chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Cleaning Database lib from old code and unused code.

Browse Source
1.10.x
Julio Montoya 10 years ago
parent 2b17f983b9
commit 2626fb4b2d
9 changed files with 30 additions and 368 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 2
      main/admin/add_users_to_session.php
  2. 2
      main/coursecopy/classes/CourseBuilder.class.php
  3. 2
      main/gradebook/index.php
  4. 4
      main/gradebook/lib/fe/displaygradebook.php
  5. 24
      main/inc/lib/course.lib.php
  6. 197
      main/inc/lib/database.lib.php
  7. 126
      main/inc/lib/database.mysqli.lib.php
  8. 5
      main/inc/lib/internationalization.lib.php
  9. 36
      tests/main/inc/lib/database.lib.test.php

2
main/admin/add_users_to_session.php
Unescape View File

@ -201,7 +201,7 @@ function search_users($needle, $type)
}
}
}
//echo Database::fixQuery($sql);
$rs = Database::query($sql);
$i = 0;
if ($type=='single') {

2
main/coursecopy/classes/CourseBuilder.class.php
Unescape View File

@ -1055,7 +1055,7 @@ class CourseBuilder
{
$tbl_session = Database::get_main_table(TABLE_MAIN_SESSION);
$tbl_session_course = Database::get_main_table(TABLE_MAIN_SESSION_COURSE);
$list_course = Database::get_course_list();
$list_course = CourseManager::get_course_list();
$list = array();
foreach($list_course as $_course) {
$this->course = new Course();

2
main/gradebook/index.php
Unescape View File

@ -730,7 +730,7 @@ $certificate = array();
if ($category != '0') {
$cat = new Category();
$category_id = intval($_GET['selectcat']);
$course_id = Database::get_course_by_category($category_id);
$course_id = CourseManager::get_course_by_category($category_id);
$show_message = $cat->show_message_resource_delete($course_id);
if ($show_message == '') {

4
main/gradebook/lib/fe/displaygradebook.php
Unescape View File

@ -211,7 +211,7 @@ class DisplayGradebook
// Student
$status = CourseManager::get_user_in_course_status(api_get_user_id(), api_get_course_id());
$objcat = new Category();
$course_id = Database::get_course_by_category($selectcat);
$course_id = CourseManager::get_course_by_category($selectcat);
$message_resource = $objcat->show_message_resource_delete($course_id);
if (!$is_course_admin && $status <> 1 && $selectcat <> 0) {
@ -394,7 +394,7 @@ class DisplayGradebook
// Student.
$status = CourseManager::get_user_in_course_status(api_get_user_id(), api_get_course_id());
$objcat = new Category();
$course_id = Database::get_course_by_category($selectcat);
$course_id = CourseManager::get_course_by_category($selectcat);
$message_resource = $objcat->show_message_resource_delete($course_id);
$grade_model_id = $catobj->get_grade_model_id();
$header = null;

24
main/inc/lib/course.lib.php
Unescape View File

@ -5402,4 +5402,28 @@ class CourseManager
return $result;
}
/**
* @return array a list (array) of all courses.
*/
public static function get_course_list()
{
$table = Database::get_main_table(TABLE_MAIN_COURSE);
return Database::store_result(self::query("SELECT *, id as real_id FROM $table"));
}
/**
* Returns course code from a given gradebook category's id
* @param int Category ID
* @return string Course code
*/
public static function get_course_by_category($category_id)
{
$category_id = intval($category_id);
$info = Database::fetch_array(
Database::query('SELECT course_code FROM '.Database::get_main_table(TABLE_MAIN_GRADEBOOK_CATEGORY).'
WHERE id='.$category_id), 'ASSOC'
);
return $info ? $info['course_code'] : false;
}
}

