diff options
author | Jörn Friedrich Dreyer <jfd@butonic.de> | 2012-08-25 01:52:27 +0200 |
---|---|---|
committer | Jörn Friedrich Dreyer <jfd@butonic.de> | 2012-08-25 01:52:27 +0200 |
commit | fa3497f6ed54b6de16dc44ae94721f00b5d5fc6b (patch) | |
tree | 7b3a6c1b946273ee0f1f3f6ade1f9cd3483004dc | |
parent | fd5af9aff4245127f32f3b90dbd6e52792984447 (diff) | |
download | nextcloud-server-fa3497f6ed54b6de16dc44ae94721f00b5d5fc6b.tar.gz nextcloud-server-fa3497f6ed54b6de16dc44ae94721f00b5d5fc6b.zip |
add backticks to SQL, use limit parameter instead of LIMIT SQL
27 files changed, 135 insertions, 137 deletions
diff --git a/apps/calendar/lib/import.php b/apps/calendar/lib/import.php index 368f8406e71..2e3a729e0cd 100644 --- a/apps/calendar/lib/import.php +++ b/apps/calendar/lib/import.php @@ -273,9 +273,9 @@ class OC_Calendar_Import{ */ private function isDuplicate($insertid){ $newobject = OC_Calendar_Object::find($insertid); - $stmt = OCP\DB::prepare('SELECT COUNT(*) as count FROM *PREFIX*calendar_objects - INNER JOIN *PREFIX*calendar_calendars ON calendarid=*PREFIX*calendar_calendars.id - WHERE objecttype=? AND startdate=? AND enddate=? AND repeating=? AND summary=? AND calendardata=? AND userid = ?'); + $stmt = OCP\DB::prepare('SELECT COUNT(*) AS `count` FROM `*PREFIX*calendar_objects` + INNER JOIN `*PREFIX*calendar_calendars` ON `calendarid`=`*PREFIX*calendar_calendars`.`id` + WHERE `objecttype`=? AND `startdate`=? AND `enddate`=? AND `repeating`=? AND `summary`=? AND `calendardata`=? AND `userid` = ?'); $result = $stmt->execute(array($newobject['objecttype'],$newobject['startdate'],$newobject['enddate'],$newobject['repeating'],$newobject['summary'],$newobject['calendardata'], $this->userid)); $result = $result->fetchRow(); if($result['count'] >= 2){ diff --git a/apps/calendar/lib/repeat.php b/apps/calendar/lib/repeat.php index b9fbee8fe0a..27f1e0481a1 100644 --- a/apps/calendar/lib/repeat.php +++ b/apps/calendar/lib/repeat.php @@ -16,7 +16,7 @@ class OC_Calendar_Repeat{ * @return (array) */ public static function get($id){ - $stmt = OCP\DB::prepare('SELECT * FROM *PREFIX*calendar_repeat WHERE eventid = ?'); + $stmt = OCP\DB::prepare('SELECT * FROM `*PREFIX*calendar_repeat` WHERE `eventid` = ?'); $result = $stmt->execute(array($id)); $return = array(); while($row = $result->fetchRow()){ @@ -32,9 +32,9 @@ class OC_Calendar_Repeat{ * @return (array) */ public static function get_inperiod($id, $from, $until){ - $stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*calendar_repeat WHERE eventid = ?' - .' AND ((startdate >= ? AND startdate <= ?)' - .' OR (enddate >= ? AND enddate <= ?))'); + $stmt = OCP\DB::prepare( 'SELECT * FROM `*PREFIX*calendar_repeat` WHERE `eventid` = ?' + .' AND ((`startdate` >= ? AND `startdate` <= ?)' + .' OR (`enddate` >= ? AND `enddate` <= ?))'); $result = $stmt->execute(array($id, OC_Calendar_Object::getUTCforMDB($from), OC_Calendar_Object::getUTCforMDB($until), OC_Calendar_Object::getUTCforMDB($from), OC_Calendar_Object::getUTCforMDB($until))); @@ -50,7 +50,7 @@ class OC_Calendar_Repeat{ * @return (array) */ public static function getCalendar($id){ - $stmt = OCP\DB::prepare('SELECT * FROM *PREFIX*calendar_repeat WHERE calid = ?'); + $stmt = OCP\DB::prepare('SELECT * FROM `*PREFIX*calendar_repeat` WHERE `calid` = ?'); $result = $stmt->execute(array($id)); $return = array(); while($row = $result->fetchRow()){ @@ -66,9 +66,9 @@ class OC_Calendar_Repeat{ * @return (array) */ public static function getCalendar_inperiod($id, $from, $until){ - $stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*calendar_repeat WHERE calid = ?' - .' AND ((startdate >= ? AND startdate <= ?)' - .' OR (enddate >= ? AND enddate <= ?))'); + $stmt = OCP\DB::prepare( 'SELECT * FROM `*PREFIX*calendar_repeat` WHERE `calid` = ?' + .' AND ((`startdate` >= ? AND `startdate` <= ?)' + .' OR (`enddate` >= ? AND `enddate` <= ?))'); $result = $stmt->execute(array($id, $from, $until, $from, $until)); @@ -99,7 +99,7 @@ class OC_Calendar_Repeat{ continue; } $startenddate = OC_Calendar_Object::generateStartEndDate($vevent->DTSTART, OC_Calendar_Object::getDTEndFromVEvent($vevent), ($vevent->DTSTART->getDateType() == Sabre_VObject_Element_DateTime::DATE)?true:false, 'UTC'); - $stmt = OCP\DB::prepare('INSERT INTO *PREFIX*calendar_repeat (eventid,calid,startdate,enddate) VALUES(?,?,?,?)'); + $stmt = OCP\DB::prepare('INSERT INTO `*PREFIX*calendar_repeat` (`eventid`,`calid`,`startdate`,`enddate`) VALUES(?,?,?,?)'); $stmt->execute(array($id,OC_Calendar_Object::getCalendarid($id),$startenddate['start'],$startenddate['end'])); } return true; @@ -189,7 +189,7 @@ class OC_Calendar_Repeat{ * @return (bool) */ public static function clean($id){ - $stmt = OCP\DB::prepare('DELETE FROM *PREFIX*calendar_repeat WHERE eventid = ?'); + $stmt = OCP\DB::prepare('DELETE FROM `*PREFIX*calendar_repeat` WHERE `eventid` = ?'); $stmt->execute(array($id)); } /** @@ -198,7 +198,7 @@ class OC_Calendar_Repeat{ * @return (bool) */ public static function cleanCalendar($id){ - $stmt = OCP\DB::prepare('DELETE FROM *PREFIX*calendar_repeat WHERE calid = ?'); + $stmt = OCP\DB::prepare('DELETE FROM `*PREFIX*calendar_repeat` WHERE `calid` = ?'); $stmt->execute(array($id)); } }
