mirror of
https://git.code.sf.net/p/seeddms/code
synced 2024-11-26 15:32:13 +00:00
put backticks around identifier in sql statements
This commit is contained in:
Uwe Steinmann
parent
290ab91fc7
commit
a3a80f0a6b
|
|
@ -28,7 +28,7 @@ function getEvents($day, $month, $year){
|
||||||
|
|
||||||
$date = mktime(12,0,0, $month, $day, $year);
|
$date = mktime(12,0,0, $month, $day, $year);
|
||||||
|
|
||||||
$queryStr = "SELECT * FROM tblEvents WHERE start <= " . $date . " AND stop >= " . $date;
|
$queryStr = "SELECT * FROM `tblEvents` WHERE `start` <= " . $date . " AND `stop` >= " . $date;
|
||||||
$ret = $db->getResultArray($queryStr);
|
$ret = $db->getResultArray($queryStr);
|
||||||
return $ret;
|
return $ret;
|
||||||
}
|
}
|
||||||
|
|
@ -37,9 +37,9 @@ function getEventsInInterval($start, $stop){
|
||||||
|
|
||||||
global $db;
|
global $db;
|
||||||
|
|
||||||
$queryStr = "SELECT * FROM tblEvents WHERE ( start <= " . (int) $start . " AND stop >= " . (int) $start . " ) ".
|
$queryStr = "SELECT * FROM `tblEvents` WHERE ( `start` <= " . (int) $start . " AND `stop` >= " . (int) $start . " ) ".
|
||||||
"OR ( start <= " . (int) $stop . " AND stop >= " . (int) $stop . " ) ".
|
"OR ( `start` <= " . (int) $stop . " AND `stop` >= " . (int) $stop . " ) ".
|
||||||
"OR ( start >= " . (int) $start . " AND stop <= " . (int) $stop . " )";
|
"OR ( `start` >= " . (int) $start . " AND `stop` <= " . (int) $stop . " )";
|
||||||
$ret = $db->getResultArray($queryStr);
|
$ret = $db->getResultArray($queryStr);
|
||||||
return $ret;
|
return $ret;
|
||||||
}
|
}
|
||||||
|
|
@ -48,7 +48,7 @@ function addEvent($from, $to, $name, $comment ){
|
||||||
|
|
||||||
global $db,$user;
|
global $db,$user;
|
||||||
|
|
||||||
$queryStr = "INSERT INTO tblEvents (name, comment, start, stop, date, userID) VALUES ".
|
$queryStr = "INSERT INTO `tblEvents` (`name`, `comment`, `start`, `stop`, `date`, `userID`) VALUES ".
|
||||||
"(".$db->qstr($name).", ".$db->qstr($comment).", ".(int) $from.", ".(int) $to.", ".$db->getCurrentTimestamp().", ".$user->getID().")";
|
"(".$db->qstr($name).", ".$db->qstr($comment).", ".(int) $from.", ".(int) $to.", ".$db->getCurrentTimestamp().", ".$user->getID().")";
|
||||||
|
|
||||||
$ret = $db->getResult($queryStr);
|
$ret = $db->getResult($queryStr);
|
||||||
|
|
@ -61,7 +61,7 @@ function getEvent($id){
|
||||||
|
|
||||||
global $db;
|
global $db;
|
||||||
|
|
||||||
$queryStr = "SELECT * FROM tblEvents WHERE id = " . (int) $id;
|
$queryStr = "SELECT * FROM `tblEvents` WHERE `id` = " . (int) $id;
|
||||||
$ret = $db->getResultArray($queryStr);
|
$ret = $db->getResultArray($queryStr);
|
||||||
|
|
||||||
if (is_bool($ret) && $ret == false) return false;
|
if (is_bool($ret) && $ret == false) return false;
|
||||||
|
|
@ -76,7 +76,7 @@ function editEvent($id, $from, $to, $name, $comment ){
|
||||||
|
|
||||||
global $db;
|
global $db;
|
||||||
|
|
||||||
$queryStr = "UPDATE tblEvents SET start = " . (int) $from . ", stop = " . (int) $to . ", name = " . $db->qstr($name) . ", comment = " . $db->qstr($comment) . ", date = " . $db->getCurrentTimestamp() . " WHERE id = ". (int) $id;
|
