Converted database updates to prepared statements (#38 #214 #196)

php/database/update_020100.php

@@ -6,32 +6,39 @@
 # @copyright	2014 by Tobias Reich
 ###
 
-if(!$database->query("SELECT `tags` FROM `lychee_photos` LIMIT 1;")) {
-	$result = $database->query("ALTER TABLE `lychee_photos` ADD `tags` VARCHAR( 1000 ) NULL DEFAULT ''");
+$query = Database::prepare($database, "SELECT `tags` FROM `?` LIMIT 1", [LYCHEE_TABLE_PHOTOS]);
+if(!$database->query($query)) {
+	$query = Database::prepare($database, "ALTER TABLE `?` ADD `tags` VARCHAR( 1000 ) NULL DEFAULT ''", [LYCHEE_TABLE_PHOTOS]);
+	$result = $database->query($query);
 	if (!$result) {
 		Log::error($database, 'update_020100', __LINE__, 'Could not update database (' . $database->error . ')');
 		return false;
 	}
 }
 
-$result = $database->query("SELECT `key` FROM `lychee_settings` WHERE `key` = 'dropboxKey' LIMIT 1;");
+$query	= Database::prepare($database, "SELECT `key` FROM `?` WHERE `key` = 'dropboxKey' LIMIT 1", [LYCHEE_TABLE_SETTINGS]);
+$result	= $database->query($query);
 if ($result->num_rows===0) {
-	$result = $database->query("INSERT INTO `lychee_settings` (`key`, `value`) VALUES ('dropboxKey', '')");
+	$query	= Database::prepare($database, "INSERT INTO `?` (`key`, `value`) VALUES ('dropboxKey', '')", [LYCHEE_TABLE_SETTINGS]);
+	$result	= $database->query($query);
 	if (!$result) {
 		Log::error($database, 'update_020100', __LINE__, 'Could not update database (' . $database->error . ')');
 		return false;
 	}
 }
 
-$result = $database->query("SELECT `key` FROM `lychee_settings` WHERE `key` = 'version' LIMIT 1;");
+$query	= Database::prepare($database, "SELECT `key` FROM `?` WHERE `key` = 'version' LIMIT 1", [LYCHEE_TABLE_SETTINGS]);
+$result	= $database->query($query);
 if ($result->num_rows===0) {
-	$result = $database->query("INSERT INTO `lychee_settings` (`key`, `value`) VALUES ('version', '020100')");
+	$query	= Database::prepare($database, "INSERT INTO `?` (`key`, `value`) VALUES ('version', '020100')", [LYCHEE_TABLE_SETTINGS]);
+	$result	= $database->query($query);
 	if (!$result) {
 		Log::error($database, 'update_020100', __LINE__, 'Could not update database (' . $database->error . ')');
 		return false;
 	}
 } else {
-	$result = $database->query("UPDATE lychee_settings SET value = '020100' WHERE `key` = 'version';");
+	$query	= Database::prepare($database, "UPDATE ? SET value = '020100' WHERE `key` = 'version'", [LYCHEE_TABLE_SETTINGS]);
+	$result	= $database->query($query);
 	if (!$result) {
 		Log::error($database, 'update_020100', __LINE__, 'Could not update database (' . $database->error . ')');
 		return false;

php/database/update_020101.php

@@ -6,13 +6,15 @@
 # @copyright	2014 by Tobias Reich
 ###
 
-$result = $database->query("ALTER TABLE `lychee_settings` CHANGE `value` `value` VARCHAR( 200 ) NULL DEFAULT ''");
+$query	= Database::prepare($database, "ALTER TABLE `?` CHANGE `value` `value` VARCHAR( 200 ) NULL DEFAULT ''", [LYCHEE_TABLE_SETTINGS]);
+$result	= $database->query($query);
 if (!$result) {
 	Log::error($database, 'update_020101', __LINE__, 'Could not update database (' . $database->error . ')');
 	return false;
 }
 
