/***************************************************************************
- * Copyright (C) 2005-07 by the Quassel Project *
+ * Copyright (C) 2005-2014 by the Quassel Project *
* devel@quassel-irc.org *
* *
* This program is free software; you can redistribute it and/or modify *
* You should have received a copy of the GNU General Public License *
* along with this program; if not, write to the *
* Free Software Foundation, Inc., *
- * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. *
***************************************************************************/
#include "postgresqlstorage.h"
}
-void PostgreSqlStorage::initDbSession(QSqlDatabase &db)
+bool PostgreSqlStorage::initDbSession(QSqlDatabase &db)
{
- // this blows... but unfortunately Qt's PG driver forces us to this...
- db.exec("set standard_conforming_strings = off");
- db.exec("set escape_string_warning = off");
+ // check whether the Qt driver performs string escaping or not.
+ // i.e. test if it doubles slashes.
+ QSqlField testField;
+ testField.setType(QVariant::String);
+ testField.setValue("\\");
+ QString formattedString = db.driver()->formatValue(testField);
+ switch(formattedString.count('\\')) {
+ case 2:
+ // yes it does... and we cannot do anything to change the behavior of Qt.
+ // If this is a legacy DB (Postgres < 8.2), then everything is already ok,
+ // as this is the expected behavior.
+ // If it is a newer version, switch to legacy mode.
+
+ quWarning() << "Switching Postgres to legacy mode. (set standard conforming strings to off)";
+ // If the following calls fail, it is a legacy DB anyways, so it doesn't matter
+ // and no need to check the outcome.
+ db.exec("set standard_conforming_strings = off");
+ db.exec("set escape_string_warning = off");
+ break;
+ case 1:
+ // ok, so Qt does not escape...
+ // That means we have to ensure that postgres uses standard conforming strings...
+ {
+ QSqlQuery query = db.exec("set standard_conforming_strings = on");
+ if (query.lastError().isValid()) {
+ // We cannot enable standard conforming strings...
+ // since Quassel does no escaping by itself, this would yield a major vulnerability.
+ quError() << "Failed to enable standard_conforming_strings for the Postgres db!";
+ return false;
+ }
+ }
+ break;
+ default:
+ // The slash got replaced with 0 or more than 2 slashes! o_O
+ quError() << "Your version of Qt does something _VERY_ strange to slashes in QSqlQueries! You should consult your trusted doctor!";
+ return false;
+ break;
+ }
+ return true;
}
out << data;
QSqlDatabase db = logDb();
- QSqlQuery query(db);
- query.prepare(queryString("insert_user_setting"));
- query.bindValue(":userid", userId.toInt());
- query.bindValue(":settingname", settingName);
- query.bindValue(":settingvalue", rawData);
- safeExec(query);
+ QSqlQuery selectQuery(db);
+ selectQuery.prepare(queryString("select_user_setting"));
+ selectQuery.bindValue(":userid", userId.toInt());
+ selectQuery.bindValue(":settingname", settingName);
+ safeExec(selectQuery);
- if (query.lastError().isValid()) {
- QSqlQuery updateQuery(db);
- updateQuery.prepare(queryString("update_user_setting"));
- updateQuery.bindValue(":userid", userId.toInt());
- updateQuery.bindValue(":settingname", settingName);
- updateQuery.bindValue(":settingvalue", rawData);
- safeExec(updateQuery);
+ QString setQueryString;
+ if (!selectQuery.first()) {
+ setQueryString = queryString("insert_user_setting");
+ }
+ else {
+ setQueryString = queryString("update_user_setting");
}
+
+ QSqlQuery setQuery(db);
+ setQuery.prepare(setQueryString);
+ setQuery.bindValue(":userid", userId.toInt());
+ setQuery.bindValue(":settingname", settingName);
+ setQuery.bindValue(":settingvalue", rawData);
+ safeExec(setQuery);
}
net.networkId = networksQuery.value(0).toInt();
net.networkName = networksQuery.value(1).toString();
net.identity = networksQuery.value(2).toInt();
- net.codecForServer = networksQuery.value(3).toString().toAscii();
- net.codecForEncoding = networksQuery.value(4).toString().toAscii();
- net.codecForDecoding = networksQuery.value(5).toString().toAscii();
+ net.codecForServer = networksQuery.value(3).toString().toLatin1();
+ net.codecForEncoding = networksQuery.value(4).toString().toLatin1();
+ net.codecForDecoding = networksQuery.value(5).toString().toLatin1();
net.useRandomServer = networksQuery.value(6).toBool();
net.perform = networksQuery.value(7).toString().split("\n");
net.useAutoIdentify = networksQuery.value(8).toBool();
qCritical() << " bound Values:";
QList<QVariant> list = query.boundValues().values();
for (int i = 0; i < list.size(); ++i)
- qCritical() << i << ":" << list.at(i).toString().toAscii().data();
+ qCritical() << i << ":" << list.at(i).toString().toLatin1().data();
Q_ASSERT(false);
}
db.commit();
if (limit != -1)
params << limit;
else
- params << "ALL";
+ params << QVariant(QVariant::Int);
QSqlQuery query = executePreparedQuery(queryName, params, db);
// qDebug() << " bound Values:";
// QList<QVariant> list = query.boundValues().values();
// for (int i = 0; i < list.size(); ++i)
-// qCritical() << i << ": " << list.at(i).toString().toAscii().data();
+// qCritical() << i << ": " << list.at(i).toString().toLatin1().data();
// query.exec();