void V8SQLResultSetRowList::itemMethodCustom(const v8::FunctionCallbackInfo<v8::Value>& info)
{
ExceptionState exceptionState(ExceptionState::ExecutionContext, "item", "SQLResultSetRowList", info.Holder(), info.GetIsolate());
if (!info.Length()) {
exceptionState.throwDOMException(SyntaxError, ExceptionMessages::notEnoughArguments(1, 0));
exceptionState.throwIfNeeded();
return;
}
if (!info[0]->IsNumber()) {
exceptionState.throwTypeError("The index provided is not a number.");
exceptionState.throwIfNeeded();
return;
}
SQLResultSetRowList* rowList = V8SQLResultSetRowList::toNative(info.Holder());
unsigned long index = info[0]->IntegerValue();
if (index >= rowList->length()) {
exceptionState.throwDOMException(IndexSizeError, ExceptionMessages::indexExceedsMaximumBound<unsigned>("index", index, rowList->length()));
exceptionState.throwIfNeeded();
return;
}
v8::Local<v8::Object> item = v8::Object::New(info.GetIsolate());
unsigned numColumns = rowList->columnNames().size();
unsigned valuesIndex = index * numColumns;
for (unsigned i = 0; i < numColumns; ++i) {
const SQLValue& sqlValue = rowList->values()[valuesIndex + i];
v8::Handle<v8::Value> value;
switch(sqlValue.type()) {
case SQLValue::StringValue:
value = v8String(info.GetIsolate(), sqlValue.string());
break;
case SQLValue::NullValue:
value = v8::Null(info.GetIsolate());
break;
case SQLValue::NumberValue:
value = v8::Number::New(info.GetIsolate(), sqlValue.number());
break;
default:
ASSERT_NOT_REACHED();
}
item->Set(v8String(info.GetIsolate(), rowList->columnNames()[i]), value, static_cast<v8::PropertyAttribute>(v8::DontDelete | v8::ReadOnly));
}
v8SetReturnValue(info, item);
}
v8::Handle<v8::Value> V8SQLResultSetRowList::itemCallback(const v8::Arguments& args)
{
INC_STATS("DOM.SQLResultSetRowList.item()");
if (args.Length() == 0) {
V8Proxy::throwError(V8Proxy::SyntaxError, "Item index is required.");
return v8::Undefined();
}
if (!args[0]->IsNumber()) {
V8Proxy::throwError(V8Proxy::TypeError, "Item index must be a number.");
return v8::Undefined();
}
SQLResultSetRowList* rowList = V8SQLResultSetRowList::toNative(args.Holder());
unsigned long index = args[0]->IntegerValue();
if (index >= rowList->length()) {
V8Proxy::throwError(V8Proxy::RangeError, "Item index is out of range.");
return v8::Undefined();
}
v8::Local<v8::Object> item = v8::Object::New();
unsigned numColumns = rowList->columnNames().size();
unsigned valuesIndex = index * numColumns;
for (unsigned i = 0; i < numColumns; ++i) {
const SQLValue& sqlValue = rowList->values()[valuesIndex + i];
v8::Handle<v8::Value> value;
switch(sqlValue.type()) {
case SQLValue::StringValue:
value = v8String(sqlValue.string());
break;
case SQLValue::NullValue:
value = v8::Null();
break;
case SQLValue::NumberValue:
value = v8::Number::New(sqlValue.number());
break;
default:
ASSERT_NOT_REACHED();
}
item->Set(v8String(rowList->columnNames()[i]), value, static_cast<v8::PropertyAttribute>(v8::DontDelete|v8::ReadOnly));
}
return item;
}
void V8SQLResultSetRowList::itemMethodCustom(const v8::FunctionCallbackInfo<v8::Value>& args)
{
if (!args.Length()) {
throwError(v8SyntaxError, "Item index is required.", args.GetIsolate());
return;
}
if (!args[0]->IsNumber()) {
throwTypeError("Item index must be a number.", args.GetIsolate());
return;
}
