open-dsi
/
nextcloud-server
mirror of https://github.com/nextcloud/server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

add backticks to SQL, use limit parameter instead of LIMIT SQL

Browse Source
remotes/origin/stable45
Jörn Friedrich Dreyer 13 years ago
parent fd5af9aff4
commit fa3497f6ed
27 changed files with 135 additions and 137 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 6
      apps/calendar/lib/import.php
  2. 22
      apps/calendar/lib/repeat.php
  3. 4
      apps/calendar/lib/share.php
  4. 2
      apps/calendar/lib/share/calendar.php
  5. 2
      apps/calendar/lib/share_backend.php
  6. 8
      apps/contacts/appinfo/migrate.php
  7. 8
      apps/contacts/appinfo/update.php
  8. 2
      apps/contacts/lib/share/addressbook.php
  9. 2
      apps/contacts/lib/vcard.php
  10. 12
      apps/files/appinfo/update.php
  11. 2
      apps/files_sharing_log/index.php
  12. 4
      apps/files_sharing_log/log.php
  13. 2
      apps/gallery/appinfo/app.php
  14. 4
      apps/gallery/appinfo/update.php
  15. 6
      apps/gallery/lib/photo.php
  16. 6
      apps/media/lib/share/artist.php
  17. 6
      apps/media/lib/share/song.php
  18. 4
      apps/user_ldap/appinfo/update.php
  19. 38
      apps/user_ldap/lib/access.php
  20. 16
      apps/user_ldap/lib/jobs.php
  21. 10
      lib/backgroundjob/queuedtask.php
  22. 2
      lib/connector/sabre/directory.php
  23. 2
      lib/db.php
  24. 4
      lib/filecache/cached.php
  25. 78
      lib/public/share.php
  26. 18
      lib/subadmin.php
  27. 2
      tests/lib/share/share.php

6
apps/calendar/lib/import.php
Unescape View File

@ -273,9 +273,9 @@ class OC_Calendar_Import{
*/
private function isDuplicate($insertid){
$newobject = OC_Calendar_Object::find($insertid);
$stmt = OCP\DB::prepare('SELECT COUNT(*) as count FROM *PREFIX*calendar_objects
INNER JOIN *PREFIX*calendar_calendars ON calendarid=*PREFIX*calendar_calendars.id
WHERE objecttype=? AND startdate=? AND enddate=? AND repeating=? AND summary=? AND calendardata=? AND userid = ?');
$stmt = OCP\DB::prepare('SELECT COUNT(*) AS `count` FROM `*PREFIX*calendar_objects`
INNER JOIN `*PREFIX*calendar_calendars` ON `calendarid`=`*PREFIX*calendar_calendars`.`id`
WHERE `objecttype`=? AND `startdate`=? AND `enddate`=? AND `repeating`=? AND `summary`=? AND `calendardata`=? AND `userid` = ?');
$result = $stmt->execute(array($newobject['objecttype'],$newobject['startdate'],$newobject['enddate'],$newobject['repeating'],$newobject['summary'],$newobject['calendardata'], $this->userid));
$result = $result->fetchRow();
if($result['count'] >= 2){

22
apps/calendar/lib/repeat.php
Unescape View File

@ -16,7 +16,7 @@ class OC_Calendar_Repeat{
* @return (array)
*/
public static function get($id){
$stmt = OCP\DB::prepare('SELECT * FROM *PREFIX*calendar_repeat WHERE eventid = ?');
$stmt = OCP\DB::prepare('SELECT * FROM `*PREFIX*calendar_repeat` WHERE `eventid` = ?');
$result = $stmt->execute(array($id));
$return = array();
while($row = $result->fetchRow()){
@ -32,9 +32,9 @@ class OC_Calendar_Repeat{
* @return (array)
*/
public static function get_inperiod($id, $from, $until){
$stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*calendar_repeat WHERE eventid = ?'
.' AND ((startdate >= ? AND startdate <= ?)'
.' OR (enddate >= ? AND enddate <= ?))');
$stmt = OCP\DB::prepare( 'SELECT * FROM `*PREFIX*calendar_repeat` WHERE `eventid` = ?'
.' AND ((`startdate` >= ? AND `startdate` <= ?)'
.' OR (`enddate` >= ? AND `enddate` <= ?))');
$result = $stmt->execute(array($id,
OC_Calendar_Object::getUTCforMDB($from), OC_Calendar_Object::getUTCforMDB($until),
OC_Calendar_Object::getUTCforMDB($from), OC_Calendar_Object::getUTCforMDB($until)));
@ -50,7 +50,7 @@ class OC_Calendar_Repeat{
* @return (array)
*/
public static function getCalendar($id){
$stmt = OCP\DB::prepare('SELECT * FROM *PREFIX*calendar_repeat WHERE calid = ?');
$stmt = OCP\DB::prepare('SELECT * FROM `*PREFIX*calendar_repeat` WHERE `calid` = ?');
$result = $stmt->execute(array($id));
$return = array();
while($row = $result->fetchRow()){
@ -66,9 +66,9 @@ class OC_Calendar_Repeat{
* @return (array)
*/
public static function getCalendar_inperiod($id, $from, $until){
$stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*calendar_repeat WHERE calid = ?'
.' AND ((startdate >= ? AND startdate <= ?)'
.' OR (enddate >= ? AND enddate <= ?))');
$stmt = OCP\DB::prepare( 'SELECT * FROM `*PREFIX*calendar_repeat` WHERE `calid` = ?'
.' AND ((`startdate` >= ? AND `startdate` <= ?)'
.' OR (`enddate` >= ? AND `enddate` <= ?))');
$result = $stmt->execute(array($id,
$from, $until,
$from, $until));
@ -99,7 +99,7 @@ class OC_Calendar_Repeat{
continue;
}
$startenddate = OC_Calendar_Object::generateStartEndDate($vevent->DTSTART, OC_Calendar_Object::getDTEndFromVEvent($vevent), ($vevent->DTSTART->getDateType() == Sabre_VObject_Element_DateTime::DATE)?true:false, 'UTC');
$stmt = OCP\DB::prepare('INSERT INTO *PREFIX*calendar_repeat (eventid,calid,startdate,enddate) VALUES(?,?,?,?)');
$stmt = OCP\DB::prepare('INSERT INTO `*PREFIX*calendar_repeat` (`eventid`,`calid`,`startdate`,`enddate`) VALUES(?,?,?,?)');
$stmt->execute(array($id,OC_Calendar_Object::getCalendarid($id),$startenddate['start'],$startenddate['end']));
}
return true;
@ -189,7 +189,7 @@ class OC_Calendar_Repeat{
* @return (bool)
*/
public static function clean($id){
$stmt = OCP\DB::prepare('DELETE FROM *PREFIX*calendar_repeat WHERE eventid = ?');
$stmt = OCP\DB::prepare('DELETE FROM `*PREFIX*calendar_repeat` WHERE `eventid` = ?');
$stmt->execute(array($id));
}
/**
@ -198,7 +198,7 @@ class OC_Calendar_Repeat{
* @return (bool)
*/
public static function cleanCalendar($id){
$stmt = OCP\DB::prepare('DELETE FROM *PREFIX*calendar_repeat WHERE calid = ?');
$stmt = OCP\DB::prepare('DELETE FROM `*PREFIX*calendar_repeat` WHERE `calid` = ?');
$stmt->execute(array($id));
}
}