197
main/inc/lib/database.lib.php
Unescape View File

@ -55,29 +55,6 @@ class Database
return $_configuration['main_database'];
}
/**
* Returns the name of the database where all the personal stuff of the user is stored
* @todo use main_database
*/
public static function get_user_personal_database()
{
return self::get_main_database();
}
/**
* Returns the name of the current course database.
* @return mixed Glued database name of false if undefined
*/
public static function get_current_course_database()
{
$course_info = api_get_course_info();
if (empty($course_info['dbName'])) {
return false;
}
return $course_info['dbName'];
}
/**
* Returns the glued name of the current course database.
* @return mixed Glued database name of false if undefined
@ -182,7 +159,6 @@ class Database
//exit;
}
return self::format_table_name(self::get_main_database(), DB_COURSE_PREFIX.$short_table_name);
//return self::format_glued_course_table_name(self::fix_database_parameter($database_name), $short_table_name);
}
/*
@ -190,74 +166,6 @@ class Database
These methods execute a query and return the result(s).
*/
/**
* @return array a list (array) of all courses.
* @todo shouldn't this be in the course.lib.php script?
*/
public static function get_course_list()
{
$table = self::get_main_table(TABLE_MAIN_COURSE);
return self::store_result(self::query("SELECT *, id as real_id FROM $table"));
}
/**
* Gets user details from the "user" table
* @param $user_id (integer): the id of the user
* @return $user_info (array): user_id, lname, fname, username, email, ...
* @author Patrick Cool <patrick.cool@UGent.be>, expanded to get info for any user
* @author Roan Embrechts, first version + converted to Database API
* @version 30 September 2004
* @deprecated use api_get_user_info();
* @desc find all the information about a specified user. Without parameter this is the current user.
* @todo shouldn't this be in the user.lib.php script?
*/
public static function get_user_info_from_id($user_id = '')
{
if (empty($user_id)) {
return $GLOBALS['_user'];
}
$table = self::get_main_table(TABLE_MAIN_USER);
$user_id = self::escape_string($user_id);
return self::generate_abstract_user_field_names(
self::fetch_array(self::query("SELECT * FROM $table WHERE user_id = '$user_id'")));
}
/**
* Returns course code from a given gradebook category's id
* @param int Category ID
* @return string Course code
* @todo move this function in a gradebook-related library
*/
public static function get_course_by_category($category_id)
{
$category_id = intval($category_id);
$info = self::fetch_array(self::query('SELECT course_code FROM '.self::get_main_table(TABLE_MAIN_GRADEBOOK_CATEGORY).' WHERE id='.$category_id), 'ASSOC');
return $info ? $info['course_code'] : false;
}
/**
* This method creates an abstraction layer between database field names
* and field names expected in code.
*
* This helps when changing database names.
* It's also useful now to get rid of the 'franglais'.
*
* @todo add more array entries to abstract user info from field names
* @author Roan Embrechts
* @author Patrick Cool
*
* @todo what's the use of this function. I think this is better removed.
* There should be consistency in the variable names and the use throughout the scripts
*/
public static function generate_abstract_user_field_names($result_array) {
$result_array['firstName'] = $result_array['firstname'];
$result_array['lastName'] = $result_array['lastname'];
$result_array['mail'] = $result_array['email'];
#$result_array['picture_uri'] = $result_array['picture_uri'];
#$result_array ['user_id'] = $result_array['user_id'];
return $result_array;
}
/**
* Counts the number of rows in a table
* @param string $table The table of which the rows should be counted
@ -378,13 +286,6 @@ class Database
*/
public static function escape_string($string, $connection = null, $addFix = true)
{
// Fixes security problem when there's no "" or '' between a variable.
// See #7440 for more info
/*
if ($addFix) {
//$string = "__@$string@__";
}
*/
return get_magic_quotes_gpc()
? (self::use_default_connection($connection)
? mysql_real_escape_string(stripslashes($string))
@ -473,41 +374,6 @@ class Database
return $result;
}
/**
* Returns a list of the fields that a given table contains. The list may contain all of the available field names or filtered field names by using a pattern.