SQLResultSetRowList* rowList = V8SQLResultSetRowList::toNative(args.Holder());
unsigned long index = args[0]->IntegerValue();
if (index >= rowList->length()) {
throwError(v8RangeError, "Item index is out of range.", args.GetIsolate());
return;
}
v8::Local<v8::Object> item = v8::Object::New();
unsigned numColumns = rowList->columnNames().size();
unsigned valuesIndex = index * numColumns;
for (unsigned i = 0; i < numColumns; ++i) {
const SQLValue& sqlValue = rowList->values()[valuesIndex + i];
v8::Handle<v8::Value> value;
switch(sqlValue.type()) {
case SQLValue::StringValue:
value = v8String(sqlValue.string(), args.GetIsolate());
break;
case SQLValue::NullValue:
value = v8::Null(args.GetIsolate());
break;
case SQLValue::NumberValue:
value = v8::Number::New(args.GetIsolate(), sqlValue.number());
break;
default:
ASSERT_NOT_REACHED();
}
item->Set(v8String(rowList->columnNames()[i], args.GetIsolate()), value, static_cast<v8::PropertyAttribute>(v8::DontDelete | v8::ReadOnly));
}
v8SetReturnValue(args, item);
}
bool SQLStatementBackend::execute(DatabaseBackend* db)
{
ASSERT(!m_resultSet->isValid());
// If we're re-running this statement after a quota violation, we need to clear that error now
clearFailureDueToQuota();
// This transaction might have been marked bad while it was being set up on the main thread,
// so if there is still an error, return false.
if (m_error)
return false;
db->setAuthorizerPermissions(m_permissions);
SQLiteDatabase* database = &db->sqliteDatabase();
SQLiteStatement statement(*database, m_statement);
int result = statement.prepare();
if (result != SQLResultOk) {
WTF_LOG(StorageAPI, "Unable to verify correctness of statement %s - error %i (%s)", m_statement.ascii().data(), result, database->lastErrorMsg());
if (result == SQLResultInterrupt)
m_error = SQLErrorData::create(SQLError::DATABASE_ERR, "could not prepare statement", result, "interrupted");
else
m_error = SQLErrorData::create(SQLError::SYNTAX_ERR, "could not prepare statement", result, database->lastErrorMsg());
db->reportExecuteStatementResult(1, m_error->code(), result);
return false;
}
// FIXME: If the statement uses the ?### syntax supported by sqlite, the bind parameter count is very likely off from the number of question marks.
// If this is the case, they might be trying to do something fishy or malicious
if (statement.bindParameterCount() != m_arguments.size()) {
WTF_LOG(StorageAPI, "Bind parameter count doesn't match number of question marks");
m_error = SQLErrorData::create(db->isInterrupted() ? SQLError::DATABASE_ERR : SQLError::SYNTAX_ERR, "number of '?'s in statement string does not match argument count");
db->reportExecuteStatementResult(2, m_error->code(), 0);
return false;
}
for (unsigned i = 0; i < m_arguments.size(); ++i) {
result = statement.bindValue(i + 1, m_arguments[i]);
if (result == SQLResultFull) {
setFailureDueToQuota(db);
return false;
}
if (result != SQLResultOk) {
WTF_LOG(StorageAPI, "Failed to bind value index %i to statement for query '%s'", i + 1, m_statement.ascii().data());
db->reportExecuteStatementResult(3, SQLError::DATABASE_ERR, result);
m_error = SQLErrorData::create(SQLError::DATABASE_ERR, "could not bind value", result, database->lastErrorMsg());
return false;
}
}
// Step so we can fetch the column names.
