From 6b9d18b52e76127b36a8706ec6316ed45536a29a Mon Sep 17 00:00:00 2001 From: Shish Date: Sun, 16 Jun 2019 19:07:55 +0100 Subject: [PATCH 1/5] Parse tags first, then check accelerator, then check database Better than half-assed tag parsing in the accelerator then full parsing in the database --- core/imageboard/image.php | 154 ++++++++++++++++++++------------------ 1 file changed, 82 insertions(+), 72 deletions(-) diff --git a/core/imageboard/image.php b/core/imageboard/image.php index 928d4914..0ec8c310 100644 --- a/core/imageboard/image.php +++ b/core/imageboard/image.php @@ -125,13 +125,11 @@ class Image } } - $result = null; - if (SEARCH_ACCEL) { - $result = Image::get_accelerated_result($tags, $start, $limit); - } + list($tag_querylets, $img_querylets) = self::parse_all_terms($tags); + $result = Image::get_accelerated_result($tag_querylets, $img_querylets, $start, $limit); if (!$result) { - $querylet = Image::build_search_querylet($tags); + $querylet = Image::build_search_querylet($tag_querylets, $img_querylets); $querylet->append(new Querylet(" ORDER BY ".(Image::$order_sql ?: "images.".$config->get_string("index_order")))); $querylet->append(new Querylet(" LIMIT :limit OFFSET :offset", ["limit"=>$limit, "offset"=>$start])); #var_dump($querylet->sql); var_dump($querylet->variables); @@ -170,13 +168,11 @@ class Image } } - $result = null; - if (SEARCH_ACCEL) { - $result = Image::get_accelerated_result($tags, $start, $limit); - } + list($tag_querylets, $img_querylets) = self::parse_all_terms($tags); + $result = Image::get_accelerated_result($tag_querylets, $img_querylets, $start, $limit); if (!$result) { - $querylet = Image::build_search_querylet($tags); + $querylet = Image::build_search_querylet($tag_querylets, $img_querylets); $querylet->append(new Querylet(" ORDER BY ".(Image::$order_sql ?: "images.".$config->get_string("index_order")))); $querylet->append(new Querylet(" LIMIT :limit OFFSET :offset", ["limit"=>$limit, "offset"=>$start])); #var_dump($querylet->sql); var_dump($querylet->variables); @@ -193,7 +189,7 @@ class Image /* * Accelerator stuff */ - public static function get_acceleratable(array $tags): ?array + public static function get_acceleratable(array $tag_querylets): ?array { $ret = [ "yays" => [], @@ -201,16 +197,13 @@ class Image ]; $yays = 0; $nays = 0; - foreach ($tags as $tag) { - if (!preg_match("/^-?[a-zA-Z0-9_'-]+$/", $tag)) { - return null; - } - if ($tag[0] == "-") { - $nays++; - $ret["nays"][] = substr($tag, 1); - } else { + foreach ($tag_querylets as $tq) { + if ($tq->positive) { $yays++; - $ret["yays"][] = $tag; + $ret["yays"][] = $tq->tag; + } else { + $nays++; + $ret["nays"][] = $tq->tag; } } if ($yays > 1 || $nays > 0) { @@ -219,11 +212,15 @@ class Image return null; } - public static function get_accelerated_result(array $tags, int $offset, int $limit): ?PDOStatement + public static function get_accelerated_result(array $tag_querylets, array $img_querylets, int $offset, int $limit): ?PDOStatement { + if (!SEARCH_ACCEL || !empty($img_querylets)) { + return null; + } + global $database; - $req = Image::get_acceleratable($tags); + $req = Image::get_acceleratable($tag_querylets); if (!$req) { return null; } @@ -240,9 +237,13 @@ class Image return $result; } - public static function get_accelerated_count(array $tags): ?int + public static function get_accelerated_count(array $tag_querylets, array $img_querylets): ?int { - $req = Image::get_acceleratable($tags); + if (!SEARCH_ACCEL || !empty($img_querylets)) { + return null; + } + + $req = Image::get_acceleratable($tag_querylets); if (!