$queryStr = "UPDATE `tblEvents` SET `start` = " . (int) $from . ", `stop` = " . (int) $to . ", `name` = " . $db->qstr($name) . ", `comment` = " . $db->qstr($comment) . ", `date` = " . $db->getCurrentTimestamp() . " WHERE `id` = ". (int) $id;
|
||||||
$ret = $db->getResult($queryStr);
|
$ret = $db->getResult($queryStr);
|
||||||
return $ret;
|
return $ret;
|
||||||
}
|
}
|
||||||
|
|
@ -87,7 +87,7 @@ function delEvent($id){
|
||||||
|
|
||||||
global $db;
|
global $db;
|
||||||
|
|
||||||
$queryStr = "DELETE FROM tblEvents WHERE id = " . (int) $id;
|
$queryStr = "DELETE FROM `tblEvents` WHERE `id` = " . (int) $id;
|
||||||
$ret = $db->getResult($queryStr);
|
$ret = $db->getResult($queryStr);
|
||||||
return $ret;
|
return $ret;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -47,7 +47,7 @@ class SeedDMS_PasswordHistoryManager {
|
||||||
} /* }}} */
|
} /* }}} */
|
||||||
|
|
||||||
function add($user, $pwd) { /* {{{ */
|
function add($user, $pwd) { /* {{{ */
|
||||||
$queryStr = "INSERT INTO tblUserPasswordHistory (userID, pwd, `date`) ".
|
$queryStr = "INSERT INTO `tblUserPasswordHistory` (`userID`, `pwd`, `date`) ".
|
||||||
"VALUES (".$this->db->qstr($user->getId()).", ".$this->db->qstr($pwd).", ".$this->db->getCurrentDatetime().")";
|
"VALUES (".$this->db->qstr($user->getId()).", ".$this->db->qstr($pwd).", ".$this->db->getCurrentDatetime().")";
|
||||||
if (!$this->db->getResult($queryStr)) {
|
if (!$this->db->getResult($queryStr)) {
|
||||||
return false;
|
return false;
|
||||||
|
|
@ -55,7 +55,7 @@ class SeedDMS_PasswordHistoryManager {
|
||||||
} /* }}} */
|
} /* }}} */
|
||||||
|
|
||||||
function search($user, $pwd) { /* {{{ */
|
function search($user, $pwd) { /* {{{ */
|
||||||
$queryStr = "SELECT * FROM tblUserPasswordHistory WHERE userID = ".$this->db->qstr($user->getId())." AND pwd=".$this->db->qstr($pwd);
|
$queryStr = "SELECT * FROM `tblUserPasswordHistory` WHERE `userID` = ".$this->db->qstr($user->getId())." AND `pwd`=".$this->db->qstr($pwd);
|
||||||
|
|
||||||
$resArr = $this->db->getResultArray($queryStr);
|
$resArr = $this->db->getResultArray($queryStr);
|
||||||
if (is_bool($resArr) && $resArr == false)
|
if (is_bool($resArr) && $resArr == false)
|
||||||
|
|
|
||||||
|
|
@ -67,7 +67,7 @@ class SeedDMS_Session {
|
||||||
* @return boolean true if successful otherwise false
|
* @return boolean true if successful otherwise false
|
||||||
*/
|
*/
|
||||||
function load($id) { /* {{{ */
|
function load($id) { /* {{{ */
|
||||||
$queryStr = "SELECT * FROM tblSessions WHERE id = ".$this->db->qstr($id);
|
$queryStr = "SELECT * FROM `tblSessions` WHERE `id` = ".$this->db->qstr($id);
|
||||||
$resArr = $this->db->getResultArray($queryStr);
|
$resArr = $this->db->getResultArray($queryStr);
|
||||||
if (is_bool($resArr) && $resArr == false)
|
if (is_bool($resArr) && $resArr == false)
|
||||||
return false;
|
return false;
|
||||||
|
|
@ -97,7 +97,7 @@ class SeedDMS_Session {
|
||||||
$id = "" . rand() . time() . rand() . "";
|
$id = "" . rand() . time() . rand() . "";
|
||||||
$id = md5($id);
|
$id = md5($id);
|
||||||
$lastaccess = time();
|
$lastaccess = time();
|
||||||
$queryStr = "INSERT INTO tblSessions (id, userID, lastAccess, theme, language, su) ".
