diff --git a/code/CMSMain.php b/code/CMSMain.php index 5a6306a3..208be3ba 100644 --- a/code/CMSMain.php +++ b/code/CMSMain.php @@ -360,13 +360,13 @@ JS; $treeClass = $this->stat('tree_class'); if($id && is_numeric($id)) { - $record = DataObject::get_one( $treeClass, "\"$treeClass\".ID = $id"); + $record = DataObject::get_one( $treeClass, "\"$treeClass\".\"ID\" = $id"); if(!$record) { - // $record = Versioned::get_one_by_stage($treeClass, "Live", "\"$treeClass\".ID = $id"); + // $record = Versioned::get_one_by_stage($treeClass, "Live", "\"$treeClass\".\"ID\" = $id"); Versioned::reading_stage('Live'); singleton($treeClass)->flushCache(); - $record = DataObject::get_one( $treeClass, "\"$treeClass\".ID = $id"); + $record = DataObject::get_one( $treeClass, "\"$treeClass\".\"ID\" = $id"); if($record) { $record->DeletedFromStage = true; } else { @@ -400,7 +400,7 @@ JS; $idField->setValue($id); if($record->ID && is_numeric( $record->ID ) ) { - $liveRecord = Versioned::get_one_by_stage('SiteTree', 'Live', "\"SiteTree\".ID = $record->ID"); + $liveRecord = Versioned::get_one_by_stage('SiteTree', 'Live', "\"SiteTree\".\"ID\" = $record->ID"); if($liveRecord) $liveURLField->setValue($liveRecord->AbsoluteLink()); } @@ -596,7 +596,7 @@ JS; */ public function delete($urlParams, $form) { $id = $_REQUEST['ID']; - $record = DataObject::get_one("SiteTree", "SiteTree.ID = $id"); + $record = DataObject::get_one("SiteTree", "SiteTree.\"ID\" = $id"); if($record && !$record->canDelete()) return Security::permissionFailure(); $recordID = $record->ID; @@ -797,7 +797,7 @@ HTML; $JS_title = Convert::raw2js($page->TreeTitle()); $JS_stageURL = $page->DeletedFromStage ? '' : Convert::raw2js($page->AbsoluteLink()); - $liveRecord = Versioned::get_one_by_stage('SiteTree', 'Live', "\"SiteTree\".ID = $page->ID"); + $liveRecord = Versioned::get_one_by_stage('SiteTree', 'Live', "\"SiteTree\".\"ID\" = $page->ID"); $JS_liveURL = $liveRecord ? Convert::raw2js($liveRecord->AbsoluteLink()) : ''; FormResponse::add($this->getActionUpdateJS($page)); @@ -1240,8 +1240,8 @@ HTML; if($id = $this->urlParams['ID']) { $restoredPage = Versioned::get_latest_version("SiteTree", $id); $restoredPage->ID = $restoredPage->RecordID; - if(!DB::query("SELECT ID FROM SiteTree WHERE ID = $restoredPage->ID")->value()) { - DB::query("INSERT INTO SiteTree SET ID = $restoredPage->ID"); + if(!DB::query("SELECT \"ID\" FROM \"SiteTree\" WHERE \"ID\" = $restoredPage->ID")->value()) { + DB::query("INSERT INTO \"SiteTree\" SET \"ID\" = $restoredPage->ID"); } $restoredPage->forceChange(); $restoredPage->writeWithoutVersion(); diff --git a/code/LeftAndMain.php b/code/LeftAndMain.php index 75adc15e..a153bf01 100644 --- a/code/LeftAndMain.php +++ b/code/LeftAndMain.php @@ -433,7 +433,7 @@ JS; $SQL_id = Convert::raw2sql($_REQUEST['ID']); if(substr($SQL_id,0,3) != 'new') { - $record = DataObject::get_one($className, "\"$className\".ID = {$SQL_id}"); + $record = DataObject::get_one($className, "\"$className\".\"ID\" = {$SQL_id}"); if($record && !$record->canEdit()) return Security::permissionFailure($this); } else { if(!singleton($this->stat('tree_class'))->canCreate()) return Security::permissionFailure($this); diff --git a/code/sitefeatures/PageCommentInterface.php b/code/sitefeatures/PageCommentInterface.php index aa7c66e9..6292f18d 100755 --- a/code/sitefeatures/PageCommentInterface.php +++ b/code/sitefeatures/PageCommentInterface.php @@ -142,15 +142,13 @@ class PageCommentInterface extends RequestHandler { function Comments() { // Comment limits - if(isset($_GET['commentStart'])) { - $limit = (int)$_GET['commentStart'].",".PageComment::$comments_per_page; - } else { - $limit = "0,".PageComment::$comments_per_page; - } + $limit = array(); + $limit['start'] = isset($_GET['commentStart']) ? (int)$_GET['commentStart'] : 0; + $limit['limit'] = PageComment::$comments_per_page; - $spamfilter = isset($_GET['showspam']) ? '' : 'AND IsSpam=0'; - $unmoderatedfilter = Permission::check('ADMIN') ? '' : 'AND NeedsModeration = 0'; - $comments = DataObject::get("PageComment", "ParentID = '" . Convert::raw2sql($this->page->ID) . "' $spamfilter $unmoderatedfilter", "Created DESC", "", $limit); + $spamfilter = isset($_GET['showspam']) ? '' : 'AND NOT "IsSpam"'; + $unmoderatedfilter = Permission::check('ADMIN') ? '' : 'AND NOT "NeedsModeration"'; + $comments = DataObject::get("PageComment", "\"ParentID\" = '" . Convert::raw2sql($this->page->ID) . "' $spamfilter $unmoderatedfilter", '"Created" DESC', "", $limit); if(is_null($comments)) { return; diff --git a/tests/CMSMainTest.php b/tests/CMSMainTest.php index 36cebaad..7bca0b7a 100644 --- a/tests/CMSMainTest.php +++ b/tests/CMSMainTest.php @@ -51,10 +51,10 @@ class CMSMainTest extends SapphireTest { $page->Title = "Test $class page"; $page->write(); - $this->assertEquals("Test $class page", DB::query("SELECT Title FROM SiteTree WHERE ID = $page->ID")->value()); + $this->assertEquals("Test $class page", DB::query("SELECT \"Title\" FROM \"SiteTree\" WHERE \"ID\" = $page->ID")->value()); $page->doPublish(); - $this->assertEquals("Test $class page", DB::query("SELECT Title FROM SiteTree_Live WHERE ID = $page->ID")->value()); + $this->assertEquals("Test $class page", DB::query("SELECT \"Title\" FROM \"SiteTree_Live\" WHERE \"ID\" = $page->ID")->value()); // Check that you can visit the page Director::test($page->Link());