From ca5971288a1d98b07a9d366f7fee49f3683a791b Mon Sep 17 00:00:00 2001
From: Banana <mail@bananas-playground.net>
Date: Tue, 5 Jan 2021 12:00:31 +0100
Subject: [PATCH] better try catch and exceptions

---
 .../lib/managecollectionfields.class.php      | 20 ++++---
 webclient/lib/managecollections.class.php     |  8 ++-
 webclient/lib/manageentry.class.php           | 17 +++---
 webclient/lib/possessed.class.php             | 52 +++++++++----------
 4 files changed, 51 insertions(+), 46 deletions(-)

diff --git a/webclient/lib/managecollectionfields.class.php b/webclient/lib/managecollectionfields.class.php
index 4dfa5d9..072aa09 100644
--- a/webclient/lib/managecollectionfields.class.php
+++ b/webclient/lib/managecollectionfields.class.php
@@ -120,7 +120,7 @@ class ManageCollectionFields {
 	}
 
 	/**
-	 * Simple comma seperated number string
+	 * Simple comma separated number string
 	 *
 	 * @param string $string
 	 * @return bool
@@ -157,11 +157,13 @@ class ManageCollectionFields {
 		}
 
 		if(!empty($ids)) {
-			$this->_DB->begin_transaction(MYSQLI_TRANS_START_READ_WRITE);
+
 
 			$queryStr1 = "DELETE FROM `".DB_PREFIX."_collection_fields_".$this->_collectionId."`
 						WHERE `fk_field_id` NOT IN (".implode(",",$ids).")";
 			try {
+				$this->_DB->begin_transaction(MYSQLI_TRANS_START_READ_WRITE);
+
 				$q1 = $this->_DB->query($queryStr1);
 				if($q1 !== false) {
 					// https://dev.mysql.com/doc/refman/8.0/en/insert-on-duplicate.html
@@ -188,19 +190,21 @@ class ManageCollectionFields {
 							$alterQuery = $this->_DB->query($alterString);
 						}
 						if(!empty($_newColumns) && $alterQuery == false) {
-							$this->_DB->rollback();
-						}
-						else {
-							$this->_DB->commit();
-							$ret = true;
+							throw new Exception("Failed to insert alter the table.");
 						}
 					}
 					else {
-						$this->_DB->rollback();
+						throw new Exception("Failed to insert the new fields.");
 					}
 				}
+				else {
+					throw new Exception("Failed to delete old fields.");
+				}
+				$this->_DB->commit();
+				$ret = true;
 			}
 			catch (Exception $e) {
+				$this->_DB->rollback();
 				error_log("[ERROR] ".__METHOD__." mysql catch: ".$e->getMessage());
 			}
 		}
diff --git a/webclient/lib/managecollections.class.php b/webclient/lib/managecollections.class.php
index 5e52fa0..0100f3f 100644
--- a/webclient/lib/managecollections.class.php
+++ b/webclient/lib/managecollections.class.php
@@ -203,8 +203,10 @@ class ManageCollections {
 		if(!empty($data['name']) === true
 			&& $this->_validNewCollectionName($data['name']) === true
 		) {
-			$this->_DB->begin_transaction(MYSQLI_TRANS_START_READ_WRITE);
+
 			try {
+				$this->_DB->begin_transaction(MYSQLI_TRANS_START_READ_WRITE);
+
 				$queryStr = "INSERT INTO `".DB_PREFIX."_collection`
 							SET `name` = '".$this->_DB->real_escape_string($data['name'])."',
 								`description` = '".$this->_DB->real_escape_string($data['description'])."',
@@ -512,11 +514,13 @@ class ManageCollections {
 	private function _updateToolRelation($id,$tool) {
 		$ret = false;
 