result = statement.step();
if (result == SQLResultRow) {
int columnCount = statement.columnCount();
SQLResultSetRowList* rows = m_resultSet->rows();
for (int i = 0; i < columnCount; i++)
rows->addColumn(statement.getColumnName(i));
do {
for (int i = 0; i < columnCount; i++)
rows->addResult(statement.getColumnValue(i));
result = statement.step();
} while (result == SQLResultRow);
if (result != SQLResultDone) {
db->reportExecuteStatementResult(4, SQLError::DATABASE_ERR, result);
m_error = SQLErrorData::create(SQLError::DATABASE_ERR, "could not iterate results", result, database->lastErrorMsg());
return false;
}
} else if (result == SQLResultDone) {
// Didn't find anything, or was an insert
if (db->lastActionWasInsert())
m_resultSet->setInsertId(database->lastInsertRowID());
} else if (result == SQLResultFull) {
// Return the Quota error - the delegate will be asked for more space and this statement might be re-run
setFailureDueToQuota(db);
return false;
} else if (result == SQLResultConstraint) {
db->reportExecuteStatementResult(6, SQLError::CONSTRAINT_ERR, result);
m_error = SQLErrorData::create(SQLError::CONSTRAINT_ERR, "could not execute statement due to a constaint failure", result, database->lastErrorMsg());
return false;
} else {
db->reportExecuteStatementResult(5, SQLError::DATABASE_ERR, result);
m_error = SQLErrorData::create(SQLError::DATABASE_ERR, "could not execute statement", result, database->lastErrorMsg());
return false;
}
// FIXME: If the spec allows triggers, and we want to be "accurate" in a different way, we'd use
// sqlite3_total_changes() here instead of sqlite3_changed, because that includes rows modified from within a trigger
// For now, this seems sufficient
m_resultSet->setRowsAffected(database->lastChanges());
db->reportExecuteStatementResult(0, -1, 0); // OK
return true;
}
PassRefPtrWillBeRawPtr<SQLResultSet> SQLStatementSync::execute(DatabaseSync* db, ExceptionState& exceptionState)
{
db->setAuthorizerPermissions(m_permissions);
SQLiteDatabase* database = &db->sqliteDatabase();
SQLiteStatement statement(*database, m_statement);
int result = statement.prepare();
if (result != SQLResultOk) {
if (result == SQLResultInterrupt)
exceptionState.throwDOMException(SQLDatabaseError, "Connection to the database interrupted.");
else
exceptionState.throwDOMException(SyntaxError, "Could not prepare statement.");
db->setLastErrorMessage("could not prepare statement", result, database->lastErrorMsg());
return nullptr;
}
if (statement.bindParameterCount() != m_arguments.size()) {
if (db->isInterrupted())
exceptionState.throwDOMException(SQLDatabaseError, "Connection to the database interrupted.");
else
exceptionState.throwDOMException(SyntaxError, "Number of '?'s in statement string (" + String::number(statement.bindParameterCount()) + ") does not match the arguments provided (" + String::number(m_arguments.size()) + ").");
db->setLastErrorMessage("number of '?'s in statement string does not match argument count");
return nullptr;
}
for (unsigned i = 0; i < m_arguments.size(); ++i) {
result = statement.bindValue(i + 1, m_arguments[i]);
if (result == SQLResultFull) {
exceptionState.throwDOMException(QuotaExceededError, SQLError::quotaExceededErrorMessage);
db->setLastErrorMessage("there was not enough remaining storage space");
return nullptr;
}
if (result != SQLResultOk) {
exceptionState.throwDOMException(SQLDatabaseError, "Could not bind value.");
db->setLastErrorMessage("could not bind value", result, database->lastErrorMsg());
return nullptr;
}
}
RefPtrWillBeRawPtr<SQLResultSet> resultSet = SQLResultSet::create();
// Step so we can fetch the column names.
result = statement.step();
if (result == SQLResultRow) {
int columnCount = statement.columnCount();
SQLResultSetRowList* rows = resultSet->rows();
for (int i = 0; i < columnCount; i++)
rows->addColumn(statement.getColumnName(i));
do {
for (int i = 0; i < columnCount; i++)
rows->addResult(statement.getColumnValue(i));
result = statement.step();
} while (result == SQLResultRow);
if (result != SQLResultDone) {
exceptionState.throwDOMException(SQLDatabaseError, "Could not iterate results.");
db->setLastErrorMessage("could not iterate results", result, database->lastErrorMsg());
return nullptr;
}
} else if (result == SQLResultDone) {
// Didn't find anything, or was an insert.