|
$queryStr = "INSERT INTO `tblSessions` (`id`, `userID`, `lastAccess`, `theme`, `language`, `su`) ".
|
||||||
"VALUES ('".$id."', ".$data['userid'].", ".$lastaccess.", '".$data['theme']."', '".$data['lang']."', 0)";
|
"VALUES ('".$id."', ".$data['userid'].", ".$lastaccess.", '".$data['theme']."', '".$data['lang']."', 0)";
|
||||||
if (!$this->db->getResult($queryStr)) {
|
if (!$this->db->getResult($queryStr)) {
|
||||||
return false;
|
return false;
|
||||||
|
|
@ -126,7 +126,7 @@ class SeedDMS_Session {
|
||||||
* @return boolean true if successful otherwise false
|
* @return boolean true if successful otherwise false
|
||||||
*/
|
*/
|
||||||
function updateAccess($id) { /* {{{ */
|
function updateAccess($id) { /* {{{ */
|
||||||
$queryStr = "UPDATE tblSessions SET lastAccess = " . time() . " WHERE id = " . $this->db->qstr($id);
|
$queryStr = "UPDATE `tblSessions` SET `lastAccess` = " . time() . " WHERE `id` = " . $this->db->qstr($id);
|
||||||
if (!$this->db->getResult($queryStr))
|
if (!$this->db->getResult($queryStr))
|
||||||
return false;
|
return false;
|
||||||
return true;
|
return true;
|
||||||
|
|
@ -139,7 +139,7 @@ class SeedDMS_Session {
|
||||||
* @return boolean true if successful otherwise false
|
* @return boolean true if successful otherwise false
|
||||||
*/
|
*/
|
||||||
function deleteByTime($sec) { /* {{{ */
|
function deleteByTime($sec) { /* {{{ */
|
||||||
$queryStr = "DELETE FROM tblSessions WHERE " . time() . " - lastAccess > ".$sec;
|
$queryStr = "DELETE FROM `tblSessions` WHERE " . time() . " - `lastAccess` > ".$sec;
|
||||||
if (!$this->db->getResult($queryStr)) {
|
if (!$this->db->getResult($queryStr)) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
@ -153,7 +153,7 @@ class SeedDMS_Session {
|
||||||
* @return boolean true if successful otherwise false
|
* @return boolean true if successful otherwise false
|
||||||
*/
|
*/
|
||||||
function delete($id) { /* {{{ */
|
function delete($id) { /* {{{ */
|
||||||
$queryStr = "DELETE FROM tblSessions WHERE id = " . $this->db->qstr($id);
|
$queryStr = "DELETE FROM `tblSessions` WHERE `id` = " . $this->db->qstr($id);
|
||||||
if (!$this->db->getResult($queryStr)) {
|
if (!$this->db->getResult($queryStr)) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
@ -178,7 +178,7 @@ class SeedDMS_Session {
|
||||||
function setUser($userid) { /* {{{ */
|
function setUser($userid) { /* {{{ */
|
||||||
/* id is only set if load() was called before */
|
/* id is only set if load() was called before */
|
||||||
if($this->id) {
|
if($this->id) {
|
||||||
$queryStr = "UPDATE tblSessions SET userID = " . $this->db->qstr($userid) . " WHERE id = " . $this->db->qstr($this->id);
|
$queryStr = "UPDATE `tblSessions` SET `userID` = " . $this->db->qstr($userid) . " WHERE `id` = " . $this->db->qstr($this->id);
|
||||||
if (!$this->db->getResult($queryStr))
|
if (!$this->db->getResult($queryStr))
|
||||||
return false;
|
return false;
|
||||||
