You are viewing a plain text version of this content. The canonical link for it is here.
Posted to log4php-dev@logging.apache.org by Christian Grobmeier <gr...@gmail.com> on 2009/05/19 06:51:05 UTC
Re: svn commit: r772512 - in /incubator/log4php/trunk/src:
main/php/LoggerManager.php main/php/appenders/LoggerAppenderPDO.php
test/php/appenders/LoggerAppenderPDOTest.php
Hi Christian,
> I've not read the code completely but shouldn't there be a quote() or
> something around the insert statement? Although this is just the
> template, the single quote indicate at least that $sth->quote() is
> not used.
i am not sure what you mean with the above?
> BTW, as you're aiming for speed, did you consider a PDO Prepared
> Statement?
you are right, a PS would fit better in most cases. If you have some
cycles, I would apply all patches you bring in :-)
Cheers,
Christian
>
> bye,
>
> -christian-
>
>
> Am Thu, 07 May 2009 06:29:31 -0000
> schrieb grobmeier@apache.org:
>
>> Author: grobmeier
>> Date: Thu May 7 06:29:28 2009
>> New Revision: 772512
> ...
>> + public function activateOptions() {
> ...
>> +
>> + if($this->sql == '' || $this->sql == null) {
>> + $this->sql = "INSERT INTO $this->table ( timestamp, " .
>> +
>> "logger,
>> " .
>> +
>> "level,
>> " .
>> +
>> "message,
>> " .
>> +
>> "thread,
>> " .
>> +
>> "file,
>> " .
>> +
>> "line" .
>> + ") VALUES
>> ('%d','%c','%p','%m','%t','%F','%L')";
>> + }
>> +
>
Re: svn commit: r772512 - in /incubator/log4php/trunk/src:
main/php/LoggerManager.php main/php/appenders/LoggerAppenderPDO.php
test/php/appenders/LoggerAppenderPDOTest.php
Posted by Christian Hammers <ch...@lathspell.de>.
On Tue, 19 May 2009 06:51:05 +0200
Christian Grobmeier <gr...@gmail.com> wrote:
> Hi Christian,
>
> > I've not read the code completely but shouldn't there be a quote() or
> > something around the insert statement? Although this is just the
> > template, the single quote indicate at least that $sth->quote() is
> > not used.
>
> i am not sure what you mean with the above?
I fear that if I log a message that contains a single quote the SQL
query you build will produce an SQL syntax error.
The quote() function (http://de2.php.net/manual/en/pdo.quote.php)
puts backslashes before every quote and then a pair of single quotes
around the result so you would have the diff:
- VALUES ('%d','%c','%p','%m','%t','%F','%L')";
+ VALUES (%d,%c,%p,%m,%t,%F,%L)";
> > BTW, as you're aiming for speed, did you consider a PDO Prepared
> > Statement?
>
> you are right, a PS would fit better in most cases. If you have some
> cycles, I would apply all patches you bring in :-)
Hm.. I try to find time but don't be too optimistic :)
bye,
-christian-
> Cheers,
> Christian
>
> >
> > bye,
> >
> > -christian-
> >
> >
> > Am Thu, 07 May 2009 06:29:31 -0000
> > schrieb grobmeier@apache.org:
> >
> >> Author: grobmeier
> >> Date: Thu May 7 06:29:28 2009
> >> New Revision: 772512
> > ...
> >> + public function activateOptions() {
> > ...
> >> +
> >> + if($this->sql == '' || $this->sql == null) {
> >> + $this->sql = "INSERT INTO $this->table ( timestamp, " .
> >> +
> >> "logger,
> >> " .
> >> +
> >> "level,
> >> " .
> >> +
> >> "message,
> >> " .
> >> +
> >> "thread,
> >> " .
> >> +
> >> "file,
> >> " .
> >> +
> >> "line" .
> >> + ") VALUES
> >> ('%d','%c','%p','%m','%t','%F','%L')";
> >> + }
> >> +
> >