1 Aug 2009 10:34
[Tikiwiki-cvs/svn] SF.net SVN: tikiwiki:[20456] branches/experimental/perms-take2/lib/core/lib
Revision: 20456
http://tikiwiki.svn.sourceforge.net/tikiwiki/?rev=20456&view=rev
Author: lphuberdeau
Date: 2009-08-01 08:34:05 +0000 (Sat, 01 Aug 2009)
Log Message:
-----------
[FIX]?\194?\160Possible conflict when bound value contains '?'
Modified Paths:
--------------
branches/experimental/perms-take2/lib/core/lib/Perms/ResolverFactory/CategoryFactory.php
branches/experimental/perms-take2/lib/core/lib/Perms/ResolverFactory/ObjectFactory.php
branches/experimental/perms-take2/lib/core/lib/TikiDb/Bridge.php
branches/experimental/perms-take2/lib/core/lib/TikiDb.php
Modified: branches/experimental/perms-take2/lib/core/lib/Perms/ResolverFactory/CategoryFactory.php
===================================================================
---
branches/experimental/perms-take2/lib/core/lib/Perms/ResolverFactory/CategoryFactory.php 2009-08-01
04:11:26 UTC (rev 20455)
+++
branches/experimental/perms-take2/lib/core/lib/Perms/ResolverFactory/CategoryFactory.php 2009-08-01
08:34:05 UTC (rev 20456)
<at> <at> -100,7 +100,8 <at> <at>
}
$db = TikiDb::get();
- $result = $db->query( 'SELECT categId, itemId FROM tiki_category_objects INNER JOIN tiki_objects
ON catObjectId = objectId WHERE type = ? AND ' . $db->in( 'itemId', array_keys( $objects ) ) . ' ORDER BY
catObjectId, categId', array( $baseContext['type'] ) );
+ $bindvars = array( $baseContext['type'] );
+ $result = $db->query( 'SELECT categId, itemId FROM tiki_category_objects INNER JOIN tiki_objects
ON catObjectId = objectId WHERE type = ? AND ' . $db->in( 'itemId', array_keys( $objects ), $bindvars ) . '
ORDER BY catObjectId, categId', $bindvars );
$categories = array();
<at> <at> -129,7 +130,8 <at> <at>
$db = TikiDb::get();
- $result = $db->query( 'SELECT objectId, groupName, permName FROM users_objectpermissions WHERE
objectType = \'category\' AND ' . $db->in( 'objectId', array_keys( $objects ) ) );
+ $bindvars = array();
+ $result = $db->query( 'SELECT objectId, groupName, permName FROM users_objectpermissions WHERE
objectType = \'category\' AND ' . $db->in( 'objectId', array_keys( $objects ), $bindvars ), $bindvars );
while( $row = $result->fetchRow() ) {
$object = $row['objectId'];
Modified: branches/experimental/perms-take2/lib/core/lib/Perms/ResolverFactory/ObjectFactory.php
===================================================================
---
branches/experimental/perms-take2/lib/core/lib/Perms/ResolverFactory/ObjectFactory.php 2009-08-01
04:11:26 UTC (rev 20455)
+++
branches/experimental/perms-take2/lib/core/lib/Perms/ResolverFactory/ObjectFactory.php 2009-08-01
08:34:05 UTC (rev 20456)
<at> <at> -42,7 +42,8 <at> <at>
$db = TikiDb::get();
- $result = $db->query( 'SELECT objectId, groupName, permName FROM users_objectpermissions WHERE
objectType = ? AND ' . $db->in( 'objectId', array_keys( $objects ) ), array( $baseContext['type'] ) );
+ $bindvars = array( $baseContext['type'] );
+ $result = $db->query( 'SELECT objectId, groupName, permName FROM users_objectpermissions WHERE
objectType = ? AND ' . $db->in( 'objectId', array_keys( $objects ), $bindvars ), $bindvars );
$found = array();
while( $row = $result->fetchRow() ) {
Modified: branches/experimental/perms-take2/lib/core/lib/TikiDb/Bridge.php
===================================================================
--- branches/experimental/perms-take2/lib/core/lib/TikiDb/Bridge.php 2009-08-01 04:11:26 UTC
(rev 20455)
+++ branches/experimental/perms-take2/lib/core/lib/TikiDb/Bridge.php 2009-08-01 08:34:05 UTC
(rev 20456)
<at> <at> -113,9 +113,9 <at> <at>
return self::get()->ifNull( $field, $ifNull );
} // }}}
- function in( $field, $values ) // {{{
+ function in( $field, $values, &$bindvars ) // {{{
{
- return self::get()->in( $field, $values );
+ return self::get()->in( $field, $values, $bindvars );
} // }}}
function concat() // {{{
Modified: branches/experimental/perms-take2/lib/core/lib/TikiDb.php
===================================================================
--- branches/experimental/perms-take2/lib/core/lib/TikiDb.php 2009-08-01 04:11:26 UTC (rev 20455)
+++ branches/experimental/perms-take2/lib/core/lib/TikiDb.php 2009-08-01 08:34:05 UTC (rev 20456)
<at> <at> -295,10 +295,10 <at> <at>
return " IFNULL($field, $ifNull) "; // if MySQL
} // }}}
- function in( $field, $values ) // {{{
+ function in( $field, $values, &$bindvars ) // {{{
{
- $values = array_map( array( $this, 'qstr' ), $values );
- $values = implode( ', ', $values );
+ $bindvars = array_merge( $bindvars, $values );
+ $values = rtrim( str_repeat( '?,', count( $values ) ), ',' );
return " $field IN( $values ) ";
} // }}}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open
Source development site.
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now. http://p.sf.net/sfu/bobj-july
RSS Feed