4
apps/calendar/lib/share.php
Unescape View File

@ -226,9 +226,9 @@ class OC_Calendar_Share{
* @return: mixed - bool if false, array with type and id if true
*/
public static function getElementByToken($token){
$stmt_calendar = OCP\DB::prepare("SELECT * FROM `*PREFIX*calendar_share_" . OC_Calendar_Share::CALENDAR . "` WHERE `sharetype` = 'public' AND `share` = ?");
$stmt_calendar = OCP\DB::prepare('SELECT * FROM `*PREFIX*calendar_share_' . OC_Calendar_Share::CALENDAR . '` WHERE `sharetype` = \'public\' AND `share` = ?');
$result_calendar = $stmt_calendar->execute(array($token));
$stmt_event = OCP\DB::prepare("SELECT * FROM `*PREFIX*calendar_share_" . OC_Calendar_Share::EVENT . "` WHERE `sharetype` = 'public' AND `share` = ?");
$stmt_event = OCP\DB::prepare('SELECT * FROM `*PREFIX*calendar_share_' . OC_Calendar_Share::EVENT . '` WHERE `sharetype` = \'public\' AND `share` = ?');
$result_event = $stmt_event->execute(array($token));
$return = array();
if($result_calendar->numRows() == 0 && $result_event->numRows() == 0){

2
apps/calendar/lib/share/calendar.php
Unescape View File

@ -99,7 +99,7 @@ class OC_Share_Backend_Calendar implements OCP\Share_Backend_Collection {
}
public function getChildren($itemSource) {
$query = OCP\DB::prepare('SELECT id FROM *PREFIX*calendar_objects WHERE calendarid = ?');
$query = OCP\DB::prepare('SELECT `id` FROM `*PREFIX*calendar_objects` WHERE `calendarid` = ?');
$result = $query->execute(array($itemSource));
$sources = array();
while ($object = $result->fetchRow()) {

2
apps/calendar/lib/share_backend.php
Unescape View File

@ -22,7 +22,7 @@
class OC_Share_Backend_Calendar extends OCP\Share_Backend {
public function getSource($item, $uid) {
$query = OCP\DB::prepare('SELECT id FROM *PREFIX*calendar_calendars WHERE userid = ? AND displayname = ? LIMIT 1');
$query = OCP\DB::prepare('SELECT `id` FROM `*PREFIX*calendar_calendars` WHERE `userid` = ? AND `displayname` = ?',1);
return $query->execute(array($uid, $item))->fetchAll();
}

8
apps/contacts/appinfo/migrate.php
Unescape View File

@ -34,12 +34,12 @@ class OC_Migration_Provider_Contacts extends OC_Migration_Provider{
switch( $this->appinfo->version ) {
default:
// All versions of the app have had the same db structure, so all can use the same import function
$query = $this->content->prepare( "SELECT * FROM contacts_addressbooks WHERE userid LIKE ?" );
$query = $this->content->prepare( 'SELECT * FROM `contacts_addressbooks` WHERE `userid` LIKE ?' );
$results = $query->execute( array( $this->olduid ) );
$idmap = array();
while( $row = $results->fetchRow() ) {
// Import each addressbook
$addressbookquery = OCP\DB::prepare( "INSERT INTO *PREFIX*contacts_addressbooks (`userid`, `displayname`, `uri`, `description`, `ctag`) VALUES (?, ?, ?, ?, ?)" );
$addressbookquery = OCP\DB::prepare( 'INSERT INTO `*PREFIX*contacts_addressbooks` (`userid`, `displayname`, `uri`, `description`, `ctag`) VALUES (?, ?, ?, ?, ?)' );
$addressbookquery->execute( array( $this->uid, $row['displayname'], $row['uri'], $row['description'], $row['ctag'] ) );
// Map the id
$idmap[$row['id']] = OCP\DB::insertid('*PREFIX*contacts_addressbooks');
@ -49,11 +49,11 @@ class OC_Migration_Provider_Contacts extends OC_Migration_Provider{
// Now tags
foreach($idmap as $oldid => $newid) {
$query = $this->content->prepare( "SELECT * FROM contacts_cards WHERE addressbookid LIKE ?" );
$query = $this->content->prepare( 'SELECT * FROM `contacts_cards` WHERE `addressbookid` LIKE ?' );
$results = $query->execute( array( $oldid ) );
while( $row = $results->fetchRow() ){
// Import the contacts
$contactquery = OCP\DB::prepare( "INSERT INTO *PREFIX*contacts_cards (`addressbookid`, `fullname`, `carddata`, `uri`, `lastmodified`) VALUES (?, ?, ?, ?, ?)" );
$contactquery = OCP\DB::prepare( 'INSERT INTO `*PREFIX*contacts_cards` (`addressbookid`, `fullname`, `carddata`, `uri`, `lastmodified`) VALUES (?, ?, ?, ?, ?)' );
$contactquery->execute( array( $newid, $row['fullname'], $row['carddata'], $row['uri'], $row['lastmodified'] ) );
}
}

8
apps/contacts/appinfo/update.php
Unescape View File

@ -3,15 +3,15 @@
$installedVersion=OCP\Config::getAppValue('contacts', 'installed_version');
if (version_compare($installedVersion, '0.2.3', '<')) {
// First set all address books in-active.
$stmt = OCP\DB::prepare( 'UPDATE *PREFIX*contacts_addressbooks SET active=0' );
$stmt = OCP\DB::prepare( 'UPDATE `*PREFIX*contacts_addressbooks` SET `active`=0' );
$result = $stmt->execute(array());
// Then get all the active address books.
$stmt = OCP\DB::prepare( 'SELECT userid,configvalue FROM *PREFIX*preferences WHERE appid=\'contacts\' AND configkey=\'openaddressbooks\'' );
$stmt = OCP\DB::prepare( 'SELECT `userid`,`configvalue` FROM `*PREFIX*preferences` WHERE `appid`=\'contacts\' AND `configkey`=\'openaddressbooks\'' );
$result = $stmt->execute(array());
// Prepare statement for updating the new 'active' field.
$stmt = OCP\DB::prepare( 'UPDATE *PREFIX*contacts_addressbooks SET active=? WHERE id=? AND userid=?' );
$stmt = OCP\DB::prepare( 'UPDATE `*PREFIX*contacts_addressbooks` SET `active`=? WHERE `id`=? AND `userid`=?' );
while( $row = $result->fetchRow()) {
$ids = explode(';', $row['configvalue']);
foreach($ids as $id) {
@ -20,6 +20,6 @@ if (version_compare($installedVersion, '0.2.3', '<')) {
}
// Remove the old preferences.
$stmt = OCP\DB::prepare( 'DELETE FROM *PREFIX*preferences WHERE appid=\'contacts\' AND configkey=\'openaddressbooks\'' );
$stmt = OCP\DB::prepare( 'DELETE FROM `*PREFIX*preferences` WHERE `appid`=\'contacts\' AND `configkey`=\'openaddressbooks\'' );
$result = $stmt->execute(array());
}

