diff options
| author | jfd <jfd@underverse> | 2012-07-30 20:46:14 +0200 |
|---|---|---|
| committer | Jörn Friedrich Dreyer <jfd@butonic.de> | 2012-07-31 18:53:05 +0200 |
| commit | ede464f05872574a703c36d8d976b5c97e55c23f (patch) | |
| tree | c075f46d52b905a93cb5d3137af5198de83d34f2 /lib | |
| parent | 3c5670b662ea9e5ee36146f10f63faaadacb8187 (diff) | |
| download | nextcloud-server-ede464f05872574a703c36d8d976b5c97e55c23f.tar.gz nextcloud-server-ede464f05872574a703c36d8d976b5c97e55c23f.zip | |
escape all identifiers with backticks
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/app.php | 4 | ||||
| -rw-r--r-- | lib/appconfig.php | 26 | ||||
| -rw-r--r-- | lib/connector/sabre/locks.php | 12 | ||||
| -rw-r--r-- | lib/connector/sabre/node.php | 10 | ||||
| -rw-r--r-- | lib/filecache.php | 46 | ||||
| -rw-r--r-- | lib/group/database.php | 20 | ||||
| -rw-r--r-- | lib/migrate.php | 2 | ||||
| -rw-r--r-- | lib/migration/content.php | 4 | ||||
| -rw-r--r-- | lib/preferences.php | 22 | ||||
| -rw-r--r-- | lib/user/database.php | 10 | ||||
| -rw-r--r-- | lib/vcategories.php | 2 |
11 files changed, 79 insertions, 79 deletions
diff --git a/lib/app.php b/lib/app.php index e57e1e58a28..f9292b331bb 100644 --- a/lib/app.php +++ b/lib/app.php @@ -139,7 +139,7 @@ class OC_App{ */ public static function getEnabledApps(){ $apps=array('files'); - $query = OC_DB::prepare( 'SELECT appid FROM *PREFIX*appconfig WHERE configkey = \'enabled\' AND configvalue=\'yes\'' ); + $query = OC_DB::prepare( 'SELECT `appid` FROM `*PREFIX*appconfig` WHERE `configkey` = \'enabled\' AND `configvalue`=\'yes\'' ); $result=$query->execute(); while($row=$result->fetchRow()){ if(array_search($row['appid'],$apps)===false){ @@ -548,7 +548,7 @@ class OC_App{ */ public static function getAppVersions(){ $versions=array(); - $query = OC_DB::prepare( 'SELECT appid, configvalue FROM *PREFIX*appconfig WHERE configkey = \'installed_version\'' ); + $query = OC_DB::prepare( 'SELECT `appid`, `configvalue` FROM `*PREFIX*appconfig` WHERE `configkey` = \'installed_version\'' ); $result = $query->execute(); while($row = $result->fetchRow()){ $versions[$row['appid']]=$row['configvalue']; diff --git a/lib/appconfig.php b/lib/appconfig.php index 5aaaadd9c4a..2e356225e7c 100644 --- a/lib/appconfig.php +++ b/lib/appconfig.php @@ -47,7 +47,7 @@ class OC_Appconfig{ */ public static function getApps(){ // No magic in here! - $query = OC_DB::prepare( 'SELECT DISTINCT appid FROM *PREFIX*appconfig' ); + $query = OC_DB::prepare( 'SELECT DISTINCT `appid` FROM `*PREFIX*appconfig`' ); $result = $query->execute(); $apps = array(); @@ -68,7 +68,7 @@ class OC_Appconfig{ */ public static function getKeys( $app ){ // No magic in here as well - $query = OC_DB::prepare( 'SELECT configkey FROM *PREFIX*appconfig WHERE appid = ?' ); + $query = OC_DB::prepare( 'SELECT `configkey` FROM `*PREFIX*appconfig` WHERE `appid` = ?' ); $result = $query->execute( array( $app )); $keys = array(); @@ -91,7 +91,7 @@ class OC_Appconfig{ */ public static function getValue( $app, $key, $default = null ){ // At least some magic in here :-) - $query = OC_DB::prepare( 'SELECT configvalue FROM *PREFIX*appconfig WHERE appid = ? AND configkey = ?' ); + $query = OC_DB::prepare( 'SELECT `configvalue` FROM `*PREFIX*appconfig` WHERE `appid` = ? AND `configkey` = ?' ); $result = $query->execute( array( $app, $key )); $row = $result->fetchRow(); if($row){ @@ -124,11 +124,11 @@ class OC_Appconfig{ public static function setValue( $app, $key, $value ){ // Does the key exist? yes: update. No: insert if(! self::hasKey($app,$key)){ - $query = OC_DB::prepare( 'INSERT INTO *PREFIX*appconfig ( appid, configkey, configvalue ) VALUES( ?, ?, ? )' ); + $query = OC_DB::prepare( 'INSERT INTO `*PREFIX*appconfig` ( `appid`, `configkey`, `configvalue` ) VALUES( ?, ?, ? )' ); $query->execute( array( $app, $key, $value )); } else{ - $query = OC_DB::prepare( 'UPDATE *PREFIX*appconfig SET configvalue = ? WHERE appid = ? AND