chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Remove unnecessary quotes in queries - refs BT#18201

Browse Source
pull/3824/head
Angel Fernando Quiroz Campos 5 years ago
parent 3428e54fb7
commit 316bc309f6
10 changed files with 35 additions and 36 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 8
      main/exercise/answer.class.php
  2. 6
      main/exercise/exercise.class.php
  3. 4
      main/exercise/question.class.php
  4. 4
      main/exercise/question_create.php
  5. 4
      main/exercise/unique_answer.class.php
  6. 4
      main/extra/myStudents.php
  7. 12
      main/gradebook/lib/be/exerciselink.class.php
  8. 13
      main/inc/lib/tracking.lib.php
  9. 2
      main/lp/learnpath.class.php
  10. 14
      src/Chamilo/CourseBundle/Component/CourseCopy/CourseBuilder.php

8
main/exercise/answer.class.php
Unescape View File

@ -125,7 +125,7 @@ class Answer
$sql = "SELECT * FROM $table
WHERE
question_id ='".$questionId."'
question_id = $questionId
ORDER BY position";
$result = Database::query($sql);
@ -210,7 +210,7 @@ class Answer
$sql = "SELECT id FROM
$table
WHERE question_id ='".$questionId."'";
WHERE question_id = $questionId";
$result = Database::query($sql);
$id = [];
@ -394,7 +394,7 @@ class Answer
$table = Database::get_course_table(TABLE_QUIZ_ANSWER);
$auto_id = (int) $auto_id;
$sql = "SELECT iid, answer, id_auto FROM $table
WHERE id_auto='$auto_id'";
WHERE id_auto = $auto_id";
$rs = Database::query($sql);
if (Database::num_rows($rs) > 0) {
@ -501,7 +501,7 @@ class Answer
{
$table = Database::get_course_table(TABLE_QUIZ_QUESTION);
$sql = "SELECT type FROM $table
WHERE iid = '".$this->questionId."'";
WHERE iid = {$this->questionId}";
$res = Database::query($sql);
if (Database::num_rows($res) <= 0) {
return null;

6
main/exercise/exercise.class.php
Unescape View File

@ -179,7 +179,7 @@ class Exercise
}
$sql = "SELECT * FROM $table
WHERE iid = ".$id;
WHERE iid = $id";
$result = Database::query($sql);
// if the exercise has been found
@ -665,14 +665,14 @@ class Exercise
FROM $TBL_EXERCICE_QUESTION e
INNER JOIN $TBL_QUESTIONS q
ON e.question_id = q.iid
WHERE e.exercice_id = '".$this->id."' AND e.c_id = {$this->course_id}";
WHERE e.exercice_id = {$this->id} AND e.c_id = {$this->course_id}";
$orderCondition = ' ORDER BY question_order ';
if (!empty($sidx) && !empty($sord)) {
if ('question' === $sidx) {
if (in_array(strtolower($sord), ['desc', 'asc'])) {
$orderCondition = " ORDER BY `q.$sidx` $sord";
$orderCondition = " ORDER BY q.$sidx $sord";
}
}
}

4
main/exercise/question.class.php
Unescape View File

@ -869,7 +869,7 @@ abstract class Question
*
* @return bool - true if copied, otherwise false
*/
public function exportPicture($questionId, $courseInfo)
public function exportPicture(int $questionId, array $courseInfo)
{
if (empty($questionId) || empty($courseInfo)) {
return false;
@ -919,7 +919,7 @@ abstract class Question
$table = Database::get_course_table(TABLE_QUIZ_QUESTION);
$sql = "UPDATE $table SET
picture = '".Database::escape_string($picture)."'
WHERE iid='".intval($questionId)."'";
WHERE iid = $questionId";
Database::query($sql);
$documentId = add_document(