\ No newline at end of file diff --git a/apps/calendar/lib/share.php b/apps/calendar/lib/share.php index 23892157fef..bad1082c33e 100644 --- a/apps/calendar/lib/share.php +++ b/apps/calendar/lib/share.php @@ -226,9 +226,9 @@ class OC_Calendar_Share{ * @return: mixed - bool if false, array with type and id if true */ public static function getElementByToken($token){ - $stmt_calendar = OCP\DB::prepare("SELECT * FROM `*PREFIX*calendar_share_" . OC_Calendar_Share::CALENDAR . "` WHERE `sharetype` = 'public' AND `share` = ?"); + $stmt_calendar = OCP\DB::prepare('SELECT * FROM `*PREFIX*calendar_share_' . OC_Calendar_Share::CALENDAR . '` WHERE `sharetype` = \'public\' AND `share` = ?'); $result_calendar = $stmt_calendar->execute(array($token)); - $stmt_event = OCP\DB::prepare("SELECT * FROM `*PREFIX*calendar_share_" . OC_Calendar_Share::EVENT . "` WHERE `sharetype` = 'public' AND `share` = ?"); + $stmt_event = OCP\DB::prepare('SELECT * FROM `*PREFIX*calendar_share_' . OC_Calendar_Share::EVENT . '` WHERE `sharetype` = \'public\' AND `share` = ?'); $result_event = $stmt_event->execute(array($token)); $return = array(); if($result_calendar->numRows() == 0 && $result_event->numRows() == 0){ diff --git a/apps/calendar/lib/share/calendar.php b/apps/calendar/lib/share/calendar.php index 7f498292419..bbc43fcca0f 100644 --- a/apps/calendar/lib/share/calendar.php +++ b/apps/calendar/lib/share/calendar.php @@ -99,7 +99,7 @@ class OC_Share_Backend_Calendar implements OCP\Share_Backend_Collection { } public function getChildren($itemSource) { - $query = OCP\DB::prepare('SELECT id FROM *PREFIX*calendar_objects WHERE calendarid = ?'); + $query = OCP\DB::prepare('SELECT `id` FROM `*PREFIX*calendar_objects` WHERE `calendarid` = ?'); $result = $query->execute(array($itemSource)); $sources = array(); while ($object = $result->fetchRow()) { diff --git a/apps/calendar/lib/share_backend.php b/apps/calendar/lib/share_backend.php index f937c0d1c34..1ea58ac270c 100644 --- a/apps/calendar/lib/share_backend.php +++ b/apps/calendar/lib/share_backend.php @@ -22,7 +22,7 @@ class OC_Share_Backend_Calendar extends OCP\Share_Backend { public function getSource($item, $uid) { - $query = OCP\DB::prepare('SELECT id FROM *PREFIX*calendar_calendars WHERE userid = ? AND displayname = ? LIMIT 1'); + $query = OCP\DB::prepare('SELECT `id` FROM `*PREFIX*calendar_calendars` WHERE `userid` = ? AND `displayname` = ?',1); return $query->execute(array($uid, $item))->fetchAll(); } diff --git a/apps/contacts/appinfo/migrate.php b/apps/contacts/appinfo/migrate.php index 2559b4ea456..19c960c75a4 100644 --- a/apps/contacts/appinfo/migrate.php +++ b/apps/contacts/appinfo/migrate.php @@ -34,12 +34,12 @@ class OC_Migration_Provider_Contacts extends OC_Migration_Provider{ switch( $this->appinfo->version ) { default: // All versions of the app have had the same db structure, so all can use the same import function - $query = $this->content->prepare( "SELECT * FROM contacts_addressbooks WHERE userid LIKE ?" ); + $query = $this->content->prepare( 'SELECT * FROM `contacts_addressbooks` WHERE `userid` LIKE ?' ); $results = $query->execute( array( $this->olduid ) ); $idmap = array(); while( $row = $results->fetchRow() ) { // Import each addressbook - $addressbookquery = OCP\DB::prepare( "INSERT INTO *PREFIX*contacts_addressbooks (`userid`, `displayname`, `uri`, `description`, `ctag`) VALUES (?, ?, ?, ?, ?)" ); + $addressbookquery = OCP\DB::prepare( 'INSERT INTO `*PREFIX*contacts_addressbooks` (`userid`, `displayname`, `uri`, `description`, `ctag`) VALUES (?, ?, ?, ?, ?)' ); $addressbookquery->execute( array( $this->uid, $row['displayname'], $row['uri'], $row['description'], $row['ctag'] ) ); // Map the id $idmap[$row['id']] = OCP\DB::insertid('*PREFIX*contacts_addressbooks'); @@ -49,11 +49,11 @@ class OC_Migration_Provider_Contacts extends OC_Migration_Provider{ // Now tags foreach($idmap as $oldid => $newid) { - $query = $this->content->prepare( "SELECT * FROM contacts_cards WHERE addressbookid LIKE ?" ); + $query = $this->content->prepare( 'SELECT * FROM `contacts_cards` WHERE `addressbookid` LIKE ?' ); $results = $query->execute( array( $oldid ) ); while( $row = $results->fetchRow() ){ // Import the contacts - $contactquery = OCP\DB::prepare( "INSERT INTO *PREFIX*contacts_cards (`addressbookid`, `fullname`, `carddata`, `uri`, `lastmodified`) VALUES (?, ?, ?, ?, ?)" ); + $contactquery = OCP\DB::prepare( 'INSERT INTO `*PREFIX*contacts_cards` (`addressbookid`, `fullname`, `carddata`, `uri`, `lastmodified`) VALUES (?, ?, ?, ?, ?)' ); $contactquery->execute( array( $newid, $row['fullname'], $row['carddata'], $row['uri'], $row['lastmodified'] ) ); } } diff --git a/apps/contacts/appinfo/update.php b/apps/contacts/appinfo/update.php index 21e736bb446..cc00b325e14 100644 --- a/apps/contacts/appinfo/update.php +++ b/apps/contacts/appinfo/update.php @@ -3,15 +3,15 @@ $installedVersion=OCP\Config::getAppValue('contacts', 'installed_version'); if (version_compare($installedVersion, '0.2.3', '<')) { // First set all address books in-active. - $stmt = OCP\DB::prepare( 'UPDATE *PREFIX*contacts_addressbooks SET active=0' ); + $stmt = OCP\DB::prepare( 'UPDATE `*PREFIX*contacts_addressbooks` SET `active`=0' ); $result = $stmt->execute(array()); // Then get all the active address books. - $stmt = OCP\DB::prepare( 'SELECT userid,configvalue FROM *PREFIX*preferences WHERE appid=\'contacts\' AND configkey=\'openaddressbooks\'' ); + $stmt = OCP\DB::prepare( 'SELECT `userid`,`configvalue` FROM `*PREFIX*preferences` WHERE `appid`=\'contacts\' AND `configkey`=\'openaddressbooks\'' ); $result = $stmt->execute(array()); // Prepare statement for updating the new 'active' field. - $stmt = OCP\DB::prepare( 'UPDATE *PREFIX*contacts_addressbooks SET active=? WHERE id=? AND userid=?' ); + $stmt = OCP\DB::prepare( 'UPDATE `*PREFIX*contacts_addressbooks` SET `active`=? WHERE `id`=? AND `userid`=?' ); while( $row = $result->fetchRow()) { $ids = explode(';', $row['configvalue']); foreach($ids as $id) { @@ -20,6 +20,6 @@ if (version_compare($installedVersion, '0.2.3', '<')) { } // Remove the old preferences. - $stmt = OCP\DB::prepare( 'DELETE FROM *PREFIX*preferences WHERE appid=\'contacts\' AND configkey=\'openaddressbooks\'' ); + $stmt = OCP\DB::prepare( 'DELETE FROM `*PREFIX*preferences` WHERE `appid`=\'contacts\' AND `configkey`=\'openaddressbooks\'' ); $result = $stmt->execute(array()); } diff --git a/apps/contacts/lib/share/addressbook.php b/apps/contacts/lib/share/addressbook.php index d35f0ce9aea..acabeab2adc 100644 --- a/apps/contacts/lib/share/addressbook.php +++ b/apps/contacts/lib/share/addressbook.php @@ -82,7 +82,7 @@ class OC_Share_Backend_Addressbook implements OCP\Share_Backend_Collection { } public function getChildren($itemSource) { - $query = OCP\DB::prepare('SELECT id FROM *PREFIX*contacts_cards WHERE addressbookid = ?'); + $query = OCP\DB::prepare('SELECT `id` FROM `*PREFIX*contacts_cards` WHERE `addressbookid` = ?'); $result = $query->execute(array($itemSource)); $sources = array(); while ($contact = $result->fetchRow()) { diff --git a/apps/contacts/lib/vcard.php b/apps/contacts/lib/vcard.php index fbb1c734f64..042ad1e990b 100644 --- a/apps/contacts/lib/vcard.php +++ b/apps/contacts/lib/vcard.php @@ -512,7 +512,7 @@ class OC_Contacts_VCard { public static function deleteFromDAVData($aid,$uri){ $addressbook = OC_Contacts_Addressbook::find($aid); if ($addressbook['userid'] != OCP\User::getUser()) { - $query = OCP\DB::prepare( 'SELECT id FROM *PREFIX*contacts_cards WHERE addressbookid = ? AND uri = ?' ); + $query = OCP\DB::prepare( 'SELECT `id` FROM `*PREFIX*contacts_cards` WHERE `addressbookid` = ? AND `uri` = ?' ); $id = $query->execute(array($aid, $uri))->fetchOne(); if (!