configkey = ?' ); + $query = OC_DB::prepare( 'UPDATE `*PREFIX*appconfig` SET `configvalue` = :configvalue WHERE `appid` = ? AND `configkey` = ?' ); $query->execute( array( $value, $app, $key )); } } @@ -143,7 +143,7 @@ class OC_Appconfig{ */ public static function deleteKey( $app, $key ){ // Boring! - $query = OC_DB::prepare( 'DELETE FROM *PREFIX*appconfig WHERE appid = ? AND configkey = ?' ); + $query = OC_DB::prepare( 'DELETE FROM `*PREFIX*appconfig` WHERE `appid` = ? AND `configkey` = ?' ); $query->execute( array( $app, $key )); return true; @@ -158,7 +158,7 @@ class OC_Appconfig{ */ public static function deleteApp( $app ){ // Nothing special - $query = OC_DB::prepare( 'DELETE FROM *PREFIX*appconfig WHERE appid = ?' ); + $query = OC_DB::prepare( 'DELETE FROM `*PREFIX*appconfig` WHERE `appid` = ?' ); $query->execute( array( $app )); return true; @@ -175,20 +175,20 @@ class OC_Appconfig{ return false; } $where='WHERE'; - $fields='configvalue'; + $fields='`configvalue`'; $params=array(); if($app!==false){ - $where.=' appid = ?'; - $fields.=', configkey'; + $where.=' `appid` = ?'; + $fields.=', `configkey`'; $params[]=$app; $key='configkey'; }else{ - $fields.=', appid'; - $where.=' configkey = ?'; + $fields.=', `appid`'; + $where.=' `configkey` = ?'; $params[]=$key; $key='appid'; } - $queryString='SELECT '.$fields.' FROM *PREFIX*appconfig '.$where; + $queryString='SELECT '.$fields.' FROM `*PREFIX*appconfig` '.$where; $query=OC_DB::prepare($queryString); $result=$query->execute($params); $values=array(); diff --git a/lib/connector/sabre/locks.php b/lib/connector/sabre/locks.php index 94382e68a1a..b4878fabc78 100644 --- a/lib/connector/sabre/locks.php +++ b/lib/connector/sabre/locks.php @@ -41,7 +41,7 @@ class OC_Connector_Sabre_Locks extends Sabre_DAV_Locks_Backend_Abstract { // NOTE: the following 10 lines or so could be easily replaced by // pure sql. MySQL's non-standard string concatination prevents us // from doing this though. - $query = 'SELECT * FROM *PREFIX*locks WHERE userid = ? AND (created + timeout) > ? AND ((uri = ?)'; + $query = 'SELECT * FROM `*PREFIX*locks` WHERE `userid` = ? AND (`created` + `timeout`) > ? AND ((`uri` = ?)'; $params = array(OC_User::getUser(),time(),$uri); // We need to check locks for every part in the uri. @@ -57,14 +57,14 @@ class OC_Connector_Sabre_Locks extends Sabre_DAV_Locks_Backend_Abstract { if ($currentPath) $currentPath.='/'; $currentPath.=$part; - $query.=' OR (depth!=0 AND uri = ?)'; + $query.=' OR (`depth` != 0 AND `uri` = ?)'; $params[] = $currentPath; } if ($returnChildLocks) { - $query.=' OR (uri LIKE ?)'; + $query.=' OR (`uri` LIKE ?)'; $params[] = $uri . '/%'; } @@ -113,10 +113,10 @@ class OC_Connector_Sabre_Locks extends Sabre_DAV_Locks_Backend_Abstract { } if ($exists) { - $query = OC_DB::prepare( 'UPDATE *PREFIX*locks SET owner = ?, timeout = ?, scope = ?, depth = ?, uri = ?, created = ? WHERE userid = ? AND token = ?' ); + $query = OC_DB::prepare( 'UPDATE `*PREFIX*locks` SET `owner` = ?, `timeout` = ?, `scope` = ?, `depth` = ?, `uri` = ?, `created` = ? WHERE `userid` = ? AND `token` = ?' ); $result = $query->execute( array($lockInfo->owner,$lockInfo->timeout,$lockInfo->scope,$lockInfo->depth,$uri,$lockInfo->created,OC_User::getUser(),$lockInfo->token)); } else { - $query = OC_DB::prepare( 'INSERT INTO *PREFIX*locks (userid,owner,timeout,scope,depth,uri,created,token) VALUES (?,?,?,?,?,?,?,?)' ); + $query = OC_DB::prepare( 'INSERT INTO `*PREFIX*locks` (`userid`,`owner`,`timeout`,`scope`,`depth`,`uri`,`created`,`token`) VALUES (?,?,?,?,?,?,?,?)' ); $result = $query->execute( array(OC_User::getUser(),$lockInfo->owner,$lockInfo->timeout,$lockInfo->scope,$lockInfo->depth,$uri,$lockInfo->created,$lockInfo->token)); } @@ -133,7 +133,7 @@ class OC_Connector_Sabre_Locks extends Sabre_DAV_Locks_Backend_Abstract { */ public function unlock($uri,Sabre_DAV_Locks_LockInfo $lockInfo) { - $query = OC_DB::prepare( 'DELETE FROM *PREFIX*locks WHERE userid = ? AND uri=? AND token=?' ); + $query = OC_DB::prepare( 'DELETE FROM `*PREFIX*locks` WHERE `userid` = ? AND `uri` = ? AND `token` = ?' ); $result = $query->execute( array(OC_User::getUser(),$uri,$lockInfo->token)); return $result->numRows() === 1; diff --git a/lib/connector/sabre/node.php b/lib/connector/sabre/node.php index 85d2160feb3..ce5cc022085 100644 --- a/lib/connector/sabre/node.php +++ b/lib/connector/sabre/node.php @@ -77,7 +77,7 @@ abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IPr $this->path = $newPath; - $query = OC_DB::prepare( 'UPDATE *PREFIX*properties SET propertypath = ? WHERE userid = ? AND propertypath = ?' ); + $query = OC_DB::prepare( 'UPDATE `*PREFIX*properties` SET `propertypath` = ? WHERE `userid` = ? AND `propertypath` = ?' ); $query->execute( array( $newPath,OC_User::getUser(), $oldPath )); } @@ -125,7 +125,7 @@ abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IPr // If it was null, we need to delete the property if (is_null($propertyValue)) { if(array_key_exists( $propertyName, $existing )){ - $query = OC_DB::prepare( 'DELETE FROM *PREFIX*properties WHERE userid = ? AND propertypath = ? AND propertyname = ?' ); + $query = OC_DB::prepare( 'DELETE FROM `*PREFIX*properties` WHERE `userid` = ? AND `propertypath` = ? AND `propertyname` = ?' ); $query->execute( array( OC_User::getUser(), $this->path, $propertyName )); } } @@ -134,10 +134,10 @@ abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IPr $this->touch($propertyValue); } else { if(!array_key_exists( $propertyName, $existing )){ - $query = OC_DB::prepare( 'INSERT INTO *PREFIX*properties (userid,propertypath,propertyname,propertyvalue) VALUES(?,?,?,?)' ); + $query = OC_DB::prepare( 'INSERT INTO `*PREFIX*properties` (`userid`,`propertypath`,`propertyname`,`propertyvalue`) VALUES(?,?,?,?)' ); $query->execute( array( OC_User::getUser(), $this->path, $propertyName,$propertyValue )); } else { - $query = OC_DB::prepare( 'UPDATE *PREFIX*properties SET propertyvalue = ? WHERE userid = ? AND propertypath = ? AND propertyname = ?' ); + $query = OC_DB::prepare( 'UPDATE `*PREFIX*properties` SET `propertyvalue` = ? WHERE `userid` = ? AND `propertypath` = ? AND `propertyname` = ?' ); $query->execute( array( $propertyValue,OC_User::getUser(), $this->path, $propertyName )); } } @@ -158,7 +158,7 @@ abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IPr */ function getProperties($properties) { // At least some magic in here :-) - $query = OC_DB::prepare( 'SELECT * FROM *PREFIX*properties WHERE userid = ? AND propertypath = ?' ); + $query = OC_DB::prepare( 'SELECT * FROM `*PREFIX*properties` WHERE `userid` = ? AND `propertypath` = ?' ); $result = $query->execute( array( OC_User::getUser(), $this->path )); $existing = array(); diff --git a/lib/filecache.php b/lib/filecache.php index 8d0f3c84f93..e475581f14e 100644 --- a/lib/filecache.php +++ b/lib/filecache.php @@ -59,7 +59,7 @@ class OC_FileCache{ $root=''; } $path=$root.$path; - $query=OC_DB::prepare('SELECT ctime,mtime,mimetype,size,encrypted,versioned,writable FROM *PREFIX*fscache WHERE path_hash=?'); + $query=OC_DB::prepare('SELECT `ctime`,`mtime`,`mimetype`,`size`,`encrypted`,`versioned`,`writable` FROM `*PREFIX*fscache` WHERE `path_hash`=?'); $result=$query->execute(array(md5($path)))->fetchRow(); if(is_array($result)){ return $result; @@ -112,7 +112,7 @@ class OC_FileCache{ $data['encrypted']=(int)$data['encrypted']; $data['versioned']=(int)$data['versioned']; $user=OC_User::getUser(); - $query=OC_DB::prepare('INSERT INTO *PREFIX*fscache(parent, name, path, path_hash, size, mtime, ctime, mimetype, mimepart,`user`,writable,encrypted,versioned) VALUES(?,?,?,?,?,?,?,?,?,?,?,?,?)'); + $query=OC_DB::prepare('INSERT INTO `*PREFIX*fscache`(`parent`, `name`, `path`, `path_hash`, `size`, `mtime`, `ctime`, `mimetype`, `mimepart`,`user`,`writable`,`encrypted`,`versioned`) VALUES(?,?,?,?,?,?,?,?,?,?,?,?,?)'); $result=$query->execute(array($parent,basename($path),$path,md5($path),$data['size'],$data['mtime'],$data['ctime'],$data['mimetype'],$mimePart,$user,$data['writable'],$data['encrypted'],$data['versioned'])); if(OC_DB::isError($result)){ OC_Log::write('files','error while writing file('.