Author: Nikita Popov (nikic)
Date: 2021-04-11T20:34:58+02:00
Commit:
https://github.com/php/web-master/commit/ae99d10d550a56b1e9cad977b57fdb02618a5061
Raw diff:
https://github.com/php/web-master/commit/ae99d10d550a56b1e9cad977b57fdb02618a5061.diff
Avoid repeating DB credentials
For the code using PDO rather than ext/mysql, add a common
method for creating a connection.
Changed paths:
A src/DB.php
M composer.json
M composer.lock
M public/entry/user-notes-vote.php
M public/fetch/allusers.php
M public/fetch/user-notes.php
M public/fetch/user-profile.php
M public/fetch/user.php
M public/github-webhook.php
M vendor/composer/InstalledVersions.php
M vendor/composer/installed.php
Diff:
diff --git a/composer.json b/composer.json
index e3f666f..c43cc3d 100644
--- a/composer.json
+++ b/composer.json
@@ -8,6 +8,9 @@
"homepage": "https://github.com/php/web-master";,
"require": {
"php": ">=8.0",
+ "ext-pdo": "*",
+ "ext-json": "*",
+ "ext-zlib": "*",
"michelf/php-markdown": "^1.9",
"phpmailer/phpmailer": "^6.4"
},
diff --git a/composer.lock b/composer.lock
index 4b87d40..15b97af 100644
--- a/composer.lock
+++ b/composer.lock
@@ -4,7 +4,7 @@
"Read more about it at
https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies";,
"This file is @generated automatically"
],
- "content-hash": "b4a4a4e6345d8c4cc0be432eb5bbc1bd",
+ "content-hash": "02178efeb7cd6e85f79a3ebf8975258e",
"packages": [
{
"name": "michelf/php-markdown",
@@ -143,7 +143,10 @@
"prefer-stable": false,
"prefer-lowest": false,
"platform": {
- "php": ">=8.0"
+ "php": ">=8.0",
+ "ext-pdo": "*",
+ "ext-json": "*",
+ "ext-zlib": "*"
},
"platform-dev": [],
"plugin-api-version": "2.0.0"
diff --git a/public/entry/user-notes-vote.php b/public/entry/user-notes-vote.php
index d6641a6..10b99f1 100644
--- a/public/entry/user-notes-vote.php
+++ b/public/entry/user-notes-vote.php
@@ -20,6 +20,10 @@
{ "status": false, "message": "Invalid request..." }
*/
+use App\DB;
+
+require __DIR__ . '/../../vendor/autoload.php';
+
// Validate that the request to vote on a user note is OK (ip limits, post
variables, and db info must pass validation)
function vote_validate_request(PDO $dbh) {
// Initialize local variables
@@ -151,7 +155,7 @@ function vote_validate_request(PDO $dbh) {
// Initialize global PDO database handle
try {
- $dbh = new PDO('mysql:host=localhost;dbname=phpmasterdb', 'nobody', '');
+ $dbh = DB::connect();
} catch(PDOException $e) {
$jsonResponse->message = "The server could not complete this request.
Please try again later...";
echo json_encode($jsonResponse);
diff --git a/public/fetch/allusers.php b/public/fetch/allusers.php
index 6f2b945..ba4090f 100644
--- a/public/fetch/allusers.php
+++ b/public/fetch/allusers.php
@@ -1,4 +1,9 @@
-<?php // vim: et ts=4 sw=4
+<?php
+
+use App\DB;
+
+require __DIR__ . '/../../vendor/autoload.php';
+
function error($text, $status)
{
switch((int)$status) {
@@ -21,7 +26,7 @@ function error($text, $status)
(!isset($_GET['token']) || md5($_GET['token']) !=
"d3fbcabfcf3648095037175fdeef322f") && error("token not correct.", 401);
-$pdo = new PDO("mysql:host=localhost;dbname=phpmasterdb", "nobody", "");
+$pdo = DB::connect();
$stmt = $pdo->prepare("SELECT name, username FROM users WHERE enable AND
cvsaccess");
if (!$stmt->execute()) {
diff --git a/public/fetch/user-notes.php b/public/fetch/user-notes.php
index cb87b1e..06c4eac 100644
--- a/public/fetch/user-notes.php
+++ b/public/fetch/user-notes.php
@@ -1,14 +1,16 @@
<?php
+use App\DB;
+
+require __DIR__ . '/../../vendor/autoload.php';
+
# token required, since this should only get accessed from rsync.php.net
if (!isset($_REQUEST['token']) || md5($_REQUEST['token']) !=
"19a3ec370affe2d899755f005e5cd90e")
die("token not correct.");
// Changed old mysql_* stuff to PDO
try {
- $dbh = new PDO('mysql:host=localhost;dbname=phpmasterdb', 'nobody', '');
- $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
- $dbh->setAttribute(PDO::ATTR_EMULATE_PREPARES, 0);
+ $dbh = DB::connect();
} catch (PDOException $e) {
// Old error handling was to simply exit. Do we want to log anything
here???
