Use constants instead of values in queries

4 years ago · 25cdaadf21
parent 776d87be38
commit 25cdaadf21
4 changed files with 12 additions and 7 deletions
--- a/public/main/inc/lib/myspace.lib.php
+++ b/public/main/inc/lib/myspace.lib.php
@ -566,7 +566,7 @@ class MySpace
        $sql_session_coach = "SELECT u.id AS user_id, u.lastname, u.firstname, MAX(tel.login_date) AS login_date
                                FROM $tbl_user u
                                INNER JOIN $tbl_track_login tel ON tel.login_user_id = u.id
-                                INNER JOIN $tblSessionRelUser sru ON (u.id = sru.user_id AND sru.relation_type = 3)
+                                INNER JOIN $tblSessionRelUser sru ON (u.id = sru.user_id AND sru.relation_type = ".SessionEntity::SESSION_COACH.")
                                GROUP BY u.id
                                ORDER BY login_date $tracking_direction";

@ -577,7 +577,7 @@ class MySpace
                $sql_session_coach = "SELECT u.id AS user_id, u.lastname, u.firstname, MAX(tel.login_date) AS login_date
                    FROM $tbl_user u
                    INNER JOIN $tbl_track_login  tel ON tel.login_user_id = u.id
-                    INNER JOIN $tblSessionRelUser sru ON (u.id = sru.user_id AND sru.relation_type = 3)
+                    INNER JOIN $tblSessionRelUser sru ON (u.id = sru.user_id AND sru.relation_type = ".SessionEntity::SESSION_COACH.")
                    INNER JOIN $tbl_session_rel_access_url aurs ON sru.session_id = aurs.session_id
                    WHERE aurs.access_url_id = $access_url_id
                    GROUP BY u.id
--- a/public/main/inc/lib/sessionmanager.lib.php
+++ b/public/main/inc/lib/sessionmanager.lib.php
@ -476,6 +476,7 @@ class SessionManager
    ) {
        $tblSession = Database::get_main_table(TABLE_MAIN_SESSION);
        $sessionCategoryTable = Database::get_main_table(TABLE_MAIN_SESSION_CATEGORY);
+        $tblSessionRelUser = Database::get_main_table(TABLE_MAIN_SESSION_USER);

        $where = 'WHERE 1 = 1 ';

@ -557,7 +558,7 @@ class SessionManager
            && 'true' === api_get_setting('allow_teachers_to_create_sessions');

        if ($allowSessionAdminsToManageAllSessions || $allowTeachersToCreateSessions) {
-            $sqlInjectJoins .= " INNER JOIN session_rel_user sru ON sru.session_id = s.id ";
+            $sqlInjectJoins .= " INNER JOIN $tblSessionRelUser sru ON sru.session_id = s.id ";

            $relationTypeList = [];

@ -4214,7 +4215,7 @@ class SessionManager
    }

    /**
-     * The general coach (session_rel_user.relation_type = 3).
+     * The general coach (session_rel_user.relation_type = Session::SESSION_COACH).
     *
     * @param int  $user_id         user id
     * @param bool $asPlatformAdmin The user is platform admin, return everything
--- a/public/main/inc/lib/tracking.lib.php
+++ b/public/main/inc/lib/tracking.lib.php
@ -8057,6 +8057,7 @@ class TrackingCourseLog
        $table_item_property = Database::get_course_table(TABLE_ITEM_PROPERTY);
        $table_user = Database::get_main_table(TABLE_MAIN_USER);
        $table_session = Database::get_main_table(TABLE_MAIN_SESSION);
+        $tblSessionRelUser = Database::get_main_table(TABLE_MAIN_SESSION_USER);
        $column = (int) $column;
        $direction = !in_array(strtolower(trim($direction)), ['asc', 'desc']) ? 'asc' : $direction;

@ -8144,7 +8145,7 @@ class TrackingCourseLog
                }
            } else {
                $sql = "SELECT session.id s.id, s.name u.username
-                          FROM c_tool t, session s, user u, session_rel_user sru
+                          FROM c_tool t, session s, user u, $tblSessionRelUser sru
                          WHERE
                              t.c_id = $course_id AND
                              t.session_id = s.id AND
--- a/public/main/mySpace/ti_report.php
+++ b/public/main/mySpace/ti_report.php
@ -10,6 +10,9 @@ require_once __DIR__.'/../inc/global.inc.php';

 $this_section = SECTION_TRACKING;

+$tblSession = Database::get_main_table(TABLE_MAIN_SESSION);
+$tblSessionRelUser = Database::get_main_table(TABLE_MAIN_SESSION_USER);
+
 $csv_content = [];
 $nameTools = get_lang('MySpace');

@ -80,8 +83,8 @@ if ($form->validate()) {
    $numberOfWeeks = floor($first->diff($second)->days / 7);

    $sql = "SELECT sru.user_id, s.name, s.id as session_id, s.display_start_date, s.display_end_date
-            FROM session
-            LEFT JOIN session_rel_user sru ON (sru.session_id = s.id AND sru.relation_type = ".Session::SESSION_COACH.")
+            FROM $tblSession s
+            LEFT JOIN $tblSessionRelUser sru ON (sru.session_id = s.id AND sru.relation_type = ".Session::SESSION_COACH.")
            WHERE s.display_start_date BETWEEN '$startDate' AND '$endDate'
            ORDER BY sru.user_id";
    $result = Database::query($sql);