$req) { return null; } @@ -295,9 +296,10 @@ class Image ["tag"=>$tags[0]] ); } else { - $total = Image::get_accelerated_count($tags); + list($tag_querylets, $img_querylets) = self::parse_all_terms($tags); + $total = Image::get_accelerated_count($tag_querylets, $img_querylets); if (is_null($total)) { - $querylet = Image::build_search_querylet($tags); + $querylet = Image::build_search_querylet($tag_querylets, $img_querylets); $total = $database->get_one("SELECT COUNT(*) AS cnt FROM ($querylet->sql) AS tbl", $querylet->variables); } } @@ -318,6 +320,53 @@ class Image return ceil(Image::count_images($tags) / $config->get_int('index_images')); } + private static function parse_all_terms(array $terms): array + { + $tag_querylets = []; + $img_querylets = []; + + /* + * Turn a bunch of strings into a bunch of TagQuerylet + * and ImgQuerylet objects + */ + $stpe = new SearchTermParseEvent(null, $terms); + send_event($stpe); + if ($stpe->is_querylet_set()) { + foreach ($stpe->get_querylets() as $querylet) { + $img_querylets[] = new ImgQuerylet($querylet, true); + } + } + + foreach ($terms as $term) { + $positive = true; + if (is_string($term) && !empty($term) && ($term[0] == '-')) { + $positive = false; + $term = substr($term, 1); + } + if (strlen($term) === 0) { + continue; + } + + $stpe = new SearchTermParseEvent($term, $terms); + send_event($stpe); + if ($stpe->is_querylet_set()) { + foreach ($stpe->get_querylets() as $querylet) { + $img_querylets[] = new ImgQuerylet($querylet, $positive); + } + } else { + // if the whole match is wild, skip this; + // if not, translate into SQL + if (str_replace("*", "", $term) != "") { + $term = str_replace('_', '\_', $term); + $term = str_replace('%', '\%', $term); + $term = str_replace('*', '%', $term); + $tag_querylets[] = new TagQuerylet($term, $positive); + } + } + } + return [$tag_querylets, $img_querylets]; + } + /* * Accessors & mutators */ @@ -352,7 +401,8 @@ class Image '); } else { $tags[] = 'id'. $gtlt . $this->id; - $querylet = Image::build_search_querylet($tags); + list($tag_querylets, $img_querylets) = self::parse_all_terms($tags); + $querylet = Image::build_search_querylet($tag_querylets, $img_querylets); $querylet->append_sql(' ORDER BY images.id '.$dir.' LIMIT 1'); $row = $database->get_row($querylet->sql, $querylet->variables); } @@ -813,57 +863,17 @@ class Image /** * #param string[] $terms */ - private static function build_search_querylet(array $terms): Querylet + private static function build_search_querylet(array $tag_querylets, array $img_querylets): Querylet { global $database; - $tag_querylets = []; - $img_querylets = []; $positive_tag_count = 0; $negative_tag_count = 0; - - /* - * Turn a bunch of strings into a bunch of TagQuerylet - * and ImgQuerylet objects - */ - $stpe = new SearchTermParseEvent(null, $terms); - send_event($stpe); - if ($stpe->is_querylet_set()) { - foreach ($stpe->get_querylets() as $querylet) { - $img_querylets[] = new ImgQuerylet($querylet, true); - } - } - - foreach ($terms as $term) { - $positive = true; - if (is_string($term) && !empty($term) && ($term[0] == '-')) { - $positive = false; - $term = substr($term, 1); - } - if (strlen($term) === 0) { - continue; - } - - $stpe = new SearchTermParseEvent($term, $terms); - send_event($stpe); - if ($stpe->is_querylet_set()) { - foreach ($stpe->get_querylets() as $querylet) { - $img_querylets[] = new ImgQuerylet($querylet, $positive); - } + foreach ($tag_querylets as $tq) { + if ($tq->positive) { + $positive_tag_count++; } else { - // if the whole match is wild, skip this; - // if not, translate into SQL - if (str_replace("*", "", $term) != "") { - $term = str_replace('_', '\_', $term); - $term = str_replace('%', '\%', $term); - $term = str_replace('*', '%', $term); - $tag_querylets[] = new TagQuerylet($term, $positive); - if ($positive) { - $positive_tag_count++; - } else { - $negative_tag_count++; - } - } + $negative_tag_count++; } } From 6df119050139b7438446da8ca1fe8533ef4df141 Mon Sep 17 00:00:00 2001 From: Shish Date: Sun, 16 Jun 2019 19:11:16 +0100 Subject: [PATCH 2/5] Rename Tag/ImgQuerylet to Tag/ImgCondition It was confusing because Tag/ImgQuerylet (an abstract