currently, the docs for drupal_write_record say:

(boolean) Failure to write a record will return FALSE. Otherwise, TRUE is returned. The $object parameter contains values for any serial fields defined by the $table. For example, $object->nid will be populated after inserting a new node.

however, the return value from db_query() is not checked, so if a query fails for whatever reason, the function will still return one of the success values.

attached patch checks for the return of db_query() and sets the return value to false if db_query fails.

CommentFileSizeAuthor
#7 drupal_write_record-6.patch1.31 KBpancho
#6 drupal_write_record-0.4.patch.txt2.48 KBgábor hojtsy
#5 drupal_write_record-0.3.patch1.28 KBhswong3i
#2 drupal_write_record-2.patch1.27 KBpancho
#1 drupal_write_record-0.1.patch734 byteshswong3i
drupal_write_record.patch739 bytesAnonymous (not verified)

Comments

hswong3i’s picture

hswong3i commented
StatusFileSize
new drupal_write_record-0.1.patch734 bytes

Or we may handle in this way?

pancho’s picture

pancho
Location UTC+2 🇪🇺 EU
commented
Priority: Normal » Critical
StatusFileSize
new drupal_write_record-2.patch1.27 KB

As this is the core query of a very important function, I'd like to make its behavior a little more explicit. But that's just my feelings about it. Otherwise, the two other variants equally work well.

No doubt this is a critical bug. Seems to be easy to solve though. Some more reviews would be great, to immediately get this in for RC2.

pancho’s picture

pancho
Location UTC+2 🇪🇺 EU
commented
Title: drupal_write_record will return a success value even if db_query call fails » drupal_write_record returns success value on failed query
gábor hojtsy’s picture

gábor hojtsy
he/him
Primary language Hungarian
Location Hungary
commented
Status: Needs review » Needs work

Drupal does "good things first" (instead of negative conditionals). So do an if (db_query(...)) { do stuff } else { return FALSE; } instead

hswong3i’s picture

hswong3i commented
Status: Needs work » Needs review
StatusFileSize
new drupal_write_record-0.3.patch1.28 KB

Implement as "good things first".

gábor hojtsy’s picture

gábor hojtsy
he/him
Primary language Hungarian
Location Hungary
commented
Status: Needs review » Fixed
StatusFileSize
new drupal_write_record-0.4.patch.txt2.48 KB

Thanks, committed this patch with some updates. Actually, drupal_write_record() returns SAVED_NEW or SAVED_UPDATED on success, *not* TRUE, so the return value is not boolean. Also, the phpdoc formatting was bad on the return value, and the $update parameter as well. Committed the attached patch.

pancho’s picture

pancho
Location UTC+2 🇪🇺 EU
commented
Status: Fixed » Needs review
StatusFileSize
new drupal_write_record-6.patch1.31 KB

Just slightly prefer having an explicit else-clause here. Also I prefer the commentary "Perform query." to "Execute the SQL."
But that's very much my opinion and yes it is nitpicking. Just think this is a very central function that should be documented as clearly as possible.
Otherwise #5 is good, and either #5 or #6 should be rtbc.

pancho’s picture

pancho
Location UTC+2 🇪🇺 EU
commented
Status: Needs review » Fixed

Whoops, crossed posts. Was too late, nevermind.

Anonymous’s picture

Anonymous (not verified) commented

Thanks all for the speedy responses and patch improvements!

Anonymous’s picture

Anonymous (not verified) commented
Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for two weeks with no activity.