        foreach($entries as $entryid) {
+        if ($entries) {
-            $tags = $this->retrieveTagsByEntry($entryid);
+            foreach($entries as $entryid) {
-            foreach($tags as $tag) {
+                $tags = $this->retrieveTagsByEntry($entryid);
-                $this->removeTagForEntry($entryid,$tags);
+                foreach($tags as $tag) {
+                    $this->removeTagForEntry($entryid,$tags);
+                }
+                $this->deleteById($entryid,$userID);
            }
-            $this->deleteById($entryid,$userID);
+        } else {
+            return false;
        }
    }
    
@@ -302,7 +305,7 @@ class Database {
        $query      = $this->executeQuery($sql, array($user_id));
        $entries    = $query->fetchAll();
-        return $entries;
+        return ($query) ? $entries : false;
    }
    public function retrieveUnfetchedEntriesCount($user_id)
@@ -320,44 +323,44 @@ class Database {
        $query      = $this->executeQuery($sql, array($user_id));
        $entries    = $query->fetchAll();
-        return $entries;
+        return ($query) ? $entries : false;
    }
    public function retrieveAllWithTags($user_id)
    {
        $entries = $this->retrieveAll($user_id);
-        $count = count($entries);
+        if ($entries) {
-        for ($i = 0; $i < $count; $i++) {
+            $count = count($entries);
-          $tag_entries = $this->retrieveTagsByEntry($entries[$i]['id']);
+            for ($i = 0; $i < $count; $i++) {
-          $tags = [];
+              $tag_entries = $this->retrieveTagsByEntry($entries[$i]['id']);
-          foreach ($tag_entries as $tag) {
+              $tags = [];
-            $tags[] = $tag[1];
+              foreach ($tag_entries as $tag) {
-          }
+                $tags[] = $tag[1];
-          $entries[$i]['tags'] = implode(',', $tags);
+              }
+              $entries[$i]['tags'] = implode(',', $tags);
+            }         
        }
        return $entries;
    }
    public function retrieveOneById($id, $user_id)
    {
-        $entry  = NULL;
        $sql    = "SELECT * FROM entries WHERE id=? AND user_id=?";
        $params = array(intval($id), $user_id);
        $query  = $this->executeQuery($sql, $params);
        $entry  = $query->fetchAll();
-        return isset($entry[0]) ? $entry[0] : null;
+        return ($query) ? $entry[0] : false;
    }
    public function retrieveOneByURL($url, $user_id)
    {
-        $entry  = NULL;
        $sql    = "SELECT * FROM entries WHERE url=? AND user_id=?";
        $params = array($url, $user_id);
        $query  = $this->executeQuery($sql, $params);
        $entry  = $query->fetchAll();
-        return isset($entry[0]) ? $entry[0] : null;
+        return ($query) ? $entry[0] : false;
    }
    public function reassignTags($old_entry_id, $new_entry_id)
@@ -395,7 +398,8 @@ class Database {
                $query = $this->executeQuery($sql, $params);
                $entries = $query->fetchAll();
-                return $entries;
+                return ($query) ? $entries : false;
    }
    public function getEntriesByViewCount($view, $user_id, $tag_id = 0)
@@ -422,7 +426,7 @@ class Database {
        }
        $query = $this->executeQuery($sql, $params);
-        list($count) = $query->fetch();
+        list($count) = ($query) ? $query->fetch() : array(false);
        return $count;
    }
@@ -445,7 +449,7 @@ class Database {
        $query = $this->executeQuery($sql, $params);
        $id = $query->fetchAll();
-        return $id;
+        return ($query) ? $id : false;
    }
    public function getPreviousArticle($id, $user_id) 
@@ -454,7 +458,7 @@ class Database {
        $params = array($id, $user_id);
        $query = $this->executeQuery($sql, $params);
        $id_entry = $query->fetchAll();
-        $id = $id_entry[0][0];
+        $id = ($query) ? $id_entry[0][0] : false;
        return $id;