* By using a special option, this method is able to return an indexed list of fields' properties, where field names are keys.
* @param string $table This is the examined table.
* @param string $pattern (optional) A pattern for filtering field names as if it was needed for the SQL's LIKE clause, for example 'column_%'.
* @param string $database (optional) The name of the targeted database. If it is omited, the current database is assumed, see Database::select_db().
* @param bool $including_properties (optional) When this option is true, the returned result has the followong format:
* array(field_name_1 => array(0 => property_1, 1 => property_2, ...), fieald_name_2 => array(0 => property_1, ...), ...)
* @param resource $connection (optional) The database server connection, for detailed description see the method query().
* @return array Returns in an array the retrieved list of field names.
*/
public static function get_fields($table, $pattern = '', $database = '', $including_properties = false, $connection = null) {
$result = array();
$query = "SHOW COLUMNS FROM `".self::escape_string($table, $connection)."`";
if (!empty($database)) {
$query .= " FROM `".self::escape_string($database, $connection)."`";
}
if (!empty($pattern)) {
$query .= " LIKE '".self::escape_string($pattern, $connection)."'";
}
$query_result = Database::query($query, $connection);
if ($including_properties) {
// Making an indexed list of the fields and their properties.
while ($row = Database::fetch_row($query_result)) {
$result[$row[0]] = $row;
}
} else {
// Making a plain, flat list.
while ($row = Database::fetch_row($query_result)) {
$result[] = $row[0];
}
}
return $result;
}
/**
* Returns information about the type of the current connection and the server host name.
* @param resource $connection (optional) The database server connection, for detailed description see the method query().
@ -591,36 +457,6 @@ class Database
return self::num_rows($resource) > 0 ? (!empty($field) ? mysql_result($resource, $row, $field) : mysql_result($resource, $row)) : null;
}
/**
* Removes "__@" prefix and @__ suffix added by Database::escape_string()
* See #7440 for more info
* @param string $query
* @return mixed
*/
public static function fixQuery($query)
{
// LIKE condition
$query = str_replace("'%__@", "'%", $query);
$query = str_replace("@__%'", "%'", $query);
$query = str_replace('@__%"', "%'", $query);
$query = str_replace('"%__@', "'%", $query);
// Fixing doubles
$query = str_replace("__@__@", "__@", $query);
$query = str_replace("@__@__", "@__", $query);
$query = str_replace("'__@", "'", $query);
$query = str_replace('"__@', "'", $query);
$query = str_replace("__@", "'", $query);
$query = str_replace("@__'", "'", $query);
$query = str_replace('@__"', "'", $query);
$query = str_replace("@__", "'", $query);
return $query;
}
/**
* This method returns a resource
* Documentation has been added by Arthur Portugal
@ -658,8 +494,6 @@ class Database
$connection = null;
}
//$query = self::fixQuery($query);
// Check if the table contains a c_ (means a course id)
if (api_get_setting('server_type') === 'test' && strpos($query, 'c_')) {
//Check if the table contains inner joins
@ -943,37 +777,6 @@ class Database
No effort is made to keep the names / results the same.
*/
/**
* Glues a course database.
* glue format from local.inc.php.
*/
private static function glue_course_database_name($database_name) {
return self::get_course_table_prefix().$database_name.self::get_database_glue();
}
/**
* @param string $database_name, can be empty to use current course db
*
* @return the glued parameter if it is not empty,
* or the current course database (glued) if the parameter is empty.
*/
private static function fix_database_parameter($database_name) {
if (empty($database_name)) {
$course_info = api_get_course_info();
return $course_info['dbNameGlu'];
}
return self::glue_course_database_name($database_name);
}
/**
* Structures a course database and table name to ready them
* for querying. The course database parameter is considered glued:
* e.g. COURSE001`.`
*/
private static function format_glued_course_table_name($database_name_with_glue, $table) {
return '`'.$database_name_with_glue.$table.'`';
}
/**
* Structures a database and table name to ready them
* for querying. The database parameter is considered not glued,