-		$this->_DB->begin_transaction(MYSQLI_TRANS_START_READ_WRITE);
+
 		$queryStr = "DELETE FROM `".DB_PREFIX."_tool2collection`
 								WHERE `fk_collection_id` = '".$this->_DB->real_escape_string($id)."'";
 		if(QUERY_DEBUG) error_log("[QUERY] ".__METHOD__." query: ".var_export($queryStr,true));
 		try {
+			$this->_DB->begin_transaction(MYSQLI_TRANS_START_READ_WRITE);
+
 			$this->_DB->query($queryStr);
 
 			if(!empty($tool)) {
diff --git a/webclient/lib/manageentry.class.php b/webclient/lib/manageentry.class.php
index 2e4661e..78910e8 100644
--- a/webclient/lib/manageentry.class.php
+++ b/webclient/lib/manageentry.class.php
@@ -187,7 +187,7 @@ class Manageentry {
 			if(DEBUG) error_log("[DEBUG] ".__METHOD__." queryData: ".var_export($queryData,true));
 
 			if(!empty($queryData['init'])) {
-				$this->_DB->begin_transaction(MYSQLI_TRANS_START_READ_WRITE);
+
 
 				$queryStr = "INSERT INTO `".DB_PREFIX."_collection_entry_".$this->_collectionId."`";
 				if($update !== false && is_numeric($update)) {
@@ -206,6 +206,8 @@ class Manageentry {
 				if(QUERY_DEBUG) error_log("[QUERY] ".__METHOD__." query: ".var_export($queryStr,true));
 
 				try {
+					$this->_DB->begin_transaction(MYSQLI_TRANS_START_READ_WRITE);
+
 					$this->_DB->query($queryStr);
 
 					if($update !== false && is_numeric($update)) {
@@ -227,13 +229,13 @@ class Manageentry {
 								$this->_runAfter_upload($q, $newId);
 							}
 						}
-
-						$this->_DB->commit();
-						$ret = $newId;
 					}
 					else {
-						$this->_DB->rollback();
+						throw new Exception('Failed to create entry');
 					}
+
+					$ret = $newId;
+					$this->_DB->commit();
 				}
 				catch (Exception $e) {
 					$this->_DB->rollback();
@@ -261,10 +263,9 @@ class Manageentry {
 		if(!empty($entryId) && !empty($this->_collectionId)) {
 
 			if ($this->_canDelete($entryId)) {
-
-				$this->_DB->begin_transaction(MYSQLI_TRANS_START_READ_WRITE);
-
 				try {
+					$this->_DB->begin_transaction(MYSQLI_TRANS_START_READ_WRITE);
+
 					// remove assets
 					$_path = PATH_STORAGE.'/'.$this->_collectionId.'/'.$entryId;
 					if(is_dir($_path) && is_readable($_path)) {
diff --git a/webclient/lib/possessed.class.php b/webclient/lib/possessed.class.php
index 14c996a..9f93172 100644
--- a/webclient/lib/possessed.class.php
+++ b/webclient/lib/possessed.class.php
@@ -116,7 +116,6 @@ class Possessed {
 			} else {
 				$active = "0";
 			}
-			$this->_DB->begin_transaction(MYSQLI_TRANS_START_READ_WRITE);
 
 			$_password = password_hash($password, PASSWORD_DEFAULT);
 
@@ -131,6 +130,8 @@ class Possessed {
 							`group` = '".$this->_DB->real_escape_string($group)."'";
 			if(QUERY_DEBUG) error_log("[QUERY] ".__METHOD__." query: ".var_export($queryStr,true));
 			try {
+				$this->_DB->begin_transaction(MYSQLI_TRANS_START_READ_WRITE);
+
 				$query = $this->_DB->query($queryStr);
 