condition to use as part of image search filtering) were unrelated to Querylet (a fragment of SQL) --- core/imageboard/image.php | 86 +++++++++++++++++++------------------- core/imageboard/search.php | 4 +- 2 files changed, 45 insertions(+), 45 deletions(-) diff --git a/core/imageboard/image.php b/core/imageboard/image.php index 0ec8c310..18c646a9 100644 --- a/core/imageboard/image.php +++ b/core/imageboard/image.php @@ -125,11 +125,11 @@ class Image } } - list($tag_querylets, $img_querylets) = self::parse_all_terms($tags); + list($tag_conditions, $img_conditions) = self::terms_to_conditions($tags); - $result = Image::get_accelerated_result($tag_querylets, $img_querylets, $start, $limit); + $result = Image::get_accelerated_result($tag_conditions, $img_conditions, $start, $limit); if (!$result) { - $querylet = Image::build_search_querylet($tag_querylets, $img_querylets); + $querylet = Image::build_search_querylet($tag_conditions, $img_conditions); $querylet->append(new Querylet(" ORDER BY ".(Image::$order_sql ?: "images.".$config->get_string("index_order")))); $querylet->append(new Querylet(" LIMIT :limit OFFSET :offset", ["limit"=>$limit, "offset"=>$start])); #var_dump($querylet->sql); var_dump($querylet->variables); @@ -168,11 +168,11 @@ class Image } } - list($tag_querylets, $img_querylets) = self::parse_all_terms($tags); + list($tag_conditions, $img_conditions) = self::terms_to_conditions($tags); - $result = Image::get_accelerated_result($tag_querylets, $img_querylets, $start, $limit); + $result = Image::get_accelerated_result($tag_conditions, $img_conditions, $start, $limit); if (!$result) { - $querylet = Image::build_search_querylet($tag_querylets, $img_querylets); + $querylet = Image::build_search_querylet($tag_conditions, $img_conditions); $querylet->append(new Querylet(" ORDER BY ".(Image::$order_sql ?: "images.".$config->get_string("index_order")))); $querylet->append(new Querylet(" LIMIT :limit OFFSET :offset", ["limit"=>$limit, "offset"=>$start])); #var_dump($querylet->sql); var_dump($querylet->variables); @@ -189,7 +189,7 @@ class Image /* * Accelerator stuff */ - public static function get_acceleratable(array $tag_querylets): ?array + public static function get_acceleratable(array $tag_conditions): ?array { $ret = [ "yays" => [], @@ -197,7 +197,7 @@ class Image ]; $yays = 0; $nays = 0; - foreach ($tag_querylets as $tq) { + foreach ($tag_conditions as $tq) { if ($tq->positive) { $yays++; $ret["yays"][] = $tq->tag; @@ -212,15 +212,15 @@ class Image return null; } - public static function get_accelerated_result(array $tag_querylets, array $img_querylets, int $offset, int $limit): ?PDOStatement + public static function get_accelerated_result(array $tag_conditions, array $img_conditions, int $offset, int $limit): ?PDOStatement { - if (!SEARCH_ACCEL || !empty($img_querylets)) { + if (!SEARCH_ACCEL || !empty($img_conditions)) { return null; } global $database; - $req = Image::get_acceleratable($tag_querylets); + $req = Image::get_acceleratable($tag_conditions); if (!$req) { return null; } @@ -237,13 +237,13 @@ class Image return $result; } - public static function get_accelerated_count(array $tag_querylets, array $img_querylets): ?int + public static function get_accelerated_count(array $tag_conditions, array $img_conditions): ?int { - if (!SEARCH_ACCEL || !empty($img_querylets)) { + if (!SEARCH_ACCEL || !empty($img_conditions)) { return null; } - $req = Image::get_acceleratable($tag_querylets); + $req = Image::get_acceleratable($tag_conditions); if (!