-$result = $database->query("UPDATE lychee_settings SET value = '020101' WHERE `key` = 'version';");
+$query	= Database::prepare($database, "UPDATE ? SET value = '020101' WHERE `key` = 'version'", [LYCHEE_TABLE_SETTINGS]);
+$result	= $database->query($query);
 if (!$result) {
 	Log::error($database, 'update_020101', __LINE__, 'Could not update database (' . $database->error . ')');
 	return false;

php/database/update_020200.php

@@ -6,15 +6,18 @@
 # @copyright	2014 by Tobias Reich
 ###
 
-if (!$database->query("SELECT `visible` FROM `lychee_albums` LIMIT 1;")) {
-	$result = $database->query("ALTER TABLE `lychee_albums` ADD `visible` TINYINT(1) NOT NULL DEFAULT 1");
+$query = Database::prepare($database, "SELECT `visible` FROM `?` LIMIT 1", [LYCHEE_TABLE_ALBUMS]);
+if (!$database->query($query)) {
+	$query	= Database::prepare($database, "ALTER TABLE `?` ADD `visible` TINYINT(1) NOT NULL DEFAULT 1", [LYCHEE_TABLE_ALBUMS]);
+	$result	= $database->query($query);
 	if (!$result) {
 		Log::error($database, 'update_020200', __LINE__, 'Could not update database (' . $database->error . ')');
 		return false;
 	}
 }
 
-$result = $database->query("UPDATE lychee_settings SET value = '020200' WHERE `key` = 'version';");
+$query	= Database::prepare($database, "UPDATE ? SET value = '020200' WHERE `key` = 'version'", [LYCHEE_TABLE_SETTINGS]);
+$result	= $database->query($query);
 if (!$result) {
 	Log::error($database, 'update_020200', __LINE__, 'Could not update database (' . $database->error . ')');
 	return false;

php/database/update_020500.php

@@ -7,9 +7,11 @@
 ###
 
 # Add `plugins`
-$result = $database->query("SELECT `key` FROM `lychee_settings` WHERE `key` = 'plugins' LIMIT 1;");
+$query	= Database::prepare($database, "SELECT `key` FROM `?` WHERE `key` = 'plugins' LIMIT 1", [LYCHEE_TABLE_SETTINGS]);
+$result	= $database->query($query);
 if ($result->num_rows===0) {
-	$result = $database->query("INSERT INTO `lychee_settings` (`key`, `value`) VALUES ('plugins', '')");
+	$query	= Database::prepare($database, "INSERT INTO `?` (`key`, `value`) VALUES ('plugins', '')", [LYCHEE_TABLE_SETTINGS]);
+	$result	= $database->query($query);
 	if (!$result) {
 		Log::error($database, 'update_020500', __LINE__, 'Could not update database (' . $database->error . ')');
 		return false;
@@ -17,8 +19,10 @@ if ($result->num_rows===0) {
 }
 
 # Add `takestamp`
-if (!$database->query("SELECT `takestamp` FROM `lychee_photos` LIMIT 1;")) {
-	$result = $database->query("ALTER TABLE `lychee_photos` ADD `takestamp` INT(11) DEFAULT NULL");
+$query = Database::prepare($database, "SELECT `takestamp` FROM `?` LIMIT 1;", [LYCHEE_TABLE_PHOTOS]);
+if (!$database->query($query)) {
+	$query	= Database::prepare($database, "ALTER TABLE `?` ADD `takestamp` INT(11) DEFAULT NULL", [LYCHEE_TABLE_PHOTOS]);
+	$result = $database->query($query);
 	if (!$result) {
 		Log::error($database, 'update_020500', __LINE__, 'Could not update database (' . $database->error . ')');
 		return false;
@@ -26,34 +30,46 @@ if (!$database->query("SELECT `takestamp` FROM `lychee_photos` LIMIT 1;")) {
 }
 
 # Convert to `takestamp`
-if ($database->query("SELECT `takedate`, `taketime` FROM `lychee_photos` LIMIT 1;")) {
-	$result = $database->query("SELECT `id`, `takedate`, `taketime` FROM `lychee_photos` WHERE `takedate` <> '' AND `taketime` <> '';");
+$query = Database::prepare($database, "SELECT `takedate`, `taketime` FROM `?` LIMIT 1;", [LYCHEE_TABLE_PHOTOS]);
+if ($database->query($query)) {
+	$query	= Database::prepare($database, "SELECT `id`, `takedate`, `taketime` FROM `?` WHERE `takedate` <> '' AND `taketime` <> ''", [LYCHEE_TABLE_PHOTOS]);
+	$result	= $database->query($query);
 	if (!$result) {
 		Log::error($database, 'update_020500', __LINE__, 'Could not update database (' . $database->error . ')');
 		return false;
 	}
 	while ($photo = $result->fetch_object()) {
-		$takestamp = strtotime($photo->takedate . $photo->taketime);
-		$database->query("UPDATE `lychee_photos` SET `takestamp` = '$takestamp' WHERE `id` = '$photo->id';");
+		$takestamp	= strtotime($photo->takedate . $photo->taketime);
+		$query		= Database::prepare($database, "UPDATE `?` SET `takestamp` = '?' WHERE `id` = '?'", [LYCHEE_TABLE_PHOTOS, $takestamp, $photo->id]);
+		$database->query($query);
 	}
-	$result = $database->query("ALTER TABLE `lychee_photos` DROP COLUMN `takedate`;");
-	$result = $database->query("ALTER TABLE `lychee_photos` DROP COLUMN `taketime`;");
+	$query	= Database::prepare($database, "ALTER TABLE `?` DROP COLUMN `takedate`;", [LYCHEE_TABLE_PHOTOS]);
+	$result	= $database->query($query);
+	$query	= Database::prepare($database, "ALTER TABLE `?` DROP COLUMN `taketime`", [LYCHEE_TABLE_PHOTOS]);
+	$result	= $database->query($query);
 }
 
