app/periscope/periscope_controller.rb in periscope_rails-0.0.5 vs app/periscope/periscope_controller.rb in periscope_rails-0.0.6

@@ -34,28 +34,29 @@
     if command == ""
       #nothing
     elsif (command_words & bad_words).size > 0
       error_message = "Potentially harmful keyword found, blocking script."
     else
-      begin
+      begin #for whole query
         active_record = PeriscopeRails::Config.get_active_record()
-        active_record.transaction do
-          if PeriscopeRails::Config.block_expensive_queries?
-            cost_row = ""
-            begin
-              cost_row = active_record.connection.select_all("explain #{command}")[0]["QUERY PLAN"]
-            rescue
-              puts "Warning: Periscope was unable to cost this query (1): #{command}"
+        begin #just for costing
+          active_record.transaction do #costing
+            if PeriscopeRails::Config.block_expensive_queries?
+              active_record.connection.select_all("explain #{command}")[0]["QUERY PLAN"] =~ /rows=(\d+) width=(\d+)\)$/
+              row_count, width = $1.to_i, $2.to_i
+              if row_count > 0 and width > 0
+                raise "Command blocked, it may be too slow. Estimated at #{row_count} rows, commands must return fewer than #{PeriscopeRails::Config.max_rows} rows." if row_count > PeriscopeRails::Config.max_rows
+                raise "Command blocked, it may be too slow. Estimated at #{row_count * width} bytes, commands use less than #{PeriscopeRails::Config.max_size} bytes." if row_count * width > PeriscopeRails::Config.max_size
+              else
+                puts "Warning: Periscope was unable to cost this query (2): #{command}"
+              end
             end
-            cost_row =~ /rows=(\d+) width=(\d+)\)$/
-            row_count, width = $1.to_i, $2.to_i
-            if row_count > 0 and width > 0
-              raise "Command blocked, it may be too slow. Estimated at #{row_count} rows, commands must return fewer than #{PeriscopeRails::Config.max_rows} rows." if row_count > PeriscopeRails::Config.max_rows
-              raise "Command blocked, it may be too slow. Estimated at #{row_count * width} bytes, commands use less than #{PeriscopeRails::Config.max_size} bytes." if row_count * width > PeriscopeRails::Config.max_size
-            else
-              puts "Warning: Periscope was unable to cost this query (2): #{command}"
-            end
+            raise "OK" #abort all transactions for extra protection
           end
+        rescue Exception => e
+          puts "Warning: Periscope was unable to cost this query (1): #{command}" unless e.message == "OK"
+        end
+        active_record.transaction do #execution
           rows = active_record.connection.select_all(command)
           rows.each do |row|
             row.each_key do |column|
               if PeriscopeRails::Config.matches_filter(column)
                 row[column] = '[FILTERED]'