$path.') to cache',OC_Log::ERROR); @@ -135,7 +135,7 @@ class OC_FileCache{ }else{ $arguments[] = $data[$attribute]; } - $queryParts[]=$attribute.'=?'; + $queryParts[]='`'.$attribute.'`=?'; } } if(isset($data['mimetype'])){ @@ -144,7 +144,7 @@ class OC_FileCache{ } $arguments[]=$id; - $sql = 'UPDATE *PREFIX*fscache SET '.implode(' , ',$queryParts).' WHERE id=?'; + $sql = 'UPDATE `*PREFIX*fscache` SET '.implode(' , ',$queryParts).' WHERE `id`=?'; $query=OC_DB::prepare($sql); $result=$query->execute($arguments); if(OC_DB::isError($result)){ @@ -168,12 +168,12 @@ class OC_FileCache{ $oldPath=$root.$oldPath; $newPath=$root.$newPath; $newParent=self::getParentId($newPath); - $query=OC_DB::prepare('UPDATE *PREFIX*fscache SET parent=? ,name=?, path=?, path_hash=? WHERE path_hash=?'); + $query=OC_DB::prepare('UPDATE `*PREFIX*fscache` SET `parent`=? ,`name`=?, `path`=?, `path_hash`=? WHERE `path_hash`=?'); $query->execute(array($newParent,basename($newPath),$newPath,md5($newPath),md5($oldPath))); - $query=OC_DB::prepare('SELECT path FROM *PREFIX*fscache WHERE path LIKE ?'); + $query=OC_DB::prepare('SELECT `path` FROM `*PREFIX*fscache` WHERE `path` LIKE ?'); $oldLength=strlen($oldPath); - $updateQuery=OC_DB::prepare('UPDATE *PREFIX*fscache SET path=?, path_hash=? WHERE path_hash=?'); + $updateQuery=OC_DB::prepare('UPDATE `*PREFIX*fscache` SET `path`=?, `path_hash`=? WHERE `path_hash`=?'); while($row= $query->execute(array($oldPath.'/%'))->fetchRow()){ $old=$row['path']; $new=$newPath.substr($old,$oldLength); @@ -197,12 +197,12 @@ class OC_FileCache{ $path=$root.$file; self::delete(self::getFileId($path)); }elseif($file!=-1){ - $query=OC_DB::prepare('SELECT id FROM *PREFIX*fscache WHERE parent=?'); + $query=OC_DB::prepare('SELECT `id` FROM `*PREFIX*fscache` WHERE `parent`=?'); $result=$query->execute(array($file)); while($child=$result->fetchRow()){ self::delete(intval($child['id'])); } - $query=OC_DB::prepare('DELETE FROM *PREFIX*fscache WHERE id=?'); + $query=OC_DB::prepare('DELETE FROM `*PREFIX*fscache` WHERE `id`=?'); $query->execute(array($file)); } } @@ -223,9 +223,9 @@ class OC_FileCache{ } $rootLen=strlen($root); if(!$returnData){ - $query=OC_DB::prepare('SELECT path FROM *PREFIX*fscache WHERE name LIKE ? AND `user`=?'); + $query=OC_DB::prepare('SELECT `path` FROM `*PREFIX*fscache` WHERE `name` LIKE ? AND `user`=?'); }else{ - $query=OC_DB::prepare('SELECT * FROM *PREFIX*fscache WHERE name LIKE ? AND `user`=?'); + $query=OC_DB::prepare('SELECT * FROM `*PREFIX*fscache` WHERE `name` LIKE ? AND `user`=?'); } $result=$query->execute(array("%$search%",OC_User::getUser())); $names=array(); @@ -270,7 +270,7 @@ class OC_FileCache{ if($parent==-1){ return array(); } - $query=OC_DB::prepare('SELECT name,ctime,mtime,mimetype,size,encrypted,versioned,writable FROM *PREFIX*fscache WHERE parent=? AND (mimetype LIKE ? OR mimetype = ?)'); + $query=OC_DB::prepare('SELECT `name`,`ctime`,`mtime`,`mimetype`,`size`,`encrypted`,`versioned`,`writable` FROM `*PREFIX*fscache` WHERE `parent`=? AND (`mimetype` LIKE ? OR `mimetype` = ?)'); $result=$query->execute(array($parent, $mimetype_filter.'%', 'httpd/unix-directory'))->fetchAll(); if(is_array($result)){ return $result; @@ -304,7 +304,7 @@ class OC_FileCache{ * @return int */ private static function getFileId($path){ - $query=OC_DB::prepare('SELECT id FROM *PREFIX*fscache WHERE path_hash=?'); + $query=OC_DB::prepare('SELECT `id` FROM `*PREFIX*fscache` WHERE `path_hash`=?'); if(OC_DB::isError($query)){ OC_Log::write('files','error while getting file id of '.$path,OC_Log::ERROR); return -1; @@ -350,7 +350,7 @@ class OC_FileCache{ if(!