2
apps/contacts/lib/share/addressbook.php
Unescape View File

@ -82,7 +82,7 @@ class OC_Share_Backend_Addressbook implements OCP\Share_Backend_Collection {
}
public function getChildren($itemSource) {
$query = OCP\DB::prepare('SELECT id FROM *PREFIX*contacts_cards WHERE addressbookid = ?');
$query = OCP\DB::prepare('SELECT `id` FROM `*PREFIX*contacts_cards` WHERE `addressbookid` = ?');
$result = $query->execute(array($itemSource));
$sources = array();
while ($contact = $result->fetchRow()) {

2
apps/contacts/lib/vcard.php
Unescape View File

@ -512,7 +512,7 @@ class OC_Contacts_VCard {
public static function deleteFromDAVData($aid,$uri){
$addressbook = OC_Contacts_Addressbook::find($aid);
if ($addressbook['userid'] != OCP\User::getUser()) {
$query = OCP\DB::prepare( 'SELECT id FROM *PREFIX*contacts_cards WHERE addressbookid = ? AND uri = ?' );
$query = OCP\DB::prepare( 'SELECT `id` FROM `*PREFIX*contacts_cards` WHERE `addressbookid` = ? AND `uri` = ?' );
$id = $query->execute(array($aid, $uri))->fetchOne();
if (!$id) {
return false;

12
apps/files/appinfo/update.php
Unescape View File

@ -1,13 +1,13 @@
<?php
// fix webdav properties, remove namespace information between curly bracket (update from OC4 to OC5)
$installedVersion=OCP\Config::getAppValue('files', 'installed_version');
$installedVersion=OCP\Config::getAppValue('files', 'installed_version');
if (version_compare($installedVersion, '1.1.4', '<')) {
$query = OC_DB::prepare( "SELECT propertyname, propertypath, userid FROM `*PREFIX*properties`" );
$result = $query->execute();
while( $row = $result->fetchRow()){
$query = OC_DB::prepare( 'UPDATE *PREFIX*properties SET propertyname = ? WHERE userid = ? AND propertypath = ?' );
$query->execute( array( preg_replace("/^{.*}/", "", $row["propertyname"]),$row["userid"], $row["propertypath"] ));
$query = OC_DB::prepare( "SELECT `propertyname`, `propertypath`, `userid` FROM `*PREFIX*properties`" );
$result = $query->execute();
while( $row = $result->fetchRow()){
$query = OC_DB::prepare( 'UPDATE `*PREFIX*properties` SET `propertyname` = ? WHERE `userid` = ? AND `propertypath` = ?' );
$query->execute( array( preg_replace("/^{.*}/", "", $row["propertyname"]),$row["userid"], $row["propertypath"] ));
}
}

2
apps/files_sharing_log/index.php
Unescape View File

@ -13,7 +13,7 @@ OCP\App::setActiveNavigationEntry('files_sharing_log_index');
OCP\Util::addStyle('files_sharing_log', 'style');
$query = OCP\DB::prepare('SELECT * FROM *PREFIX*sharing_log WHERE user_id = ?');
$query = OCP\DB::prepare('SELECT * FROM `*PREFIX*sharing_log` WHERE `user_id` = ?');
$log = $query->execute(array(OCP\User::getUser()))->fetchAll();
$output = new OCP\Template('files_sharing_log', 'index', 'user');

4
apps/files_sharing_log/log.php
Unescape View File

@ -23,11 +23,11 @@ class OC_Files_Sharing_Log {
}
static public function log($target, $source, $mode) {
$query = OCP\DB::prepare("SELECT * FROM *PREFIX*sharing WHERE source = ? AND target = ?");
$query = OCP\DB::prepare('SELECT * FROM `*PREFIX*sharing` WHERE `source` = ? AND `target` = ?');
$info = $query->execute(array($source, $target))->fetchAll();
$info = $info[0];
//var_dump($info);
$query = OCP\DB::prepare("INSERT INTO *PREFIX*sharing_log VALUES (?,?,?,?,?)");
$query = OCP\DB::prepare('INSERT INTO `*PREFIX*sharing_log` VALUES (?,?,?,?,?)');
$query->execute(array($info['uid_owner'], $source, OCP\User::getUser(), time(), $mode));
//die;
}

2
apps/gallery/appinfo/app.php
Unescape View File

@ -43,7 +43,7 @@ OCP\App::addNavigationEntry( array(
class OC_GallerySearchProvider extends OC_Search_Provider{
function search($query){
$stmt = OCP\DB::prepare('SELECT * FROM *PREFIX*gallery_albums WHERE uid_owner = ? AND album_name LIKE ?');
$stmt = OCP\DB::prepare('SELECT * FROM `*PREFIX*gallery_albums` WHERE `uid_owner` = ? AND `album_name` LIKE ?');
$result = $stmt->execute(array(OCP\USER::getUser(),'%'.$query.'%'));
$results=array();
while($row=$result->fetchRow()){

4
apps/gallery/appinfo/update.php
Unescape View File

@ -2,9 +2,9 @@
$currentVersion=OC_Appconfig::getValue('gallery', 'installed_version');
if (version_compare($currentVersion, '0.5.0', '<')) {
$stmt = OCP\DB::prepare('DROP TABLE IF EXISTS *PREFIX*gallery_photos');
$stmt = OCP\DB::prepare('DROP TABLE IF EXISTS `*PREFIX*gallery_photos`');
$stmt->execute();
$stmt = OCP\DB::prepare('DROP TABLE IF EXISTS *PREFIX*gallery_albums');
$stmt = OCP\DB::prepare('DROP TABLE IF EXISTS `*PREFIX*gallery_albums`');
$stmt->execute();
\OC_DB::createDbFromStructure(OC_App::getAppPath($appid).'/appinfo/database.xml');

6
apps/gallery/lib/photo.php
Unescape View File

@ -52,17 +52,17 @@ class OC_Gallery_Photo {
}
public static function removeById($id) {
$stmt = OCP\DB::prepare('DELETE FROM *PREFIX*gallery_photos WHERE photo_id = ?');
$stmt = OCP\DB::prepare('DELETE FROM `*PREFIX*gallery_photos` WHERE `photo_id` = ?');
$stmt->execute(array($id));
}
public static function removeByAlbumId($albumid) {
$stmt = OCP\DB::prepare('DELETE FROM *PREFIX*gallery_photos WHERE album_id = ?');
$stmt = OCP\DB::prepare('DELETE FROM `*PREFIX*gallery_photos` WHERE `album_id` = ?');
$stmt->execute(array($albumid));
}
public static function changePath($oldAlbumId, $newAlbumId, $oldpath, $newpath) {
$stmt = OCP\DB::prepare("UPDATE *PREFIX*gallery_photos SET file_path = ?, album_id = ? WHERE album_id = ? and file_path = ?");
$stmt = OCP\DB::prepare('UPDATE `*PREFIX*gallery_photos` SET `file_path` = ?, `album_id` = ? WHERE `album_id` = ? AND `file_path` = ?');
$stmt->execute(array($newpath, $newAlbumId, $oldAlbumId, $oldpath));
}