 				if ($query !== false) {
@@ -141,20 +142,18 @@ class Possessed {
 					if(QUERY_DEBUG) error_log("[QUERY] ".__METHOD__." query: ".var_export($queryStrOwner,true));
 					$this->_DB->query($queryStrOwner);
 					$_setGroupRelation = $this->_setGroupReleation($_userid,$group);
-					if($_setGroupRelation !== false) {
-						$this->_DB->commit();
-						$ret = true;
-					}
-					else {
-						$this->_DB->rollback();
-						error_log('ERROR Failed to insert user relation: '.var_export($queryStr, true));
+					if($_setGroupRelation === false) {
+						throw new Exception("Failed to insert user relation");
 					}
 				} else {
-					$this->_DB->rollback();
-					error_log('ERROR Failed to insert user: '.var_export($queryStr, true));
+					throw new Exception("Failed to insert user");
 				}
+
+				$this->_DB->commit();
+				$ret = true;
 			}
 			catch (Exception $e) {
+				$this->_DB->rollback();
 				error_log("[ERROR] ".__METHOD__." mysql catch: ".$e->getMessage());
 			}
 		}
@@ -190,7 +189,7 @@ class Possessed {
 
 			$_password = password_hash($password, PASSWORD_DEFAULT);
 
-			$this->_DB->begin_transaction(MYSQLI_TRANS_START_READ_WRITE);
+
 
 			$queryStr = "UPDATE `".DB_PREFIX . "_user`
 						SET `name` = '".$this->_DB->real_escape_string($username)."',
@@ -208,24 +207,23 @@ class Possessed {
 						AND `protected` = '0'";
 			if(QUERY_DEBUG) error_log("[QUERY] ".__METHOD__." query: ".var_export($queryStr,true));
 			try {
+				$this->_DB->begin_transaction(MYSQLI_TRANS_START_READ_WRITE);
+
 				$query = $this->_DB->query($queryStr);
 
 				if ($query !== false) {
 					$_setGroupRelation = $this->_setGroupReleation($id,$group, true);
-					if($_setGroupRelation !== false) {
-						$this->_DB->commit();
-						$ret = true;
-					}
-					else {
-						$this->_DB->rollback();
-						error_log('ERROR Failed to insert user relation: '.var_export($queryStr, true));
+					if($_setGroupRelation === false) {
+						throw new Exception('Failed to insert user relation');
 					}
 				} else {
-					$this->_DB->rollback();
-					error_log('ERROR Failed to insert user: '.var_export($queryStr, true));
+					throw new Exception('Failed to insert user');
 				}
+				$this->_DB->commit();
+				$ret = true;
 			}
 			catch (Exception $e) {
+				$this->_DB->rollback();
 				error_log("[ERROR] ".__METHOD__." mysql catch: ".$e->getMessage());
 			}
 		}
@@ -273,24 +271,22 @@ class Possessed {
 		$ret = false;
 
 		if(!empty($id)) {
-			$this->_DB->begin_transaction(MYSQLI_TRANS_START_READ_WRITE);
-
 			try {
+				$this->_DB->begin_transaction(MYSQLI_TRANS_START_READ_WRITE);
 				$d1 = $this->_DB->query("DELETE FROM `".DB_PREFIX."_user` 
 					WHERE `id` = '".$this->_DB->real_escape_string($id)."'
 					AND `protected` = '0'");
 				$d2 = $this->_DB->query("DELETE FROM `".DB_PREFIX."_user2group` WHERE `fk_user_id` = '".$this->_DB->real_escape_string($id)."'");
 				$d3 = $this->_DB->query("DELETE FROM `".DB_PREFIX."_userSession` WHERE `fk_user_id` = '".$this->_DB->real_escape_string($id)."'");
 
-				if($d1 !== false && $d2 !== false && $d3 !== false) {
-					$this->_DB->commit();
-					$ret = true;
-				}
-				else {
-					$this->_DB->rollback();
+				if($d1 === false || $d2 === false || $d3 === false) {
+					throw new Exception('Failed to delete the user');
 				}
+				$this->_DB->commit();
+				$ret = true;
 			}
 			catch (Exception $e) {
+				$this->_DB->rollback();
 				error_log("[ERROR] ".__METHOD__." mysql catch: ".$e->getMessage());
 			}
 		}
-- 
2.39.5