 # Remove `import_name`
-if ($database->query("SELECT `import_name` FROM `lychee_photos` LIMIT 1;")) {
-	$result = $database->query("ALTER TABLE `lychee_photos` DROP COLUMN `import_name`;");
+$query = Database::prepare($database, "SELECT `import_name` FROM `?` LIMIT 1", [LYCHEE_TABLE_PHOTOS]);
+if ($database->query($query)) {
+	$query	= Database::prepare($database, "ALTER TABLE `?` DROP COLUMN `import_name`", [LYCHEE_TABLE_PHOTOS]);
+	$result	= $database->query($query);
 }
 
 # Remove `sysdate` and `systime`
-if ($database->query("SELECT `sysdate`, `systime` FROM `lychee_photos` LIMIT 1;")) {
-	$result = $database->query("ALTER TABLE `lychee_photos` DROP COLUMN `sysdate`;");
-	$result = $database->query("ALTER TABLE `lychee_photos` DROP COLUMN `systime`;");
+$query = Database::prepare($database, "SELECT `sysdate`, `systime` FROM `?` LIMIT 1", [LYCHEE_TABLE_PHOTOS]);
+if ($database->query($query)) {
+	$query	= Database::prepare($database, "ALTER TABLE `?` DROP COLUMN `sysdate`", [LYCHEE_TABLE_PHOTOS]);
+	$result	= $database->query($query);
+	$query	= Database::prepare($database, "ALTER TABLE `?` DROP COLUMN `systime`", [LYCHEE_TABLE_PHOTOS]);
+	$result	= $database->query($query);
 }
 
 # Add `sysstamp`
-if (!$database->query("SELECT `sysstamp` FROM `lychee_albums` LIMIT 1;")) {
-	$result = $database->query("ALTER TABLE `lychee_albums` ADD `sysstamp` INT(11) DEFAULT NULL");
+$query = Database::prepare($database, "SELECT `sysstamp` FROM `?` LIMIT 1", [LYCHEE_TABLE_ALBUMS]);
+if (!$database->query($query)) {
+	$query	= Database::prepare($database, "ALTER TABLE `?` ADD `sysstamp` INT(11) DEFAULT NULL", [LYCHEE_TABLE_ALBUMS]);
+	$result	= $database->query($query);
 	if (!$result) {
 		Log::error($database, 'update_020500', __LINE__, 'Could not update database (' . $database->error . ')');
 		return false;
@@ -61,17 +77,21 @@ if (!$database->query("SELECT `sysstamp` FROM `lychee_albums` LIMIT 1;")) {
 }
 
 # Convert to `sysstamp`
-if ($database->query("SELECT `sysdate` FROM `lychee_albums` LIMIT 1;")) {
-	$result = $database->query("SELECT `id`, `sysdate` FROM `lychee_albums`;");
+$query = Database::prepare($database, "SELECT `sysdate` FROM `?` LIMIT 1", [LYCHEE_TABLE_ALBUMS]);
+if ($database->query($query)) {
+	$query	= Database::prepare($database, "SELECT `id`, `sysdate` FROM `?`", [LYCHEE_TABLE_ALBUMS]);
+	$result	= $database->query($query);
 	if (!$result) {
 		Log::error($database, 'update_020500', __LINE__, 'Could not update database (' . $database->error . ')');
 		return false;
 	}
 	while ($album = $result->fetch_object()) {
-		$sysstamp = strtotime($album->sysdate);
-		$database->query("UPDATE `lychee_albums` SET `sysstamp` = '$sysstamp' WHERE `id` = '$album->id';");
+		$sysstamp	= strtotime($album->sysdate);
+		$query		= Database::prepare($database, "UPDATE `?` SET `sysstamp` = '?' WHERE `id` = '?'", [LYCHEE_TABLE_ALBUMS, $sysstamp, $album->id]);
+		$database->query($query);
 	}
-	$result = $database->query("ALTER TABLE `lychee_albums` DROP COLUMN `sysdate`;");
+	$query	= Database::prepare($database, "ALTER TABLE `?` DROP COLUMN `sysdate`", [LYCHEE_TABLE_ALBUMS]);
+	$result	= $database->query($query);
 }
 