6
apps/media/lib/share/artist.php
Unescape View File

@ -22,7 +22,7 @@
class OC_Share_Backend_Artist extends OCP\Share_Backend {
public function getSource($item, $uid) {
$query = OCP\DB::prepare('SELECT artist_id FROM *PREFIX*media_artists WHERE artist_id = ? AND song_user = ?');
$query = OCP\DB::prepare('SELECT `artist_id` FROM `*PREFIX*media_artists` WHERE `artist_id` = ? AND `song_user` = ?');
$result = $query->execute(array($item, $uid))->fetchRow();
if (is_array($result)) {
return array('item' => $item, 'file' => $result['song_path']);
@ -43,10 +43,10 @@ class OC_Share_Backend_Artist extends OCP\Share_Backend {
$ids = "'".implode("','", $ids)."'";
switch ($format) {
case self::FORMAT_SOURCE_PATH:
$query = OCP\DB::prepare('SELECT path FROM *PREFIX*fscache WHERE id IN ('.$ids.')');
$query = OCP\DB::prepare('SELECT `path` FROM `*PREFIX*fscache` WHERE `id` IN ('.$ids.')');
return $query->execute()->fetchAll();
case self::FORMAT_FILE_APP:
$query = OCP\DB::prepare('SELECT id, path, name, ctime, mtime, mimetype, size, encrypted, versioned, writable FROM *PREFIX*fscache WHERE id IN ('.$ids.')');
$query = OCP\DB::prepare('SELECT `id`, `path`, `name`, `ctime`, `mtime`, `mimetype`, `size`, `encrypted`, `versioned`, `writable` FROM `*PREFIX*fscache` WHERE `id` IN ('.$ids.')');
$result = $query->execute();
$files = array();
while ($file = $result->fetchRow()) {

6
apps/media/lib/share/song.php
Unescape View File

@ -22,7 +22,7 @@
class OC_Share_Backend_Song extends OCP\Share_Backend {
public function getSource($item, $uid) {
$query = OCP\DB::prepare('SELECT song_path FROM *PREFIX*media_songs WHERE song_id = ? AND song_user = ?');
$query = OCP\DB::prepare('SELECT `song_path` FROM `*PREFIX*media_songs` WHERE `song_id` = ? AND `song_user` = ?');
$result = $query->execute(array($item, $uid))->fetchRow();
if (is_array($result)) {
return array('item' => $item, 'file' => $result['song_path']);
@ -43,10 +43,10 @@ class OC_Share_Backend_Song extends OCP\Share_Backend {
$ids = "'".implode("','", $ids)."'";
switch ($format) {
case self::FORMAT_SOURCE_PATH:
$query = OCP\DB::prepare('SELECT path FROM *PREFIX*fscache WHERE id IN ('.$ids.')');
$query = OCP\DB::prepare('SELECT `path` FROM `*PREFIX*fscache` WHERE `id` IN ('.$ids.')');
return $query->execute()->fetchAll();
case self::FORMAT_FILE_APP:
$query = OCP\DB::prepare('SELECT id, path, name, ctime, mtime, mimetype, size, encrypted, versioned, writable FROM *PREFIX*fscache WHERE id IN ('.$ids.')');
$query = OCP\DB::prepare('SELECT `id`, `path`, `name`, `ctime`, `mtime`, `mimetype`, `size`, `encrypted`, `versioned`, `writable` FROM `*PREFIX*fscache` WHERE `id` IN ('.$ids.')');
$result = $query->execute();
$files = array();
while ($file = $result->fetchRow()) {

4
apps/user_ldap/appinfo/update.php
Unescape View File

@ -34,8 +34,8 @@ $groupBE = new \OCA\user_ldap\GROUP_LDAP();
$groupBE->setConnector($connector);
foreach($objects as $object) {
$fetchDNSql = 'SELECT ldap_dn from *PREFIX*ldap_'.$object.'_mapping';
$updateSql = 'UPDATE *PREFIX*ldap_'.$object.'_mapping SET ldap_DN = ?, directory_uuid = ? WHERE ldap_dn = ?';
$fetchDNSql = 'SELECT `ldap_dn` FROM `*PREFIX*ldap_'.$object.'_mapping`';
$updateSql = 'UPDATE `*PREFIX*ldap_'.$object.'_mapping` SET `ldap_DN` = ?, `directory_uuid` = ? WHERE `ldap_dn` = ?';
$query = OCP\DB::prepare($fetchDNSql);
$res = $query->execute();

38
apps/user_ldap/lib/access.php
Unescape View File

@ -165,9 +165,9 @@ abstract class Access {
$table = $this->getMapTable($isUser);
$query = \OCP\DB::prepare('
SELECT ldap_dn
FROM '.$table.'
WHERE owncloud_name = ?
SELECT `ldap_dn`
FROM `'.$table.'`
WHERE `owncloud_name` = ?
');
$record = $query->execute(array($name))->fetchOne();
@ -223,9 +223,9 @@ abstract class Access {
}
$query = \OCP\DB::prepare('
SELECT owncloud_name
FROM '.$table.'
WHERE ldap_dn = ?
SELECT `owncloud_name`
FROM `'.$table.'`
WHERE `ldap_dn` = ?
');
//let's try to retrieve the ownCloud name from the mappings table
@ -238,16 +238,16 @@ abstract class Access {
$uuid = $this->getUUID($dn);
if($uuid) {
$query = \OCP\DB::prepare('
SELECT owncloud_name
FROM '.$table.'
WHERE directory_uuid = ?
SELECT `owncloud_name`
FROM `'.$table.'`
WHERE `directory_uuid` = ?
');
$component = $query->execute(array($uuid))->fetchOne();
if($component) {
$query = \OCP\DB::prepare('
UPDATE '.$table.'
SET ldap_dn = ?
WHERE directory_uuid = ?
UPDATE `'.$table.'`
SET `ldap_dn` = ?
WHERE `directory_uuid` = ?
');
$query->execute(array($dn, $uuid));
return $component;
@ -385,8 +385,8 @@ abstract class Access {
$table = $this->getMapTable($isUsers);
$query = \OCP\DB::prepare('
SELECT ldap_dn, owncloud_name
FROM '. $table
SELECT `ldap_dn`, `owncloud_name`
FROM `'. $table . '`'
);
return $query->execute()->fetchAll();
@ -408,18 +408,18 @@ abstract class Access {
$sqlAdjustment = '';
$dbtype = \OCP\Config::getSystemValue('dbtype');
if($dbtype == 'mysql') {
$sqlAdjustment = 'FROM dual';
$sqlAdjustment = 'FROM `dual`';
}
$insert = \OCP\DB::prepare('
INSERT INTO '.$table.' (ldap_dn, owncloud_name, directory_uuid)
INSERT INTO `'.$table.'` (`ldap_dn`, `owncloud_name`, `directory_uuid`)
SELECT ?,?,?
'.$sqlAdjustment.'
WHERE NOT EXISTS (
SELECT 1
FROM '.$table.'
WHERE ldap_dn = ?
OR owncloud_name = ?)
FROM `'.$table.'`
WHERE `ldap_dn` = ?
OR `owncloud_name` = ?)
');
//feed the DB