$id) { return false; diff --git a/apps/files/appinfo/update.php b/apps/files/appinfo/update.php index 5514aed197f..b2480a58f5e 100644 --- a/apps/files/appinfo/update.php +++ b/apps/files/appinfo/update.php @@ -1,13 +1,13 @@ <?php // fix webdav properties, remove namespace information between curly bracket (update from OC4 to OC5) -$installedVersion=OCP\Config::getAppValue('files', 'installed_version');
+$installedVersion=OCP\Config::getAppValue('files', 'installed_version'); if (version_compare($installedVersion, '1.1.4', '<')) { - $query = OC_DB::prepare( "SELECT propertyname, propertypath, userid FROM `*PREFIX*properties`" );
- $result = $query->execute();
- while( $row = $result->fetchRow()){
- $query = OC_DB::prepare( 'UPDATE *PREFIX*properties SET propertyname = ? WHERE userid = ? AND propertypath = ?' );
- $query->execute( array( preg_replace("/^{.*}/", "", $row["propertyname"]),$row["userid"], $row["propertypath"] ));
+ $query = OC_DB::prepare( "SELECT `propertyname`, `propertypath`, `userid` FROM `*PREFIX*properties`" ); + $result = $query->execute(); + while( $row = $result->fetchRow()){ + $query = OC_DB::prepare( 'UPDATE `*PREFIX*properties` SET `propertyname` = ? WHERE `userid` = ? AND `propertypath` = ?' ); + $query->execute( array( preg_replace("/^{.*}/", "", $row["propertyname"]),$row["userid"], $row["propertypath"] )); } } diff --git a/apps/files_sharing_log/index.php b/apps/files_sharing_log/index.php index ffacbdd8604..8d05e3fbd0a 100644 --- a/apps/files_sharing_log/index.php +++ b/apps/files_sharing_log/index.php @@ -13,7 +13,7 @@ OCP\App::setActiveNavigationEntry('files_sharing_log_index'); OCP\Util::addStyle('files_sharing_log', 'style'); -$query = OCP\DB::prepare('SELECT * FROM *PREFIX*sharing_log WHERE user_id = ?'); +$query = OCP\DB::prepare('SELECT * FROM `*PREFIX*sharing_log` WHERE `user_id` = ?'); $log = $query->execute(array(OCP\User::getUser()))->fetchAll(); $output = new OCP\Template('files_sharing_log', 'index', 'user'); diff --git a/apps/files_sharing_log/log.php b/apps/files_sharing_log/log.php index e6a12b9fb1d..a032d635ac1 100644 --- a/apps/files_sharing_log/log.php +++ b/apps/files_sharing_log/log.php @@ -23,11 +23,11 @@ class OC_Files_Sharing_Log { } static public function log($target, $source, $mode) { - $query = OCP\DB::prepare("SELECT * FROM *PREFIX*sharing WHERE source = ? AND target = ?"); + $query = OCP\DB::prepare('SELECT * FROM `*PREFIX*sharing` WHERE `source` = ? AND `target` = ?'); $info = $query->execute(array($source, $target))->fetchAll(); $info = $info[0]; //var_dump($info); - $query = OCP\DB::prepare("INSERT INTO *PREFIX*sharing_log VALUES (?,?,?,?,?)"); + $query = OCP\DB::prepare('INSERT INTO `*PREFIX*sharing_log` VALUES (?,?,?,?,?)'); $query->execute(array($info['uid_owner'], $source, OCP\User::getUser(), time(), $mode)); //die; } diff --git a/apps/gallery/appinfo/app.php b/apps/gallery/appinfo/app.php index 9103f66441d..f26f23466be 100644 --- a/apps/gallery/appinfo/app.php +++ b/apps/gallery/appinfo/app.php @@ -43,7 +43,7 @@ OCP\App::addNavigationEntry( array( class OC_GallerySearchProvider extends OC_Search_Provider{ function search($query){ - $stmt = OCP\DB::prepare('SELECT * FROM *PREFIX*gallery_albums WHERE uid_owner = ? AND album_name LIKE ?'); + $stmt = OCP\DB::prepare('SELECT * FROM `*PREFIX*gallery_albums` WHERE `uid_owner` = ? AND `album_name` LIKE ?'); $result = $stmt->execute(array(OCP\USER::getUser(),'%'.$query.'%')); $results=array(); while($row=$result->fetchRow()){ diff --git a/apps/gallery/appinfo/update.php b/apps/gallery/appinfo/update.php index c1d22127428..65e7734c47f 100644 --- a/apps/gallery/appinfo/update.php +++ b/apps/gallery/appinfo/update.php @@ -2,9 +2,9 @@ $currentVersion=OC_Appconfig::getValue('gallery', 'installed_version'); if (version_compare($currentVersion, '0.5.0', '<')) { - $stmt = OCP\DB::prepare('DROP TABLE IF EXISTS *PREFIX*gallery_photos'); + $stmt = OCP\DB::prepare('DROP TABLE IF EXISTS `*PREFIX*gallery_photos`'); $stmt->execute(); - $stmt = OCP\DB::prepare('DROP TABLE IF EXISTS *PREFIX*gallery_albums'); + $stmt = OCP\DB::prepare('DROP TABLE IF EXISTS `*PREFIX*gallery_albums`'); $stmt->execute(); \OC_DB::createDbFromStructure(OC_App::getAppPath($appid).'/appinfo/database.xml'); diff --git a/apps/gallery/lib/photo.php b/apps/gallery/lib/photo.php index f073ac9cbbb..1d304ce4357 100644 --- a/apps/gallery/lib/photo.php +++ b/apps/gallery/lib/photo.php @@ -52,17 +52,17 @@ class OC_Gallery_Photo { } public static function removeById($id) { - $stmt = OCP\DB::prepare('DELETE FROM *PREFIX*gallery_photos WHERE photo_id = ?'); + $stmt = OCP\DB::prepare('DELETE FROM `*PREFIX*gallery_photos` WHERE `photo_id` = ?'); $stmt->execute(array($id)); } public static function removeByAlbumId($albumid) { - $stmt = OCP\DB::prepare('DELETE FROM *PREFIX*gallery_photos WHERE album_id = ?'); + $stmt = OCP\DB::prepare('DELETE FROM `*PREFIX*gallery_photos` WHERE `album_id` = ?'); $stmt->execute(array($albumid)); } public static function changePath($oldAlbumId, $newAlbumId, $oldpath, $newpath) { - $stmt = OCP\DB::prepare("UPDATE *PREFIX*gallery_photos SET file_path = ?, album_id = ? WHERE album_id = ? and file_path = ?"); + $stmt = OCP\DB::prepare('UPDATE `*PREFIX*gallery_photos` SET `file_path` = ?, `album_id` = ? WHERE `album_id` = ? AND `file_path` = ?'); $stmt->execute(array($newpath, $newAlbumId, $oldAlbumId, $oldpath)); } diff --git a/apps/media/lib/share/artist.php b/apps/media/lib/share/artist.php index 7218fa1a279..d08a53da2a7 100644 --- a/apps/media/lib/share/artist.php +++ b/apps/media/lib/share/artist.php @@ -22,7 +22,7 @@ class OC_Share_Backend_Artist extends OCP\Share_Backend { public function getSource($item, $uid) { - $query = OCP\DB::prepare('SELECT artist_id FROM *PREFIX*media_artists WHERE artist_id = ? AND song_user = ?'); + $query = OCP\DB::prepare('SELECT `artist_id` FROM `*PREFIX*media_artists` WHERE `artist_id` = ? AND `song_user` = ?'); $result = $query->execute(array($item, $uid))->fetchRow(); if (is_array($result)) { return array('item' => $item, 'file' => $result['song_path']); @@ -43,10 +43,10 @@ class OC_Share_Backend_Artist extends OCP\Share_Backend { $ids = "'".implode("','", $ids)."'"; switch ($format) { case self::FORMAT_SOURCE_PATH: - $query = OCP\DB::prepare('SELECT path FROM *PREFIX*fscache WHERE id IN ('.$ids.')'); + $query = OCP\DB::prepare('SELECT `path` FROM `*PREFIX*fscache` WHERE `id` IN ('.$ids.')'); return $query->execute()->fetchAll(); case self::FORMAT_FILE_APP: - $query = OCP\DB::prepare('SELECT id, path, name, ctime, mtime, mimetype, size, encrypted, versioned, writable FROM *PREFIX*fscache WHERE id IN ('.$ids.')'); + $query = OCP\DB::prepare('SELECT `id`, `path`, `name`, `ctime`, `mtime`, `mimetype`, `size`, `encrypted`, `versioned`, `writable` FROM `*PREFIX*fscache` WHERE `id` IN ('.$ids.')'); $result = $query->execute(); $files = array(); while ($file = $result->fetchRow()) { diff --git a/apps/media/lib/share/song.php b/apps/media/lib/share/song.php index fc69975f353..65948581738 100644 --- a/apps/media/lib/share/song.php +++ b/apps/media/lib/share/song.php @@ -22,7 +22,7 @@ class OC_Share_Backend_Song extends OCP\Share_Backend { public function getSource($item, $uid) { - $query = OCP\DB::prepare('SELECT song_path FROM *PREFIX*media_songs WHERE song_id = ? AND song_user = ?'); + $query = OCP\DB::prepare('SELECT `song_path` FROM `*PREFIX*media_songs` WHERE `song_id` = ? AND `song_user` = ?'); $result = $query->execute(array($item, $uid))->fetchRow(); if (is_array($result)) { return array('item' => $item, 'file' => $result['song_path']); @@ -43,10 +43,10 @@ class OC_Share_Backend_Song extends OCP\Share_Backend { $ids = "'".implode("','", $ids)."'"; switch ($format) { case self::FORMAT_SOURCE_PATH: - $query = OCP\DB::prepare('SELECT path FROM *PREFIX*fscache WHERE id IN ('.$ids.')'); + $query = OCP\DB::prepare('SELECT `path` FROM `*PREFIX*fscache` WHERE `id` IN ('.$ids.')'); return $query->execute()->fetchAll(); case self::FORMAT_FILE_APP: - $query = OCP\DB::prepare('SELECT id, path, name, ctime, mtime, mimetype, size, encrypted, versioned, writable FROM *PREFIX*fscache WHERE id IN ('.$ids.')'); + $query = OCP\DB::prepare('SELECT `id`, `path`, `name`, `ctime`, `mtime`, `mimetype`, `size`, `encrypted`, `versioned`, `writable` FROM `*PREFIX*fscache` WHERE `id` IN ('.$ids.')'); $result = $query->execute(); $files = array(); while ($file = $result->fetchRow()) { diff --git a/apps/user_ldap/appinfo/update.php b/apps/user_ldap/appinfo/update.php index 9cf1814cf6f..f06655c1dc1 100644 --- a/apps/user_ldap/appinfo/update.php +++ b/apps/user_ldap/appinfo/update.php @@ -34,8 +34,8 @@ $groupBE = new \OCA\user_ldap\GROUP_LDAP(); $groupBE->setConnector($connector); foreach($objects as $object) { - $fetchDNSql = 'SELECT ldap_dn from *PREFIX*ldap_'.$object.'_mapping'; - $updateSql = 'UPDATE *PREFIX*ldap_'.$object.'_mapping SET ldap_DN = ?, directory_uuid = ? WHERE ldap_dn = ?'; + $fetchDNSql = 'SELECT `ldap_dn` FROM `*PREFIX*ldap_'.$object.'_mapping`'; + $updateSql = 'UPDATE `*PREFIX*ldap_'.$object.'_mapping` SET `ldap_DN` = ?, `directory_uuid` = ? WHERE `ldap_dn` = ?'; $query = OCP\DB::prepare($fetchDNSql); $res = $query->execute(); diff --git a/apps/user_ldap/lib/access.php b/apps/user_ldap/lib/access.php index be9aa21c3d2..ec3b5264915 100644 --- a/apps/user_ldap/lib/access.php +++ b/apps/user_ldap/lib/access.php @@ -165,9 +165,9 @@ abstract class Access { $table = $this->getMapTable($isUser); $query = \OCP\DB::prepare(' - SELECT ldap_dn - FROM '.$table.' - WHERE owncloud_name = ? + SELECT `ldap_dn` + FROM `'.$table.'` + WHERE `owncloud_name` = ? '); $record = $query->execute(array($name))->fetchOne(); @@ -223,9 +223,9 @@ abstract class Access { } $query = \OCP\DB::prepare(' - SELECT owncloud_name - FROM '.$table.' - WHERE ldap_dn = ? + SELECT `owncloud_name` + FROM `'.$table.'` + WHERE `ldap_dn` = ? '); //let's try to retrieve the ownCloud name from the mappings table @@ -238,16 +238,16 @@ abstract class Access { $uuid = $this->getUUID($dn); if($uuid) { $query = \OCP\DB::prepare(' - SELECT owncloud_name - FROM '.$table.' - WHERE directory_uuid = ? + SELECT `owncloud_name` + FROM `'.$table.'` + WHERE `directory_uuid` = ? '); $component = $query->execute(array($uuid))->fetchOne(); if($component) { $query = \OCP\DB::prepare(' - UPDATE '.$table.' - SET ldap_dn = ? - WHERE directory_uuid = ? + UPDATE `'.$table.'` + SET `ldap_dn` = ? + WHERE `directory_uuid` = ? '); $query->execute(array($dn, $uuid)); return $component; @@ -385,8 +385,8 @@ abstract class Access { $table = $this->getMapTable($isUsers); $query = \OCP\DB::prepare(' - SELECT ldap_dn, owncloud_name - FROM '. $table + SELECT `ldap_dn`, `owncloud_name` + FROM `'. $table . '`' ); return $query->execute()->fetchAll(); @@ -408,18 +408,18 @@ abstract class Access { $sqlAdjustment = ''; $dbtype = \OCP\Config::getSystemValue('dbtype'); if($dbtype == 'mysql') { - $sqlAdjustment = 'FROM dual'; + $sqlAdjustment = 'FROM `dual`'; } $insert = \OCP\DB::prepare(' - INSERT INTO '.$table.' (ldap_dn, owncloud_name, directory_uuid) + INSERT INTO `'.$table.'` (`ldap_dn`, `owncloud_name`, `directory_uuid`) SELECT ?,?,? '.$sqlAdjustment.' WHERE NOT EXISTS ( SELECT 1 - FROM '.$table.' - WHERE ldap_dn = ? - OR owncloud_name = ?) + FROM `'.$table.'