Improve database query preparation and error handling in backup processes

joaosraposo · joaosraposo · commit ed6abdd4d5fe · 2025-10-06T16:45:39.000+01:00
diff --git a/trunk/HDB.php b/trunk/HDB.php
@@ -676,6 +676,7 @@ static function get_logs($backup_id = null, $limit = 100, $offset = 0) {
 		$prepare_values[] = $limit;
 		$prepare_values[] = $offset;
 		
+		// phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
 		return $wpdb->get_results(
 			$wpdb->prepare(
 				"SELECT l.*, s.name as backup_name 
@@ -693,6 +694,7 @@ static function get_logs($backup_id = null, $limit = 100, $offset = 0) {
 	static function clean_logs($days_to_keep = 30) {
 		global $wpdb;
 		
+		// phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
 		$deleted = $wpdb->query(
 			$wpdb->prepare(
 				"DELETE FROM {$wpdb->prefix}hejbit_logs 
@@ -704,6 +706,8 @@ static function clean_logs($days_to_keep = 30) {
 	}
 };
 
+// phpcs:enable WordPress.DB
+
 // Admin view
 $save_to_nextcloud = new hejbit_save_to_nextcloud();
 register_activation_hook(__FILE__, array($save_to_nextcloud, 'activate'));
@@ -953,6 +957,7 @@ function hejbit_get_all_saves()
 	$result = array();
 
 	// Execute the query to retrieve all backups
+	// phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
 	$allSaves = $wpdb->get_results(
 		"SELECT * FROM {$wpdb->prefix}hejbit_saveInProgress"
 	);
@@ -1197,11 +1202,15 @@ function hejbit_savetonextcloud_param()
 // Logs page
 function hejbit_logs_page() {
     // Handle log cleanup if requested
-    if (isset($_POST['clear_old_logs']) && wp_verify_nonce($_POST['hejbit_logs_nonce'], 'hejbit_clear_logs')) {
-        $days = intval($_POST['days_to_keep']);
-        $deleted = hejbit_save_to_nextcloud::clean_logs($days);
-        echo '<div class="notice notice-success"><p>' . sprintf('Deleted %d old log entries.', $deleted) . '</p></div>';
-    }
+	if (
+		isset($_POST['clear_old_logs']) &&
+		isset($_POST['hejbit_logs_nonce']) &&
+		wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['hejbit_logs_nonce'])), 'hejbit_clear_logs')
+	) {
+		$days = isset($_POST['days_to_keep']) ? intval($_POST['days_to_keep']) : 30;
+		$deleted = hejbit_save_to_nextcloud::clean_logs($days);
+		echo '<div class="notice notice-success"><p>' . sprintf('Deleted %d old log entries.', esc_html($deleted)) . '</p></div>';
+	}
     
     // Pagination
     $page = isset($_GET['paged']) ? max(1, intval($_GET['paged'])) : 1;
@@ -1212,9 +1221,19 @@ function hejbit_logs_page() {
     $logs = hejbit_save_to_nextcloud::get_logs(null, $per_page, $offset);
     
     // Get total count for pagination
-    global $wpdb;
-    $total_logs = $wpdb->get_var("SELECT COUNT(*) FROM {$wpdb->prefix}hejbit_logs");
-    $total_pages = ceil($total_logs / $per_page);
+	global $wpdb;
+	// Try to get cached value first
+	$cache_key = 'hejbit_total_logs_count';
+	$total_logs = wp_cache_get($cache_key, 'hejbit_logs');
+	if (false === $total_logs) {
+		// phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
+		$total_logs = $wpdb->get_var(
+			"SELECT COUNT(*) FROM {$wpdb->prefix}hejbit_logs"
+		);
+		wp_cache_set($cache_key, $total_logs, 'hejbit_logs', 300); // Cache for 5 minutes
+	}
+
+	$total_pages = ceil($total_logs / $per_page);
     ?>
     
     <div class="wrap">
@@ -1297,14 +1316,17 @@ function hejbit_logs_page() {
             <div class="tablenav bottom">
                 <div class="tablenav-pages">
                     <?php
-                    echo paginate_links(array(
-                        'base' => add_query_arg('paged', '%#%'),
-                        'format' => '',
-                        'prev_text' => '&laquo;',
-                        'next_text' => '&raquo;',
-                        'total' => $total_pages,
-                        'current' => $page
-                    ));
+					$pagination_links = paginate_links(array(
+						'base' => add_query_arg('paged', '%#%'),
+						'format' => '',
+						'prev_text' => '&laquo;',
+						'next_text' => '&raquo;',
+						'total' => $total_pages,
+						'current' => $page
+					));
+					if ($pagination_links) {
+						echo wp_kses_post($pagination_links);
+					}
                     ?>
                 </div>
             </div>
@@ -1318,5 +1340,4 @@ function hejbit_logs_page() {
     </style>
     <?php
 }
-
 ?>
diff --git a/trunk/inc/CreateDB.php b/trunk/inc/CreateDB.php
@@ -88,7 +88,7 @@
         $wp_filesystem->put_contents($dbfile, $drop_table_sql, FS_CHMOD_FILE | FILE_APPEND);
 
         // Retrieve the table creation script
-        $createTable = $wpdb->get_row("SHOW CREATE TABLE `" . esc_sql($table) . "`", ARRAY_N);
+        $createTable = $wpdb->get_row($wpdb->prepare("SHOW CREATE TABLE `%s`", $table), ARRAY_N);
         $wp_filesystem->put_contents($dbfile, $createTable[1] . ";\n\n", FS_CHMOD_FILE | FILE_APPEND);
 
         // Retrieve the table data
diff --git a/trunk/inc/SendChunk.php b/trunk/inc/SendChunk.php
@@ -64,6 +64,11 @@
     )
 );
 
+if ($thisChunk === false) {
+    hejbit_save_to_nextcloud::log('Failed to read file chunk', 'ERROR', 'SEND_CHUNK');
+    return;
+}
+
 // While the file is not completely read
 if (!empty($thisChunk)) {
     