$user){ $user=OC_User::getUser(); } - $query=OC_DB::prepare('SELECT path FROM *PREFIX*fscache WHERE id=? AND `user`=?'); + $query=OC_DB::prepare('SELECT `path` FROM `*PREFIX*fscache` WHERE `id`=? AND `user`=?'); $result=$query->execute(array($id,$user)); $row=$result->fetchRow(); $path=$row['path']; @@ -396,7 +396,7 @@ class OC_FileCache{ if($dir){ if(self::inCache($path,$root) && $path != '/Shared'){ $parent=self::getFileId($fullPath); - $query=OC_DB::prepare('SELECT size FROM *PREFIX*fscache WHERE parent=?'); + $query=OC_DB::prepare('SELECT `size` FROM `*PREFIX*fscache` WHERE `parent`=?'); $result=$query->execute(array($parent)); while($row=$result->fetchRow()){ $size+=$row['size']; @@ -424,7 +424,7 @@ class OC_FileCache{ } } $path=$root.$path; - $query=OC_DB::prepare('SELECT ctime,mtime,mimetype,size,encrypted,versioned,writable FROM *PREFIX*fscache WHERE path_hash=?'); + $query=OC_DB::prepare('SELECT `ctime`,`mtime`,`mimetype`,`size`,`encrypted`,`versioned`,`writable` FROM `*PREFIX*fscache` WHERE `path_hash`=?'); $result=$query->execute(array(md5($path)))->fetchRow(); if(is_array($result)){ if(isset(self::$savedData[$path])){ @@ -450,7 +450,7 @@ class OC_FileCache{ } } $path=$root.$path; - $query=OC_DB::prepare('SELECT size FROM *PREFIX*fscache WHERE path_hash=?'); + $query=OC_DB::prepare('SELECT `size` FROM `*PREFIX*fscache` WHERE `path_hash`=?'); $result=$query->execute(array(md5($path))); if($row=$result->fetchRow()){ return $row['size']; @@ -516,7 +516,7 @@ class OC_FileCache{ private static function increaseSize($path,$sizeDiff){ if($sizeDiff==0) return; while(($id=self::getFileId($path))!=-1){//walk up the filetree increasing the size of all parent folders - $query=OC_DB::prepare('UPDATE *PREFIX*fscache SET size=size+? WHERE id=?'); + $query=OC_DB::prepare('UPDATE `*PREFIX*fscache` SET `size`=`size`+? WHERE `id`=?'); $query->execute(array($sizeDiff,$id)); $path=dirname($path); } @@ -616,10 +616,10 @@ class OC_FileCache{ $root .= '%'; $user=OC_User::getUser(); if(!$part2){ - $query=OC_DB::prepare('SELECT path FROM *PREFIX*fscache WHERE mimepart=? AND `user`=? AND path LIKE ?'); + $query=OC_DB::prepare('SELECT `path` FROM `*PREFIX*fscache` WHERE `mimepart`=? AND `user`=? AND `path` LIKE ?'); $result=$query->execute(array($part1,$user, $root)); }else{ - $query=OC_DB::prepare('SELECT path FROM *PREFIX*fscache WHERE mimetype=? AND `user`=? AND path LIKE ? '); + $query=OC_DB::prepare('SELECT `path` FROM `*PREFIX*fscache` WHERE `mimetype`=? AND `user`=? AND `path` LIKE ? '); $result=$query->execute(array($part1.'/'.$part2,$user, $root)); } $names=array(); @@ -652,7 +652,7 @@ class OC_FileCache{ $mtime=$view->filemtime($path.(($folder)?'/':'')); $isDir=$view->is_dir($path); $fullPath=$root.$path; - $query=OC_DB::prepare('SELECT mtime FROM *PREFIX*fscache WHERE path_hash=?'); + $query=OC_DB::prepare('SELECT `mtime` FROM `*PREFIX*fscache` WHERE `path_hash`=?'); $result=$query->execute(array(md5($fullPath))); if($row=$result->fetchRow()){ $cachedMTime=$row['mtime']; @@ -713,7 +713,7 @@ class OC_FileCache{ } //check for removed files, not using getFolderContent to prevent loops $parent=self::getFileId($view->getRoot().$path); - $query=OC_DB::prepare('SELECT name FROM *PREFIX*fscache WHERE parent=?'); + $query=OC_DB::prepare('SELECT `name` FROM `*PREFIX*fscache` WHERE `parent`=?'); $result=$query->execute(array($parent)); while($row=$result->fetchRow()){ $file=$path.'/'.$row['name']; @@ -731,7 +731,7 @@ class OC_FileCache{ * clean old pre-path_hash entries */ public static function clean(){ - $query=OC_DB::prepare('DELETE FROM *PREFIX*fscache WHERE LENGTH(path_hash)<30'); + $query=OC_DB::prepare('DELETE FROM `*PREFIX*fscache` WHERE LENGTH(`path_hash`)<30'); $query->execute(); } } diff --git a/lib/group/database.php b/lib/group/database.php index d401acf43b3..5e52432c492 100644 --- a/lib/group/database.php +++ b/lib/group/database.php @@ -53,7 +53,7 @@ class OC_Group_Database extends OC_Group_Backend { */ public static function createGroup( $gid ){ // Check for existence - $query = OC_DB::prepare( "SELECT gid FROM `*PREFIX*groups` WHERE gid = ?" ); + $query = OC_DB::prepare( 'SELECT `gid` FROM `*PREFIX*groups` WHERE `gid` = ?' ); $result = $query->execute( array( $gid )); if( $result->fetchRow() ){ @@ -62,7 +62,7 @@ class OC_Group_Database extends OC_Group_Backend { } else{ // Add group and exit - $query = OC_DB::prepare( "INSERT INTO `*PREFIX*groups` ( `gid` ) VALUES( ? )" ); + $query = OC_DB::prepare( 'INSERT INTO `*PREFIX*groups` ( `gid` ) VALUES( ? )' ); $result = $query->execute( array( $gid )); return $result ? true : false; @@ -78,11 +78,11 @@ class OC_Group_Database extends OC_Group_Backend { */ public static function deleteGroup( $gid ){ // Delete the group - $query = OC_DB::prepare( "DELETE FROM `*PREFIX*groups` WHERE gid = ?" ); + $query = OC_DB::prepare( 'DELETE FROM `*PREFIX*groups` WHERE `gid` = ?' ); $result = $query->execute( array( $gid )); // Delete the group-user relation - $query = OC_DB::prepare( "DELETE FROM `*PREFIX*group_user` WHERE gid = ?" ); + $query = OC_DB::prepare( 'DELETE FROM `*PREFIX*group_user` WHERE `gid` = ?' ); $result = $query->execute( array( $gid )); return true; @@ -98,7 +98,7 @@ class OC_Group_Database extends OC_Group_Backend { */ public static function inGroup( $uid, $gid ){ // check - $query = OC_DB::prepare( "SELECT uid FROM `*PREFIX*group_user` WHERE gid = ? AND uid = ?" ); + $query = OC_DB::prepare( 'SELECT `uid` FROM `*PREFIX*group_user` WHERE `gid` = ? AND `uid` = ?' ); $result = $query->execute( array( $gid, $uid )); return $result->fetchRow() ? true : false; @@ -115,7 +115,7 @@ class OC_Group_Database extends OC_Group_Backend { public static function addToGroup( $uid, $gid ){ // No duplicate entries! if( !self::inGroup( $uid, $gid )){ - $query = OC_DB::prepare( "INSERT INTO `*PREFIX*group_user` ( `uid`, `gid` ) VALUES( ?, ? )" ); + $query = OC_DB::prepare( 'INSERT INTO `*PREFIX*group_user` ( `uid`, `gid` ) VALUES( ?, ? )' ); $result = $query->execute( array( $uid, $gid )); return true; }else{ @@ -132,7 +132,7 @@ class OC_Group_Database extends OC_Group_Backend { * removes the user from a group. */ public static function removeFromGroup( $uid, $gid ){ - $query = OC_DB::prepare( "DELETE FROM *PREFIX*group_user WHERE uid = ? AND gid = ?" ); + $query = OC_DB::prepare( 'DELETE FROM `*PREFIX*group_user` WHERE `uid` = ? AND `gid` = ?' ); $result = $query->execute( array( $uid, $gid )); return true; @@ -148,7 +148,7 @@ class OC_Group_Database extends OC_Group_Backend { */ public static function getUserGroups( $uid ){ // No magic! - $query = OC_DB::prepare( "SELECT gid FROM `*PREFIX*group_user` WHERE uid = ?" ); + $query = OC_DB::prepare( 'SELECT `gid` FROM `*PREFIX*group_user` WHERE `uid` = ?' ); $result = $query->execute( array( $uid )); $groups = array(); @@ -166,7 +166,7 @@ class OC_Group_Database extends OC_Group_Backend { * Returns a list with all groups */ public static function getGroups(){ - $query = OC_DB::prepare( "SELECT gid FROM `*PREFIX*groups`" ); + $query = OC_DB::prepare( 'SELECT `gid` FROM `*PREFIX*groups`' ); $result = $query->execute(); $groups = array(); @@ -182,7 +182,7 @@ class OC_Group_Database extends OC_Group_Backend { * @returns array with user ids */ public static function usersInGroup($gid){ - $query=OC_DB::prepare('SELECT uid FROM *PREFIX*group_user WHERE gid=?'); + $query=OC_DB::prepare('SELECT `uid` FROM `*PREFIX*group_user` WHERE `gid`=?'); $users=array(); $result=$query->execute(array($gid)); while($row=$result->fetchRow()){ diff --git a/lib/migrate.php b/lib/migrate.php index 5939ba32e50..5e1922e10e7 100644 --- a/lib/migrate.php +++ b/lib/migrate.php @@ -447,7 +447,7 @@ class OC_Migrate{ ); // Add hash if user export if( self::$exporttype == 'user' ){ - $query = OC_DB::prepare( "SELECT password FROM *PREFIX*users WHERE uid = ?" ); + $query = OC_DB::prepare( "SELECT `password` FROM `*PREFIX*users` WHERE `uid` = ?" ); $result = $query->execute( array( self::$uid ) ); $row = $result->fetchRow(); $hash = $row ? $row['password'] : false; diff --git a/lib/migration/content.php b/lib/migration/content.php index 7ef88f36e43..5c89e6bacd6 100644 --- a/lib/migration/content.php +++ b/lib/migration/content.php @@ -109,7 +109,7 @@ class OC_Migration_Content{ foreach( $options['matchval'] as $matchval ){ // Run the query for this match value (where x = y value) - $sql = "SELECT * FROM *PREFIX*" . $options['table'] . " WHERE " . $options['matchcol'] . " LIKE ?"; + $sql = 'SELECT * FROM `*PREFIX*' . $options['table'] . '` WHERE `' . $options['matchcol'] . '` LIKE ?'; $query = OC_DB::prepare( $sql ); $results = $query->execute( array( $matchval ) ); $newreturns = $this->insertData( $results, $options ); @@ -118,7 +118,7 @@ class OC_Migration_Content{ } else { // Just get everything - $sql = "SELECT * FROM *PREFIX*" . $options['table']; + $sql = 'SELECT * FROM `*PREFIX*' . $options['table'] . '`'; $query = OC_DB::prepare( $sql ); $results = $query->execute(); $return = $this->insertData( $results, $options ); diff --git a/lib/preferences.php b/lib/preferences.php index 75201f455ba..18627d7d2ea 100644 --- a/lib/preferences.php +++ b/lib/preferences.php @@ -47,7 +47,7 @@ class OC_Preferences{ */ public static function getUsers(){ // No need for more comments - $query = OC_DB::prepare( 'SELECT DISTINCT( userid ) FROM *PREFIX*preferences' ); + $query = OC_DB::prepare( 'SELECT DISTINCT( `userid` ) FROM `*PREFIX*preferences`' ); $result = $query->execute(); $users = array(); @@ -68,7 +68,7 @@ class OC_Preferences{ */ public static function getApps( $user ){ // No need for more comments - $query = OC_DB::prepare( 'SELECT DISTINCT( appid ) FROM *PREFIX*preferences WHERE userid = ?' ); + $query = OC_DB::prepare( 'SELECT DISTINCT( `appid` ) FROM `*PREFIX*preferences` WHERE `userid` = ?' ); $result = $query->execute( array( $user )); $apps = array(); @@ -90,7 +90,7 @@ class OC_Preferences{ */ public static function getKeys( $user, $app ){ // No need for more comments - $query = OC_DB::prepare( 'SELECT configkey FROM *PREFIX*preferences WHERE userid = ? AND appid = ?' ); + $query = OC_DB::prepare( 'SELECT `configkey` FROM `*PREFIX*preferences` WHERE `userid` = ? AND `appid` = ?' ); $result = $query->execute( array( $user, $app )); $keys = array(); @@ -114,7 +114,7 @@ class OC_Preferences{ */ public static function getValue( $user, $app, $key, $default = null ){ // Try to fetch the value, return default if not exists. - $query = OC_DB::prepare( 'SELECT configvalue FROM *PREFIX*preferences WHERE userid = ? AND appid = ? AND configkey = ?' ); + $query = OC_DB::prepare( 'SELECT `configvalue` FROM `*PREFIX*preferences` WHERE `userid` = ? AND `appid` = ? AND `configkey` = ?' ); $result = $query->execute( array( $user, $app, $key )); $row = $result->fetchRow(); @@ -138,16 +138,16 @@ class OC_Preferences{ */ public static function setValue( $user, $app, $key, $value ){ // Check if the key does exist - $query = OC_DB::prepare( 'SELECT configvalue FROM *PREFIX*preferences WHERE userid = ? AND appid = ? AND configkey = ?' ); + $query = OC_DB::prepare( 'SELECT `configvalue` FROM `*PREFIX*preferences` WHERE `userid` = ? AND `appid` = ? AND `configkey` = ?' ); $values=$query->execute(array($user,$app,$key))->fetchAll(); $exists=(count($values)>0); if( !$exists ){ - $query = OC_DB::prepare( 'INSERT INTO *PREFIX*preferences ( userid, appid, configkey, configvalue ) VALUES( ?, ?, ?, ? )' ); + $query = OC_DB::prepare( 'INSERT INTO `*PREFIX*preferences` ( `userid`, `appid`, `configkey`, `configvalue` ) VALUES( ?, ?, ?, ? )' ); $query->execute( array( $user, $app, $key, $value )); } else{ - $query = OC_DB::prepare( 'UPDATE *PREFIX*preferences SET configvalue = ? WHERE userid = ? AND appid = ? AND configkey = ?' ); + $query = OC_DB::prepare( 'UPDATE `*PREFIX*preferences` SET `configvalue` = ? WHERE `userid` = ? AND `appid` = ? AND `configkey` = ?' ); $query->execute( array( $value, $user, $app, $key )); } } @@ -163,7 +163,7 @@ class OC_Preferences{ */ public static function