def put_pdf_files_in(conn):
print "------------------------"
print "-- Putting pdf files in "
print "------------------------"
# INPUT: file and its name
# data in columns: name of a file AND file
f = get_pdf_files(conn)
conn.execute(
"INSERT INTO files (file, file_name) VALUES (E'%s', '%s')" %
(pg.escape_bytea( f.read() ), pg.escape_string( f.name ))
)
def store_resultSet(self, session, rset):
self._openContainer(session)
now = time.time()
nowStr = time.strftime("%Y-%m-%d %H:%M:%S", time.gmtime(now))
if rset.expires:
expires = now + rset.expires
else:
expires = now + self.get_default(session, "expires", 600)
rset.timeExpires = expires
expiresStr = time.strftime("%Y-%m-%d %H:%M:%S", time.gmtime(expires))
id = rset.id
if self.idNormalizer is not None:
id = self.idNormalizer.process_string(session, id)
# Serialise and store
srlz = rset.serialize(session)
cl = str(rset.__class__)
data = srlz.replace("\x00", "\\\\000")
try:
ndata = pg.escape_bytea(data)
except:
# insufficient PyGreSQL version - do the best we can
ndata = data.replace("'", "\\'")
query = (
"INSERT INTO %s (identifier, data, size, class, timeCreated, timeAccessed, expires) VALUES ('%s', E'%s', %s, '%s', '%s', '%s', '%s')"
% (self.table, id, ndata, len(rset), cl, nowStr, nowStr, expiresStr)
)
try:
self._query(query)
except pg.ProgrammingError as e:
# already exists, retry for overwrite, create
if self.get_setting(session, "overwriteOkay", 0):
query = (
"UPDATE %s SET data = E'%s', size = %s, class = '%s', timeAccessed = '%s', expires = '%s' WHERE identifier = '%s';"
% (self.table, ndata, len(rset), cl, nowStr, expiresStr, id)
)
self._query(query)
elif hasattr(rset, "retryOnFail"):
# generate new id, re-store
id = self.generate_id(session)
if self.idNormalizer is not None:
id = self.idNormalizer.process_string(session, id)
query = (
"INSERT INTO %s (identifier, data, size, class, timeCreated, timeAccessed, expires) VALUES ('%s', E'%s', %s, '%s', '%s', '%s', '%s')"
% (self.table, id, ndata, len(rset), cl, nowStr, nowStr, expiresStr)
)
self._query(query)
else:
raise ObjectAlreadyExistsException(self.id + "/" + id)
return rset
def store_resultSet(self, session, rset):
self._openContainer(session)
now = time.time()
nowStr = time.strftime("%Y-%m-%d %H:%M:%S", time.gmtime(now))
if (rset.expires):
expires = now + rset.expires
else:
expires = now + self.get_default(session, 'expires', 600)
rset.timeExpires = expires
expiresStr = time.strftime("%Y-%m-%d %H:%M:%S", time.gmtime(expires))
id = rset.id
if (self.idNormalizer != None):
id = self.idNormalizer.process_string(session, id)
# Serialise and store
srlz = rset.serialize(session)
cl = str(rset.__class__)
data = srlz.replace('\x00', '\\\\000')
try:
ndata = pg.escape_bytea(data)
except:
# insufficient PyGreSQL version - do the best we can
ndata = data.replace("'", "\\'")
query = "INSERT INTO %s (identifier, data, size, class, timeCreated, timeAccessed, expires) VALUES ('%s', E'%s', %s, '%s', '%s', '%s', '%s')" % (
self.table, id, ndata, len(rset), cl, nowStr, nowStr, expiresStr)
try:
self._query(query)
except pg.ProgrammingError as e:
# already exists, retry for overwrite, create
if self.get_setting(session, 'overwriteOkay', 0):
query = "UPDATE %s SET data = E'%s', size = %s, class = '%s', timeAccessed = '%s', expires = '%s' WHERE identifier = '%s';" % (
self.table, ndata, len(rset), cl, nowStr, expiresStr, id)
self._query(query)
elif hasattr(rset, 'retryOnFail'):
# generate new id, re-store
id = self.generate_id(session)
if (self.idNormalizer != None):
id = self.idNormalizer.process_string(session, id)
query = "INSERT INTO %s (identifier, data, size, class, timeCreated, timeAccessed, expires) VALUES ('%s', E'%s', %s, '%s', '%s', '%s', '%s')" % (