` + WHERE `ldap_dn` = ? + OR `owncloud_name` = ?) '); //feed the DB diff --git a/apps/user_ldap/lib/jobs.php b/apps/user_ldap/lib/jobs.php index d478731b84c..4224ee9d7e5 100644 --- a/apps/user_ldap/lib/jobs.php +++ b/apps/user_ldap/lib/jobs.php @@ -64,9 +64,9 @@ class Jobs { static private function handleKnownGroups($groups) { \OCP\Util::writeLog('user_ldap', 'bgJ "updateGroups" – Dealing with known Groups.', \OCP\Util::DEBUG); $query = \OCP\DB::prepare(' - UPDATE *PREFIX*ldap_group_members - SET owncloudusers = ? - WHERE owncloudname = ? + UPDATE `*PREFIX*ldap_group_members` + SET `owncloudusers` = ? + WHERE `owncloudname` = ? '); foreach($groups as $group) { //we assume, that self::$groupsFromDB has been retrieved already @@ -94,7 +94,7 @@ class Jobs { \OCP\Util::writeLog('user_ldap', 'bgJ "updateGroups" – dealing with created Groups.', \OCP\Util::DEBUG); $query = \OCP\DB::prepare(' INSERT - INTO *PREFIX*ldap_group_members (owncloudname, owncloudusers) + INTO `*PREFIX*ldap_group_members` (`owncloudname`, `owncloudusers`) VALUES (?, ?) '); foreach($createdGroups as $createdGroup) { @@ -109,8 +109,8 @@ class Jobs { \OCP\Util::writeLog('user_ldap', 'bgJ "updateGroups" – dealing with removed groups.', \OCP\Util::DEBUG); $query = \OCP\DB::prepare(' DELETE - FROM *PREFIX*ldap_group_members - WHERE owncloudname = ? + FROM `*PREFIX*ldap_group_members` + WHERE `owncloudname` = ? '); foreach($removedGroups as $removedGroup) { \OCP\Util::writeLog('user_ldap', 'bgJ "updateGroups" – group "'.$createdGroup.'" was removed.', \OCP\Util::INFO); @@ -143,8 +143,8 @@ class Jobs { return self::$groupsFromDB; } $query = \OCP\DB::prepare(' - SELECT owncloudname, owncloudusers - FROM *PREFIX*ldap_group_members + SELECT `owncloudname`, `owncloudusers` + FROM `*PREFIX*ldap_group_members` '); $result = $query->execute()->fetchAll(); self::$groupsFromDB = array(); diff --git a/lib/backgroundjob/queuedtask.php b/lib/backgroundjob/queuedtask.php index 68ba97c1e39..a7ec3efbf33 100644 --- a/lib/backgroundjob/queuedtask.php +++ b/lib/backgroundjob/queuedtask.php @@ -30,7 +30,7 @@ class OC_BackgroundJob_QueuedTask{ * @return associative array */ public static function find( $id ){ - $stmt = OC_DB::prepare( 'SELECT * FROM *PREFIX*queuedtasks WHERE id = ?' ); + $stmt = OC_DB::prepare( 'SELECT * FROM `*PREFIX*queuedtasks` WHERE `id` = ?' ); $result = $stmt->execute(array($id)); return $result->fetchRow(); } @@ -44,7 +44,7 @@ class OC_BackgroundJob_QueuedTask{ $return = array(); // Get Data - $stmt = OC_DB::prepare( 'SELECT * FROM *PREFIX*queuedtasks' ); + $stmt = OC_DB::prepare( 'SELECT * FROM `*PREFIX*queuedtasks`' ); $result = $stmt->execute(array()); while( $row = $result->fetchRow()){ $return[] = $row; @@ -63,7 +63,7 @@ class OC_BackgroundJob_QueuedTask{ $return = array(); // Get Data - $stmt = OC_DB::prepare( 'SELECT * FROM *PREFIX*queuedtasks WHERE app = ?' ); + $stmt = OC_DB::prepare( 'SELECT * FROM `*PREFIX*queuedtasks` WHERE `app` = ?' ); $result = $stmt->execute(array($app)); while( $row = $result->fetchRow()){ $return[] = $row; @@ -82,7 +82,7 @@ class OC_BackgroundJob_QueuedTask{ * @return id of task */ public static function add( $app, $klass, $method, $parameters ){ - $stmt = OC_DB::prepare( 'INSERT INTO *PREFIX*queuedtasks (app, klass, method, parameters) VALUES(?,?,?,?)' ); + $stmt = OC_DB::prepare( 'INSERT INTO `*PREFIX*queuedtasks` (`app`, `klass`, `method`, `parameters`) VALUES(?,?,?,?)' ); $result = $stmt->execute(array($app, $klass, $method, $parameters )); return OC_DB::insertid(); @@ -96,7 +96,7 @@ class OC_BackgroundJob_QueuedTask{ * Deletes a report */ public static function delete( $id ){ - $stmt = OC_DB::prepare( 'DELETE FROM *PREFIX*queuedtasks WHERE id = ?' ); + $stmt = OC_DB::prepare( 'DELETE FROM `*PREFIX*queuedtasks` WHERE `id` = ?' ); $result = $stmt->execute(array($id)); return true; diff --git a/lib/connector/sabre/directory.php b/lib/connector/sabre/directory.php index 09c65f19b80..cd3ed60292c 100644 --- a/lib/connector/sabre/directory.php +++ b/lib/connector/sabre/directory.php @@ -121,7 +121,7 @@ class OC_Connector_Sabre_Directory extends OC_Connector_Sabre_Node implements Sa $properties = array_fill_keys($paths, array()); if(count($paths)>0){ $placeholders = join(',', array_fill(0, count($paths), '?')); - $query = OC_DB::prepare( 'SELECT * FROM *PREFIX*properties WHERE userid = ?' . ' AND propertypath IN ('.$placeholders.')' ); + $query = OC_DB::prepare( 'SELECT * FROM `*PREFIX*properties` WHERE `userid` = ?' . ' AND `propertypath` IN ('.$placeholders.')' ); array_unshift($paths, OC_User::getUser()); // prepend userid $result = $query->execute( $paths ); while($row = $result->fetchRow()) { diff --git a/lib/db.php b/lib/db.php index 208e70f4c35..d67cebce589 100644 --- a/lib/db.php +++ b/lib/db.php @@ -263,7 +263,7 @@ class OC_DB { */ static public function prepare( $query , $limit=null, $offset=null ){ - if (!is_null($limit)) { + if (!is_null($limit) && limit != -1) { if (self::$backend == self::BACKEND_MDB2) { //MDB2 uses or emulates limits & offset internally self::$MDB2->setLimit($limit, $offset); diff --git a/lib/filecache/cached.php b/lib/filecache/cached.php index 1e17666717e..95cc0ac300e 100644 --- a/lib/filecache/cached.php +++ b/lib/filecache/cached.php @@ -18,7 +18,7 @@ class OC_FileCache_Cached{ $root=OC_Filesystem::getRoot(); } $path=$root.$path; - $query=OC_DB::prepare('SELECT path,ctime,mtime,mimetype,size,encrypted,versioned,writable FROM *PREFIX*fscache WHERE path_hash=?'); + $query=OC_DB::prepare('SELECT `path`,`ctime`,`mtime`,`mimetype`,`size`,`encrypted`,`versioned`,`writable` FROM `*PREFIX*fscache` WHERE `path_hash`=?'); $result=$query->execute(array(md5($path)))->fetchRow(); if(is_array($result)){ if(isset(self::$savedData[$path])){ @@ -58,7 +58,7 @@ class OC_FileCache_Cached{ if($parent==-1){ return array(); } - $query=OC_DB::prepare('SELECT id,path,name,ctime,mtime,mimetype,size,encrypted,versioned,writable FROM *PREFIX*fscache WHERE parent=? AND (mimetype LIKE ? OR mimetype = ?)'); + $query=OC_DB::prepare('SELECT `id`,`path`,`name`,`ctime`,`mtime`,`mimetype`,`size`,`encrypted`,`versioned`,`writable` FROM `*PREFIX*fscache` WHERE `parent`=? AND (`mimetype` LIKE ? OR `mimetype` = ?)'); $result=$query->execute(array($parent, $mimetype_filter.'