$this->data['userid'] = $userid;
|
$this->data['userid'] = $userid;
|
||||||
|
|
@ -194,7 +194,7 @@ class SeedDMS_Session {
|
||||||
function setLanguage($lang) { /* {{{ */
|
function setLanguage($lang) { /* {{{ */
|
||||||
/* id is only set if load() was called before */
|
/* id is only set if load() was called before */
|
||||||
if($this->id) {
|
if($this->id) {
|
||||||
$queryStr = "UPDATE tblSessions SET language = " . $this->db->qstr($lang) . " WHERE id = " . $this->db->qstr($this->id);
|
$queryStr = "UPDATE `tblSessions` SET `language` = " . $this->db->qstr($lang) . " WHERE `id` = " . $this->db->qstr($this->id);
|
||||||
if (!$this->db->getResult($queryStr))
|
if (!$this->db->getResult($queryStr))
|
||||||
return false;
|
return false;
|
||||||
$this->data['lang'] = $lang;
|
$this->data['lang'] = $lang;
|
||||||
|
|
@ -219,7 +219,7 @@ class SeedDMS_Session {
|
||||||
function setSu($su) { /* {{{ */
|
function setSu($su) { /* {{{ */
|
||||||
/* id is only set if load() was called before */
|
/* id is only set if load() was called before */
|
||||||
if($this->id) {
|
if($this->id) {
|
||||||
$queryStr = "UPDATE tblSessions SET su = " . (int) $su . " WHERE id = " . $this->db->qstr($this->id);
|
$queryStr = "UPDATE `tblSessions` SET `su` = " . (int) $su . " WHERE `id` = " . $this->db->qstr($this->id);
|
||||||
if (!$this->db->getResult($queryStr))
|
if (!$this->db->getResult($queryStr))
|
||||||
return false;
|
return false;
|
||||||
$this->data['su'] = (int) $su;
|
$this->data['su'] = (int) $su;
|
||||||
|
|
@ -235,7 +235,7 @@ class SeedDMS_Session {
|
||||||
function resetSu() { /* {{{ */
|
function resetSu() { /* {{{ */
|
||||||
/* id is only set if load() was called before */
|
/* id is only set if load() was called before */
|
||||||
if($this->id) {
|
if($this->id) {
|
||||||
$queryStr = "UPDATE tblSessions SET su = 0 WHERE id = " . $this->db->qstr($this->id);
|
$queryStr = "UPDATE `tblSessions` SET `su` = 0 WHERE `id` = " . $this->db->qstr($this->id);
|
||||||
if (!$this->db->getResult($queryStr))
|
if (!$this->db->getResult($queryStr))
|
||||||
return false;
|
return false;
|
||||||
$this->data['su'] = 0;
|
$this->data['su'] = 0;
|
||||||
|
|
@ -260,7 +260,7 @@ class SeedDMS_Session {
|
||||||
function setClipboard($clipboard) { /* {{{ */
|
function setClipboard($clipboard) { /* {{{ */
|
||||||
/* id is only set if load() was called before */
|
/* id is only set if load() was called before */
|
||||||
if($this->id) {
|
if($this->id) {
|
||||||
$queryStr = "UPDATE tblSessions SET clipboard = " . $this->db->qstr(json_encode($clipboard)) . " WHERE id = " . $this->db->qstr($this->id);
|
$queryStr = "UPDATE `tblSessions` SET `clipboard` = " . $this->db->qstr(json_encode($clipboard)) . " WHERE `id` = " . $this->db->qstr($this->id);
|
||||||
if (!$this->db->getResult($queryStr))
|
if (!$this->db->getResult($queryStr))
|
||||||
return false;
|
return false;
|
||||||
$this->data['clipboard'] = $clipboard;
|