    }
@@ -464,7 +468,7 @@ class Database {
        $params = array($id, $user_id);
        $query = $this->executeQuery($sql, $params);
        $id_entry = $query->fetchAll();
-        $id = $id_entry[0][0];
+        $id = ($query) ? $id_entry[0][0] : false;
        return $id;
    }
@@ -540,7 +544,7 @@ class Database {
        $sql_action .= $this->getEntriesOrder().' ' . $limit;
        $params_action = array($user_id, $search, $search, $search);
        $query = $this->executeQuery($sql_action, $params_action);
-        return $query->fetchAll();
+        return ($query) ? $query->fetchAll() : false;
        }
    public function retrieveAllTags($user_id, $term = NULL)
@@ -553,23 +557,23 @@ class Database {
          GROUP BY tags.id, tags.value
          ORDER BY tags.value";
        $query = $this->executeQuery($sql, (($term)? array($user_id, strtolower('%'.$term.'%')) : array($user_id) ));
-        $tags = $query->fetchAll();
+        $tags = ($query) ? $query->fetchAll() : false;
        return $tags;
    }
    public function retrieveTag($id, $user_id)
    {
-        $tag  = NULL;
        $sql    = "SELECT DISTINCT tags.* FROM tags
          LEFT JOIN tags_entries ON tags_entries.tag_id=tags.id
          LEFT JOIN entries ON tags_entries.entry_id=entries.id
          WHERE tags.id=? AND entries.user_id=?";
        $params = array(intval($id), $user_id);
        $query  = $this->executeQuery($sql, $params);
-        $tag  = $query->fetchAll();
+        $tags  = ($query) ? $query->fetchAll() : false;
+        $tag = ($query) ? $tags[0] : false;
-        return isset($tag[0]) ? $tag[0] : NULL;
+        return $tag[0];
    }
    public function retrieveEntriesByTag($tag_id, $user_id)
@@ -579,7 +583,7 @@ class Database {
            LEFT JOIN tags_entries ON tags_entries.entry_id=entries.id
            WHERE tags_entries.tag_id = ? AND entries.user_id=? ORDER by entries.id DESC";
        $query = $this->executeQuery($sql, array($tag_id, $user_id));
-        $entries = $query->fetchAll();
+        $entries = ($query) ? $query->fetchAll() : false;
        return $entries;
    }
@@ -591,7 +595,7 @@ class Database {
            LEFT JOIN tags_entries ON tags_entries.tag_id=tags.id
            WHERE tags_entries.entry_id = ?";
        $query = $this->executeQuery($sql, array($entry_id));
-        $tags = $query->fetchAll();
+        $tags = ($query) ? $query->fetchAll() : false;
        return $tags;
    }
@@ -601,38 +605,40 @@ class Database {
        $sql_action     = "DELETE FROM tags_entries WHERE tag_id=? AND entry_id=?";
        $params_action  = array($tag_id, $entry_id);
        $query          = $this->executeQuery($sql_action, $params_action);
-        return $query;
+        return ($query) ? $query : false;
    }
    
    public function cleanUnusedTag($tag_id)
    {
        $sql_action = "SELECT tags.* FROM tags JOIN tags_entries ON tags_entries.tag_id=tags.id WHERE tags.id=?";
        $query = $this->executeQuery($sql_action,array($tag_id));
-        $tagstokeep = $query->fetchAll();
+        $tagstokeep = ($query) ? $query->fetchAll() : false;
        $sql_action = "SELECT tags.* FROM tags LEFT JOIN tags_entries ON tags_entries.tag_id=tags.id WHERE tags.id=?";
        $query = $this->executeQuery($sql_action,array($tag_id));
-        $alltags = $query->fetchAll();
+        $alltags = ($query) ? $query->fetchAll() : false;
-        
-        foreach ($alltags as $tag) {
+        if ($tagstokeep && $alltags) {
-            if ($tag && !in_array($tag,$tagstokeep)) {
+            foreach ($alltags as $tag) {
-                $sql_action = "DELETE FROM tags WHERE id=?";
+                if ($tag && !in_array($tag,$tagstokeep)) {
-                $params_action = array($tag[0]);
+                    $sql_action = "DELETE FROM tags WHERE id=?";
-                $this->executeQuery($sql_action, $params_action);