self.table, id, ndata, len(rset), cl, nowStr, nowStr,
expiresStr)
try:
self._query(query)
except pg.ProgrammingError:
raise ValueError(ndata)
else:
raise ObjectAlreadyExistsException(self.id + '/' + id)
return rset
def test_pygresql_escape_bytea(self):
'''Test pygresql (escape bytea)'''
if self.lsb_release['Release'] == 6.06:
return self._skipped("functions don't exist in Dapper")
self.user = testlib.TestUser()
self.testuser = self.user.login
self.testdb = "pygresql_db"
self._create_user(self.testuser, self.user.password)
self._create_db(self.testdb, self.testuser)
import pg
self.pgcnx = pg.connect(dbname=self.testdb,
host='127.0.0.1',
user=self.testuser,
passwd=self.user.password)
binary = file('/bin/ls', 'rb').read()
escaped = pg.escape_bytea(binary)
search = "Usage: "
warning = 'Could not find "%s"\n' % search
self.assertTrue(search in escaped, warning)
search = "\\\\000"
warning = 'Could not find "%s"\n' % search
self.assertTrue(search in escaped, warning)
# The following extra tests don't work on Oneiric+
if self.lsb_release['Release'] >= 11.10:
return
# fix for CVE-2009-2940 added this
try:
escaped = self.pgcnx.escape_bytea(binary)
except AttributeError:
warning = 'CVE-2009-2940: Could not find required pyobj.escape_bytea()'
self.assertTrue(False, warning)
search = "Usage: "
warning = 'Could not find "%s"\n' % search
self.assertTrue(search in escaped, warning)
search = "\\\\000"
warning = 'Could not find "%s"\n' % search
self.assertTrue(search in escaped, warning)
def store_data(self, session, id, data, metadata={}):
self._openContainer(session)
id = str(id)
now = time.strftime("%Y-%m-%d %H:%M:%S")
if (self.idNormalizer != None):
id = self.idNormalizer.process_string(session, id)
data = data.replace(nonTextToken, '\\\\000\\\\001')
query = "INSERT INTO %s (identifier, timeCreated) VALUES ('%s', '%s');" % (
self.table, id, now)
try:
self._query(query)
except:
# already exists
pass
try:
ndata = pg.escape_bytea(data)
except:
# insufficient PyGreSQL version
ndata = data.replace("'", "\\'")
if metadata:
extra = []
for (n, v) in metadata.iteritems():
if type(v) in (int, long):
extra.append('%s = %s' % (n, v))
else:
extra.append("%s = '%s'" % (n, v))
extraq = ', '.join(extra)
query = "UPDATE %s SET data = E'%s', %s, timeModified = '%s' WHERE identifier = '%s';" % (
self.table, ndata, extraq, now, id)
else:
query = "UPDATE %s SET data = E'%s', timeModified = '%s' WHERE identifier = '%s';" % (
self.table, ndata, now, id)
try:
self._query(query)
except pg.ProgrammingError:
# Uhhh...
print query
raise
return None
def store_data(self, session, id, data, metadata={}):
self._openContainer(session)
id = str(id)
now = time.strftime("%Y-%m-%d %H:%M:%S")
if (self.idNormalizer != None):
id = self.idNormalizer.process_string(session, id)
data = data.replace(nonTextToken, '\\\\000\\\\001')
query = "INSERT INTO %s (identifier, timeCreated) VALUES ('%s', '%s');" % (self.table, id, now)
try:
self._query(query)
except:
# already exists
pass
try:
ndata = pg.escape_bytea(data)
except:
# insufficient PyGreSQL version
ndata = data.replace("'", "\\'")
if metadata:
extra = []
for (n,v) in metadata.iteritems():
if type(v) in (int, long):
extra.append('%s = %s' % (n,v))
else:
extra.append("%s = '%s'" % (n,v))
extraq = ', '.join(extra)
query = "UPDATE %s SET data = E'%s', %s, timeModified = '%s' WHERE identifier = '%s';" % (self.table, ndata, extraq, now, id)
else:
query = "UPDATE %s SET data = E'%s', timeModified = '%s' WHERE identifier = '%s';" % (self.table, ndata, now, id)
try:
self._query(query)
except pg.ProgrammingError:
# Uhhh...
print query
raise
return None
def escape_lab (lab):
import pg
return pg.escape_bytea (lab.pack ())