exit;
diff --git a/public/fetch/user-profile.php b/public/fetch/user-profile.php
index 15f1a38..a5ef9f2 100644
--- a/public/fetch/user-profile.php
+++ b/public/fetch/user-profile.php
@@ -1,4 +1,9 @@
-<?php // vim: et ts=4 sw=4
+<?php
+
+use App\DB;
+
+require __DIR__ . '/../../vendor/autoload.php';
+
function error($text, $status)
{
switch((int)$status) {
@@ -31,7 +36,7 @@ function render($result)
$USERNAME = filter_input(INPUT_GET, "username", FILTER_SANITIZE_STRING,
FILTER_FLAG_STRIP_HIGH);
-$pdo = new PDO("mysql:host=localhost;dbname=phpmasterdb", "nobody", "");
+$pdo = DB::connect();
$stmt = $pdo->prepare("
SELECT u.username, COALESCE(up.markdown, '') AS markdown, COALESCE(up.html,
'') AS html
diff --git a/public/fetch/user.php b/public/fetch/user.php
index 68ffbe9..2478954 100644
--- a/public/fetch/user.php
+++ b/public/fetch/user.php
@@ -1,4 +1,9 @@
-<?php // vim: et ts=4 sw=4
+<?php
+
+use App\DB;
+
+require __DIR__ . '/../../vendor/autoload.php';
+
function error($text, $status)
{
switch((int)$status) {
@@ -23,7 +28,7 @@ function error($text, $status)
$USERNAME = filter_input(INPUT_GET, "username", FILTER_SANITIZE_STRING,
FILTER_FLAG_STRIP_HIGH);
-$pdo = new PDO("mysql:host=localhost;dbname=phpmasterdb", "nobody", "");
+$pdo = DB::connect();
$stmt = $pdo->prepare("SELECT userid, name, email, username, spamprotect,
use_sa, greylist, enable FROM users WHERE username = ? AND cvsaccess LIMIT 1");
if (!$stmt->execute([$USERNAME])) {
diff --git a/public/github-webhook.php b/public/github-webhook.php
index 8f8f48e..af721e9 100644
--- a/public/github-webhook.php
+++ b/public/github-webhook.php
@@ -1,5 +1,7 @@
<?php
+use App\DB;
+
const DRY_RUN = false;
require __DIR__ . '/../vendor/autoload.php';
@@ -285,8 +287,7 @@ function handle_push_mail($payload) {
handle_ref_change_mail($mailingList, $payload);
}
- $dbh = new PDO('mysql:host=localhost;dbname=phpmasterdb', 'nobody', '');
- $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+ $dbh = DB::connect();
$pusherName = $payload->pusher->name;
foreach ($payload->commits as $commit) {
diff --git a/src/DB.php b/src/DB.php
new file mode 100644
index 0000000..db1f84f
--- /dev/null
+++ b/src/DB.php
@@ -0,0 +1,13 @@
+<?php
+
+namespace App;
+
+use PDO;
+
+final class DB extends PDO {
+ public static function connect() {
+ $dbh = new self('mysql:host=localhost;dbname=phpmasterdb', 'nobody',
'');
+ $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+ return $dbh;
+ }
+}
\ No newline at end of file
diff --git a/vendor/composer/InstalledVersions.php
b/vendor/composer/InstalledVersions.php
index 7937cdc..9cce95b 100644
--- a/vendor/composer/InstalledVersions.php
+++ b/vendor/composer/InstalledVersions.php
@@ -30,7 +30,7 @@ class InstalledVersions
'aliases' =>
array (
),
- 'reference' => '9117dcd75112492365254c93ea40f0137916a851',
+ 'reference' => '6d94ee66d392e36e925e984dc43058e71e86c8a4',
'name' => 'php/web-master',
),
'versions' =>
@@ -51,7 +51,7 @@ class InstalledVersions
'aliases' =>
array (
),
- 'reference' => '9117dcd75112492365254c93ea40f0137916a851',
+ 'reference' => '6d94ee66d392e36e925e984dc43058e71e86c8a4',
),
'phpmailer/phpmailer' =>
array (
diff --git a/vendor/composer/installed.php b/vendor/composer/installed.php
index f61dbad..a13c251 100644
--- a/vendor/composer/installed.php
+++ b/vendor/composer/installed.php
@@ -6,7 +6,7 @@
'aliases' =>
array (
),
- 'reference' => '9117dcd75112492365254c93ea40f0137916a851',
+ 'reference' => '6d94ee66d392e36e925e984dc43058e71e86c8a4',
'name' => 'php/web-master',
),
'versions' =>
@@ -27,7 +27,7 @@
'aliases' =>
array (
),
- 'reference' => '9117dcd75112492365254c93ea40f0137916a851',
+ 'reference' => '6d94ee66d392e36e925e984dc43058e71e86c8a4',
),
'phpmailer/phpmailer' =>
array (
--
PHP Webmaster List Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
