From 2c096ec03dad6526ffe492e4c9b4ac25edab7d83 Mon Sep 17 00:00:00 2001 From: Michael Beck Date: Mon, 12 Jan 2026 21:55:38 -0500 Subject: [PATCH 1/4] Improve installation --- htdocs/class/model/write.php | 11 ++++++++--- htdocs/modules/profile/include/install.php | 4 ++-- .../system/admin/modulesadmin/modulesadmin.php | 2 +- htdocs/xoops_lib/modules/protector/oninstall.php | 2 +- htdocs/xoops_lib/modules/protector/onuninstall.php | 2 +- htdocs/xoops_lib/modules/protector/xoops_version.php | 4 ++-- 6 files changed, 15 insertions(+), 10 deletions(-) diff --git a/htdocs/class/model/write.php b/htdocs/class/model/write.php index 8b306e782..57de85ed5 100644 --- a/htdocs/class/model/write.php +++ b/htdocs/class/model/write.php @@ -254,6 +254,7 @@ public function insert($object, $force = true) if ($object->isNew()) { $sql = 'INSERT INTO `' . $this->handler->table . '`'; + $queryFunc = 'exec'; if (!empty($object->cleanVars)) { $keys = array_keys($object->cleanVars); $vals = array_values($object->cleanVars); @@ -275,6 +276,7 @@ public function insert($object, $force = true) $keys[] = " `{$k}` = {$v}"; } $sql = 'UPDATE `' . $this->handler->table . '` SET ' . implode(',', $keys) . ' WHERE `' . $this->handler->keyName . '` = ' . $this->handler->db->quote($object->getVar($this->handler->keyName)); + $queryFunc = 'exec'; if (!$result = $this->handler->db->{$queryFunc}($sql)) { return false; } @@ -303,7 +305,8 @@ public function delete($object, $force = false) $whereclause = '`' . $this->handler->keyName . '` = ' . $this->handler->db->quote($object->getVar($this->handler->keyName)); } $sql = 'DELETE FROM `' . $this->handler->table . '` WHERE ' . $whereclause; - $queryFunc = empty($force) ? 'query' : 'exec'; +// $queryFunc = empty($force) ? 'query' : 'exec'; + $queryFunc = 'exec'; $result = $this->handler->db->{$queryFunc}($sql); return empty($result) ? false : true; @@ -329,7 +332,8 @@ public function deleteAll(?CriteriaElement $criteria = null, $force = true, $asO return $num; } - $queryFunc = empty($force) ? 'query' : 'exec'; +// $queryFunc = empty($force) ? 'query' : 'exec'; + $queryFunc = 'exec'; $sql = 'DELETE FROM ' . $this->handler->table; if (!empty($criteria)) { if (is_subclass_of($criteria, 'CriteriaElement')) { @@ -368,7 +372,8 @@ public function updateAll($fieldname, $fieldvalue, ?CriteriaElement $criteria = if (isset($criteria) && \method_exists($criteria, 'renderWhere')) { $sql .= ' ' . $criteria->renderWhere(); } - $queryFunc = empty($force) ? 'query' : 'exec'; +// $queryFunc = empty($force) ? 