diff options
author | Benjamin Franzke <benjaminfranzke@googlemail.com> | 2013-01-26 10:44:24 +0100 |
---|---|---|
committer | Benjamin Franzke <benjaminfranzke@googlemail.com> | 2013-01-26 10:51:52 +0100 |
commit | f670f9aaa9e333b8d66309729bce7a8ff94f3960 (patch) | |
tree | 98497429322e36cd66a32815f0a946a7d021761b /sqlbox | |
parent | e0074fe42cd13abba6afeebf1236c7a4d2774839 (diff) | |
download | sqltutor-plugin-f670f9aaa9e333b8d66309729bce7a8ff94f3960.tar.gz sqltutor-plugin-f670f9aaa9e333b8d66309729bce7a8ff94f3960.tar.bz2 sqltutor-plugin-f670f9aaa9e333b8d66309729bce7a8ff94f3960.zip |
Put queries into a transaction and rollback after user query
So that users cannot change the database.
This has the disadvantage, that we cant have tests
where user has to insert stuff.
Diffstat (limited to 'sqlbox')
-rw-r--r-- | sqlbox/view.php | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/sqlbox/view.php b/sqlbox/view.php index 47a9de4..f215d7d 100644 --- a/sqlbox/view.php +++ b/sqlbox/view.php @@ -99,12 +99,18 @@ if (isset($data->sqlbox_query)) { print_error('dbconnectionfailed', 'sqlbox'); $table = db_table_from_query($db, $data->sqlbox_query); + $result = @pg_query($db, "BEGIN TRANSACTION;"); + if (!$result) + print_error('dmltransactionexception'); if (strlen($sqlbox->query) > 0) { $table_orig = db_table_from_query($db, $sqlbox->query); if ($table->data != $table_orig->data || $table->head != $table_orig->head) $correct = false; } + $result = @pg_query($db, "ROLLBACK TRANSACTION;"); + if (!$result) + print_error('dmltransactionexception'); pg_close($db); echo html_writer::table($table); |