$this->data['clipboard'] = $clipboard;
|
||||||
|
|
@ -292,7 +292,7 @@ class SeedDMS_Session {
|
||||||
if(!in_array($object->getID(), $this->data['clipboard']['folders']))
|
if(!in_array($object->getID(), $this->data['clipboard']['folders']))
|
||||||
array_push($this->data['clipboard']['folders'], $object->getID());
|
array_push($this->data['clipboard']['folders'], $object->getID());
|
||||||
}
|
}
|
||||||
$queryStr = "UPDATE tblSessions SET clipboard = " . $this->db->qstr(json_encode($this->data['clipboard'])) . " WHERE id = " . $this->db->qstr($this->id);
|
$queryStr = "UPDATE `tblSessions` SET `clipboard` = " . $this->db->qstr(json_encode($this->data['clipboard'])) . " WHERE `id` = " . $this->db->qstr($this->id);
|
||||||
if (!$this->db->getResult($queryStr))
|
if (!$this->db->getResult($queryStr))
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
@ -316,7 +316,7 @@ class SeedDMS_Session {
|
||||||
if($key !== false)
|
if($key !== false)
|
||||||
unset($this->data['clipboard']['folders'][$key]);
|
unset($this->data['clipboard']['folders'][$key]);
|
||||||
}
|
}
|
||||||
$queryStr = "UPDATE tblSessions SET clipboard = " . $this->db->qstr(json_encode($this->data['clipboard'])) . " WHERE id = " . $this->db->qstr($this->id);
|
$queryStr = "UPDATE `tblSessions` SET `clipboard` = " . $this->db->qstr(json_encode($this->data['clipboard'])) . " WHERE `id` = " . $this->db->qstr($this->id);
|
||||||
if (!$this->db->getResult($queryStr))
|
if (!$this->db->getResult($queryStr))
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
@ -330,7 +330,7 @@ class SeedDMS_Session {
|
||||||
function clearClipboard() { /* {{{ */
|
function clearClipboard() { /* {{{ */
|
||||||
$this->data['clipboard']['docs'] = array();
|
$this->data['clipboard']['docs'] = array();
|
||||||
$this->data['clipboard']['folders'] = array();
|
$this->data['clipboard']['folders'] = array();
|
||||||
$queryStr = "UPDATE tblSessions SET clipboard = " . $this->db->qstr(json_encode($this->data['clipboard'])) . " WHERE id = " . $this->db->qstr($this->id);
|
$queryStr = "UPDATE `tblSessions` SET `clipboard` = " . $this->db->qstr(json_encode($this->data['clipboard'])) . " WHERE `id` = " . $this->db->qstr($this->id);
|
||||||
if (!$this->db->getResult($queryStr))
|
if (!$this->db->getResult($queryStr))
|
||||||
return false;
|
return false;
|
||||||
return true;
|
return true;
|
||||||
|
|
@ -344,7 +344,7 @@ class SeedDMS_Session {
|
||||||
function setSplashMsg($msg) { /* {{{ */
|
function setSplashMsg($msg) { /* {{{ */
|
||||||
/* id is only set if load() was called before */
|
/* id is only set if load() was called before */
|
||||||
if($this->id) {
|
if($this->id) {
|
||||||
$queryStr = "UPDATE tblSessions SET splashmsg = " . $this->db->qstr(json_encode($msg)) . " WHERE id = " . $this->db->qstr($this->id);
|
$queryStr = "UPDATE `tblSessions` SET `splashmsg` = " . $this->db->qstr(json_encode($msg)) . " WHERE `id` = " . $this->db->qstr($this->id);
|
||||||