+                    $params_action = array($tag[0]);
-                return true;
+                    $this->executeQuery($sql_action, $params_action);
+                    return true;
+                }
            }
+        } else {
+            return false;
        }
-        
    }
    public function retrieveTagByValue($value)
    {
-        $tag  = NULL;
        $sql    = "SELECT * FROM tags WHERE value=?";
        $params = array($value);
        $query  = $this->executeQuery($sql, $params);
-        $tag  = $query->fetchAll();
+        $tag  = ($query) ? $query->fetchAll() : false;
-        return isset($tag[0]) ? $tag[0] : null;
+        return ($query) ? $tag[0] : false;
    }
    public function createTag($value)
@@ -640,7 +646,7 @@ class Database {
        $sql_action = 'INSERT INTO tags ( value ) VALUES (?)';
        $params_action = array($value);
        $query = $this->executeQuery($sql_action, $params_action);
-        return $query;
+        return ($query) ? $query : false;
    }
    public function setTagToEntry($tag_id, $entry_id)
@@ -648,7 +654,7 @@ class Database {
        $sql_action = 'INSERT INTO tags_entries ( tag_id, entry_id ) VALUES (?, ?)';
        $params_action = array($tag_id, $entry_id);
        $query = $this->executeQuery($sql_action, $params_action);
-        return $query;
+        return ($query) ? $query : false;
    }
    private function getEntriesOrder()
diff --git a/inc/poche/Poche.class.php b/inc/poche/Poche.class.php
index e0c9abbb..15d83bfe 100755
--- a/inc/poche/Poche.class.php
+++ b/inc/poche/Poche.class.php
@@ -599,7 +599,7 @@ class Poche
                $count = $this->store->getEntriesByViewCount($view, $this->user->getId(), $id);
-                if ($count > 0) {
+                if ($count && $count > 0) {
                    $this->pagination->set_total($count);
                    $page_links = str_replace(array('previous', 'next'), array(_('previous'), _('next')),
                        $this->pagination->page_links('?view=' . $view . '&sort=' . $_SESSION['sort'] . (($id)?'&id='.$id:'') . '&' ));
@@ -903,14 +903,18 @@ class Poche
     */
    public function export()
    {
-      $filename = "wallabag-export-".$this->user->getId()."-".date("Y-m-d").".json";
+        $filename = "wallabag-export-".$this->user->getId()."-".date("Y-m-d").".json";
-      header('Content-Disposition: attachment; filename='.$filename);
+        header('Content-Disposition: attachment; filename='.$filename);
-      $entries = $this->store->retrieveAllWithTags($this->user->getId());
+        $entries = $this->store->retrieveAllWithTags($this->user->getId());
-      echo $this->tpl->render('export.twig', array(
+        if ($entries) {
-          'export' => Tools::renderJson($entries),
+            echo $this->tpl->render('export.twig', array(
-      ));
+            'export' => Tools::renderJson($entries),
-      Tools::logm('export view');
+            ));
+            Tools::logm('export view');
+        } else {
+            Tools::logm('error accessing database while exporting');
+        }
    }
    /**
@@ -986,7 +990,7 @@ class Poche
        if (0 == $limit) {
            $limit = count($entries);
        }
-        if (count($entries) > 0) {
+        if ($entries && count($entries) > 0) {
            for ($i = 0; $i < min(count($entries), $limit); $i++) {
                $entry = $entries[$i];
                $newItem = $feed->createNewItem();
@@ -998,7 +1002,10 @@ class Poche
                $feed->addItem($newItem);
            }
        }
+        else 
+            {
+                Tools::logm("database error while generating feeds");
+            }
        $feed->genarateFeed();
        exit;
    }
author	Thomas Citharel <tcit@tcit.fr>	2015-07-17 22:54:57 +0200
committer	Thomas Citharel <tcit@tcit.fr>	2015-07-17 22:54:57 +0200
commit	4a746679c899e44c214605561db2aeb5001f07cd (patch)
tree	4d03c5e5e45464ba0770f307f6d0de72636c4e0f
