webnotes-cvs

[<vb...@us...>]

Update of /cvsroot/webnotes/webnotes/core
In directory usw-pr-cvs1:/tmp/cvs-serv11650/core

Modified Files:
	note_api.php page_api.php 
Log Message:
- Removed single quotes from queries when accessing numeric fields.
- Added support for re-queueing of notes.
- Improved the Manage Notes page to have two lists.  The first lists the documents that have pending notes, and the second lists all documents.


Index: note_api.php
===================================================================
RCS file: /cvsroot/webnotes/webnotes/core/note_api.php,v
retrieving revision 1.27
retrieving revision 1.28
diff -u -d -r1.27 -r1.28
--- note_api.php	24 Sep 2002 06:14:40 -0000	1.27
+++ note_api.php	26 Sep 2002 03:41:46 -0000	1.28
@@ -11,13 +11,20 @@
 	### --------------------
 	function note_where_id_equals( $p_note_id ) {
 		$c_note_id = db_prepare_int( $p_note_id );
-		return ("(id='$c_note_id')");
+		return ("(n.id=$c_note_id)");
+	}
+	### --------------------
+	function note_where_page_and_visibility_equals( $p_page_id, $p_visibility ) {
+		$c_page_id = db_prepare_int( $p_page_id );
+		$c_visibility = db_prepare_int( $p_visibility );
+		return ("((n.page_id=$c_page_id) AND (n.visible=$c_visiblity))");
 	}
 	### --------------------
 	# $p_where is constructed by note_where* and hence does not need to be cleaned.
 	function note_get_info ( $p_where, $p_field = null ) {
 		$query = "SELECT *, UNIX_TIMESTAMP(date_submitted) as date_submitted
-				FROM " . config_get( 'phpWN_note_table' ) . "
+				FROM " . config_get( 'phpWN_note_table' ) . " n,
+					" . config_get( 'phpWN_page_table' ) . " p
 				WHERE $p_where
 				LIMIT 1";
 
@@ -44,7 +51,7 @@
 				FROM " . config_get( 'phpWN_note_table' ) . " n, 
 					" . config_get( 'phpWN_page_table' ) . " p
 				WHERE n.page_id = p.id AND 
-				visible='" . NOTE_VISIBLE_PENDING . "'";
+				visible=" . NOTE_VISIBLE_PENDING;
 		$result = db_query( $query );
 		return db_result( $result, 0, 0 );
 	}
@@ -66,7 +73,7 @@
 		$query = "INSERT INTO " . config_get( 'phpWN_note_table' ) . "
 	    		( id, page_id, email, ip, date_submitted, note, visible )
 				VALUES
-				( null, '$c_page_id', '$c_email', '$c_remote_address', NOW(), '$c_note', '$t_visible' )";
+				( null, $c_page_id, '$c_email', '$c_remote_address', NOW(), '$c_note', $t_visible )";
 		$result = db_query( $query );
 
 		page_touch( $p_page_id );
@@ -96,8 +103,8 @@
 		$c_visibility = db_prepare_int( $p_visibility );
 
 		$query = "UPDATE " . config_get( 'phpWN_note_table' ) . "
-				SET visible='$c_visibility'
-				WHERE id='$c_id' LIMIT 1";
+				SET visible=$c_visibility
+				WHERE id=$c_id LIMIT 1";
 		$result = db_query( $query );
 
 		note_touch( $p_id );
@@ -126,7 +133,7 @@
 	### --------------------
 	function note_pack_deleted() {
 		$query = "DELETE FROM " . config_get( 'phpWN_note_table' ) . "
-				WHERE visible='" . NOTE_VISIBLE_DELETED ."'";
+				WHERE visible=" . NOTE_VISIBLE_DELETED;
 		$result = db_query( $query );
 	}
 	### --------------------
@@ -137,7 +144,7 @@
 
 		$query = "UPDATE " . config_get( 'phpWN_note_table' ) . "
 				SET email='$c_email', note='$c_note'
-				WHERE id='$c_id' LIMIT 1";
+				WHERE id=$c_id LIMIT 1";
 		$result = db_query( $query );
 
 		note_touch( $p_id );
@@ -174,7 +181,7 @@
 
 		$query = "SELECT *, UNIX_TIMESTAMP(date_submitted) as date_submitted
 				FROM " . config_get( 'phpWN_note_table' ) . "
-				WHERE page_id='$c_page_id'
+				WHERE page_id=$c_page_id
 				ORDER BY date_submitted " . config_get( 'note_order' );
 