if (!$this->db->getResult($queryStr))
|
if (!$this->db->getResult($queryStr))
|
||||||
return false;
|
return false;
|
||||||
$this->data['splashmsg'] = $msg;
|
$this->data['splashmsg'] = $msg;
|
||||||
|
|
@ -360,7 +360,7 @@ class SeedDMS_Session {
|
||||||
function clearSplashMsg() { /* {{{ */
|
function clearSplashMsg() { /* {{{ */
|
||||||
/* id is only set if load() was called before */
|
/* id is only set if load() was called before */
|
||||||
if($this->id) {
|
if($this->id) {
|
||||||
$queryStr = "UPDATE tblSessions SET splashmsg = '' WHERE id = " . $this->db->qstr($this->id);
|
$queryStr = "UPDATE `tblSessions` SET `splashmsg` = '' WHERE `id` = " . $this->db->qstr($this->id);
|
||||||
if (!$this->db->getResult($queryStr))
|
if (!$this->db->getResult($queryStr))
|
||||||
return false;
|
return false;
|
||||||
$this->data['splashmsg'] = '';
|
$this->data['splashmsg'] = '';
|
||||||
|
|
@ -428,7 +428,7 @@ class SeedDMS_SessionMgr {
|
||||||
$id = "" . rand() . time() . rand() . "";
|
$id = "" . rand() . time() . rand() . "";
|
||||||
$id = md5($id);
|
$id = md5($id);
|
||||||
$lastaccess = time();
|
$lastaccess = time();
|
||||||
$queryStr = "INSERT INTO tblSessions (id, userID, lastAccess, theme, language, su) ".
|
$queryStr = "INSERT INTO `tblSessions` (`id`, `userID`, `lastAccess`, `theme`, `language`, `su`) ".
|
||||||
"VALUES ('".$id."', ".$data['userid'].", ".$lastaccess.", '".$data['theme']."', '".$data['lang']."', 0)";
|
"VALUES ('".$id."', ".$data['userid'].", ".$lastaccess.", '".$data['theme']."', '".$data['lang']."', 0)";
|
||||||
if (!$this->db->getResult($queryStr)) {
|
if (!$this->db->getResult($queryStr)) {
|
||||||
return false;
|
return false;
|
||||||
|
|
@ -443,7 +443,7 @@ class SeedDMS_SessionMgr {
|
||||||
* @return array list of sessions
|
* @return array list of sessions
|
||||||
*/
|
*/
|
||||||
function getAllSessions() { /* {{{ */
|
function getAllSessions() { /* {{{ */
|
||||||
$queryStr = "SELECT * FROM tblSessions";
|
$queryStr = "SELECT * FROM `tblSessions`";
|
||||||
$resArr = $this->db->getResultArray($queryStr);
|
$resArr = $this->db->getResultArray($queryStr);
|
||||||
if (is_bool($resArr) && $resArr == false)
|
if (is_bool($resArr) && $resArr == false)
|
||||||
return false;
|
return false;
|
||||||
|
|
@ -463,7 +463,7 @@ class SeedDMS_SessionMgr {
|
||||||
* @return array list of sessions
|
* @return array list of sessions
|
||||||
*/
|
*/
|
||||||
function getUserSessions($user) { /* {{{ */
|
function getUserSessions($user) { /* {{{ */
|
||||||
$queryStr = "SELECT * FROM tblSessions WHERE userID=".$user->getID();
|
$queryStr = "SELECT * FROM `tblSessions` WHERE `userID`=".$user->getID();
|
||||||
$resArr = $this->db->getResultArray($queryStr);
|
$resArr = $this->db->getResultArray($queryStr);
|
||||||
if (is_bool($resArr) && $resArr == false)
|
if (is_bool($resArr) && $resArr == false)
|
||||||
return false;
|
return false;
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user