'query' : 'exec'; + $queryFunc = 'exec'; $result = $this->handler->db->{$queryFunc}($sql); return empty($result) ? false : true; diff --git a/htdocs/modules/profile/include/install.php b/htdocs/modules/profile/include/install.php index 7d6900b93..7026cd9ab 100644 --- a/htdocs/modules/profile/include/install.php +++ b/htdocs/modules/profile/include/install.php @@ -212,7 +212,7 @@ function profile_install_setPermissions($field_id, $module_id, $canedit, $visibl */ function profile_install_addCategory($name, $weight) { - $GLOBALS['xoopsDB']->query('INSERT INTO ' . $GLOBALS['xoopsDB']->prefix('profile_category') . ' VALUES (0, ' . $GLOBALS['xoopsDB']->quote($name) . ", '', {$weight})"); + $GLOBALS['xoopsDB']->exec('INSERT INTO ' . $GLOBALS['xoopsDB']->prefix('profile_category') . ' VALUES (0, ' . $GLOBALS['xoopsDB']->quote($name) . ", '', {$weight})"); } /** @@ -223,5 +223,5 @@ function profile_install_addCategory($name, $weight) */ function profile_install_addStep($name, $desc, $order, $save) { - $GLOBALS['xoopsDB']->query('INSERT INTO ' . $GLOBALS['xoopsDB']->prefix('profile_regstep') . ' VALUES (0, ' . $GLOBALS['xoopsDB']->quote($name) . ', ' . $GLOBALS['xoopsDB']->quote($desc) . ", {$order}, {$save})"); + $GLOBALS['xoopsDB']->exec('INSERT INTO ' . $GLOBALS['xoopsDB']->prefix('profile_regstep') . ' VALUES (0, ' . $GLOBALS['xoopsDB']->quote($name) . ', ' . $GLOBALS['xoopsDB']->quote($desc) . ", {$order}, {$save})"); } diff --git a/htdocs/modules/system/admin/modulesadmin/modulesadmin.php b/htdocs/modules/system/admin/modulesadmin/modulesadmin.php index 0ef2aa442..660f4ce6c 100644 --- a/htdocs/modules/system/admin/modulesadmin/modulesadmin.php +++ b/htdocs/modules/system/admin/modulesadmin/modulesadmin.php @@ -135,7 +135,7 @@ function xoops_module_install($dirname) // check if the table name is reserved if (!in_array($prefixed_query[4], $reservedTables)) { // not reserved, so try to create one - if (!$db->query($prefixed_query[0])) { + if (!$db->exec($prefixed_query[0])) { $errs[] = $db->error(); $error = true; break; diff --git a/htdocs/xoops_lib/modules/protector/oninstall.php b/htdocs/xoops_lib/modules/protector/oninstall.php index 136c85f01..8115fd5f7 100644 --- a/htdocs/xoops_lib/modules/protector/oninstall.php +++ b/htdocs/xoops_lib/modules/protector/oninstall.php @@ -61,7 +61,7 @@ function protector_oninstall_base($module, $mydirname) return false; } - if (!$db->query($prefixed_query[0])) { + if (!$db->exec($prefixed_query[0])) { $ret[] = '' . htmlspecialchars($db->error(), ENT_QUOTES | ENT_HTML5) . '
'; //var_dump( $db->error() ) ; diff --git a/htdocs/xoops_lib/modules/protector/onuninstall.php b/htdocs/xoops_lib/modules/protector/onuninstall.php index ac227344b..bb54b59d8 100644 --- a/htdocs/xoops_lib/modules/protector/onuninstall.php +++ b/htdocs/xoops_lib/modules/protector/onuninstall.php @@ -49,7 +49,7 @@ function protector_onuninstall_base($module, $mydirname) foreach ($sql_lines as $sql_line) { if (preg_match('/^CREATE TABLE \`?([a-zA-Z0-9_-]+)\`? /i', $sql_line, $regs)) { $sql = 'DROP TABLE ' . addslashes($prefix_mod . '_' . $regs[1]); - if (!$db->query($sql)) { + if (!$db->exec($sql)) { $ret[] = 'ERROR: Could not drop table ' . htmlspecialchars($prefix_mod . '_' . $regs[1], ENT_QUOTES | ENT_HTML5) . '.
'; } else { $ret[] = 'Table ' . htmlspecialchars($prefix_mod . '_' . $regs[1], ENT_QUOTES | ENT_HTML5) . ' dropped.