parent	7473f0cc4ab15ef8ff28169c5dec44b53131b1c3 (diff)
download	wallabag-4a746679c899e44c214605561db2aeb5001f07cd.tar.gz wallabag-4a746679c899e44c214605561db2aeb5001f07cd.tar.zst wallabag-4a746679c899e44c214605561db2aeb5001f07cd.zip

diff --git a/inc/poche/Database.class.php b/inc/poche/Database.class.php index 7be7a394..28d4a232 100755 --- a/inc/poche/Database.class.php +++ b/inc/poche/Database.class.php
@@ -156,11 +156,14 @@ class Database {
156	{	156	{
157	$sql = "SELECT * FROM users_config WHERE user_id = ?";	157	$sql = "SELECT * FROM users_config WHERE user_id = ?";
158	$query = $this->executeQuery($sql, array($id));	158	$query = $this->executeQuery($sql, array($id));
159	$result = $query->fetchAll();	159	$result = ($query) ? $query->fetchAll() : false;
160	$user_config = array();	160	$user_config = false;
		161	if ($query) {
		162	$user_config = array();
161		163
162	foreach ($result as $key => $value) {	164	foreach ($result as $key => $value) {
163	$user_config[$value['name']] = $value['value'];	165	$user_config[$value['name']] = $value['value'];
		166	}
164	}	167	}
165		168
166	return $user_config;	169	return $user_config;
@@ -171,11 +174,7 @@ class Database {
171	$sql = "SELECT * FROM users WHERE username=?";	174	$sql = "SELECT * FROM users WHERE username=?";
172	$query = $this->executeQuery($sql, array($username));	175	$query = $this->executeQuery($sql, array($username));
173	$login = $query->fetchAll();	176	$login = $query->fetchAll();
174	if (isset($login[0])) {	177	return (isset($login[0]) && $query) ? true : false;
175	return true;
176	} else {
177	return false;
178	}
179	}	178	}
180		179
181	public function login($username, $password, $isauthenticated = FALSE)	180	public function login($username, $password, $isauthenticated = FALSE)
@@ -187,10 +186,10 @@ class Database {
187	$sql = "SELECT * FROM users WHERE username=? AND password=?";	186	$sql = "SELECT * FROM users WHERE username=? AND password=?";
188	$query = $this->executeQuery($sql, array($username, $password));	187	$query = $this->executeQuery($sql, array($username, $password));
189	}	188	}
190	$login = $query->fetchAll();	189	$login = ($query) ? $query->fetchAll() : false;
191		190
192	$user = array();	191	$user = array();
193	if (isset($login[0])) {	192	if ($login[0]) {
194	$user['id'] = $login[0]['id'];	193	$user['id'] = $login[0]['id'];
195	$user['username'] = $login[0]['username'];	194	$user['username'] = $login[0]['username'];
196	$user['password'] = $login[0]['password'];	195	$user['password'] = $login[0]['password'];
@@ -243,7 +242,7 @@ class Database {
243	{	242	{
244	$sql = 'SELECT count(*) FROM users'.( $username ? ' WHERE username=?' : '');	243	$sql = 'SELECT count(*) FROM users'.( $username ? ' WHERE username=?' : '');
245	$query = $this->executeQuery($sql, ( $username ? array($username) : array()));	244	$query = $this->executeQuery($sql, ( $username ? array($username) : array()));
246	list($count) = $query->fetch();	245	list($count) = ($query) ? $query->fetch() : false;
247	return $count;	246	return $count;
248	}	247	}
249		248
@@ -252,7 +251,7 @@ class Database {
252	$sql = "SELECT * FROM users WHERE id=?";	251	$sql = "SELECT * FROM users WHERE id=?";
253	$query = $this->executeQuery($sql, array($userID));	252	$query = $this->executeQuery($sql, array($userID));
254	$password = $query->fetchAll();	253	$password = $query->fetchAll();
255	return isset($password[0]['password']) ? $password[0]['password'] : null;	254	return ($query) ? $password[0]['password'] : false;
256	}	255	}
257		256
258	public function deleteUserConfig($userID)	257	public function deleteUserConfig($userID)
@@ -260,18 +259,22 @@ class Database {
260	$sql_action = 'DELETE from users_config WHERE user_id=?';	259	$sql_action = 'DELETE from users_config WHERE user_id=?';
261	$params_action = array($userID);	260	$params_action = array($userID);
