diff -r -u -F '^function' cvslog/xcvs/xcvs-config.php cvslog_mod/xcvs/xcvs-config.php --- cvslog/xcvs/xcvs-config.php 2007-03-07 19:15:00.000000000 -0500 +++ cvslog_mod/xcvs/xcvs-config.php 2007-07-23 08:15:13.000000000 -0400 @@ -11,9 +11,6 @@ // Required customization // ------------------------------------------------------------ -// Drupal database URL -$xcvs['db_url'] = 'mysql://USERNAME:PASSWORD@HOSTNAME/DBNAME'; - // File location where to store temporary files. $xcvs["temp"] = "/tmp"; @@ -232,6 +229,12 @@ } include_once $xcvs_db; +// bootstrap Drupal so drupal functions can be used for database calls +// this may not be the best location to put this code +include_once './includes/bootstrap.inc'; +drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL); + + // Version of the xcvs-* scripts. Used in email headers, for example. // You should not edit this value. $xcvs['version'] = "2.1"; diff -r -u -F '^function' cvslog/xcvs/xcvs-db.php cvslog_mod/xcvs/xcvs-db.php --- cvslog/xcvs/xcvs-db.php 2007-07-13 02:24:51.000000000 -0400 +++ cvslog_mod/xcvs/xcvs-db.php 2007-07-23 08:32:24.000000000 -0400 @@ -12,32 +12,13 @@ */ /** - * Opens a MySQL connection with the right DB selected. All other - * methods in this file (except for xcvs_always_allow(), by design) - * require that this method has been called first. - */ -function xcvs_db_connect($xcvs) { - static $db_conn; - if (!isset($db_conn)) { - $url = parse_url($xcvs['db_url']); - // Allow for non-standard MySQL port. - if (isset($url['port'])) { - $url['host'] = $url['host'] .':'. $url['port']; - } - $db_conn = mysql_connect($url['host'], $url['user'], $url['pass']); - mysql_select_db(substr($url['path'], 1)); - } - return $db_conn; -} - -/** * Returns the numeric drupal uid for the given cvs username */ function xcvs_db_get_drupal_uid($user) { // See if there's an approved CVS account that matches this CVS username. - $result = mysql_query("SELECT uid FROM cvs_accounts WHERE name = '". mysql_real_escape_string($user) ."' AND status = 1"); - if ($result && mysql_num_rows($result) > 0) { - $uid = mysql_result($result, 0); + $result = db_query("SELECT uid FROM {cvs_accounts} WHERE name = '%s'", $user); + if ($result && db_num_rows($result) > 0) { + $uid = db_result($result, 0); } else { $uid = 0; @@ -46,17 +27,6 @@ function xcvs_db_get_drupal_uid($user) { } /** - * Return a new unique ID in the given sequence. - */ -function xcvs_next_id($name) { - mysql_query('LOCK TABLES sequences WRITE'); - $id = mysql_result(mysql_query("SELECT id FROM sequences WHERE name = '". mysql_real_escape_string($name). "'"),0) + 1; - mysql_query("REPLACE INTO sequences VALUES ('". mysql_real_escape_string($name). "',$id)"); - mysql_query('UNLOCK TABLES'); - return $id; -} - -/** * Determines the numeric drupal node id (nid) for the project a given * file belongs to. */ @@ -73,9 +43,9 @@ function xcvs_db_get_drupal_project_nid( while (count($parts) > 1) { $project_dir = '/'. implode('/', $parts) . '/'; array_pop($parts); - $project = mysql_query("SELECT n.nid FROM cvs_projects cp INNER JOIN node n ON n.nid = cp.nid WHERE n.status = 1 AND cp.rid = ". $xcvs[cvs_repo_id] ." AND cp.directory = '". mysql_real_escape_string($project_dir) ."'"); - if ($project && mysql_num_rows($project) > 0) { - return $nids[$file] = mysql_result($project, 0); + $project = db_query("SELECT n.nid FROM {cvs_projects} cp