aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLiam McLoughlin <hexxeh@hexxeh.net>2011-07-27 20:29:49 +0100
committerLiam McLoughlin <hexxeh@hexxeh.net>2011-07-27 20:29:49 +0100
commit5099c71493abe193f23b7f0a7381e539bc67bb33 (patch)
tree7628542c989bace2895427d34959b5f3fcbd2150 /web/testdrive.php
parentAdded disk size cap (diff)
downloadgentoaster-5099c71493abe193f23b7f0a7381e539bc67bb33.tar.gz
gentoaster-5099c71493abe193f23b7f0a7381e539bc67bb33.tar.bz2
gentoaster-5099c71493abe193f23b7f0a7381e539bc67bb33.zip
Moved to using mysqli and prepared statements
Diffstat (limited to 'web/testdrive.php')
-rw-r--r--web/testdrive.php39
1 files changed, 24 insertions, 15 deletions
diff --git a/web/testdrive.php b/web/testdrive.php
index 066dd4c..8f3c718 100644
--- a/web/testdrive.php
+++ b/web/testdrive.php
@@ -5,19 +5,24 @@
require_once "config.php";
- $buildID = $_GET["uuid"];
+ $buildID = filter_input(INPUT_GET, "uuid", FILTER_UNSAFE_RAW);
$buildresult = "Unknown!";
$inprogress = false;
- $db = mysql_connect(MYSQL_HOSTNAME, MYSQL_USERNAME, MYSQL_PASSWORD);
- if (!$db) {
- die("Could not connect to database ".mysql_error()."\n");
+ $db = new mysqli(MYSQL_HOSTNAME, MYSQL_USERNAME,
+ MYSQL_PASSWORD, MYSQL_DATABASE);
+ if (mysqli_connect_errno()) {
+ die("Could not connect to database ".mysqli_connect_error());
}
- mysql_select_db(MYSQL_DATABASE);
- $result = mysql_query("SELECT handle FROM builds WHERE id = '".mysql_real_escape_string($buildID)."'");
- if (mysql_num_rows($result) == 1) {
- $handles = mysql_fetch_array($result);
- $handle = $handles[0];
+
+ $stmt = $db->prepare("SELECT handle FROM builds WHERE id = ?");
+ $stmt->bind_param("s", $buildID);
+ $stmt->execute();
+
+ if ($stmt->num_rows == 1) {
+ $stmt->bind_result($handle);
+ $stmt->fetch();
+ $stmt->close();
$client = new GearmanClient();
$client->addServer();
@@ -25,12 +30,14 @@
if ($status[0]) {
header("Location: status.php?uuid=".$buildID);
} else {
- $cleanBuildID = mysql_real_escape_string($buildID);
- $query = "SELECT returncode, result FROM builds WHERE id = '".$cleanBuildID."'";
- $result = mysql_query();
- $jobres = mysql_fetch_array($result);
- if ($jobres[0] !== null) {
- if ($jobres[0] == 0) {
+ $stmt = $db->prepare("SELECT returncode, result FROM builds WHERE id = ?");
+ $stmt->bind_param("s", $buildID);
+ $stmt->execute();
+ $stmt->bind_result($returncode, $result);
+ $stmt->fetch();
+ $stmt->close();
+ if ($returncode !== null) {
+ if ($returncode == 0) {
// we're built, let's do this
$client = new GearmanClient();
$client->addServer();
@@ -44,9 +51,11 @@
}
}
} else {
+ $stmt->close();
die("Invalid handle hash");
}
+ $db->close();
?>
<html>
<head>