126
main/inc/lib/database.mysqli.lib.php
Unescape View File

@ -54,28 +54,6 @@ class MySQLIDatabase {
return $_configuration['scorm_database'];
}
/**
* Returns the name of the database where all the personal stuff of the user is stored
*/
public static function get_user_personal_database()
{
global $_configuration;
return $_configuration['user_personal_database'];
}
/**
* Returns the name of the current course database.
* @return mixed Glued database name of false if undefined
*/
public static function get_current_course_database()
{
$course_info = api_get_course_info();
if (empty($course_info['dbName'])) {
return false;
}
return $course_info['dbName'];
}
/**
* Returns the glued name of the current course database.
* @return mixed Glued database name of false if undefined
@ -180,74 +158,6 @@ class MySQLIDatabase {
These methods execute a query and return the result(s).
*/
/**
* Returns a full list of the contents of the course table as a PHP table
* @return a list (array) of all courses.
* @todo shouldn't this be in the course.lib.php script?
*/
public static function get_course_list()
{
$table = self::get_main_table(TABLE_MAIN_COURSE);
return self::store_result(self::query("SELECT * FROM $table"));
}
/**
* @param $user_id (integer): the id of the user
* @return $user_info (array): user_id, lastname, firstname, username, email, ...
* @author Patrick Cool <patrick.cool@UGent.be>, expanded to get info for any user
* @author Roan Embrechts, first version + converted to Database API
* @version 30 September 2004
* @desc find all the information about a specified user. Without parameter this is the current user.
* @todo shouldn't this be in the user.lib.php script?
*/
public static function get_user_info_from_id($user_id = '')
{
if (empty($user_id)) {
return $GLOBALS['_user'];
}
$table = self::get_main_table(TABLE_MAIN_USER);
$user_id = self::escape_string($user_id);
return self::generate_abstract_user_field_names(
self::fetch_array(self::query("SELECT * FROM $table WHERE user_id = '$user_id'")));
}
/**
* Returns course code from a given gradebook category's id
* @param int Category ID
* @return string Course code
* @todo move this function in a gradebook-related library
*/
public static function get_course_by_category($category_id)
{
$category_id = intval($category_id);
$info = self::fetch_array(self::query('SELECT course_code FROM '.self::get_main_table(TABLE_MAIN_GRADEBOOK_CATEGORY).' WHERE id='.$category_id), 'ASSOC');
return $info ? $info['course_code'] : false;
}
/**
* This method creates an abstraction layer between database field names
* and field names expected in code.
*
* This helps when changing database names.
* It's also useful now to get rid of the 'franglais'.
*
* @todo add more array entries to abstract user info from field names
* @author Roan Embrechts
* @author Patrick Cool
*
* @todo what's the use of this function. I think this is better removed.
* There should be consistency in the variable names and the use throughout the scripts
*/
public static function generate_abstract_user_field_names($result_array)
{
$result_array['firstName'] = $result_array['firstname'];
$result_array['lastName'] = $result_array['lastname'];
$result_array['mail'] = $result_array['email'];
#$result_array['picture_uri'] = $result_array['picture_uri'];
#$result_array ['user_id'] = $result_array['user_id'];
return $result_array;
}
/**
* Counts the number of rows in a table
* @param string $table The table of which the rows should be counted
@ -443,42 +353,6 @@ class MySQLIDatabase {
return $result;
}
/**
* Returns a list of the fields that a given table contains. The list may contain all of the available field names or filtered field names by using a pattern.
* By using a special option, this method is able to return an indexed list of fields' properties, where field names are keys.
* @param string $table This is the examined table.
* @param string $pattern (optional) A pattern for filtering field names as if it was needed for the SQL LIKE clause, for example 'column_%'.
* @param string $database (optional) The name of the targeted database. If it is omitted, the current database is assumed, see Database::select_db().
* @param bool $including_properties (optional) When this option is true, the returned result has the following format:
* array(field_name_1 => array(0 => property_1, 1 => property_2, ...), field_name_2 => array(0 => property_1, ...), ...)
* @param resource $connection (optional) The database server connection, for detailed description see the method query().
* @return array Returns in an array the retrieved list of field names.
*/
public static function get_fields($table, $pattern = '', $database = '', $including_properties = false, $connection = null)
{
$result = array();
$query = "SHOW COLUMNS FROM `".self::escape_string($table, $connection)."`";
if (!empty($database)) {
$query .= " FROM `".self::escape_string($database, $connection)."`";
}
if (!empty($pattern)) {
$query .= " LIKE '".self::escape_string($pattern, $connection)."'";
}
$query_result = Database::query($query, $connection);
if ($including_properties) {
// Making an indexed list of the fields and their properties.
while ($row = Database::fetch_row($query_result)) {
$result[$row[0]] = $row;
}
} else {
// Making a plain, flat list.
while ($row = Database::fetch_row($query_result)) {
$result[] = $row[0];
}
}
return $result;
}
/**
* Returns information about the type of the current connection and the server host name.
* @param resource $connection (optional) The database server connection, for detailed description see the method query().