%', 'httpd/unix-directory'))->fetchAll(); if(is_array($result)){ return $result; diff --git a/lib/public/share.php b/lib/public/share.php index c894b317631..93820760d15 100644 --- a/lib/public/share.php +++ b/lib/public/share.php @@ -307,7 +307,7 @@ class Share { if ($item = self::getItems($itemType, $itemSource, $shareType, $shareWith, \OC_User::getUser(), self::FORMAT_NONE, null, 1, false)) { // Check if this item is a reshare and verify that the permissions granted don't exceed the parent shared item if (isset($item['parent'])) { - $query = \OC_DB::prepare('SELECT permissions FROM *PREFIX*share WHERE id = ? LIMIT 1'); + $query = \OC_DB::prepare('SELECT `permissions` FROM `*PREFIX*share` WHERE `id` = ?',1); $result = $query->execute(array($item['parent']))->fetchRow(); if (~(int)$result['permissions'] & $permissions) { $message = 'Setting permissions for '.$itemSource.' failed, because the permissions exceed permissions granted to '.\OC_User::getUser(); @@ -315,7 +315,7 @@ class Share { throw new \Exception($message); } } - $query = \OC_DB::prepare('UPDATE *PREFIX*share SET permissions = ? WHERE id = ?'); + $query = \OC_DB::prepare('UPDATE `*PREFIX*share` SET `permissions` = ? WHERE `id` = ?'); $query->execute(array($permissions, $item['id'])); // Check if permissions were removed if ($item['permissions'] & ~$permissions) { @@ -327,7 +327,7 @@ class Share { $parents = array($item['id']); while (!empty($parents)) { $parents = "'".implode("','", $parents)."'"; - $query = \OC_DB::prepare('SELECT id, permissions FROM *PREFIX*share WHERE parent IN ('.$parents.')'); + $query = \OC_DB::prepare('SELECT `id`, `permissions` FROM `*PREFIX*share` WHERE `parent` IN ('.$parents.')'); $result = $query->execute(); // Reset parents array, only go through loop again if items are found that need permissions removed $parents = array(); @@ -343,7 +343,7 @@ class Share { // Remove the permissions for all reshares of this item if (!empty($ids)) { $ids = "'".implode("','", $ids)."'"; - $query = \OC_DB::prepare('UPDATE *PREFIX*share SET permissions = permissions & ? WHERE id IN ('.$ids.')'); + $query = \OC_DB::prepare('UPDATE `*PREFIX*share` SET `permissions` = `permissions` & ? WHERE `id` IN ('.$ids.')'); $query->execute(array($permissions)); } } @@ -424,9 +424,9 @@ class Share { // Get filesystem root to add it to the file target and remove from the file source, match file_source with the file cache if ($itemType == 'file' || $itemType == 'folder') { $root = \OC_Filesystem::getRoot(); - $where = 'INNER JOIN *PREFIX*fscache ON file_source = *PREFIX*fscache.id '; + $where = 'INNER JOIN `*PREFIX*fscache` ON `file_source` = `*PREFIX*fscache`.`id`'; if (!isset($item)) { - $where .= 'WHERE file_target IS NOT NULL'; + $where .= ' WHERE `file_target` IS NOT NULL'; } $fileDependent = true; $queryArgs = array(); @@ -437,39 +437,39 @@ class Share { // If includeCollections is true, find collections of this item type, e.g. a music album contains songs $itemTypes = array_merge(array($itemType), $collectionTypes); $placeholders = join(',', array_fill(0, count($itemTypes), '?')); - $where = "WHERE item_type IN ('".$placeholders."')"; + $where = ' WHERE `item_type` IN ('.$placeholders.')'; $queryArgs = $itemTypes; } else { - $where = 'WHERE item_type = ?'; + $where = ' WHERE `item_type` = ?'; $queryArgs = array($itemType); } } if (isset($shareType) && isset($shareWith)) { // Include all user and group items if ($shareType == self::$shareTypeUserAndGroups) { - $where .= ' AND share_type IN (?,?,?)'; + $where .= ' AND `share_type` IN (?,?,?)'; $queryArgs[] = self::SHARE_TYPE_USER; $queryArgs[] = self::SHARE_TYPE_GROUP; $queryArgs[] = self::$shareTypeGroupUserUnique; $userAndGroups = array_merge(array($shareWith), \OC_Group::getUserGroups($shareWith)); $placeholders = join(',', array_fill(0, count($userAndGroups), '?')); - $where .= " AND share_with IN (".$placeholders.")"; + $where .= ' AND `share_with` IN ('.$placeholders.')'; $queryArgs = array_merge($queryArgs, $userAndGroups); // Don't include own group shares - $where .= ' AND uid_owner != ?'; + $where .= ' AND `uid_owner` != ?'; $queryArgs[] = $shareWith; } else { - $where .= ' AND share_type = ? AND share_with = ?'; + $where .= ' AND `share_type` = ? AND `share_with` = ?'; $queryArgs[] = $shareType; $queryArgs[] = $shareWith; } } if (isset($uidOwner)) { - $where .= " AND uid_owner = ?"; + $where .= ' AND `uid_owner` = ?'; $queryArgs[] = $uidOwner; if (!isset($shareType)) { // Prevent unique user targets for group shares from being selected - $where .= " AND share_type != ?"; + $where .= ' AND `share_type` != ?'; $queryArgs[] = self::$shareTypeGroupUserUnique; } if ($itemType == 'file' || $itemType == 'folder') { @@ -489,17 +489,17 @@ class Share { if (isset($uidOwner) || $itemShareWithBySource) { // If item type is a file, file source needs to be checked in case the item was converted if ($itemType == 'file' || $itemType == 'folder') { - $where .= ' AND file_source = ?'; + $where .= ' AND `file_source` = ?'; $column = 'file_source'; } else { - $where .= " AND item_source = ?"; + $where .= ' AND `item_source` = ?'; $column = 'item_source'; } } else { if ($itemType == 'file' || $itemType == 'folder') { - $where .= " AND file_target = ?"; + $where .= ' AND `file_target` = ?'; } else { - $where .= " AND item_target = ?"; + $where .= ' AND `item_target` = ?'; } } $queryArgs[] = $item; @@ -514,35 +514,33 @@ class Share { if ($shareType == self::$shareTypeUserAndGroups) { // Make sure the unique user target is returned if it exists, unique targets should follow the group share in the database // If the limit is not 1, the filtering can be done later - $where .= ' ORDER BY *PREFIX*share.id DESC'; + $where .= ' ORDER BY `*PREFIX*share`.`id` DESC'; } // The limit must be at least 3, because filtering needs to be done if ($limit < 3) { - $where .= ' LIMIT 3'; - } else { - $where .= ' LIMIT '.