16
apps/user_ldap/lib/jobs.php
Unescape View File

@ -64,9 +64,9 @@ class Jobs {
static private function handleKnownGroups($groups) {
\OCP\Util::writeLog('user_ldap', 'bgJ "updateGroups" – Dealing with known Groups.', \OCP\Util::DEBUG);
$query = \OCP\DB::prepare('
UPDATE *PREFIX*ldap_group_members
SET owncloudusers = ?
WHERE owncloudname = ?
UPDATE `*PREFIX*ldap_group_members`
SET `owncloudusers` = ?
WHERE `owncloudname` = ?
');
foreach($groups as $group) {
//we assume, that self::$groupsFromDB has been retrieved already
@ -94,7 +94,7 @@ class Jobs {
\OCP\Util::writeLog('user_ldap', 'bgJ "updateGroups" – dealing with created Groups.', \OCP\Util::DEBUG);
$query = \OCP\DB::prepare('
INSERT
INTO *PREFIX*ldap_group_members (owncloudname, owncloudusers)
INTO `*PREFIX*ldap_group_members` (`owncloudname`, `owncloudusers`)
VALUES (?, ?)
');
foreach($createdGroups as $createdGroup) {
@ -109,8 +109,8 @@ class Jobs {
\OCP\Util::writeLog('user_ldap', 'bgJ "updateGroups" – dealing with removed groups.', \OCP\Util::DEBUG);
$query = \OCP\DB::prepare('
DELETE
FROM *PREFIX*ldap_group_members
WHERE owncloudname = ?
FROM `*PREFIX*ldap_group_members`
WHERE `owncloudname` = ?
');
foreach($removedGroups as $removedGroup) {
\OCP\Util::writeLog('user_ldap', 'bgJ "updateGroups" – group "'.$createdGroup.'" was removed.', \OCP\Util::INFO);
@ -143,8 +143,8 @@ class Jobs {
return self::$groupsFromDB;
}
$query = \OCP\DB::prepare('
SELECT owncloudname, owncloudusers
FROM *PREFIX*ldap_group_members
SELECT `owncloudname`, `owncloudusers`
FROM `*PREFIX*ldap_group_members`
');
$result = $query->execute()->fetchAll();
self::$groupsFromDB = array();

10
lib/backgroundjob/queuedtask.php
Unescape View File

@ -30,7 +30,7 @@ class OC_BackgroundJob_QueuedTask{
* @return associative array
*/
public static function find( $id ){
$stmt = OC_DB::prepare( 'SELECT * FROM *PREFIX*queuedtasks WHERE id = ?' );
$stmt = OC_DB::prepare( 'SELECT * FROM `*PREFIX*queuedtasks` WHERE `id` = ?' );
$result = $stmt->execute(array($id));
return $result->fetchRow();
}
@ -44,7 +44,7 @@ class OC_BackgroundJob_QueuedTask{
$return = array();
// Get Data
$stmt = OC_DB::prepare( 'SELECT * FROM *PREFIX*queuedtasks' );
$stmt = OC_DB::prepare( 'SELECT * FROM `*PREFIX*queuedtasks`' );
$result = $stmt->execute(array());
while( $row = $result->fetchRow()){
$return[] = $row;
@ -63,7 +63,7 @@ class OC_BackgroundJob_QueuedTask{
$return = array();
// Get Data
$stmt = OC_DB::prepare( 'SELECT * FROM *PREFIX*queuedtasks WHERE app = ?' );
$stmt = OC_DB::prepare( 'SELECT * FROM `*PREFIX*queuedtasks` WHERE `app` = ?' );
$result = $stmt->execute(array($app));
while( $row = $result->fetchRow()){
$return[] = $row;
@ -82,7 +82,7 @@ class OC_BackgroundJob_QueuedTask{
* @return id of task
*/
public static function add( $app, $klass, $method, $parameters ){
$stmt = OC_DB::prepare( 'INSERT INTO *PREFIX*queuedtasks (app, klass, method, parameters) VALUES(?,?,?,?)' );
$stmt = OC_DB::prepare( 'INSERT INTO `*PREFIX*queuedtasks` (`app`, `klass`, `method`, `parameters`) VALUES(?,?,?,?)' );
$result = $stmt->execute(array($app, $klass, $method, $parameters ));
return OC_DB::insertid();
@ -96,7 +96,7 @@ class OC_BackgroundJob_QueuedTask{
* Deletes a report
*/
public static function delete( $id ){
$stmt = OC_DB::prepare( 'DELETE FROM *PREFIX*queuedtasks WHERE id = ?' );
$stmt = OC_DB::prepare( 'DELETE FROM `*PREFIX*queuedtasks` WHERE `id` = ?' );
$result = $stmt->execute(array($id));
return true;

2
lib/connector/sabre/directory.php
Unescape View File

@ -121,7 +121,7 @@ class OC_Connector_Sabre_Directory extends OC_Connector_Sabre_Node implements Sa
$properties = array_fill_keys($paths, array());
if(count($paths)>0){
$placeholders = join(',', array_fill(0, count($paths), '?'));
$query = OC_DB::prepare( 'SELECT * FROM *PREFIX*properties WHERE userid = ?' . ' AND propertypath IN ('.$placeholders.')' );
$query = OC_DB::prepare( 'SELECT * FROM `*PREFIX*properties` WHERE `userid` = ?' . ' AND `propertypath` IN ('.$placeholders.')' );
array_unshift($paths, OC_User::getUser()); // prepend userid
$result = $query->execute( $paths );
while($row = $result->fetchRow()) {

2
lib/db.php
Unescape View File

@ -263,7 +263,7 @@ class OC_DB {
*/
static public function prepare( $query , $limit=null, $offset=null ){
if (!is_null($limit)) {
if (!is_null($limit) && limit != -1) {
if (self::$backend == self::BACKEND_MDB2) {
//MDB2 uses or emulates limits & offset internally
self::$MDB2->setLimit($limit, $offset);

4
lib/filecache/cached.php vendored
Unescape View File

@ -18,7 +18,7 @@ class OC_FileCache_Cached{
$root=OC_Filesystem::getRoot();
}
$path=$root.$path;
$query=OC_DB::prepare('SELECT path,ctime,mtime,mimetype,size,encrypted,versioned,writable FROM *PREFIX*fscache WHERE path_hash=?');
$query=OC_DB::prepare('SELECT `path`,`ctime`,`mtime`,`mimetype`,`size`,`encrypted`,`versioned`,`writable` FROM `*PREFIX*fscache` WHERE `path_hash`=?');
$result=$query->execute(array(md5($path)))->fetchRow();
if(is_array($result)){
if(isset(self::$savedData[$path])){
@ -58,7 +58,7 @@ class OC_FileCache_Cached{
if($parent==-1){
return array();
}
$query=OC_DB::prepare('SELECT id,path,name,ctime,mtime,mimetype,size,encrypted,versioned,writable FROM *PREFIX*fscache WHERE parent=? AND (mimetype LIKE ? OR mimetype = ?)');
$query=OC_DB::prepare('SELECT `id`,`path`,`name`,`ctime`,`mtime`,`mimetype`,`size`,`encrypted`,`versioned`,`writable` FROM `*PREFIX*fscache` WHERE `parent`=? AND (`mimetype` LIKE ? OR `mimetype` = ?)');
$result=$query->execute(array($parent, $mimetype_filter.'%', 'httpd/unix-directory'))->fetchAll();
if(is_array($result)){
return $result;

