From ec1025014859cbd8e0e20311d90aecc576cf9170 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Carlos=20Mart=C3=ADn?= <cmartins@fdi.ucm.es>
Date: Mon, 11 Jul 2011 18:31:16 +0200
Subject: [PATCH] onedb: use sequel interface to sanitize sql strings

---
 src/onedb/1.rb | 54 +++++++++++++++++++++++++++++++++++++-------------
 1 file changed, 40 insertions(+), 14 deletions(-)

diff --git a/src/onedb/1.rb b/src/onedb/1.rb
index 43260e22b3..98db3116c3 100644
--- a/src/onedb/1.rb
+++ b/src/onedb/1.rb
@@ -57,7 +57,10 @@ module Migrator
 
             body = "<USER><ID>#{oid}</ID><GID>#{gid}</GID><GNAME>#{groupname}</GNAME><NAME>#{name}</NAME><PASSWORD>#{row[:password]}</PASSWORD><ENABLED>#{row[:enabled]}</ENABLED></USER>"
 
-            @db.run "INSERT INTO user_pool VALUES(#{oid},'#{name}','#{body}');"
+            @db[:user_pool].insert(
+                :oid        => oid,
+                :name       => name,
+                :body       => body)
         end
 
         # Delete old user_pool
@@ -100,7 +103,12 @@ module Migrator
 
             body = "<HOST><ID>#{oid}</ID><NAME>#{name}</NAME><STATE>#{state}</STATE><IM_MAD>#{row[:im_mad]}</IM_MAD><VM_MAD>#{row[:vm_mad]}</VM_MAD><TM_MAD>#{row[:tm_mad]}</TM_MAD><LAST_MON_TIME>#{last_mon_time}</LAST_MON_TIME>#{host_share}#{ template_doc.to_s }</HOST>"
 
-            @db.run "INSERT INTO host_pool VALUES(#{oid},'#{name}','#{body}', #{state}, #{last_mon_time});"
+            @db[:host_pool].insert(
+                :oid            => oid,
+                :name           => name,
+                :body           => body,
+                :state          => state,
+                :last_mon_time  => last_mon_time)
         end
 
         # Delete old table
@@ -140,7 +148,13 @@ module Migrator
             # from 0 to 5, but the meaning is the same for states 0 to 3
             body = "<IMAGE><ID>#{oid}</ID><UID>#{row[:uid]}</UID><GID>#{gid}</GID><UNAME>#{get_username(row[:uid])}</UNAME><GNAME>#{group}</GNAME><NAME>#{name}</NAME><TYPE>#{row[:type]}</TYPE><PUBLIC>#{public}</PUBLIC><PERSISTENT>#{row[:persistent]}</PERSISTENT><REGTIME>#{row[:regtime]}</REGTIME><SOURCE>#{row[:source]}</SOURCE><STATE>#{row[:state]}</STATE><RUNNING_VMS>#{row[:running_vms]}</RUNNING_VMS>#{row[:template]}</IMAGE>"
 
-            @db.run "INSERT INTO image_pool VALUES(#{oid},'#{name}','#{body}', #{uid}, #{gid}, #{public});"
+            @db[:image_pool].insert(
+                :oid        => oid,
+                :name       => name,
+                :body       => body,
+                :uid        => uid,
+                :gid        => gid,
+                :public     => public)
         end
 
         # Delete old table
@@ -170,7 +184,10 @@ module Migrator
 
             body = "<HISTORY><SEQ>#{seq}</SEQ><HOSTNAME>#{row[:host_name]}</HOSTNAME><VM_DIR>#{row[:vm_dir]}</VM_DIR><HID>#{row[:hid]}</HID><STIME>#{row[:stime]}</STIME><ETIME>#{row[:etime]}</ETIME><VMMMAD>#{row[:vm_mad]}</VMMMAD><TMMAD>#{row[:tm_mad]}</TMMAD><PSTIME>#{row[:pstime]}</PSTIME><PETIME>#{row[:petime]}</PETIME><RSTIME>#{row[:rstime]}</RSTIME><RETIME>#{row[:retime]}</RETIME><ESTIME>#{row[:estime]}</ESTIME><EETIME>#{row[:eetime]}</EETIME><REASON>#{row[:reason]}</REASON></HISTORY>"
 
-            @db.run "INSERT INTO history VALUES(#{vid},'#{seq}','#{body}');"
+            @db[:history].insert(
+                :vid        => vid,
+                :seq        => seq,
+                :body       => body)
         end
 
 
@@ -198,14 +215,14 @@ module Migrator
             body = "<VM><ID>#{oid}</ID><UID>#{uid}</UID><GID>#{gid}</GID><UNAME>#{get_username(uid)}</UNAME><GNAME>#{group}</GNAME><NAME>#{name}</NAME><LAST_POLL>#{last_poll}</LAST_POLL><STATE>#{state}</STATE><LCM_STATE>#{lcm_state}</LCM_STATE><STIME>#{row[:stime]}</STIME><ETIME>#{row[:etime]}</ETIME><DEPLOY_ID>#{row[:deploy_id]}</DEPLOY_ID><MEMORY>#{row[:memory]}</MEMORY><CPU>#{row[:cpu]}</CPU><NET_TX>#{row[:net_tx]}</NET_TX><NET_RX>#{row[:net_rx]}</NET_RX>#{row[:template]}#{history}</VM>"
 
             @db[:vm_pool].insert(
-                :oid => oid,
-                :name => name,
-                :body => body,
-                :uid => uid,
-                :gid => gid,
-                :last_poll => last_poll,
-                :state => state,
-                :lcm_state => lcm_state)
+                :oid        => oid,
+                :name       => name,
+                :body       => body,
+                :uid        => uid,
+                :gid        => gid,
+                :last_poll  => last_poll,
+                :state      => state,
+                :lcm_state  => lcm_state)
         end
 
 
@@ -244,7 +261,13 @@ module Migrator
             # network is listed. So setting it to 0 is safe
             body = "<VNET><ID>#{oid}</ID><UID>#{uid}</UID><GID>#{gid}</GID><UNAME>#{get_username(uid)}</UNAME><GNAME>#{group}</GNAME><NAME>#{name}</NAME><TYPE>#{row[:type]}</TYPE><BRIDGE>#{row[:bridge]}</BRIDGE><PUBLIC>#{public}</PUBLIC><TOTAL_LEASES>0</TOTAL_LEASES>#{row[:template]}</VNET>"
 
-            @db.run "INSERT INTO network_pool VALUES(#{oid},'#{name}','#{body}', #{uid}, #{gid}, #{public});"
+            @db[:network_pool].insert(
+                :oid        => oid,
+                :name       => name,
+                :body       => body,
+                :uid        => uid,
+                :gid        => gid,
+                :public     => public)
         end
 
         # Read each entry in the old table, and insert into new table
@@ -254,7 +277,10 @@ module Migrator
 
             body = "<LEASE><IP>#{ip}</IP><MAC_PREFIX>#{row[:mac_prefix]}</MAC_PREFIX><MAC_SUFFIX>#{row[:mac_suffix]}</MAC_SUFFIX><USED>#{row[:used]}</USED><VID>#{row[:vid]}</VID></LEASE>"
 
-            @db.run "INSERT INTO leases VALUES(#{oid}, #{ip}, '#{body}');"
+            @db[:leases].insert(
+                :oid        => oid,
+                :ip         => ip,
+                :body       => body)
         end
 
         # Delete old tables