 # Set character of database
@@ -82,49 +102,56 @@ if (!$result) {
 }
 
 # Set character
-$result = $database->query("ALTER TABLE `lychee_albums` CONVERT TO CHARACTER SET utf8 COLLATE utf8_general_ci;");
+$query	= Database::prepare($database, "ALTER TABLE `?` CONVERT TO CHARACTER SET utf8 COLLATE utf8_general_ci", [LYCHEE_TABLE_ALBUMS]);
+$result	= $database->query($query);
 if (!$result) {
 	Log::error($database, 'update_020500', __LINE__, 'Could not update database (' . $database->error . ')');
 	return false;
 }
 
 # Set character
-$result = $database->query("ALTER TABLE `lychee_photos` CONVERT TO CHARACTER SET utf8 COLLATE utf8_general_ci;");
+$query	= Database::prepare($database, "ALTER TABLE `?` CONVERT TO CHARACTER SET utf8 COLLATE utf8_general_ci", [LYCHEE_TABLE_PHOTOS]);
+$result	= $database->query($query);
 if (!$result) {
 	Log::error($database, 'update_020500', __LINE__, 'Could not update database (' . $database->error . ')');
 	return false;
 }
 
 # Set character
-$result = $database->query("ALTER TABLE `lychee_settings` CONVERT TO CHARACTER SET utf8 COLLATE utf8_general_ci;");
+$query	= Database::prepare($database, "ALTER TABLE `?` CONVERT TO CHARACTER SET utf8 COLLATE utf8_general_ci", [LYCHEE_TABLE_SETTINGS]);
+$result	= $database->query($query);
 if (!$result) {
 	Log::error($database, 'update_020500', __LINE__, 'Could not update database (' . $database->error . ')');
 	return false;
 }
 
 # Set album password length to 100 (for longer hashes)
-$result = $database->query("ALTER TABLE `lychee_albums` CHANGE `password` `password` VARCHAR(100);");
+$query	= Database::prepare($database, "ALTER TABLE `?` CHANGE `password` `password` VARCHAR(100)", [LYCHEE_TABLE_ALBUMS]);
+$result	= $database->query($query);
 if (!$result) {
 	Log::error($database, 'update_020500', __LINE__, 'Could not update database (' . $database->error . ')');
 	return false;
 }
 
 # Set make length to 50
-$result = $database->query("ALTER TABLE `lychee_photos` CHANGE `make` `make` VARCHAR(50);");
+$query	= Database::prepare($database, "ALTER TABLE `?` CHANGE `make` `make` VARCHAR(50)", [LYCHEE_TABLE_PHOTOS]);
+$result	= $database->query($query);
 if (!$result) {
 	Log::error($database, 'update_020500', __LINE__, 'Could not update database (' . $database->error . ')');
 	return false;
 }
 
 # Reset sorting
-$result = $database->query("UPDATE lychee_settings SET value = 'ORDER BY takestamp DESC' WHERE `key` = 'sorting' AND `value` LIKE '%UNIX_TIMESTAMP%';");
+$query	= Database::prepare($database, "UPDATE ? SET value = 'ORDER BY takestamp DESC' WHERE `key` = 'sorting' AND `value` LIKE '%UNIX_TIMESTAMP%'", [LYCHEE_TABLE_SETTINGS]);
+$result	= $database->query($query);
 if (!$result) {
 	Log::error($database, 'update_020500', __LINE__, 'Could not update database (' . $database->error . ')');
 	return false;
 }
 
 # Set version
-$result = $database->query("UPDATE lychee_settings SET value = '020500' WHERE `key` = 'version';");
+$query	= Database::prepare($database, "UPDATE ? SET value = '020500' WHERE `key` = 'version'", [LYCHEE_TABLE_SETTINGS]);
+$result	= $database->query($query);
 if (!$result) {
 	Log::error($database, 'update_020500', __LINE__, 'Could not update database (' . $database->error . ')');
 	return false;

php/database/update_020505.php

@@ -7,8 +7,10 @@
 ###
 
 # Add `checksum`
-if (!$database->query("SELECT `checksum` FROM `lychee_photos` LIMIT 1;")) {
-	$result = $database->query("ALTER TABLE `lychee_photos` ADD `checksum` VARCHAR(100) DEFAULT NULL");
+$query = Database::prepare($database, "SELECT `checksum` FROM `?` LIMIT 1", [LYCHEE_TABLE_PHOTOS]);
+if (!$database->query($query)) {
+	$query	= Database::prepare($database, "ALTER TABLE `?` ADD `checksum` VARCHAR(100) DEFAULT NULL", [LYCHEE_TABLE_PHOTOS]);
+	$result	= $database->query($query);
 	if (!$result) {
 		Log::error($database, 'update_020505', __LINE__, 'Could not update database (' . $database->error . ')');
 		return false;
@@ -16,7 +18,8 @@ if (!$database->query("SELECT `checksum` FROM `lychee_photos` LIMIT 1;")) {
 }
 