$limit; + $limit = 3; } } // TODO Optimize selects if ($format == self::FORMAT_STATUSES) { if ($itemType == 'file' || $itemType == 'folder') { - $select = '*PREFIX*share.id, item_type, *PREFIX*share.parent, share_type, file_source, path'; + $select = '`*PREFIX*share`.`id`, `item_type`, `*PREFIX*share`.`parent`, `share_type`, `file_source`, `path`'; } else { - $select = 'id, item_type, item_source, parent, share_type'; + $select = '`id`, `item_type`, `item_source`, `parent`, `share_type`'; } } else { if (isset($uidOwner)) { if ($itemType == 'file' || $itemType == 'folder') { - $select = '*PREFIX*share.id, item_type, *PREFIX*share.parent, share_type, share_with, file_source, path, permissions, stime'; + $select = '`*PREFIX*share`.`id`, `item_type`, `*PREFIX*share`.`parent`, `share_type`, `share_with`, `file_source`, `path`, `permissions`, `stime`'; } else { - $select = 'id, item_type, item_source, parent, share_type, share_with, permissions, stime, file_source'; + $select = '`id`, `item_type`, `item_source`, `parent`, `share_type`, `share_with`, `permissions`, `stime`, `file_source`'; } } else { if ($fileDependent) { if (($itemType == 'file' || $itemType == 'folder') && $format == \OC_Share_Backend_File::FORMAT_FILE_APP || $format == \OC_Share_Backend_File::FORMAT_FILE_APP_ROOT) { - $select = '*PREFIX*share.id, item_type, *PREFIX*share.parent, share_type, share_with, file_source, path, file_target, permissions, name, ctime, mtime, mimetype, size, encrypted, versioned, writable'; + $select = '`*PREFIX*share`.`id`, `item_type`, `*PREFIX*share`.`parent`, `share_type`, `share_with`, `file_source`, `path`, `file_target`, `permissions`, `name`, `ctime`, `mtime`, `mimetype`, `size`, `encrypted`, `versioned`, `writable`'; } else { - $select = '*PREFIX*share.id, item_type, item_source, item_target, *PREFIX*share.parent, share_type, share_with, uid_owner, file_source, path, file_target, permissions, stime'; + $select = '`*PREFIX*share`.`id`, `item_type`, `item_source`, `item_target`, `*PREFIX*share`.`parent`, `share_type`, `share_with`, `uid_owner`, `file_source`, `path`, `file_target`, `permissions`, `stime`'; } } else { $select = '*'; @@ -550,7 +548,7 @@ class Share { } } $root = strlen($root); - $query = \OC_DB::prepare('SELECT '.$select.' FROM *PREFIX*share '.$where); + $query = \OC_DB::prepare('SELECT '.$select.' FROM `*PREFIX*share` '.$where, $limit); $result = $query->execute($queryArgs); $items = array(); $targets = array(); @@ -729,7 +727,7 @@ class Share { $fileSource = null; } } - $query = \OC_DB::prepare('INSERT INTO *PREFIX*share (item_type, item_source, item_target, parent, share_type, share_with, uid_owner, permissions, stime, file_source, file_target) VALUES (?,?,?,?,?,?,?,?,?,?,?)'); + $query = \OC_DB::prepare('INSERT INTO `*PREFIX*share` (`item_type`, `item_source`, `item_target`, `parent`, `share_type`, `share_with`, `uid_owner`, `permissions`, `stime`, `file_source`, `file_target`) VALUES (?,?,?,?,?,?,?,?,?,?,?)'); // Share with a group if ($shareType == self::SHARE_TYPE_GROUP) { if (isset($fileSource)) { @@ -871,10 +869,10 @@ class Share { } // Find similar targets to improve backend's chances to generate a unqiue target if ($userAndGroups) { - $checkTargets = \OC_DB::prepare("SELECT ".$column." FROM *PREFIX*share WHERE item_type = ? AND share_type IN (?,?,?) AND share_with IN ('".implode("','", $userAndGroups)."') AND ".$column." LIKE ?"); + $checkTargets = \OC_DB::prepare('SELECT `'.$column.'` FROM `*PREFIX*share` WHERE `item_type` = ? AND `share_type` IN (?,?,?) AND `share_with` IN (\''.implode('\',\'', $userAndGroups).'\') AND `'.$column.'` LIKE ?'); $result = $checkTargets->execute(array($itemType, self::SHARE_TYPE_USER, self::SHARE_TYPE_GROUP, self::$shareTypeGroupUserUnique, '%'.$target.'%')); } else { - $checkTargets = \OC_DB::prepare("SELECT ".$column." FROM *PREFIX*share WHERE item_type = ? AND share_type = ? AND share_with = ? AND ".$column." LIKE ?"); + $checkTargets = \OC_DB::prepare('SELECT `'.$column.'` FROM `*PREFIX*share` WHERE `item_type` = ? AND `share_type` = ? AND `share_with` = ? AND `'.$column.'` LIKE ?'); $result = $checkTargets->execute(array($itemType, self::SHARE_TYPE_GROUP, $shareWith, '%'.$target.'%')); } while ($row = $result->fetchRow()) { @@ -903,10 +901,10 @@ class Share { $parents = "'".implode("','", $parents)."'"; // Check the owner on the first search of reshares, useful for finding and deleting the reshares by a single user of a group share if (count($ids) == 1 && isset($uidOwner)) { - $query = \OC_DB::prepare('SELECT id FROM *PREFIX*share WHERE parent IN ('.$parents.') AND uid_owner = ?'); + $query = \OC_DB::prepare('SELECT `id` FROM `*PREFIX*share` WHERE `parent` IN ('.$parents.') AND `uid_owner` = ?'); $result = $query->execute(array($uidOwner)); } else { - $query = \OC_DB::prepare('SELECT id, item_type, item_target, parent, uid_owner FROM *PREFIX*share WHERE parent IN ('.$parents.')'); + $query = \OC_DB::prepare('SELECT `id`, `item_type`, `item_target`, `parent`, `uid_owner` FROM `*PREFIX*share` WHERE `parent` IN ('.$parents.')'); $result = $query->execute(); } // Reset parents array, only go through loop again if items are found @@ -914,12 +912,12 @@ class Share { while ($item = $result->fetchRow()) { // Search for a duplicate parent share, this occurs when an item is shared to the same user through a group and user or the same item is shared by different users $userAndGroups = array_merge(array($item['uid_owner']), \OC_Group::getUserGroups($item['uid_owner'])); - $query = \OC_DB::prepare("SELECT id, permissions FROM *PREFIX*share WHERE item_type = ? AND item_target = ? AND share_type IN (?,?,?) AND share_with IN ('".implode("','", $userAndGroups)."') AND uid_owner != ? AND id != ?"); + $query = \OC_DB::prepare('SELECT `id`, `permissions` FROM `*PREFIX*share` WHERE `item_type` = ? AND `item_target` = ? AND `share_type` IN (?,?,?) AND `share_with` IN (\''.implode('\',\'', $userAndGroups).'