262	$query = $this->executeQuery($sql_action, $params_action);	261	$query = $this->executeQuery($sql_action, $params_action);
263	return $query;	262	return ($query) ? $query : false;
264	}	263	}
265		264
266	public function deleteTagsEntriesAndEntries($userID)	265	public function deleteTagsEntriesAndEntries($userID)
267	{	266	{
268	$entries = $this->retrieveAll($userID);	267	$entries = $this->retrieveAll($userID);
269	foreach($entries as $entryid) {	268	if ($entries) {
270	$tags = $this->retrieveTagsByEntry($entryid);	269	foreach($entries as $entryid) {
271	foreach($tags as $tag) {	270	$tags = $this->retrieveTagsByEntry($entryid);
272	$this->removeTagForEntry($entryid,$tags);	271	foreach($tags as $tag) {
		272	$this->removeTagForEntry($entryid,$tags);
		273	}
		274	$this->deleteById($entryid,$userID);
273	}	275	}
274	$this->deleteById($entryid,$userID);	276	} else {
		277	return false;
275	}	278	}
276	}	279	}
277		280
@@ -302,7 +305,7 @@ class Database {
302	$query = $this->executeQuery($sql, array($user_id));	305	$query = $this->executeQuery($sql, array($user_id));
303	$entries = $query->fetchAll();	306	$entries = $query->fetchAll();
304		307
305	return $entries;	308	return ($query) ? $entries : false;
306	}	309	}
307		310
308	public function retrieveUnfetchedEntriesCount($user_id)	311	public function retrieveUnfetchedEntriesCount($user_id)
@@ -320,44 +323,44 @@ class Database {
320	$query = $this->executeQuery($sql, array($user_id));	323	$query = $this->executeQuery($sql, array($user_id));
321	$entries = $query->fetchAll();	324	$entries = $query->fetchAll();
322		325
323	return $entries;	326	return ($query) ? $entries : false;
324	}	327	}
325		328
326	public function retrieveAllWithTags($user_id)	329	public function retrieveAllWithTags($user_id)
327	{	330	{
328	$entries = $this->retrieveAll($user_id);	331	$entries = $this->retrieveAll($user_id);
329	$count = count($entries);	332	if ($entries) {
330	for ($i = 0; $i < $count; $i++) {	333	$count = count($entries);
331	$tag_entries = $this->retrieveTagsByEntry($entries[$i]['id']);	334	for ($i = 0; $i < $count; $i++) {
332	$tags = [];	335	$tag_entries = $this->retrieveTagsByEntry($entries[$i]['id']);
333	foreach ($tag_entries as $tag) {	336	$tags = [];
334	$tags[] = $tag[1];	337	foreach ($tag_entries as $tag) {
335	}	338	$tags[] = $tag[1];
336	$entries[$i]['tags'] = implode(',', $tags);	339	}
		340	$entries[$i]['tags'] = implode(',', $tags);
		341	}
337	}	342	}
338	return $entries;	343	return $entries;
339	}	344	}
340		345
341	public function retrieveOneById($id, $user_id)	346	public function retrieveOneById($id, $user_id)
342	{	347	{
343	$entry = NULL;
344	$sql = "SELECT * FROM entries WHERE id=? AND user_id=?";	348	$sql = "SELECT * FROM entries WHERE id=? AND user_id=?";
345	$params = array(intval($id), $user_id);	349	$params = array(intval($id), $user_id);
346	$query = $this->executeQuery($sql, $params);	350	$query = $this->executeQuery($sql, $params);
347	$entry = $query->fetchAll();	351	$entry = $query->fetchAll();
348		352
349	return isset($entry[0]) ? $entry[0] : null;	353	return ($query) ? $entry[0] : false;
350	}	354	}
351		355
352	public function retrieveOneByURL($url, $user_id)	356	public function retrieveOneByURL($url, $user_id)
353	{	357	{
354	$entry = NULL;
355	$sql = "SELECT * FROM entries WHERE url=? AND user_id=?";	358	$sql = "SELECT * FROM entries WHERE url=? AND user_id=?";
356	$params = array($url, $user_id);	359	$params = array($url, $user_id);
357	$query = $this->executeQuery($sql, $params);	360	$query = $this->executeQuery($sql, $params);
358	$entry = $query->fetchAll();	361	$entry = $query->fetchAll();
359		362
360	return isset($entry[0]) ? $entry[0] : null;	363	return ($query) ? $entry[0] : false;
361	}	364	}
362		365
363	public function reassignTags($old_entry_id, $new_entry_id)	366	public function reassignTags($old_entry_id, $new_entry_id)
@@ -395,7 +398,8 @@ class Database {
