Fix for PostgreSQL bytea write bug.

- This enables PDO to properly escape data sent to the bytea search_object field. - Includes test scenario to prevent regressions.

Fix for PostgreSQL bytea write bug.
- This enables PDO to properly escape data sent to the bytea search_object field. - Includes test scenario to prevent regressions.
4e9f061f · Demian Katz · f25177aa · 4e9f061f · 4e9f061f · 4e9f061f
Commit 4e9f061f authored 9 years ago by Demian Katz
--- a/module/VuFind/src/VuFind/Db/Table/Gateway.php
+++ b/module/VuFind/src/VuFind/Db/Table/Gateway.php
@@ -93,7 +93,9 @@ class Gateway extends AbstractTableGateway implements ServiceLocatorAwareInterfa
            $maps = isset($cfg['vufind']['pgsql_seq_mapping'])
                ? $cfg['vufind']['pgsql_seq_mapping'] : null;
            if (isset($maps[$this->table])) {
-                $this->featureSet = new Feature\FeatureSet();
+                if (!is_object($this->featureSet)) {
+                    $this->featureSet = new Feature\FeatureSet();
+                }
                $this->featureSet->addFeature(
                    new Feature\SequenceFeature(
                        $maps[$this->table][0], $maps[$this->table][1]

--- a/module/VuFind/src/VuFind/Db/Table/Search.php
+++ b/module/VuFind/src/VuFind/Db/Table/Search.php
@@ -27,6 +27,8 @@
 */
 namespace VuFind\Db\Table;
 use minSO;
+use Zend\Db\Adapter\ParameterContainer;
+use Zend\Db\TableGateway\Feature;
 /**
 * Table Definition for search
@@ -47,6 +49,53 @@ class Search extends Gateway
        parent::__construct('search', 'VuFind\Db\Row\Search');
    }
+    /**
+     * Initialize
+     *
+     * @return void
+     */
+    public function initialize()
+    {
+        if ($this->isInitialized) {
+            return;
+        }
+        // Special case for PostgreSQL inserts -- we need to provide an extra
+        // clue so that the database knows how to write bytea data correctly:
+        if ($this->adapter->getDriver()->getDatabasePlatformName() == "Postgresql") {
+            if (!is_object($this->featureSet)) {
+                $this->featureSet = new Feature\FeatureSet();
+            }
+            $eventFeature = new Feature\EventFeature();
+            $eventFeature->getEventManager()->attach(
+                Feature\EventFeature::EVENT_PRE_INSERT, [$this, 'onPreInsert']
+            );
+            $this->featureSet->addFeature($eventFeature);
+        }
+        parent::initialize();
+    }
+    /**
+     * Customize the Insert object to include extra metadata about the
+     * search_object field so that it will be written correctly. This is
+     * triggered only when we're interacting with PostgreSQL; MySQL works fine
+     * without the extra hint.
+     *
+     * @param object $event Event object
+     *
+     * @return void
+     */
+    public function onPreInsert($event)
+    {
+        $driver = $event->getTarget()->getAdapter()->getDriver();
+        $statement = $driver->createStatement();
+        $params = new ParameterContainer();
+        $params->offsetSetErrata('search_object', ParameterContainer::TYPE_LOB);
+        $statement->setParameterContainer($params);
+        $driver->registerStatementPrototype($statement);
+    }
    /**
     * Delete unsaved searches for a particular session.
     *

--- a/module/VuFind/tests/integration-tests/src/VuFindTest/Mink/SearchActionsTest.php
+++ b/module/VuFind/tests/integration-tests/src/VuFindTest/Mink/SearchActionsTest.php
@@ -109,12 +109,18 @@ class SearchActionsTest extends \VuFindTest\Unit\MinkTestCase
     */
    public function testSearchHistory()
    {
-        $page = $this->performSearch('foo');
+        // Use "foo \ bar" as our search because the backslash has been known
-        $page->findLink('Search History')->click();
+        // to cause problems in some situations (e.g. PostgreSQL database with
+        // incorrect escaping); this allows us to catch regressions for a few
+        // different problems in a single test.
+        $page = $this->performSearch('foo \ bar');
+        $this->findAndAssertLink($page, 'Search History')->click();
        $this->snooze();
-        // We should see our "foo" search in the history, but no saved
+        // We should see our "foo \ bar" search in the history, but no saved
        // searches because we are logged out:
-        $this->assertEquals('foo', $page->findLink('foo')->getText());
+        $this->assertEquals(
+            'foo \ bar', $this->findAndAssertLink($page, 'foo \ bar')->getText()
+        );
        $this->assertFalse(
            $this->hasElementsMatchingText($page, 'h2', 'Saved Searches')
        );
@@ -126,18 +132,24 @@ class SearchActionsTest extends \VuFindTest\Unit\MinkTestCase
        $this->snooze();
        $this->fillInLoginForm($page, 'username1', 'test');
        $this->submitLoginForm($page);
-        $this->assertEquals('foo', $page->findLink('foo')->getText());
+        $this->assertEquals(
+            'foo \ bar', $this->findAndAssertLink($page, 'foo \ bar')->getText()
+        );
        $this->assertTrue(
            $this->hasElementsMatchingText($page, 'h2', 'Saved Searches')
        );
-        $this->assertEquals('test', $page->findLink('test')->getText());
+        $this->assertEquals(
+            'test', $this->findAndAssertLink($page, 'test')->getText()
+        );
        // Now purge unsaved searches, confirm that unsaved search is gone
        // but saved search is still present:
-        $page->findLink('Purge unsaved searches')->click();
+        $this->findAndAssertLink($page, 'Purge unsaved searches')->click();
        $this->snooze();
-        $this->assertNull($page->findLink('foo'));
+        $this->assertNull($page->findLink('foo \ bar'));
-        $this->assertEquals('test', $page->findLink('test')->getText());
+        $this->assertEquals(
+            'test', $this->findAndAssertLink($page, 'test')->getText()
+        );
    }
    /**
@@ -155,8 +167,8 @@ class SearchActionsTest extends \VuFindTest\Unit\MinkTestCase
        $this->snooze();
        $this->fillInLoginForm($page, 'username1', 'test');
        $this->submitLoginForm($page);
-        $delete = $page->findLink('Delete')->getAttribute('href');
+        $delete = $this->findAndAssertLink($page, 'Delete')->getAttribute('href');
-        $page->findLink('Log Out')->click();
+        $this->findAndAssertLink($page, 'Log Out')->click();
        $this->snooze();
        // Use user A's delete link, but try to execute it as user B:
@@ -170,11 +182,11 @@ class SearchActionsTest extends \VuFindTest\Unit\MinkTestCase
        );
        $this->findCss($page, 'input.btn.btn-primary')->click();
        $this->snooze();
-        $page->findLink('Log Out')->click();
+        $this->findAndAssertLink($page, 'Log Out')->click();
        $this->snooze();
        // Go back in as user A -- see if the saved search still exists.
-        $page->findLink('Search History')->click();
+        $this->findAndAssertLink($page, 'Search History')->click();
        $this->snooze();
        $this->findCss($page, '#loginOptions a')->click();
        $this->snooze();
@@ -183,7 +195,9 @@ class SearchActionsTest extends \VuFindTest\Unit\MinkTestCase
        $this->assertTrue(
            $this->hasElementsMatchingText($page, 'h2', 'Saved Searches')
        );
-        $this->assertEquals('test', $page->findLink('test')->getText());
+        $this->assertEquals(
+            'test', $this->findAndAssertLink($page, 'test')->getText()
+        );
    }
    /**