INNER JOIN {node} n ON n.nid = cp.nid WHERE n.status = %d AND cp.rid = %d AND cp.directory = '%s'", 1, $xcvs['cvs_repo_id'], $project_dir); + if ($project && db_num_rows($project) > 0) { + return $nids[$file] = db_result($project, 0); } } // If we didn't find it already, cache the answer as not-found @@ -99,7 +69,6 @@ function xcvs_db_get_drupal_project_nid( * 0 on success, exit() with non-zero on error. */ function xcvs_db_check_write_access($user, $file, $op, $xcvs) { - xcvs_db_connect($xcvs); $result = _xcvs_db_check_write_access($user, $file, $op, $xcvs); if ($result) { exit($result); @@ -158,8 +127,8 @@ function _xcvs_db_check_write_access($us * Determines if the user is the owner of the given project. */ function xcvs_db_is_owner($uid, $nid) { - $project = mysql_query("SELECT nid, uid FROM node WHERE nid = " . (int)$nid ." AND uid = " . (int)$uid); - if ($project && mysql_num_rows($project) > 0) { + $project = db_query("SELECT nid, uid FROM {node} WHERE nid = %d AND uid = %d", (int)$nid, (int)$uid); + if ($project && db_num_rows($project) > 0) { return TRUE; } return FALSE; @@ -169,8 +138,8 @@ function xcvs_db_is_owner($uid, $nid) { * Determines if the user is a CVS maintainer for the given project. */ function xcvs_db_is_maintainer($uid, $nid) { - $project = mysql_query("SELECT * FROM cvs_project_maintainers WHERE nid = " . (int)$nid ." AND uid = " . (int)$uid); - if ($project && mysql_num_rows($project) > 0) { + $project = db_query("SELECT * FROM {cvs_project_maintainers} WHERE nid = %d AND uid = %d", (int)$nid, (int)$uid); + if ($project && db_num_rows($project) > 0) { return TRUE; } return FALSE; @@ -186,12 +155,10 @@ function xcvs_db_is_cvs_superuser($uid) } function xcvs_db_check_release_tag($dir, $tag, $op, $xcvs) { - // Make sure we're connected, just to be safe. - xcvs_db_connect($xcvs); $project_nid = xcvs_db_get_drupal_project_nid($dir, $xcvs); - $query = mysql_query("SELECT nid FROM project_release_nodes WHERE pid = " . (int)$project_nid ." AND tag = '" . mysql_real_escape_string($tag) . "'"); - if ($query && mysql_num_rows($query) > 0) { - $release = mysql_fetch_object($query); + $query = db_query("SELECT nid FROM {project_release_nodes} WHERE pid = %d AND tag = '%s'", (int)$project_nid, $tag); + if ($query && db_num_rows($query) > 0) { + $release = db_fetch_object($query); print strtr($xcvs['release_tag_in_use_message'], array('%tag' => $tag, '%nid' => $release->nid)); exit(4); } diff -r -u -F '^function' cvslog/xcvs/xcvs-loginfo.php cvslog_mod/xcvs/xcvs-loginfo.php --- cvslog/xcvs/xcvs-loginfo.php 2007-07-17 15:47:04.000000000 -0400 +++ cvslog_mod/xcvs/xcvs-loginfo.php 2007-07-23 08:25:48.000000000 -0400 @@ -204,20 +204,18 @@ function xcvs_init($argc, $argv) { // Integrate with Drupal cvslog.module. if ($xcvs['cvslog'] && is_array($cvslog_files)) { - $connection = xcvs_db_connect($xcvs); + $cid = db_next_id('{cvs_messages}_cid'); - $cid = xcvs_next_id('cvs_messages_cid'); + $uid = db_result(db_query("SELECT uid FROM {cvs_accounts} WHERE name = '%s'", $user), 0); - $uid = mysql_result(mysql_query("SELECT uid FROM cvs_accounts WHERE name = '". mysql_escape_string($user) ."'"), 0); - - mysql_query("INSERT INTO cvs_messages (cid, rid, uid, created, user, message) VALUES ($cid, $xcvs[cvs_repo_id], $uid, ". time() .", '$user', '". mysql_escape_string($message) ."')"); + db_query("INSERT INTO {cvs_messages} (cid, rid, uid, created, user, message) VALUES (%d, %d, %d, %d, '%s', '%s')", $cid, $xcvs[cvs_repo_id], $uid, time(), $user, $message); foreach ($cvslog_files as $cvslog_file) { - $project = mysql_query("SELECT nid FROM cvs_projects WHERE rid = ". $xcvs[cvs_repo_id] ." AND '". mysql_escape_string($cvslog_file->file) ."' LIKE CONCAT(directory, '%')"); - if ($project && mysql_num_rows($project) > 0) $nid = mysql_result($project, 0); + $project = db_query("SELECT nid FROM {cvs_projects} WHERE rid = %d AND '%s' LIKE CONCAT(directory, '%')", $xcvs[cvs_repo_id], $cvslog_file->file); + if ($project && db_num_rows($project) > 0) $nid = db_result($project, 0); else $nid = 0; - mysql_query("INSERT INTO cvs_files (cid, rid, uid, nid, file, branch, revision, lines_added, lines_removed) VALUES ($cid, $xcvs[cvs_repo_id], $uid, $nid, '$cvslog_file->file', '$tag', '$cvslog_file->revision', $cvslog_file->lines_added, $cvslog_file->lines_removed)"); + db_query("INSERT INTO {cvs_files} (cid, rid, uid, nid, file, branch, revision, lines_added, lines_removed) VALUES (%d, %d, %d, %d, '%s', '%s', %d, %d, %d)", $cid, $xcvs[cvs_repo_id], $uid, $nid, $cvslog_file->file, $tag, $cvslog_file->revision, $cvslog_file->lines_added, $cvslog_file->lines_removed); if (!empty($tag)) { // Since people refuse to learn how to use "cvs tag -b" to @@ -226,14 +224,12 @@ function xcvs_init($argc, $argv) { // someone commits a file to a branch, we make sure // there's a valid entry in {cvs_tags} for that project + // branch, and if not, we add it here. - $db_tag = mysql_query("SELECT * from cvs_tags WHERE nid = $nid AND tag = '" . mysql_escape_string($tag) . "'"); - if (!($db_tag && mysql_num_rows($db_tag) > 0)) { - mysql_query("INSERT INTO cvs_tags (nid, branch, tag) VALUES ($nid, 1, '" . mysql_escape_string($tag) . "')"); + $db_tag = db_query("SELECT * from {cvs_tags} WHERE nid = %d AND tag = '%s'", $nid, $tag); + if (!($db_tag && db_num_rows($db_tag) > 0)) { + db_query("INSERT INTO {cvs_tags} (nid, branch, tag) VALUES (%d, %d, '%s')", $nid, 1, $tag); } } } - - mysql_close($connection); } // Clean up: diff -r -u -F '^function' cvslog/xcvs/xcvs-taginfo.php cvslog_mod/xcvs/xcvs-taginfo.php --- cvslog/xcvs/xcvs-taginfo.php 2007-07-17 15:47:04.000000000 -0400 +++ cvslog_mod/xcvs/xcvs-taginfo.php 2007-07-23 08:15:13.000000000 -0400 @@ -124,24 +124,21 @@ function xcvs_store_tag_in_db($dir, $tag // we're adding a branch, so that's all we check for here. $branch = $type == 'T' ? 1 : 0; - $connection = xcvs_db_connect($xcvs); - // Find the project nid that this directory belongs to $nid = xcvs_db_get_drupal_project_nid($dir, $xcvs); // Lock the affected tables so avoid clashes (transactions): - mysql_query('LOCK TABLES cvs_tags'); + db_query('LOCK TABLES {cvs_tags}'); if ($op == 'add') { - mysql_query("INSERT INTO cvs_tags (nid, tag, branch) VALUES ($nid, '" . mysql_escape_string($tag) . "', $branch)"); + db_query("INSERT INTO {cvs_tags} (nid, tag, branch) VALUES (%d, '%s', %d)", $nid, $tag, $branch); } else { - mysql_query("DELETE FROM cvs_tags WHERE nid=$nid AND tag='" . mysql_escape_string($tag) . "'"); + db_query("DELETE FROM {cvs_tags} WHERE nid=%d AND tag='%s'", $nid, $tag); } // Unlock the affected tables so avoid clashes (transactions): - mysql_query('UNLOCK TABLES'); - mysql_close($connection); + db_query('UNLOCK TABLES'); } function xcvs_init($argc, $argv) {