5
main/inc/lib/internationalization.lib.php
Unescape View File

@ -570,10 +570,7 @@ function api_get_utc_datetime($time = null, $return_null_if_invalid_date = false
}
return gmdate('Y-m-d H:i:s');
}
if (preg_match('/__@(.*)@__/', $time)) {
// unfilter special security fix for SQL injection, see Database::fixQuery()
$time = str_replace(array("__@","@__"), "", $time);
}
// If time is a timestamp, return directly in utc
if (is_numeric($time)) {
$time = intval($time);

36
tests/main/inc/lib/database.lib.test.php
Unescape View File

@ -71,18 +71,6 @@ class TestDatabase extends UnitTestCase {
$this->assertTrue(is_array($resu));
}
/* // Contains a private unaccessible method, Database::fix_database_parameter().
function testFixDatabaseParameterEmpty() {
$course_info = api_get_course_info();
$database_name= $course_info[""];
$res=$this->dbase->fix_database_parameter($database_name);
if(!is_null($res)) :
$this->assertTrue(is_string($res));
endif;
//var_dump($res);
}
*/
/* // Contains a private unaccessible method, Database::fix_database_parameter().
function testFixDatabaseParameterReturnString() {
$course_info = api_get_course_info();
@ -141,17 +129,6 @@ class TestDatabase extends UnitTestCase {
$this->assertTrue(is_string($res));
}
function testGetCurrentCourseDatabase() {
$res=$this->dbase->get_current_course_database();
if (empty($GLOBALS['_course']['dbName'])) {
$this->assertFalse($res);
} else {
$this->assertTrue(is_string($res));
}
$res=$this->dbase->get_current_course_database('___');
$this->assertFalse($res);
}
function testGetCurrentCourseGluedDatabase() {
global $_course;
$res=$this->dbase->get_current_course_glued_database();
@ -186,19 +163,6 @@ class TestDatabase extends UnitTestCase {
$this->assertTrue(is_string($res));
}
/* Fails for some reason on automated tests server
function testGetUserInfoFromIdNullIsFalse() {
// should be returning GLOBALS[_user] (=null) if param is null (in testing context)
$res=$this->dbase->get_user_info_from_id(null);
$this->assertFalse($res);
}
*/
function testGetUserInfoFromIdHighValueIsArray() {
// should be returning array with empty values if user doesn't exist
$res=$this->dbase->get_user_info_from_id(5000000);
$this->assertTrue(is_array($res));
}
/* // Contains a private unaccessible method, Database::glue_course_database_name().
function testGlueCourseDatabaseName() {
$database_name='';

Write Preview
Loading…
Cancel
Save