4
main/exercise/question_create.php
Unescape View File

@ -82,8 +82,8 @@ if ($form->validate()) {
$answer_type = $values['question_type_hidden'];
// check feedback_type from current exercise for type of question delineation
$exercise_id = intval($values['exercise']);
$sql = "SELECT feedback_type FROM $tbl_exercises WHERE iid = '$exercise_id'";
$exercise_id = (int) $values['exercise'];
$sql = "SELECT feedback_type FROM $tbl_exercises WHERE iid = $exercise_id";
$rs_feedback_type = Database::query($sql);
$row_feedback_type = Database::fetch_row($rs_feedback_type);
$feedback_type = $row_feedback_type[0];

4
main/exercise/unique_answer.class.php
Unescape View File

@ -485,7 +485,7 @@ class UniqueAnswer extends Question
$tbl_quiz_answer = Database::get_course_table(TABLE_QUIZ_ANSWER);
$tbl_quiz_question = Database::get_course_table(TABLE_QUIZ_QUESTION);
$course_id = api_get_course_int_id();
$question_id = intval($question_id);
$question_id = (int) $question_id;
$score = floatval($score);
$correct = intval($correct);
$title = Database::escape_string($title);
@ -528,7 +528,7 @@ class UniqueAnswer extends Question
if ($correct) {
$sql = "UPDATE $tbl_quiz_question
SET ponderation = (ponderation + $score)
WHERE iid = ".$question_id;
WHERE iid = $question_id";
Database::query($sql);
}
}

4
main/extra/myStudents.php
Unescape View File

@ -1119,7 +1119,7 @@ if (!empty($studentId)) {
$sql = "SELECT quiz.title, iid FROM $t_quiz AS quiz
WHERE
quiz.c_id = ".$courseInfo['real_id']." AND
quiz.c_id = {$courseInfo['real_id']} AND
active IN (0, 1)
$sessionCondition
ORDER BY quiz.title ASC ";
@ -2231,7 +2231,7 @@ if (empty($_GET['details'])) {
];
$t_quiz = Database:: get_course_table(TABLE_QUIZ_TEST);
$sql = "SELECT quiz.title, iid FROM ".$t_quiz." AS quiz
$sql = "SELECT quiz.title, iid FROM $t_quiz AS quiz
WHERE
quiz.c_id = $c_id AND
(quiz.session_id = $session_id OR quiz.session_id = 0) AND

12
main/gradebook/lib/be/exerciselink.class.php
Unescape View File

@ -638,9 +638,9 @@ class ExerciseLink extends AbstractLink
$this->exercise_data = Database::fetch_array($result);
} else {
// Try with iid
$sql = 'SELECT * FROM '.$table.'
WHERE
iid = '.$exerciseId;
$sql = "SELECT * FROM $table
WHERE
iid = $exerciseId";
$result = Database::query($sql);
$rows = Database::num_rows($result);
@ -648,9 +648,9 @@ class ExerciseLink extends AbstractLink
$this->exercise_data = Database::fetch_array($result);
} else {
// Try wit id
$sql = 'SELECT * FROM '.$table.'
WHERE
iid = '.$exerciseId;
$sql = "SELECT * FROM $table
WHERE
iid = $exerciseId";
$result = Database::query($sql);
$this->exercise_data = Database::fetch_array($result);
}