 		$result = db_query( $query );
@@ -219,7 +226,7 @@
 		$query = "SELECT n.id as note_id, n.*, p.page
 				FROM " . config_get( 'phpWN_note_table' ) . " n,
 					" . config_get( 'phpWN_page_table' ) . " p
-				WHERE n.visible='" . NOTE_VISIBLE_PENDING . "' 
+				WHERE n.visible=" . NOTE_VISIBLE_PENDING . " 
 				AND n.page_id=p.id";
 
 		if ( $p_only_one ) {

Index: page_api.php
===================================================================
RCS file: /cvsroot/webnotes/webnotes/core/page_api.php,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -d -r1.17 -r1.18
--- page_api.php	22 Sep 2002 04:17:38 -0000	1.17
+++ page_api.php	26 Sep 2002 03:41:46 -0000	1.18
@@ -15,7 +15,7 @@
 	### --------------------
 	function page_where_id_equals( $p_page_id ) {
 		$c_page_id = db_prepare_int( $p_page_id );
-		return ("(id='$c_page_id')");
+		return ("(id=$c_page_id)");
 	}
 	### --------------------
 	function page_where_all() {
@@ -23,8 +23,8 @@
 	}
 	### --------------------
 	function page_where_page_equals( $p_page ) {
-		$c_page_id = db_prepare_string( $p_page );
-		return ("(page='$c_page_id')");
+		$c_page = db_prepare_string( $p_page );
+		return ("(page='$c_page')");
 	}
 	### --------------------
 	# $p_where is constructed by page_where* and hence does not need to be cleaned.
@@ -52,8 +52,7 @@
 	# $p_where is constructed by page_where* and hence does not need to be cleaned.
 	function page_get_array ( $p_where, $p_order = null ) {
 		if ( null !== $p_order ) {
-		    $p_order = 'ORDER BY ' . $p_order;
-			$c_order = db_prepare_string( $p_order );
+			$c_order = 'ORDER BY ' . db_prepare_string( $p_order );
 		} else {
 			$c_order = '';
 		}
@@ -89,7 +88,7 @@
 
 		$query = "SELECT COUNT(*)
 				FROM " . config_get( 'phpWN_note_table' ) . "
-				WHERE page_id='$c_page_id' AND visible='" . NOTE_VISIBLE_ACCEPTED . "'";
+				WHERE page_id=$c_page_id AND visible=" . NOTE_VISIBLE_ACCEPTED;
 		$result = db_query( $query );
 		return db_result( $result, 0, 0 );
 	}
@@ -99,7 +98,7 @@
 
 		$query = "SELECT COUNT(*)
 				FROM " . config_get( 'phpWN_note_table' ) . "
-				WHERE page_id='$c_page_id'";
+				WHERE page_id=$c_page_id";
 		$result = db_query( $query );
 		return db_result( $result, 0, 0 );
 	}
@@ -109,7 +108,7 @@
 
 		$query = "SELECT page
 				FROM " . config_get( 'phpWN_page_table' ) . "
-				WHERE id='$c_page_id'
+				WHERE id=$c_page_id
 				LIMIT 1";
 
 		$result = db_query( $query );
@@ -133,7 +132,7 @@
 
 		$query = "UPDATE " . config_get( 'phpWN_page_table' ) . "
 				SET url='$c_url'
-				WHERE id='$c_page_id' LIMIT 1";
+				WHERE id=$c_page_id LIMIT 1";
 		$result = db_query( $query );
 		page_touch( $p_page_id );
 	}
@@ -174,8 +173,8 @@
 		$c_page_id = db_prepare_int( $p_page_id );
 		
 		$query = "UPDATE " . config_get( 'phpWN_page_table' ) . "
-				SET prev_id='$t_prev_id', next_id='$t_next_id'
-				WHERE id='$c_page_id' LIMIT 1";
+				SET prev_id=$t_prev_id, next_id=$t_next_id
+				WHERE id=$c_page_id LIMIT 1";
 		$result = db_query( $query );
 		page_touch( $p_page_id );
 	}
@@ -186,7 +185,7 @@
 
 		$query ='UPDATE ' . config_get( 'phpWN_page_table') . ' ' .
 				"SET last_updated=NOW() " .
-				"WHERE id='$c_page_id' " .
+				"WHERE id=$c_page_id " .
 				"LIMIT 1";
 
 		return ( false !== db_query( $query ) );
@@ -289,7 +288,7 @@
 		$c_page_id = db_prepare_int( $p_page_id );
 
 		$query = "DELETE FROM " . config_get( 'phpWN_note_table' ) . "
-				WHERE page_id='$c_page_id'";
+				WHERE page_id=$c_page_id";
 
 		$result = db_query( $query );
 
@@ -304,7 +303,7 @@
 		$c_page_id = db_prepare_int( $p_page_id );
 
 		$query = "DELETE FROM " . config_get( 'phpWN_page_table' ) . "
-				WHERE id='$c_page_id'
+				WHERE id=$c_page_id
 				LIMIT 1";
 
 		$result = db_query( $query );