if (db->lastActionWasInsert())
resultSet->setInsertId(database->lastInsertRowID());
} else if (result == SQLResultFull) {
// Quota error, the delegate will be asked for more space and this statement might be re-run.
exceptionState.throwDOMException(QuotaExceededError, SQLError::quotaExceededErrorMessage);
db->setLastErrorMessage("there was not enough remaining storage space");
return nullptr;
} else if (result == SQLResultConstraint) {
exceptionState.throwDOMException(ConstraintError, "A constraint was violated.");
db->setLastErrorMessage("statement failed due to a constraint failure");
return nullptr;
} else {
exceptionState.throwDOMException(SQLDatabaseError, "Could not execute statement.");
db->setLastErrorMessage("could not execute statement", result, database->lastErrorMsg());
return nullptr;
}
resultSet->setRowsAffected(database->lastChanges());
return resultSet.release();
}
PassRefPtr<SQLResultSet> SQLStatementSync::execute(DatabaseSync* db, ExceptionCode& ec)
{
db->setAuthorizerPermissions(m_permissions);
SQLiteDatabase* database = &db->sqliteDatabase();
SQLiteStatement statement(*database, m_statement);
int result = statement.prepare();
if (result != SQLResultOk) {
ec = (result == SQLResultInterrupt ? SQLException::DATABASE_ERR : SQLException::SYNTAX_ERR);
db->setLastErrorMessage("could not prepare statement", result, database->lastErrorMsg());
return 0;
}
if (statement.bindParameterCount() != m_arguments.size()) {
ec = (db->isInterrupted()? SQLException::DATABASE_ERR : SQLException::SYNTAX_ERR);
db->setLastErrorMessage("number of '?'s in statement string does not match argument count");
return 0;
}
for (unsigned i = 0; i < m_arguments.size(); ++i) {
result = statement.bindValue(i + 1, m_arguments[i]);
if (result == SQLResultFull) {
ec = SQLException::QUOTA_ERR;
db->setLastErrorMessage("there was not enough remaining storage space");
return 0;
}
if (result != SQLResultOk) {
ec = SQLException::DATABASE_ERR;
db->setLastErrorMessage("could not bind value", result, database->lastErrorMsg());
return 0;
}
}
RefPtr<SQLResultSet> resultSet = SQLResultSet::create();
// Step so we can fetch the column names.
result = statement.step();
if (result == SQLResultRow) {
int columnCount = statement.columnCount();
SQLResultSetRowList* rows = resultSet->rows();
for (int i = 0; i < columnCount; i++)
rows->addColumn(statement.getColumnName(i));
do {
for (int i = 0; i < columnCount; i++)
rows->addResult(statement.getColumnValue(i));
result = statement.step();
} while (result == SQLResultRow);
if (result != SQLResultDone) {
ec = SQLException::DATABASE_ERR;
db->setLastErrorMessage("could not iterate results", result, database->lastErrorMsg());
return 0;
}
} else if (result == SQLResultDone) {
// Didn't find anything, or was an insert.
if (db->lastActionWasInsert())
resultSet->setInsertId(database->lastInsertRowID());
} else if (result == SQLResultFull) {
// Quota error, the delegate will be asked for more space and this statement might be re-run.
ec = SQLException::QUOTA_ERR;
db->setLastErrorMessage("there was not enough remaining storage space");
return 0;
} else if (result == SQLResultConstraint) {
ec = SQLException::CONSTRAINT_ERR;
db->setLastErrorMessage("statement failed due to a constraint failure");
return 0;
} else {
ec = SQLException::DATABASE_ERR;
db->setLastErrorMessage("could not execute statement", result, database->lastErrorMsg());
return 0;
}
resultSet->setRowsAffected(database->lastChanges());
return resultSet.release();
}