13
main/inc/lib/tracking.lib.php
Unescape View File

@ -384,11 +384,11 @@ class Tracking
$result_disabled_ext_all = false;
if ('quiz' === $row['item_type']) {
// Check results_disabled in quiz table.
$my_path = Database::escape_string($row['path']);
$lpItemPath = (int) $row['path'];
$sql = "SELECT results_disabled
FROM $TBL_QUIZ
WHERE
iid ='".$my_path."'";
iid = $lpItemPath";
$res_result_disabled = Database::query($sql);
$row_result_disabled = Database::fetch_row($res_result_disabled);
@ -686,14 +686,13 @@ class Tracking
$my_id = $row['myid'];
$my_lp_id = $row['mylpid'];
$my_lp_view_id = $row['mylpviewid'];
$my_path = $row['path'];
$lpItemPath = (int) $row['path'];
$result_disabled_ext_all = false;
if ($row['item_type'] === 'quiz') {
// Check results_disabled in quiz table.
$my_path = Database::escape_string($my_path);
$sql = "SELECT results_disabled
FROM $TBL_QUIZ
WHERE iid = '$my_path' ";
WHERE iid = $lpItemPath";
$res_result_disabled = Database::query($sql);
$row_result_disabled = Database::fetch_row($res_result_disabled);
@ -2982,7 +2981,7 @@ class Tracking
$num = Database::num_rows($result_last_attempt);
if ($num > 0) {
$attemptResult = Database::fetch_array($result_last_attempt, 'ASSOC');
$id_last_attempt = $attemptResult['exe_id'];
$id_last_attempt = (int) $attemptResult['exe_id'];
// We overwrite the score with the best one not the one saved in the LP (latest)
if ($getOnlyBestAttempt && $get_only_latest_attempt_results == false) {
if ($debug) {
@ -3007,7 +3006,7 @@ class Tracking
INNER JOIN $tbl_quiz_questions AS q
ON q.iid = at.question_id
WHERE
exe_id ='$id_last_attempt' AND
exe_id = $id_last_attempt AND
at.c_id = $course_id
)
AS t";

2
main/lp/learnpath.class.php
Unescape View File

@ -7686,7 +7686,7 @@ class learnpath
} elseif (is_numeric($extra_info)) {
$sql = "SELECT title, description
FROM $tbl_quiz
WHERE iid = ".$extra_info;
WHERE iid = $extra_info";
$result = Database::query($sql);
$row = Database::fetch_array($result);

14
src/Chamilo/CourseBundle/Component/CourseCopy/CourseBuilder.php
Unescape View File

@ -797,8 +797,8 @@ class CourseBuilder
$this->findAndSetDocumentsInText($obj->description);
$quiz = new Quiz($obj);
$sql = 'SELECT * FROM '.$table_rel.'
WHERE c_id = '.$courseId.' AND exercice_id = '.$obj->iid;
$sql = "SELECT * FROM $table_rel
WHERE c_id = $courseId AND exercice_id = {$obj->iid}";
$db_result2 = Database::query($sql);
while ($obj2 = Database::fetch_object($db_result2)) {
$quiz->add_question($obj2->question_id, $obj2->question_order);
@ -860,8 +860,8 @@ class CourseBuilder
);
$question->addPicture($this);
$sql = 'SELECT * FROM '.$table_ans.'
WHERE question_id = '.$obj->iid;
$sql = "SELECT * FROM $table_ans
WHERE question_id = {$obj->iid}";
$db_result2 = Database::query($sql);
while ($obj2 = Database::fetch_object($db_result2)) {
$question->add_answer(
@ -880,8 +880,8 @@ class CourseBuilder
if ($obj->type == MULTIPLE_ANSWER_TRUE_FALSE) {
$table_options = Database::get_course_table(TABLE_QUIZ_QUESTION_OPTION);
$sql = 'SELECT * FROM '.$table_options.'
WHERE question_id = '.$obj->iid;
$sql = "SELECT * FROM $table_options
WHERE question_id = {$obj->iid}";
$db_result3 = Database::query($sql);
while ($obj3 = Database::fetch_object($db_result3)) {
$question_option = new QuizQuestionOption($obj3);
@ -951,7 +951,7 @@ class CourseBuilder
);
$question->addPicture($this);
$sql = "SELECT * FROM $table_ans
WHERE question_id = ".$obj->id;
WHERE question_id = {$obj->id}";
$db_result2 = Database::query($sql);
if (Database::num_rows($db_result2)) {
while ($obj2 = Database::fetch_object($db_result2)) {

Write Preview
Loading…
Cancel
Save