'; diff --git a/htdocs/xoops_lib/modules/protector/xoops_version.php b/htdocs/xoops_lib/modules/protector/xoops_version.php index f26109051..628de55c7 100644 --- a/htdocs/xoops_lib/modules/protector/xoops_version.php +++ b/htdocs/xoops_lib/modules/protector/xoops_version.php @@ -42,8 +42,8 @@ $modversion['release_date'] = '2019/02/18'; $modversion['module_website_url'] = 'https://xoops.org/'; $modversion['module_website_name'] = 'XOOPS'; -$modversion['min_php'] = '5.6.0'; -$modversion['min_xoops'] = '2.5.11'; +$modversion['min_php'] = '7.4'; +$modversion['min_xoops'] = '2.5.12'; // Any tables can't be touched by modulesadmin. $modversion['sqlfile'] = false; From e1e410d3cf23dd44b351d592961ba9f15dd536a6 Mon Sep 17 00:00:00 2001 From: Michael Beck Date: Mon, 12 Jan 2026 23:00:52 -0500 Subject: [PATCH 2/4] Increase primary key columns from smallint to int --- htdocs/install/sql/mysql.structure.sql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/install/sql/mysql.structure.sql b/htdocs/install/sql/mysql.structure.sql index 7c298dabb..39ca6f80d 100644 --- a/htdocs/install/sql/mysql.structure.sql +++ b/htdocs/install/sql/mysql.structure.sql @@ -157,7 +157,7 @@ CREATE TABLE xoopsnotifications ( # CREATE TABLE config ( - conf_id smallint(5) unsigned NOT NULL auto_increment, + conf_id int(10) unsigned NOT NULL auto_increment, conf_modid smallint(5) unsigned NOT NULL default '0', conf_catid smallint(5) unsigned NOT NULL default '0', conf_name varchar(25) NOT NULL default '', From 37741dce8d3fdc4bbc565be72e71a906f697925d Mon Sep 17 00:00:00 2001 From: Michael Beck Date: Mon, 9 Feb 2026 02:11:17 -0500 Subject: [PATCH 3/4] Clean up write model: remove dead code and $queryFunc indirection - Remove commented-out $force conditional lines (Copilot review feedback) - Eliminate $queryFunc variable; call ->exec() directly for all writes - Remove redundant $queryFunc reassignments in insert() method - Use '7.4.0' for min_php to match codebase three-component format Co-Authored-By: Claude Opus 4.6 --- htdocs/class/model/write.php | 24 ++++++------------- .../modules/protector/xoops_version.php | 2 +- 2 files changed, 8 insertions(+), 18 deletions(-) diff --git a/htdocs/class/model/write.php b/htdocs/class/model/write.php index 57de85ed5..8801cd97c 100644 --- a/htdocs/class/model/write.php +++ b/htdocs/class/model/write.php @@ -250,11 +250,8 @@ public function insert($object, $force = true) return $object->getVar($this->handler->keyName); } - $queryFunc = empty($force) ? 'query' : 'exec'; - if ($object->isNew()) { $sql = 'INSERT INTO `' . $this->handler->table . '`'; - $queryFunc = 'exec'; if (!empty($object->cleanVars)) { $keys = array_keys($object->cleanVars); $vals = array_values($object->cleanVars); @@ -264,7 +261,7 @@ public function insert($object, $force = true) return $object->getVar($this->handler->keyName); } - if (!$result = $this->handler->db->{$queryFunc}($sql)) { + if (!$result = $this->handler->db->exec($sql)) { return false; } if (!$object->getVar($this->handler->keyName) && $object_id = $this->handler->db->getInsertId()) { @@ -276,8 +273,7 @@ public function insert($object, $force = true) $keys[] = " `{$k}` = {$v}"; } $sql = 'UPDATE `' . $this->handler->table . '` SET ' . implode(',', $keys) . ' WHERE `' . $this->handler->keyName . '` = ' . $this->handler->db->quote($object->getVar($this->handler->keyName)); - $queryFunc = 'exec'; - if (!$result = $this->handler->db->{$queryFunc}($sql)) { + if (!$result = $this->handler->db->exec($sql)) { return false; } } @@ -304,10 +300,8 @@ public function delete($object, $force = false) } else { $whereclause = '`' . $this->handler->keyName . '` = ' . $this->handler->db->quote($object->getVar($this->handler->keyName)); } - $sql = 'DELETE FROM `' . $this->handler->table . '` WHERE ' . $whereclause; -// $queryFunc = empty($force) ? 