78
lib/public/share.php
Unescape View File

@ -307,7 +307,7 @@ class Share {
if ($item = self::getItems($itemType, $itemSource, $shareType, $shareWith, \OC_User::getUser(), self::FORMAT_NONE, null, 1, false)) {
// Check if this item is a reshare and verify that the permissions granted don't exceed the parent shared item
if (isset($item['parent'])) {
$query = \OC_DB::prepare('SELECT permissions FROM *PREFIX*share WHERE id = ? LIMIT 1');
$query = \OC_DB::prepare('SELECT `permissions` FROM `*PREFIX*share` WHERE `id` = ?',1);
$result = $query->execute(array($item['parent']))->fetchRow();
if (~(int)$result['permissions'] & $permissions) {
$message = 'Setting permissions for '.$itemSource.' failed, because the permissions exceed permissions granted to '.\OC_User::getUser();
@ -315,7 +315,7 @@ class Share {
throw new \Exception($message);
}
}
$query = \OC_DB::prepare('UPDATE *PREFIX*share SET permissions = ? WHERE id = ?');
$query = \OC_DB::prepare('UPDATE `*PREFIX*share` SET `permissions` = ? WHERE `id` = ?');
$query->execute(array($permissions, $item['id']));
// Check if permissions were removed
if ($item['permissions'] & ~$permissions) {
@ -327,7 +327,7 @@ class Share {
$parents = array($item['id']);
while (!empty($parents)) {
$parents = "'".implode("','", $parents)."'";
$query = \OC_DB::prepare('SELECT id, permissions FROM *PREFIX*share WHERE parent IN ('.$parents.')');
$query = \OC_DB::prepare('SELECT `id`, `permissions` FROM `*PREFIX*share` WHERE `parent` IN ('.$parents.')');
$result = $query->execute();
// Reset parents array, only go through loop again if items are found that need permissions removed
$parents = array();
@ -343,7 +343,7 @@ class Share {
// Remove the permissions for all reshares of this item
if (!empty($ids)) {
$ids = "'".implode("','", $ids)."'";
$query = \OC_DB::prepare('UPDATE *PREFIX*share SET permissions = permissions & ? WHERE id IN ('.$ids.')');
$query = \OC_DB::prepare('UPDATE `*PREFIX*share` SET `permissions` = `permissions` & ? WHERE `id` IN ('.$ids.')');
$query->execute(array($permissions));
}
}
@ -424,9 +424,9 @@ class Share {
// Get filesystem root to add it to the file target and remove from the file source, match file_source with the file cache
if ($itemType == 'file' || $itemType == 'folder') {
$root = \OC_Filesystem::getRoot();
$where = 'INNER JOIN *PREFIX*fscache ON file_source = *PREFIX*fscache.id ';
$where = 'INNER JOIN `*PREFIX*fscache` ON `file_source` = `*PREFIX*fscache`.`id`';
if (!isset($item)) {
$where .= 'WHERE file_target IS NOT NULL';
$where .= ' WHERE `file_target` IS NOT NULL';
}
$fileDependent = true;
$queryArgs = array();
@ -437,39 +437,39 @@ class Share {
// If includeCollections is true, find collections of this item type, e.g. a music album contains songs
$itemTypes = array_merge(array($itemType), $collectionTypes);
$placeholders = join(',', array_fill(0, count($itemTypes), '?'));
$where = "WHERE item_type IN ('".$placeholders."')";
$where = ' WHERE `item_type` IN ('.$placeholders.')';
$queryArgs = $itemTypes;
} else {
$where = 'WHERE item_type = ?';
$where = ' WHERE `item_type` = ?';
$queryArgs = array($itemType);
}
}
if (isset($shareType) && isset($shareWith)) {
// Include all user and group items
if ($shareType == self::$shareTypeUserAndGroups) {
$where .= ' AND share_type IN (?,?,?)';
$where .= ' AND `share_type` IN (?,?,?)';
$queryArgs[] = self::SHARE_TYPE_USER;
$queryArgs[] = self::SHARE_TYPE_GROUP;
$queryArgs[] = self::$shareTypeGroupUserUnique;
$userAndGroups = array_merge(array($shareWith), \OC_Group::getUserGroups($shareWith));
$placeholders = join(',', array_fill(0, count($userAndGroups), '?'));
$where .= " AND share_with IN (".$placeholders.")";
$where .= ' AND `share_with` IN ('.$placeholders.')';
$queryArgs = array_merge($queryArgs, $userAndGroups);
// Don't include own group shares
$where .= ' AND uid_owner != ?';
$where .= ' AND `uid_owner` != ?';
$queryArgs[] = $shareWith;
} else {
$where .= ' AND share_type = ? AND share_with = ?';
$where .= ' AND `share_type` = ? AND `share_with` = ?';
$queryArgs[] = $shareType;
$queryArgs[] = $shareWith;
}
}
if (isset($uidOwner)) {
$where .= " AND uid_owner = ?";
$where .= ' AND `uid_owner` = ?';
$queryArgs[] = $uidOwner;
if (!isset($shareType)) {
// Prevent unique user targets for group shares from being selected
$where .= " AND share_type != ?";
$where .= ' AND `share_type` != ?';
$queryArgs[] = self::$shareTypeGroupUserUnique;
}
if ($itemType == 'file' || $itemType == 'folder') {
@ -489,17 +489,17 @@ class Share {
if (isset($uidOwner) || $itemShareWithBySource) {
// If item type is a file, file source needs to be checked in case the item was converted
if ($itemType == 'file' || $itemType == 'folder') {
$where .= ' AND file_source = ?';
$where .= ' AND `file_source` = ?';
$column = 'file_source';
} else {
$where .= " AND item_source = ?";
$where .= ' AND `item_source` = ?';
$column = 'item_source';
}
} else {
if ($itemType == 'file' || $itemType == 'folder') {
$where .= " AND file_target = ?";
$where .= ' AND `file_target` = ?';
} else {
$where .= " AND item_target = ?";
$where .= ' AND `item_target` = ?';
}
}
$queryArgs[] = $item;
@ -514,35 +514,33 @@ class Share {
if ($shareType == self::$shareTypeUserAndGroups) {
// Make sure the unique user target is returned if it exists, unique targets should follow the group share in the database
// If the limit is not 1, the filtering can be done later
$where .= ' ORDER BY *PREFIX*share.id DESC';
$where .= ' ORDER BY `*PREFIX*share`.`id` DESC';
}
// The limit must be at least 3, because filtering needs to be done
if ($limit < 3) {
$where .= ' LIMIT 3';
} else {
$where .= ' LIMIT '.$limit;
$limit = 3;
}
}
// TODO Optimize selects
if ($format == self::FORMAT_STATUSES) {
if ($itemType == 'file' || $itemType == 'folder') {
$select = '*PREFIX*share.id, item_type, *PREFIX*share.parent, share_type, file_source, path';
$select = '`*PREFIX*share`.`id`, `item_type`, `*PREFIX*share`.`parent`, `share_type`, `file_source`, `path`';
} else {
$select = 'id, item_type, item_source, parent, share_type';
$select = '`id`, `item_type`, `item_source`, `parent`, `share_type`';
}
} else {
if (isset($uidOwner)) {
if ($itemType == 'file' || $itemType == 'folder') {
$select = '*PREFIX*share.id, item_type, *PREFIX*share.parent, share_type, share_with, file_source, path, permissions, stime';
$select = '`*PREFIX*share`.`id`, `item_type`, `*PREFIX*share`.`parent`, `share_type`, `share_with`, `file_source`, `path`, `permissions`, `stime`';
} else {
$select = 'id, item_type, item_source, parent, share_type, share_with, permissions, stime, file_source';
$select = '`id`, `item_type`, `item_source`, `parent`, `share_type`, `share_with`, `permissions`, `stime`, `file_source`';
}
} else {
if ($fileDependent) {
if (($itemType == 'file' || $itemType == 'folder') && $format == \OC_Share_Backend_File::FORMAT_FILE_APP || $format == \OC_Share_Backend_File::FORMAT_FILE_APP_ROOT) {