\') AND `uid_owner` != ? AND `id` != ?'); $duplicateParent = $query->execute(array($item['item_type'], $item['item_target'], self::SHARE_TYPE_USER, self::SHARE_TYPE_GROUP, self::$shareTypeGroupUserUnique, $item['uid_owner'], $item['parent']))->fetchRow(); if ($duplicateParent) { // Change the parent to the other item id if share permission is granted if ($duplicateParent['permissions'] & self::PERMISSION_SHARE) { - $query = \OC_DB::prepare('UPDATE *PREFIX*share SET parent = ? WHERE id = ?'); + $query = \OC_DB::prepare('UPDATE `*PREFIX*share` SET `parent` = ? WHERE `id` = ?'); $query->execute(array($duplicateParent['id'], $item['id'])); continue; } @@ -933,7 +931,7 @@ class Share { } if (!empty($ids)) { $ids = "'".implode("','", $ids)."'"; - $query = \OC_DB::prepare('DELETE FROM *PREFIX*share WHERE id IN ('.$ids.')'); + $query = \OC_DB::prepare('DELETE FROM `*PREFIX*share` WHERE `id` IN ('.$ids.')'); $query->execute(); } } @@ -944,10 +942,10 @@ class Share { public static function post_deleteUser($arguments) { // Delete any items shared with the deleted user - $query = \OC_DB::prepare('DELETE FROM *PREFIX*share WHERE share_with = ? AND share_type = ? OR share_type = ?'); + $query = \OC_DB::prepare('DELETE FROM `*PREFIX*share` WHERE `share_with` = ? AND `share_type` = ? OR `share_type` = ?'); $result = $query->execute(array($arguments['uid'], self::SHARE_TYPE_USER, self::$shareTypeGroupUserUnique)); // Delete any items the deleted user shared - $query = \OC_DB::prepare('SELECT id FROM *PREFIX*share WHERE uid_owner = ?'); + $query = \OC_DB::prepare('SELECT `id` FROM `*PREFIX*share` WHERE `uid_owner` = ?'); $result = $query->execute(array($arguments['uid'])); while ($item = $result->fetchRow()) { self::delete($item['id']); @@ -960,7 +958,7 @@ class Share { public static function post_removeFromGroup($arguments) { // TODO Don't call if user deleted? - $query = \OC_DB::prepare('SELECT id, share_type FROM *PREFIX*share WHERE (share_type = ? AND share_with = ?) OR (share_type = ? AND share_with = ?)'); + $query = \OC_DB::prepare('SELECT `id`, `share_type` FROM `*PREFIX*share` WHERE (`share_type` = ? AND `share_with` = ?) OR (`share_type` = ? AND `share_with` = ?)'); $result = $query->execute(array(self::SHARE_TYPE_GROUP, $arguments['gid'], self::$shareTypeGroupUserUnique, $arguments['uid'])); while ($item = $result->fetchRow()) { if ($item['share_type'] == self::SHARE_TYPE_GROUP) { diff --git a/lib/subadmin.php b/lib/subadmin.php index 0806f27a6bd..8d4f413b104 100644 --- a/lib/subadmin.php +++ b/lib/subadmin.php @@ -37,7 +37,7 @@ class OC_SubAdmin{ * @return boolean */ public static function createSubAdmin($uid, $gid){ - $stmt = OC_DB::prepare('INSERT INTO *PREFIX*group_admin (gid,uid) VALUES(?,?)'); + $stmt = OC_DB::prepare('INSERT INTO `*PREFIX*group_admin` (`gid`,`uid`) VALUES(?,?)'); $result = $stmt->execute(array($gid, $uid)); OC_Hook::emit( "OC_SubAdmin", "post_createSubAdmin", array( "gid" => $gid )); return true; @@ -50,7 +50,7 @@ class OC_SubAdmin{ * @return boolean */ public static function deleteSubAdmin($uid, $gid){ - $stmt = OC_DB::prepare('DELETE FROM *PREFIX*group_admin WHERE gid = ? AND uid = ?'); + $stmt = OC_DB::prepare('DELETE FROM `*PREFIX*group_admin` WHERE `gid` = ? AND `uid` = ?'); $result = $stmt->execute(array($gid, $uid)); OC_Hook::emit( "OC_SubAdmin", "post_deleteSubAdmin", array( "gid" => $gid )); return true; @@ -62,7 +62,7 @@ class OC_SubAdmin{ * @return array */ public static function getSubAdminsGroups($uid){ - $stmt = OC_DB::prepare('SELECT gid FROM *PREFIX*group_admin WHERE uid = ?'); + $stmt = OC_DB::prepare('SELECT `gid` FROM `*PREFIX*group_admin` WHERE `uid` = ?'); $result = $stmt->execute(array($uid)); $gids = array(); while($row = $result->fetchRow()){ @@ -77,7 +77,7 @@ class OC_SubAdmin{ * @return array */ public static function getGroupsSubAdmins($gid){ - $stmt = OC_DB::prepare('SELECT uid FROM *PREFIX*group_admin WHERE gid = ?'); + $stmt = OC_DB::prepare('SELECT `uid` FROM `*PREFIX*group_admin` WHERE `gid` = ?'); $result = $stmt->execute(array($gid)); $uids = array(); while($row = $result->fetchRow()){ @@ -91,7 +91,7 @@ class OC_SubAdmin{ * @return array */ public static function getAllSubAdmins(){ - $stmt = OC_DB::prepare('SELECT * FROM *PREFIX*group_admin'); + $stmt = OC_DB::prepare('SELECT * FROM `*PREFIX*group_admin`'); $result = $stmt->execute(); $subadmins = array(); while($row = $result->fetchRow()){ @@ -107,7 +107,7 @@ class OC_SubAdmin{ * @return bool */ public static function isSubAdminofGroup($uid, $gid){ - $stmt = OC_DB::prepare('SELECT COUNT(*) as count FROM *PREFIX*group_admin where uid = ? AND gid = ?'); + $stmt = OC_DB::prepare('SELECT COUNT(*) AS `count` FROM `*PREFIX*group_admin` WHERE `uid` = ? AND `gid` = ?'); $result = $stmt->execute(array($uid, $gid)); $result = $result->fetchRow(); if($result['count'] >= 1){ @@ -122,7 +122,7 @@ class OC_SubAdmin{ * @return bool */ public static function isSubAdmin($uid){ - $stmt = OC_DB::prepare('SELECT COUNT(*) as count FROM *PREFIX*group_admin WHERE uid = ?'); + $stmt = OC_DB::prepare('SELECT COUNT(*) AS `count` FROM `*PREFIX*group_admin` WHERE `uid` = ?'); $result = $stmt->execute(array($uid)); $result = $result->fetchRow(); if($result['count'] > 0){ @@ -163,7 +163,7 @@ class OC_SubAdmin{ * @return boolean */ public static function post_deleteUser($parameters){ - $stmt = OC_DB::prepare('DELETE FROM *PREFIX*group_admin WHERE uid = ?'); + $stmt = OC_DB::prepare('DELETE FROM `*PREFIX*group_admin` WHERE `uid` = ?'); $result = $stmt->execute(array($parameters['uid'])); return true; } @@ -174,7 +174,7 @@ class OC_SubAdmin{ * @return boolean */ public static function post_deleteGroup($parameters){ - $stmt = OC_DB::prepare('DELETE FROM *PREFIX*group_admin WHERE gid = ?'); + $stmt = OC_DB::prepare('DELETE FROM `*PREFIX*group_admin` WHERE `gid` = ?'); $result = $stmt->execute(array($parameters['gid'])); return true; } diff --git a/tests/lib/share/share.php b/tests/lib/share/share.php index 785591829de..303790b4868 100644 --- a/tests/lib/share/share.php +++ b/tests/lib/share/share.php @@ -57,7 +57,7 @@ class Test_Share extends UnitTestCase { } public function tearDown() { - $query = OC_DB::prepare('DELETE FROM *PREFIX*share WHERE item_type = ?'); + $query = OC_DB::prepare('DELETE FROM `*PREFIX*share` WHERE `item_type` = ?'); $query->execute(array('test')); } |