'query' : 'exec'; - $queryFunc = 'exec'; - $result = $this->handler->db->{$queryFunc}($sql); + $sql = 'DELETE FROM `' . $this->handler->table . '` WHERE ' . $whereclause; + $result = $this->handler->db->exec($sql); return empty($result) ? false : true; } @@ -332,9 +326,7 @@ public function deleteAll(?CriteriaElement $criteria = null, $force = true, $asO return $num; } -// $queryFunc = empty($force) ? 'query' : 'exec'; - $queryFunc = 'exec'; - $sql = 'DELETE FROM ' . $this->handler->table; + $sql = 'DELETE FROM ' . $this->handler->table; if (!empty($criteria)) { if (is_subclass_of($criteria, 'CriteriaElement')) { $sql .= ' ' . $criteria->renderWhere(); @@ -342,7 +334,7 @@ public function deleteAll(?CriteriaElement $criteria = null, $force = true, $asO return false; } } - if (!$this->handler->db->{$queryFunc}($sql)) { + if (!$this->handler->db->exec($sql)) { return false; } @@ -372,9 +364,7 @@ public function updateAll($fieldname, $fieldvalue, ?CriteriaElement $criteria = if (isset($criteria) && \method_exists($criteria, 'renderWhere')) { $sql .= ' ' . $criteria->renderWhere(); } -// $queryFunc = empty($force) ? 'query' : 'exec'; - $queryFunc = 'exec'; - $result = $this->handler->db->{$queryFunc}($sql); + $result = $this->handler->db->exec($sql); return empty($result) ? false : true; } diff --git a/htdocs/xoops_lib/modules/protector/xoops_version.php b/htdocs/xoops_lib/modules/protector/xoops_version.php index 628de55c7..87b26089b 100644 --- a/htdocs/xoops_lib/modules/protector/xoops_version.php +++ b/htdocs/xoops_lib/modules/protector/xoops_version.php @@ -42,7 +42,7 @@ $modversion['release_date'] = '2019/02/18'; $modversion['module_website_url'] = 'https://xoops.org/'; $modversion['module_website_name'] = 'XOOPS'; -$modversion['min_php'] = '7.4'; +$modversion['min_php'] = '7.4.0'; $modversion['min_xoops'] = '2.5.12'; // Any tables can't be touched by modulesadmin. From 85f34993b542f3d299de37cb07ea18e57d054eb0 Mon Sep 17 00:00:00 2001 From: Michael Beck Date: Mon, 9 Feb 2026 02:22:07 -0500 Subject: [PATCH 4/4] Address CodeRabbit review: fix column type mismatch and unused vars MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - configoption.conf_id: smallint(5) → int(10) unsigned to match config.conf_id, preventing data integrity issues past 65535 rows - write.php insert(): remove unused $result assignment from exec() calls (INSERT and UPDATE branches) — value was only checked in the if-condition, never used afterward Co-Authored-By: Claude Opus 4.6 --- htdocs/class/model/write.php | 4 ++-- htdocs/install/sql/mysql.structure.sql | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/class/model/write.php b/htdocs/class/model/write.php index 8801cd97c..18adf3fe8 100644 --- a/htdocs/class/model/write.php +++ b/htdocs/class/model/write.php @@ -261,7 +261,7 @@ public function insert($object, $force = true) return $object->getVar($this->handler->keyName); } - if (!$result = $this->handler->db->exec($sql)) { + if (!$this->handler->db->exec($sql)) { return false; } if (!$object->getVar($this->handler->keyName) && $object_id = $this->handler->db->getInsertId()) { @@ -273,7 +273,7 @@ public function insert($object, $force = true) $keys[] = " `{$k}` = {$v}"; } $sql = 'UPDATE `' . $this->handler->table . '` SET ' . implode(',', $keys) . ' WHERE `' . $this->handler->keyName . '` = ' . $this->handler->db->quote($object->getVar($this->handler->keyName)); - if (!$result = $this->handler->db->exec($sql)) { + if (!$this->handler->db->exec($sql)) { return false; } } diff --git a/htdocs/install/sql/mysql.structure.sql b/htdocs/install/sql/mysql.structure.sql index 39ca6f80d..b17bd2b8c 100644 --- a/htdocs/install/sql/mysql.structure.sql +++ b/htdocs/install/sql/mysql.structure.sql @@ -193,7 +193,7 @@ CREATE TABLE configoption ( confop_id mediumint(8) unsigned NOT NULL auto_increment, confop_name varchar(255) NOT NULL default '', confop_value varchar(255) NOT NULL default '', - conf_id smallint(5) unsigned NOT NULL default '0', + conf_id int(10) unsigned NOT NULL default '0', PRIMARY KEY (confop_id), KEY conf_id (conf_id) ) ENGINE=MyISAM;