395	$query = $this->executeQuery($sql, $params);	398	$query = $this->executeQuery($sql, $params);
396	$entries = $query->fetchAll();	399	$entries = $query->fetchAll();
397		400
398	return $entries;	401	return ($query) ? $entries : false;
		402
399	}	403	}
400		404
401	public function getEntriesByViewCount($view, $user_id, $tag_id = 0)	405	public function getEntriesByViewCount($view, $user_id, $tag_id = 0)
@@ -422,7 +426,7 @@ class Database {
422	}	426	}
423		427
424	$query = $this->executeQuery($sql, $params);	428	$query = $this->executeQuery($sql, $params);
425	list($count) = $query->fetch();	429	list($count) = ($query) ? $query->fetch() : array(false);
426		430
427	return $count;	431	return $count;
428	}	432	}
@@ -445,7 +449,7 @@ class Database {
445	$query = $this->executeQuery($sql, $params);	449	$query = $this->executeQuery($sql, $params);
446	$id = $query->fetchAll();	450	$id = $query->fetchAll();
447		451
448	return $id;	452	return ($query) ? $id : false;
449	}	453	}
450		454
451	public function getPreviousArticle($id, $user_id)	455	public function getPreviousArticle($id, $user_id)
@@ -454,7 +458,7 @@ class Database {
454	$params = array($id, $user_id);	458	$params = array($id, $user_id);
455	$query = $this->executeQuery($sql, $params);	459	$query = $this->executeQuery($sql, $params);
456	$id_entry = $query->fetchAll();	460	$id_entry = $query->fetchAll();
457	$id = $id_entry[0][0];	461	$id = ($query) ? $id_entry[0][0] : false;
458	return $id;	462	return $id;
459	}	463	}
460		464
@@ -464,7 +468,7 @@ class Database {
464	$params = array($id, $user_id);	468	$params = array($id, $user_id);
465	$query = $this->executeQuery($sql, $params);	469	$query = $this->executeQuery($sql, $params);
466	$id_entry = $query->fetchAll();	470	$id_entry = $query->fetchAll();
467	$id = $id_entry[0][0];	471	$id = ($query) ? $id_entry[0][0] : false;
468	return $id;	472	return $id;
469	}	473	}
470		474
@@ -540,7 +544,7 @@ class Database {
540	$sql_action .= $this->getEntriesOrder().' ' . $limit;	544	$sql_action .= $this->getEntriesOrder().' ' . $limit;
541	$params_action = array($user_id, $search, $search, $search);	545	$params_action = array($user_id, $search, $search, $search);
542	$query = $this->executeQuery($sql_action, $params_action);	546	$query = $this->executeQuery($sql_action, $params_action);
543	return $query->fetchAll();	547	return ($query) ? $query->fetchAll() : false;
544	}	548	}
545		549
546	public function retrieveAllTags($user_id, $term = NULL)	550	public function retrieveAllTags($user_id, $term = NULL)
@@ -553,23 +557,23 @@ class Database {
553	GROUP BY tags.id, tags.value	557	GROUP BY tags.id, tags.value
554	ORDER BY tags.value";	558	ORDER BY tags.value";
555	$query = $this->executeQuery($sql, (($term)? array($user_id, strtolower('%'.$term.'%')) : array($user_id) ));	559	$query = $this->executeQuery($sql, (($term)? array($user_id, strtolower('%'.$term.'%')) : array($user_id) ));
556	$tags = $query->fetchAll();	560	$tags = ($query) ? $query->fetchAll() : false;
557		561
558	return $tags;	562	return $tags;
559	}	563	}
560		564
561	public function retrieveTag($id, $user_id)	565	public function retrieveTag($id, $user_id)
562	{	566	{
563	$tag = NULL;
564	$sql = "SELECT DISTINCT tags.* FROM tags	567	$sql = "SELECT DISTINCT tags.* FROM tags
565	LEFT JOIN tags_entries ON tags_entries.tag_id=tags.id	568	LEFT JOIN tags_entries ON tags_entries.tag_id=tags.id
566	LEFT JOIN entries ON tags_entries.entry_id=entries.id	569	LEFT JOIN entries ON tags_entries.entry_id=entries.id
567	WHERE tags.id=? AND entries.user_id=?";	570	WHERE tags.id=? AND entries.user_id=?";
568	$params = array(intval($id), $user_id);	571	$params = array(intval($id), $user_id);
569	$query = $this->executeQuery($sql, $params);	572	$query = $this->executeQuery($sql, $params);
570	$tag = $query->fetchAll();	573	$tags = ($query) ? $query->fetchAll() : false;
		574	$tag = ($query) ? $tags[0] : false;
571		575