 # Set version
-$result = $database->query("UPDATE lychee_settings SET value = '020505' WHERE `key` = 'version';");
+$query	= Database::prepare($database, "UPDATE ? SET value = '020505' WHERE `key` = 'version'", [LYCHEE_TABLE_SETTINGS]);
+$result	= $database->query($query);
 if (!$result) {
 	Log::error($database, 'update_020505', __LINE__, 'Could not update database (' . $database->error . ')');
 	return false;

php/database/update_020601.php

@@ -7,8 +7,10 @@
 ###
 
 # Add `downloadable`
-if (!$database->query("SELECT `downloadable` FROM `lychee_albums` LIMIT 1;")) {
-	$result = $database->query("ALTER TABLE `lychee_albums` ADD `downloadable` TINYINT(1) NOT NULL DEFAULT 1");
+$query = Database::prepare($database, "SELECT `downloadable` FROM `?` LIMIT 1", [LYCHEE_TABLE_ALBUMS]);
+if (!$database->query($query)) {
+	$query	= Database::prepare($database, "ALTER TABLE `?` ADD `downloadable` TINYINT(1) NOT NULL DEFAULT 1", [LYCHEE_TABLE_ALBUMS]);
+	$result	= $database->query($query);
 	if (!$result) {
 		Log::error($database, 'update_020601', __LINE__, 'Could not update database (' . $database->error . ')');
 		return false;
@@ -16,7 +18,8 @@ if (!$database->query("SELECT `downloadable` FROM `lychee_albums` LIMIT 1;")) {
 }
 
 # Set version
-$result = $database->query("UPDATE lychee_settings SET value = '020601' WHERE `key` = 'version';");
+$query	= Database::prepare($database, "UPDATE ? SET value = '020601' WHERE `key` = 'version'", [LYCHEE_TABLE_SETTINGS]);
+$result	= $database->query($query);
 if (!$result) {
 	Log::error($database, 'update_020601', __LINE__, 'Could not update database (' . $database->error . ')');
 	return false;

php/database/update_020602.php

@@ -7,7 +7,8 @@
 ###
 
 # Add a checksum
-$result = $database->query("SELECT `id`, `url` FROM `lychee_photos` WHERE `checksum` IS NULL;");
+$query	= Database::prepare($database, "SELECT `id`, `url` FROM `?` WHERE `checksum` IS NULL", [LYCHEE_TABLE_PHOTOS]);
+$result	= $database->query($query);
 if (!$result) {
 	Log::error($database, 'update_020602', __LINE__, 'Could not find photos without checksum (' . $database->error . ')');
 	return false;
@@ -15,7 +16,8 @@ if (!$result) {
 while ($photo = $result->fetch_object()) {
 	$checksum = sha1_file(LYCHEE_UPLOADS_BIG . $photo->url);
 	if ($checksum!==false) {
-		$setChecksum = $database->query("UPDATE `lychee_photos` SET `checksum` = '$checksum' WHERE `id` = '$photo->id';");
+		$query			= Database::prepare($database, "UPDATE `?` SET `checksum` = '?' WHERE `id` = '?'", [LYCHEE_TABLE_PHOTOS, $checksum, $photo->id]);
+		$setChecksum	= $database->query($query);
 		if (!$setChecksum) {
 			Log::error($database, 'update_020602', __LINE__, 'Could not update checksum (' . $database->error . ')');
 			return false;
@@ -27,7 +29,8 @@ while ($photo = $result->fetch_object()) {
 }
 
 # Set version
-$result = $database->query("UPDATE lychee_settings SET value = '020602' WHERE `key` = 'version';");
+$query	= Database::prepare($database, "UPDATE ? SET value = '020602' WHERE `key` = 'version'", [LYCHEE_TABLE_SETTINGS]);
+$result = $database->query($query);
 if (!$result) {
 	Log::error($database, 'update_020602', __LINE__, 'Could not update database (' . $database->error . ')');
 	return false;