New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Handle race condition #244
Conversation
zen_db_input($val) . "')"; | ||
$result = $db->Execute($sql); | ||
} | ||
$sql = "insert ON DUPLICATE KEY UPDATE " . TABLE_SESSIONS . " (sesskey, expiry, value) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Although this probably works, the syntax does not match the MySQL documentation. To be on the safe side I would recommend changing the syntax to match. Perhaps something similar to the following?
$sql = "INSERT " . TABLE_SESSIONS . " (sesskey, expiry, value) VALUES (:sesskey, :expiry, :value) ON DUPLICATE KEY UPDATE sesskey=:sesskey, expiry=:expiry, value=:value"
$sql = $db->bindVars($sql, ':sesskey', $key, 'string');
$sql = $db->bindVars($sql, ':expiry', $expiry, 'integer');
$sql = $db->bindVars($sql, ':value', $val, 'string');
$result = $db->Execute($sql);
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
good point
👍 |
zen_db_input($val) . "')"; | ||
$result = $db->Execute($sql); | ||
} | ||
$sql = "insert into " . TABLE_SESSIONS . " (sesskey, expiry, `value`) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Note: the extra backticks around value
are simply to provide specificity since value
is a MySQL keyword too.
👍 |
1 similar comment
👍 |
Note: additional code change in #245 |
Rewrite some core queries to handle race conditions more effectively