$select = '*PREFIX*share.id, item_type, *PREFIX*share.parent, share_type, share_with, file_source, path, file_target, permissions, name, ctime, mtime, mimetype, size, encrypted, versioned, writable';
$select = '`*PREFIX*share`.`id`, `item_type`, `*PREFIX*share`.`parent`, `share_type`, `share_with`, `file_source`, `path`, `file_target`, `permissions`, `name`, `ctime`, `mtime`, `mimetype`, `size`, `encrypted`, `versioned`, `writable`';
} else {
$select = '*PREFIX*share.id, item_type, item_source, item_target, *PREFIX*share.parent, share_type, share_with, uid_owner, file_source, path, file_target, permissions, stime';
$select = '`*PREFIX*share`.`id`, `item_type`, `item_source`, `item_target`, `*PREFIX*share`.`parent`, `share_type`, `share_with`, `uid_owner`, `file_source`, `path`, `file_target`, `permissions`, `stime`';
}
} else {
$select = '*';
@ -550,7 +548,7 @@ class Share {
}
}
$root = strlen($root);
$query = \OC_DB::prepare('SELECT '.$select.' FROM *PREFIX*share '.$where);
$query = \OC_DB::prepare('SELECT '.$select.' FROM `*PREFIX*share` '.$where, $limit);
$result = $query->execute($queryArgs);
$items = array();
$targets = array();
@ -729,7 +727,7 @@ class Share {
$fileSource = null;
}
}
$query = \OC_DB::prepare('INSERT INTO *PREFIX*share (item_type, item_source, item_target, parent, share_type, share_with, uid_owner, permissions, stime, file_source, file_target) VALUES (?,?,?,?,?,?,?,?,?,?,?)');
$query = \OC_DB::prepare('INSERT INTO `*PREFIX*share` (`item_type`, `item_source`, `item_target`, `parent`, `share_type`, `share_with`, `uid_owner`, `permissions`, `stime`, `file_source`, `file_target`) VALUES (?,?,?,?,?,?,?,?,?,?,?)');
// Share with a group
if ($shareType == self::SHARE_TYPE_GROUP) {
if (isset($fileSource)) {
@ -871,10 +869,10 @@ class Share {
}
// Find similar targets to improve backend's chances to generate a unqiue target
if ($userAndGroups) {
$checkTargets = \OC_DB::prepare("SELECT ".$column." FROM *PREFIX*share WHERE item_type = ? AND share_type IN (?,?,?) AND share_with IN ('".implode("','", $userAndGroups)."') AND ".$column." LIKE ?");
$checkTargets = \OC_DB::prepare('SELECT `'.$column.'` FROM `*PREFIX*share` WHERE `item_type` = ? AND `share_type` IN (?,?,?) AND `share_with` IN (\''.implode('\',\'', $userAndGroups).'\') AND `'.$column.'` LIKE ?');
$result = $checkTargets->execute(array($itemType, self::SHARE_TYPE_USER, self::SHARE_TYPE_GROUP, self::$shareTypeGroupUserUnique, '%'.$target.'%'));
} else {
$checkTargets = \OC_DB::prepare("SELECT ".$column." FROM *PREFIX*share WHERE item_type = ? AND share_type = ? AND share_with = ? AND ".$column." LIKE ?");
$checkTargets = \OC_DB::prepare('SELECT `'.$column.'` FROM `*PREFIX*share` WHERE `item_type` = ? AND `share_type` = ? AND `share_with` = ? AND `'.$column.'` LIKE ?');
$result = $checkTargets->execute(array($itemType, self::SHARE_TYPE_GROUP, $shareWith, '%'.$target.'%'));
}
while ($row = $result->fetchRow()) {
@ -903,10 +901,10 @@ class Share {
$parents = "'".implode("','", $parents)."'";
// Check the owner on the first search of reshares, useful for finding and deleting the reshares by a single user of a group share
if (count($ids) == 1 && isset($uidOwner)) {
$query = \OC_DB::prepare('SELECT id FROM *PREFIX*share WHERE parent IN ('.$parents.') AND uid_owner = ?');
$query = \OC_DB::prepare('SELECT `id` FROM `*PREFIX*share` WHERE `parent` IN ('.$parents.') AND `uid_owner` = ?');
$result = $query->execute(array($uidOwner));
} else {
$query = \OC_DB::prepare('SELECT id, item_type, item_target, parent, uid_owner FROM *PREFIX*share WHERE parent IN ('.$parents.')');
$query = \OC_DB::prepare('SELECT `id`, `item_type`, `item_target`, `parent`, `uid_owner` FROM `*PREFIX*share` WHERE `parent` IN ('.$parents.')');
$result = $query->execute();
}
// Reset parents array, only go through loop again if items are found
@ -914,12 +912,12 @@ class Share {
while ($item = $result->fetchRow()) {
// Search for a duplicate parent share, this occurs when an item is shared to the same user through a group and user or the same item is shared by different users
$userAndGroups = array_merge(array($item['uid_owner']), \OC_Group::getUserGroups($item['uid_owner']));
$query = \OC_DB::prepare("SELECT id, permissions FROM *PREFIX*share WHERE item_type = ? AND item_target = ? AND share_type IN (?,?,?) AND share_with IN ('".implode("','", $userAndGroups)."') AND uid_owner != ? AND id != ?");
$query = \OC_DB::prepare('SELECT `id`, `permissions` FROM `*PREFIX*share` WHERE `item_type` = ? AND `item_target` = ? AND `share_type` IN (?,?,?) AND `share_with` IN (\''.implode('\',\'', $userAndGroups).'\') AND `uid_owner` != ? AND `id` != ?');
$duplicateParent = $query->execute(array($item['item_type'], $item['item_target'], self::SHARE_TYPE_USER, self::SHARE_TYPE_GROUP, self::$shareTypeGroupUserUnique, $item['uid_owner'], $item['parent']))->fetchRow();
if ($duplicateParent) {
// Change the parent to the other item id if share permission is granted
if ($duplicateParent['permissions'] & self::PERMISSION_SHARE) {
$query = \OC_DB::prepare('UPDATE *PREFIX*share SET parent = ? WHERE id = ?');
$query = \OC_DB::prepare('UPDATE `*PREFIX*share` SET `parent` = ? WHERE `id` = ?');
$query->execute(array($duplicateParent['id'], $item['id']));
continue;
}
@ -933,7 +931,7 @@ class Share {
}
if (!empty($ids)) {
$ids = "'".implode("','", $ids)."'";
$query = \OC_DB::prepare('DELETE FROM *PREFIX*share WHERE id IN ('.$ids.')');
$query = \OC_DB::prepare('DELETE FROM `*PREFIX*share` WHERE `id` IN ('.$ids.')');
$query->execute();
}
}
@ -944,10 +942,10 @@ class Share {
public static function post_deleteUser($arguments) {
// Delete any items shared with the deleted user
$query = \OC_DB::prepare('DELETE FROM *PREFIX*share WHERE share_with = ? AND share_type = ? OR share_type = ?');
$query = \OC_DB::prepare('DELETE FROM `*PREFIX*share` WHERE `share_with` = ? AND `share_type` = ? OR `share_type` = ?');
$result = $query->execute(array($arguments['uid'], self::SHARE_TYPE_USER, self::$shareTypeGroupUserUnique));
// Delete any items the deleted user shared
$query = \OC_DB::prepare('SELECT id FROM *PREFIX*share WHERE uid_owner = ?');
$query = \OC_DB::prepare('SELECT `id` FROM `*PREFIX*share` WHERE `uid_owner` = ?');
$result = $query->execute(array($arguments['uid']));
while ($item = $result->fetchRow()) {
self::delete($item['id']);
@ -960,7 +958,7 @@ class Share {
public static function post_removeFromGroup($arguments) {
// TODO Don't call if user deleted?
$query = \OC_DB::prepare('SELECT id, share_type FROM *PREFIX*share WHERE (share_type = ? AND share_with = ?) OR (share_type = ? AND share_with = ?)');
$query = \OC_DB::prepare('SELECT `id`, `share_type` FROM `*PREFIX*share` WHERE (`share_type` = ? AND `share_with` = ?) OR (`share_type` = ? AND `share_with` = ?)');
$result = $query->execute(array(self::SHARE_TYPE_GROUP, $arguments['gid'], self::$shareTypeGroupUserUnique, $arguments['uid']));
while ($item = $result->fetchRow()) {
if ($item['share_type'] == self::SHARE_TYPE_GROUP) {