572	return isset($tag[0]) ? $tag[0] : NULL;	576	return $tag[0];
573	}	577	}
574		578
575	public function retrieveEntriesByTag($tag_id, $user_id)	579	public function retrieveEntriesByTag($tag_id, $user_id)
@@ -579,7 +583,7 @@ class Database {
579	LEFT JOIN tags_entries ON tags_entries.entry_id=entries.id	583	LEFT JOIN tags_entries ON tags_entries.entry_id=entries.id
580	WHERE tags_entries.tag_id = ? AND entries.user_id=? ORDER by entries.id DESC";	584	WHERE tags_entries.tag_id = ? AND entries.user_id=? ORDER by entries.id DESC";
581	$query = $this->executeQuery($sql, array($tag_id, $user_id));	585	$query = $this->executeQuery($sql, array($tag_id, $user_id));
582	$entries = $query->fetchAll();	586	$entries = ($query) ? $query->fetchAll() : false;
583		587
584	return $entries;	588	return $entries;
585	}	589	}
@@ -591,7 +595,7 @@ class Database {
591	LEFT JOIN tags_entries ON tags_entries.tag_id=tags.id	595	LEFT JOIN tags_entries ON tags_entries.tag_id=tags.id
592	WHERE tags_entries.entry_id = ?";	596	WHERE tags_entries.entry_id = ?";
593	$query = $this->executeQuery($sql, array($entry_id));	597	$query = $this->executeQuery($sql, array($entry_id));
594	$tags = $query->fetchAll();	598	$tags = ($query) ? $query->fetchAll() : false;
595		599
596	return $tags;	600	return $tags;
597	}	601	}
@@ -601,38 +605,40 @@ class Database {
601	$sql_action = "DELETE FROM tags_entries WHERE tag_id=? AND entry_id=?";	605	$sql_action = "DELETE FROM tags_entries WHERE tag_id=? AND entry_id=?";
602	$params_action = array($tag_id, $entry_id);	606	$params_action = array($tag_id, $entry_id);
603	$query = $this->executeQuery($sql_action, $params_action);	607	$query = $this->executeQuery($sql_action, $params_action);
604	return $query;	608	return ($query) ? $query : false;
605	}	609	}
606		610
607	public function cleanUnusedTag($tag_id)	611	public function cleanUnusedTag($tag_id)
608	{	612	{
609	$sql_action = "SELECT tags.* FROM tags JOIN tags_entries ON tags_entries.tag_id=tags.id WHERE tags.id=?";	613	$sql_action = "SELECT tags.* FROM tags JOIN tags_entries ON tags_entries.tag_id=tags.id WHERE tags.id=?";
610	$query = $this->executeQuery($sql_action,array($tag_id));	614	$query = $this->executeQuery($sql_action,array($tag_id));
611	$tagstokeep = $query->fetchAll();	615	$tagstokeep = ($query) ? $query->fetchAll() : false;
612	$sql_action = "SELECT tags.* FROM tags LEFT JOIN tags_entries ON tags_entries.tag_id=tags.id WHERE tags.id=?";	616	$sql_action = "SELECT tags.* FROM tags LEFT JOIN tags_entries ON tags_entries.tag_id=tags.id WHERE tags.id=?";
613	$query = $this->executeQuery($sql_action,array($tag_id));	617	$query = $this->executeQuery($sql_action,array($tag_id));
614	$alltags = $query->fetchAll();	618	$alltags = ($query) ? $query->fetchAll() : false;
615		619
616	foreach ($alltags as $tag) {	620	if ($tagstokeep && $alltags) {
617	if ($tag && !in_array($tag,$tagstokeep)) {	621	foreach ($alltags as $tag) {
618	$sql_action = "DELETE FROM tags WHERE id=?";	622	if ($tag && !in_array($tag,$tagstokeep)) {
619	$params_action = array($tag[0]);	623	$sql_action = "DELETE FROM tags WHERE id=?";
620	$this->executeQuery($sql_action, $params_action);	624	$params_action = array($tag[0]);
621	return true;	625	$this->executeQuery($sql_action, $params_action);
		626	return true;
		627	}
622	}	628	}
		629	} else {
		630	return false;
623	}	631	}
624
625	}	632	}
626		633
627	public function retrieveTagByValue($value)	634	public function retrieveTagByValue($value)
628	{	635	{
629	$tag = NULL;
630	$sql = "SELECT * FROM tags WHERE value=?";	636	$sql = "SELECT * FROM tags WHERE value=?";
631	$params = array($value);	637	$params = array($value);
632	$query = $this->executeQuery($sql, $params);	638	$query = $this->executeQuery($sql, $params);
633	$tag = $query->fetchAll();	639	$tag = ($query) ? $query->fetchAll() : false;
634		640
635	return isset($tag[0]) ? $tag[0] : null;	641	return ($query) ? $tag[0] : false;