$req) { return null; } @@ -296,10 +296,10 @@ class Image ["tag"=>$tags[0]] ); } else { - list($tag_querylets, $img_querylets) = self::parse_all_terms($tags); - $total = Image::get_accelerated_count($tag_querylets, $img_querylets); + list($tag_conditions, $img_conditions) = self::terms_to_conditions($tags); + $total = Image::get_accelerated_count($tag_conditions, $img_conditions); if (is_null($total)) { - $querylet = Image::build_search_querylet($tag_querylets, $img_querylets); + $querylet = Image::build_search_querylet($tag_conditions, $img_conditions); $total = $database->get_one("SELECT COUNT(*) AS cnt FROM ($querylet->sql) AS tbl", $querylet->variables); } } @@ -320,20 +320,20 @@ class Image return ceil(Image::count_images($tags) / $config->get_int('index_images')); } - private static function parse_all_terms(array $terms): array + private static function terms_to_conditions(array $terms): array { - $tag_querylets = []; - $img_querylets = []; + $tag_conditions = []; + $img_conditions = []; /* - * Turn a bunch of strings into a bunch of TagQuerylet - * and ImgQuerylet objects + * Turn a bunch of strings into a bunch of TagCondition + * and ImgCondition objects */ $stpe = new SearchTermParseEvent(null, $terms); send_event($stpe); if ($stpe->is_querylet_set()) { foreach ($stpe->get_querylets() as $querylet) { - $img_querylets[] = new ImgQuerylet($querylet, true); + $img_conditions[] = new ImgCondition($querylet, true); } } @@ -351,7 +351,7 @@ class Image send_event($stpe); if ($stpe->is_querylet_set()) { foreach ($stpe->get_querylets() as $querylet) { - $img_querylets[] = new ImgQuerylet($querylet, $positive); + $img_conditions[] = new ImgCondition($querylet, $positive); } } else { // if the whole match is wild, skip this; @@ -360,11 +360,11 @@ class Image $term = str_replace('_', '\_', $term); $term = str_replace('%', '\%', $term); $term = str_replace('*', '%', $term); - $tag_querylets[] = new TagQuerylet($term, $positive); + $tag_conditions[] = new TagCondition($term, $positive); } } } - return [$tag_querylets, $img_querylets]; + return [$tag_conditions, $img_conditions]; } /* @@ -401,8 +401,8 @@ class Image '); } else { $tags[] = 'id'. $gtlt . $this->id; - list($tag_querylets, $img_querylets) = self::parse_all_terms($tags); - $querylet = Image::build_search_querylet($tag_querylets, $img_querylets); + list($tag_conditions, $img_conditions) = self::terms_to_conditions($tags); + $querylet = Image::build_search_querylet($tag_conditions, $img_conditions); $querylet->append_sql(' ORDER BY images.id '.$dir.' LIMIT 1'); $row = $database->get_row($querylet->sql, $querylet->variables); } @@ -863,13 +863,13 @@ class Image /** * #param string[] $terms */ - private static function build_search_querylet(array $tag_querylets, array $img_querylets): Querylet + private static function build_search_querylet(array $tag_conditions, array $img_conditions): Querylet { global $database; $positive_tag_count = 0; $negative_tag_count = 0; - foreach ($tag_querylets as $tq) { + foreach ($tag_conditions as $tq) { if ($tq->positive) { $positive_tag_count++; } else { @@ -912,15 +912,15 @@ class Image GROUP BY images.id ) AS images WHERE 1=1 - "), ["tag"=>$tag_querylets[0]->tag]); + "), ["tag"=>$tag_conditions[0]->tag]); } // more than one positive tag, or more than zero negative tags else { if ($database->get_driver_name() === "mysql") { - $query = Image::build_ugly_search_querylet($tag_querylets); + $query = Image::build_ugly_search_querylet($tag_conditions); } else { - $query = Image::build_accurate_search_querylet($tag_querylets); + $query = Image::build_accurate_search_querylet($tag_conditions); } } @@ -928,11 +928,11 @@ class Image * Merge all the image metadata searches into one generic querylet * and append to the base querylet with "AND blah" */ - if (!empty($img_querylets)) { + if (!empty($img_conditions)) { $n = 0; $img_sql = ""; $img_vars = []; - foreach ($img_querylets as $iq) { + foreach ($img_conditions as $iq) { if ($n++ > 0) { $img_sql .