18
lib/subadmin.php
Unescape View File

@ -37,7 +37,7 @@ class OC_SubAdmin{
* @return boolean
*/
public static function createSubAdmin($uid, $gid){
$stmt = OC_DB::prepare('INSERT INTO *PREFIX*group_admin (gid,uid) VALUES(?,?)');
$stmt = OC_DB::prepare('INSERT INTO `*PREFIX*group_admin` (`gid`,`uid`) VALUES(?,?)');
$result = $stmt->execute(array($gid, $uid));
OC_Hook::emit( "OC_SubAdmin", "post_createSubAdmin", array( "gid" => $gid ));
return true;
@ -50,7 +50,7 @@ class OC_SubAdmin{
* @return boolean
*/
public static function deleteSubAdmin($uid, $gid){
$stmt = OC_DB::prepare('DELETE FROM *PREFIX*group_admin WHERE gid = ? AND uid = ?');
$stmt = OC_DB::prepare('DELETE FROM `*PREFIX*group_admin` WHERE `gid` = ? AND `uid` = ?');
$result = $stmt->execute(array($gid, $uid));
OC_Hook::emit( "OC_SubAdmin", "post_deleteSubAdmin", array( "gid" => $gid ));
return true;
@ -62,7 +62,7 @@ class OC_SubAdmin{
* @return array
*/
public static function getSubAdminsGroups($uid){
$stmt = OC_DB::prepare('SELECT gid FROM *PREFIX*group_admin WHERE uid = ?');
$stmt = OC_DB::prepare('SELECT `gid` FROM `*PREFIX*group_admin` WHERE `uid` = ?');
$result = $stmt->execute(array($uid));
$gids = array();
while($row = $result->fetchRow()){
@ -77,7 +77,7 @@ class OC_SubAdmin{
* @return array
*/
public static function getGroupsSubAdmins($gid){
$stmt = OC_DB::prepare('SELECT uid FROM *PREFIX*group_admin WHERE gid = ?');
$stmt = OC_DB::prepare('SELECT `uid` FROM `*PREFIX*group_admin` WHERE `gid` = ?');
$result = $stmt->execute(array($gid));
$uids = array();
while($row = $result->fetchRow()){
@ -91,7 +91,7 @@ class OC_SubAdmin{
* @return array
*/
public static function getAllSubAdmins(){
$stmt = OC_DB::prepare('SELECT * FROM *PREFIX*group_admin');
$stmt = OC_DB::prepare('SELECT * FROM `*PREFIX*group_admin`');
$result = $stmt->execute();
$subadmins = array();
while($row = $result->fetchRow()){
@ -107,7 +107,7 @@ class OC_SubAdmin{
* @return bool
*/
public static function isSubAdminofGroup($uid, $gid){
$stmt = OC_DB::prepare('SELECT COUNT(*) as count FROM *PREFIX*group_admin where uid = ? AND gid = ?');
$stmt = OC_DB::prepare('SELECT COUNT(*) AS `count` FROM `*PREFIX*group_admin` WHERE `uid` = ? AND `gid` = ?');
$result = $stmt->execute(array($uid, $gid));
$result = $result->fetchRow();
if($result['count'] >= 1){
@ -122,7 +122,7 @@ class OC_SubAdmin{
* @return bool
*/
public static function isSubAdmin($uid){
$stmt = OC_DB::prepare('SELECT COUNT(*) as count FROM *PREFIX*group_admin WHERE uid = ?');
$stmt = OC_DB::prepare('SELECT COUNT(*) AS `count` FROM `*PREFIX*group_admin` WHERE `uid` = ?');
$result = $stmt->execute(array($uid));
$result = $result->fetchRow();
if($result['count'] > 0){
@ -163,7 +163,7 @@ class OC_SubAdmin{
* @return boolean
*/
public static function post_deleteUser($parameters){
$stmt = OC_DB::prepare('DELETE FROM *PREFIX*group_admin WHERE uid = ?');
$stmt = OC_DB::prepare('DELETE FROM `*PREFIX*group_admin` WHERE `uid` = ?');
$result = $stmt->execute(array($parameters['uid']));
return true;
}
@ -174,7 +174,7 @@ class OC_SubAdmin{
* @return boolean
*/
public static function post_deleteGroup($parameters){
$stmt = OC_DB::prepare('DELETE FROM *PREFIX*group_admin WHERE gid = ?');
$stmt = OC_DB::prepare('DELETE FROM `*PREFIX*group_admin` WHERE `gid` = ?');
$result = $stmt->execute(array($parameters['gid']));
return true;
}

2
tests/lib/share/share.php
Unescape View File

@ -57,7 +57,7 @@ class Test_Share extends UnitTestCase {
}
public function tearDown() {
$query = OC_DB::prepare('DELETE FROM *PREFIX*share WHERE item_type = ?');
$query = OC_DB::prepare('DELETE FROM `*PREFIX*share` WHERE `item_type` = ?');
$query->execute(array('test'));
}

Write Preview
Loading…
Cancel
Save