From: <ral...@us...> - 2004-05-31 16:37:30
|
Update of /cvsroot/egroupware/bookmarks/inc In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv4476 Modified Files: class.so.inc.php Log Message: using the new quoting functions that run complete queries Index: class.so.inc.php =================================================================== RCS file: /cvsroot/egroupware/bookmarks/inc/class.so.inc.php,v retrieving revision 1.9 retrieving revision 1.10 diff -C2 -d -r1.9 -r1.10 *** class.so.inc.php 31 May 2004 09:05:59 -0000 1.9 --- class.so.inc.php 31 May 2004 16:37:20 -0000 1.10 *************** *** 25,61 **** { $this->db = $GLOBALS['phpgw']->db; $this->table = 'phpgw_bookmarks'; ! $table_def = $this->db->get_table_definitions('bookmarks',$this->table); ! $this->db->set_column_definitions($table_def['fd']); } function _list($cat_list,$public_user_list,$start,$where_clause) { ! $query = "SELECT * FROM $this->table WHERE ( bm_owner=" . (int)$GLOBALS['phpgw_info']['user']['account_id']; ! if ($public_user_list) ! { ! $filtermethod .= ' OR ('.$this->db->column_data_implode(' AND ',array( 'bm_access'=>'public', 'bm_owner' => $public_user_list, ! )); ! } ! $query .= ' )'; ! ! if ($cat_list) ! { ! $where_clause .= ' '.$this->db->column_data_implode(' AND ',array( 'bm_category' => $cat_list, ! )); ! } ! $query .= ($where_clause ? ' AND '.$where_clause : '') . ' ORDER BY bm_category, bm_name'; ! ! $this->db->query($query,__LINE__,__FILE__); ! $this->total_records = $this->db->num_rows(); if ($start !== False) { ! $this->db->limit_query($query,$start,__LINE__,__FILE__); } - while ($this->db->next_record()) { --- 25,54 ---- { $this->db = $GLOBALS['phpgw']->db; + $this->db->set_app('bookmarks'); $this->table = 'phpgw_bookmarks'; ! $this->user = $GLOBALS['phpgw_info']['user']['account_id']; } function _list($cat_list,$public_user_list,$start,$where_clause) { ! $where = $this->db->expression($this->table,'(',array('bm_owner'=>$this->user), ! (boolean) $public_user_list,' OR (',array( 'bm_access'=>'public', 'bm_owner' => $public_user_list, ! ),'))',(boolean)$cat_list,' AND ',array( 'bm_category' => $cat_list, ! ),(boolean)$where_clause,' AND ',$where_clause,' ORDER BY bm_category, bm_name'); if ($start !== False) { ! $this->db->select($this->table,'count(*)',$where,__LINE__,__FILE__); ! $this->total_records = $this->db->next_record() ? $this->db->f(0) : 0; ! $this->db->select($this->table,'*',$where,__LINE__,__FILE__,$start); ! } ! else ! { ! $this->db->select($this->table,'*',$where,__LINE__,__FILE__); ! $this->total_records = $this->db->num_rows(); } while ($this->db->next_record()) { *************** *** 84,88 **** { $query = "SELECT * FROM $this->table WHERE bm_id=".(int)$id; ! $this->db->query($query,__LINE__,__FILE__); if (!$this->db->next_record()) { --- 77,81 ---- { $query = "SELECT * FROM $this->table WHERE bm_id=".(int)$id; ! $this->db->select($this->table,'*',array('bm_id'=>$id),__LINE__,__FILE__); if (!$this->db->next_record()) { *************** *** 94,99 **** function exists($url) { ! $query = "SELECT count(*) FROM $this->table WHERE bm_url=".$this->db->quote($url).' AND bm_owner='.(int)$GLOBALS['phpgw_info']['user']['account_id']; ! $this->db->query($query,__LINE__,__FILE__); $this->db->next_record(); --- 87,91 ---- function exists($url) { ! $this->db->select($this->table,'count(*)',array('bm_url'=>$url,'bm_owner'=>$this->user),__LINE__,__FILE__); $this->db->next_record(); *************** *** 107,118 **** $columns['bm_visits'] = 0; ! $query = "INSERT INTO $this->table (".implode(',',array_keys($columns)).") VALUES(". ! $this->db->column_data_implode(',',$columns,False).')'; ! ! if (!$this->db->query($query,__LINE__,__FILE__)) { return False; } ! return $this->db->get_last_insert_id('phpgw_bookmarks','bm_id'); } --- 99,107 ---- $columns['bm_visits'] = 0; ! if (!$this->db->insert($this->table,$columns,False,__LINE__,__FILE__)) { return False; } ! return $this->db->get_last_insert_id($this->table,'bm_id'); } *************** *** 121,125 **** #echo "so::update<pre>".htmlspecialchars(print_r($values,True))."</pre>\n"; ! $this->db->query("SELECT bm_info FROM $this->table WHERE bm_id=".(int)$id,__LINE__,__FILE__); $this->db->next_record(); $ts = explode(',',$GLOBALS['phpgw']->db->f('bm_info')); --- 110,114 ---- #echo "so::update<pre>".htmlspecialchars(print_r($values,True))."</pre>\n"; ! $this->db->select($this->table,'bm_info',array('bm_id'=>$id),__LINE__,__FILE__); $this->db->next_record(); $ts = explode(',',$GLOBALS['phpgw']->db->f('bm_info')); *************** *** 129,135 **** // Update bookmark information. ! $query = "UPDATE $this->table SET ".$this->db->column_data_implode(',',$columns).' WHERE bm_id='.(int)$id; ! ! if (!$this->db->query($query,__LINE__,__FILE__)) { return False; --- 118,122 ---- // Update bookmark information. ! if (!$this->db->update($this->table,$columns,array('bm_id'=>$id),__LINE__,__FILE__)) { return False; *************** *** 155,166 **** function updatetimestamp($id,$timestamp) { ! $query = "UPDATE $this->table SET bm_info=".$this->db->quote($timestamp).', bm_visits=bm_visits+1 WHERE bm_id='.(int)$id; ! $this->db->query($query,__LINE__,__FILE__); } function delete($id) { ! $query = "DELETE FROM $this->table WHERE bm_id=".(int)$id; ! $this->db->query($query,__LINE__,__FILE__); if ($this->db->Errno != 0) { --- 142,154 ---- function updatetimestamp($id,$timestamp) { ! $this->db->update($this->table,array( ! 'bm_info'=>$timestamp, ! 'bm_visits=bm_visits+1' ! ),array('bm_id'=>$id),__LINE__,__FILE__); } function delete($id) { ! $this->db->delete($this->table,array('bm_id'=>$id),__LINE__,__FILE__); if ($this->db->Errno != 0) { |