= " AND"; } @@ -970,16 +970,16 @@ class Image * All the subqueries are executed every time for every row in the * images table. Yes, MySQL does suck this much. * - * #param TagQuerylet[] $tag_querylets + * #param TagQuerylet[] $tag_conditions */ - private static function build_accurate_search_querylet(array $tag_querylets): Querylet + private static function build_accurate_search_querylet(array $tag_conditions): Querylet { global $database; $positive_tag_id_array = []; $negative_tag_id_array = []; - foreach ($tag_querylets as $tq) { + foreach ($tag_conditions as $tq) { $tag_ids = $database->get_col( $database->scoreql_to_sql(" SELECT id @@ -1032,14 +1032,14 @@ class Image * this function exists because mysql is a turd, see the docs for * build_accurate_search_querylet() for a full explanation * - * #param TagQuerylet[] $tag_querylets + * #param TagQuerylet[] $tag_conditions */ - private static function build_ugly_search_querylet(array $tag_querylets): Querylet + private static function build_ugly_search_querylet(array $tag_conditions): Querylet { global $database; $positive_tag_count = 0; - foreach ($tag_querylets as $tq) { + foreach ($tag_conditions as $tq) { if ($tq->positive) { $positive_tag_count++; } @@ -1059,7 +1059,7 @@ class Image // merge all the tag querylets into one generic one $sql = "0"; $terms = []; - foreach ($tag_querylets as $tq) { + foreach ($tag_conditions as $tq) { $sign = $tq->positive ? "+" : "-"; $sql .= ' '.$sign.' IF(SUM(tag LIKE :tag'.Image::$tag_n.'), 1, 0)'; $terms['tag'.Image::$tag_n] = $tq->tag; @@ -1069,7 +1069,7 @@ class Image $tag_id_array = []; - foreach ($tag_querylets as $tq) { + foreach ($tag_conditions as $tq) { $tag_ids = $database->get_col( $database->scoreql_to_sql(" SELECT id diff --git a/core/imageboard/search.php b/core/imageboard/search.php index e3c63940..2960663f 100644 --- a/core/imageboard/search.php +++ b/core/imageboard/search.php @@ -29,7 +29,7 @@ class Querylet } } -class TagQuerylet +class TagCondition { /** @var string */ public $tag; @@ -43,7 +43,7 @@ class TagQuerylet } } -class ImgQuerylet +class ImgCondition { /** @var Querylet */ public $qlet; From e232811e8c1a9f26469d286d0a81ce6886963b40 Mon Sep 17 00:00:00 2001 From: Shish Date: Sun, 16 Jun 2019 18:22:44 +0100 Subject: [PATCH 3/5] silence errors from a broken client --- ext/view/main.php | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/ext/view/main.php b/ext/view/main.php index 261565fa..0e81f6dc 100644 --- a/ext/view/main.php +++ b/ext/view/main.php @@ -126,6 +126,15 @@ class ViewImage extends Extension $page->set_mode("redirect"); $page->set_redirect(make_link("post/view/{$image->id}", $query)); } elseif ($event->page_matches("post/view")) { + if(!is_numeric($event->get_arg(0))) { + // For some reason there exists some very broken mobile client + // who follows up every request to '/post/view/123' with + // '/post/view/12300000000000Image 123: tags' which spams the + // database log with 'integer out of range' + $this->theme->display_error(404, "Image not found", "Invalid image ID"); + return; + } + $image_id = int_escape($event->get_arg(0)); $image = Image::by_id($image_id); From 1d10baa719d22e5b63405db747fd749916a70fd6 Mon Sep 17 00:00:00 2001 From: Shish Date: Sun, 16 Jun 2019 19:25:40 +0100 Subject: [PATCH 4/5] only sql-escape if we're going to the database, not the accelerator --- core/imageboard/image.php | 18 +++++++++--------- core/imageboard/tag.php | 8 ++++++++ ext/view/main.php | 10 +++++----- 3 files changed, 22 insertions(+), 14 deletions(-) diff --git a/core/imageboard/image.php b/core/imageboard/image.php index 18c646a9..cc2999dc 100644 --- a/core/imageboard/image.php +++ b/core/imageboard/image.php @@ -198,6 +198,10 @@ class Image $yays = 0; $nays = 0; foreach ($tag_conditions as $tq) { + if (strpos($tq->tag, "*") !