636	}	642	}
637		643
638	public function createTag($value)	644	public function createTag($value)
@@ -640,7 +646,7 @@ class Database {
640	$sql_action = 'INSERT INTO tags ( value ) VALUES (?)';	646	$sql_action = 'INSERT INTO tags ( value ) VALUES (?)';
641	$params_action = array($value);	647	$params_action = array($value);
642	$query = $this->executeQuery($sql_action, $params_action);	648	$query = $this->executeQuery($sql_action, $params_action);
643	return $query;	649	return ($query) ? $query : false;
644	}	650	}
645		651
646	public function setTagToEntry($tag_id, $entry_id)	652	public function setTagToEntry($tag_id, $entry_id)
@@ -648,7 +654,7 @@ class Database {
648	$sql_action = 'INSERT INTO tags_entries ( tag_id, entry_id ) VALUES (?, ?)';	654	$sql_action = 'INSERT INTO tags_entries ( tag_id, entry_id ) VALUES (?, ?)';
649	$params_action = array($tag_id, $entry_id);	655	$params_action = array($tag_id, $entry_id);
650	$query = $this->executeQuery($sql_action, $params_action);	656	$query = $this->executeQuery($sql_action, $params_action);
651	return $query;	657	return ($query) ? $query : false;
652	}	658	}
653		659
654	private function getEntriesOrder()	660	private function getEntriesOrder()


diff --git a/inc/poche/Poche.class.php b/inc/poche/Poche.class.php index e0c9abbb..15d83bfe 100755 --- a/inc/poche/Poche.class.php +++ b/inc/poche/Poche.class.php
@@ -599,7 +599,7 @@ class Poche
599		599
600	$count = $this->store->getEntriesByViewCount($view, $this->user->getId(), $id);	600	$count = $this->store->getEntriesByViewCount($view, $this->user->getId(), $id);
601		601
602	if ($count > 0) {	602	if ($count && $count > 0) {
603	$this->pagination->set_total($count);	603	$this->pagination->set_total($count);
604	$page_links = str_replace(array('previous', 'next'), array(_('previous'), _('next')),	604	$page_links = str_replace(array('previous', 'next'), array(_('previous'), _('next')),
605	$this->pagination->page_links('?view=' . $view . '&sort=' . $_SESSION['sort'] . (($id)?'&id='.$id:'') . '&' ));	605	$this->pagination->page_links('?view=' . $view . '&sort=' . $_SESSION['sort'] . (($id)?'&id='.$id:'') . '&' ));
@@ -903,14 +903,18 @@ class Poche
903	*/	903	*/
904	public function export()	904	public function export()
905	{	905	{
906	$filename = "wallabag-export-".$this->user->getId()."-".date("Y-m-d").".json";	906	$filename = "wallabag-export-".$this->user->getId()."-".date("Y-m-d").".json";
907	header('Content-Disposition: attachment; filename='.$filename);	907	header('Content-Disposition: attachment; filename='.$filename);
908		908
909	$entries = $this->store->retrieveAllWithTags($this->user->getId());	909	$entries = $this->store->retrieveAllWithTags($this->user->getId());
910	echo $this->tpl->render('export.twig', array(	910	if ($entries) {
911	'export' => Tools::renderJson($entries),	911	echo $this->tpl->render('export.twig', array(
912	));	912	'export' => Tools::renderJson($entries),
913	Tools::logm('export view');	913	));
		914	Tools::logm('export view');
		915	} else {
		916	Tools::logm('error accessing database while exporting');
		917	}
914	}	918	}
915		919
916	/**	920	/**
@@ -986,7 +990,7 @@ class Poche
986	if (0 == $limit) {	990	if (0 == $limit) {
987	$limit = count($entries);	991	$limit = count($entries);
988	}	992	}
989	if (count($entries) > 0) {	993	if ($entries && count($entries) > 0) {
990	for ($i = 0; $i < min(count($entries), $limit); $i++) {	994	for ($i = 0; $i < min(count($entries), $limit); $i++) {
991	$entry = $entries[$i];	995	$entry = $entries[$i];
992	$newItem = $feed->createNewItem();	996	$newItem = $feed->createNewItem();
@@ -998,7 +1002,10 @@ class Poche
998	$feed->addItem($newItem);	1002	$feed->addItem($newItem);
999	}	1003	}
1000	}	1004	}
1001		1005	else
		1006	{
		1007	Tools::logm("database error while generating feeds");
		1008	}
1002	$feed->genarateFeed();	1009	$feed->genarateFeed();
1003	exit;	1010	exit;
1004	}	1011	}