deleteKey( $user, $app, $key ){ // No need for more comments - $query = OC_DB::prepare( 'DELETE FROM *PREFIX*preferences WHERE userid = ? AND appid = ? AND configkey = ?' ); + $query = OC_DB::prepare( 'DELETE FROM `*PREFIX*preferences` WHERE `userid` = ? AND `appid` = ? AND `configkey` = ?' ); $result = $query->execute( array( $user, $app, $key )); return true; @@ -179,7 +179,7 @@ class OC_Preferences{ */ public static function deleteApp( $user, $app ){ // No need for more comments - $query = OC_DB::prepare( 'DELETE FROM *PREFIX*preferences WHERE userid = ? AND appid = ?' ); + $query = OC_DB::prepare( 'DELETE FROM `*PREFIX*preferences` WHERE `userid` = ? AND `appid` = ?' ); $result = $query->execute( array( $user, $app )); return true; @@ -194,7 +194,7 @@ class OC_Preferences{ */ public static function deleteUser( $user ){ // No need for more comments - $query = OC_DB::prepare( 'DELETE FROM *PREFIX*preferences WHERE userid = ?' ); + $query = OC_DB::prepare( 'DELETE FROM `*PREFIX*preferences` WHERE `userid` = ?' ); $result = $query->execute( array( $user )); return true; @@ -209,7 +209,7 @@ class OC_Preferences{ */ public static function deleteAppFromAllUsers( $app ){ // No need for more comments - $query = OC_DB::prepare( 'DELETE FROM *PREFIX*preferences WHERE appid = ?' ); + $query = OC_DB::prepare( 'DELETE FROM `*PREFIX*preferences` WHERE `appid` = ?' ); $result = $query->execute( array( $app )); return true; diff --git a/lib/user/database.php b/lib/user/database.php index a69fe49a0b9..5464a4abfac 100644 --- a/lib/user/database.php +++ b/lib/user/database.php @@ -86,7 +86,7 @@ class OC_User_Database extends OC_User_Backend { */ public function deleteUser( $uid ){ // Delete user-group-relation - $query = OC_DB::prepare( "DELETE FROM `*PREFIX*users` WHERE uid = ?" ); + $query = OC_DB::prepare( "DELETE FROM `*PREFIX*users` WHERE `uid` = ?" ); $result = $query->execute( array( $uid )); return true; } @@ -103,7 +103,7 @@ class OC_User_Database extends OC_User_Backend { if( $this->userExists($uid) ){ $hasher=$this->getHasher(); $hash = $hasher->HashPassword($password.OC_Config::getValue('passwordsalt', '')); - $query = OC_DB::prepare( "UPDATE *PREFIX*users SET password = ? WHERE uid = ?" ); + $query = OC_DB::prepare( "UPDATE `*PREFIX*users` SET `password` = ? WHERE `uid` = ?" ); $result = $query->execute( array( $hash, $uid )); return true; @@ -123,7 +123,7 @@ class OC_User_Database extends OC_User_Backend { * returns the user id or false */ public function checkPassword( $uid, $password ){ - $query = OC_DB::prepare( "SELECT uid, password FROM *PREFIX*users WHERE uid = ?" ); + $query = OC_DB::prepare( "SELECT `uid`, `password` FROM `*PREFIX*users` WHERE `uid` = ?" ); $result = $query->execute( array( $uid)); $row=$result->fetchRow(); @@ -157,7 +157,7 @@ class OC_User_Database extends OC_User_Backend { * Get a list of all users. */ public function getUsers(){ - $query = OC_DB::prepare( "SELECT uid FROM *PREFIX*users" ); + $query = OC_DB::prepare( "SELECT `uid` FROM `*PREFIX*users`" ); $result = $query->execute(); $users=array(); @@ -173,7 +173,7 @@ class OC_User_Database extends OC_User_Backend { * @return boolean */ public function userExists($uid){ - $query = OC_DB::prepare( "SELECT * FROM `*PREFIX*users` WHERE uid = ?" ); + $query = OC_DB::prepare( "SELECT * FROM `*PREFIX*users` WHERE `uid` = ?" ); $result = $query->execute( array( $uid )); return $result->numRows() > 0; diff --git a/lib/vcategories.php b/lib/vcategories.php index ee7a1d2883a..724965d0e95 100644 --- a/lib/vcategories.php +++ b/lib/vcategories.php @@ -118,7 +118,7 @@ class OC_VCategories { * To get the object array, do something like: * // For Addressbook: * $categories = new OC_VCategories('contacts'); - * $stmt = OC_DB::prepare( 'SELECT carddata FROM *PREFIX*contacts_cards' ); + * $stmt = OC_DB::prepare( 'SELECT `carddata` FROM `*PREFIX*contacts_cards`' ); * $result = $stmt->execute(); * $objects = array(); * if(!is_null($result)) { |