== false) { + // can't deal with wildcards + return null; + } if ($tq->positive) { $yays++; $ret["yays"][] = $tq->tag; @@ -354,12 +358,8 @@ class Image $img_conditions[] = new ImgCondition($querylet, $positive); } } else { - // if the whole match is wild, skip this; - // if not, translate into SQL + // if the whole match is wild, skip this if (str_replace("*", "", $term) != "") { - $term = str_replace('_', '\_', $term); - $term = str_replace('%', '\%', $term); - $term = str_replace('*', '%', $term); $tag_conditions[] = new TagCondition($term, $positive); } } @@ -912,7 +912,7 @@ class Image GROUP BY images.id ) AS images WHERE 1=1 - "), ["tag"=>$tag_conditions[0]->tag]); + "), ["tag"=>Tag::sqlify($tag_conditions[0]->tag)]); } // more than one positive tag, or more than zero negative tags @@ -986,7 +986,7 @@ class Image FROM tags WHERE SCORE_STRNORM(tag) LIKE SCORE_STRNORM(:tag) "), - ["tag" => $tq->tag] + ["tag" => Tag::sqlify($tq->tag)] ); if ($tq->positive) { $positive_tag_id_array = array_merge($positive_tag_id_array, $tag_ids); @@ -1062,7 +1062,7 @@ class Image foreach ($tag_conditions as $tq) { $sign = $tq->positive ? "+" : "-"; $sql .= ' '.$sign.' IF(SUM(tag LIKE :tag'.Image::$tag_n.'), 1, 0)'; - $terms['tag'.Image::$tag_n] = $tq->tag; + $terms['tag'.Image::$tag_n] = Tag::sqlify($tq->tag); Image::$tag_n++; } $tag_search = new Querylet($sql, $terms); @@ -1076,7 +1076,7 @@ class Image FROM tags WHERE SCORE_STRNORM(tag) LIKE SCORE_STRNORM(:tag) "), - ["tag" => $tq->tag] + ["tag" => Tag::sqlify($tq->tag)] ); $tag_id_array = array_merge($tag_id_array, $tag_ids); diff --git a/core/imageboard/tag.php b/core/imageboard/tag.php index 3e32d524..ddce54f6 100644 --- a/core/imageboard/tag.php +++ b/core/imageboard/tag.php @@ -100,4 +100,12 @@ class Tag return $tag_array; } + + public static function sqlify(string $term): string + { + $term = str_replace('_', '\_', $term); + $term = str_replace('%', '\%', $term); + $term = str_replace('*', '%', $term); + return $term; + } } diff --git a/ext/view/main.php b/ext/view/main.php index 0e81f6dc..bfbe2fba 100644 --- a/ext/view/main.php +++ b/ext/view/main.php @@ -126,11 +126,11 @@ class ViewImage extends Extension $page->set_mode("redirect"); $page->set_redirect(make_link("post/view/{$image->id}", $query)); } elseif ($event->page_matches("post/view")) { - if(!is_numeric($event->get_arg(0))) { - // For some reason there exists some very broken mobile client - // who follows up every request to '/post/view/123' with - // '/post/view/12300000000000Image 123: tags' which spams the - // database log with 'integer out of range' + if (!is_numeric($event->get_arg(0))) { + // For some reason there exists some very broken mobile client + // who follows up every request to '/post/view/123' with + // '/post/view/12300000000000Image 123: tags' which spams the + // database log with 'integer out of range' $this->theme->display_error(404, "Image not found", "Invalid image ID"); return; } From 6313ebc339b926af074df01d40b743d1044a8307 Mon Sep 17 00:00:00 2001 From: Shish Date: Sun, 16 Jun 2019 19:39:28 +0100 Subject: [PATCH 5/5] LIMIT 1 when fetching a wiki page --- ext/wiki/main.php | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/ext/wiki/main.php b/ext/wiki/main.php index e3253c9e..360c686a 100644 --- a/ext/wiki/main.php +++ b/ext/wiki/main.php @@ -213,7 +213,7 @@ class Wiki extends Extension return false; } - private function get_page(string $title, int $revision=-1): WikiPage + private function get_page(string $title): WikiPage { global $database; // first try and get the actual page @@ -222,17 +222,21 @@ class Wiki extends Extension SELECT * FROM wiki_pages WHERE SCORE_STRNORM(title) LIKE SCORE_STRNORM(:title) - ORDER BY revision DESC"), + ORDER BY revision DESC + LIMIT 1 + "), ["title"=>$title] ); // fall back to wiki:default if (empty($row)) { $row = $database->get_row(" - SELECT * - FROM wiki_pages - WHERE title LIKE :title - ORDER BY revision DESC", ["title"=>"wiki:default"]); + SELECT * + FROM wiki_pages + WHERE title LIKE :title + ORDER BY revision DESC + LIMIT 1 + ", ["title"=>"wiki:default"]); // fall further back to manual if (empty($row)) {