From 03acac8e59861a89ecf8c663cd2c4e0aae7c5964 Mon Sep 17 00:00:00 2001 From: Geoff Munn Date: Sun, 5 Apr 2009 23:24:56 +0000 Subject: [PATCH] API CHANGE: addslashes now DB-specific git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@74083 467b73ca-7a2a-4603-9d3b-597d59a354a9 --- core/model/ComponentSet.php | 2 +- core/model/SiteTree.php | 4 ++-- core/model/Versioned.php | 2 +- filesystem/Folder.php | 6 +++--- search/AdvancedSearchForm.php | 2 +- 5 files changed, 8 insertions(+), 8 deletions(-) diff --git a/core/model/ComponentSet.php b/core/model/ComponentSet.php index 22bb0deef..913db1dae 100755 --- a/core/model/ComponentSet.php +++ b/core/model/ComponentSet.php @@ -163,7 +163,7 @@ class ComponentSet extends DataObjectSet { $extraKeys = $extraValues = ''; if($extraFields) foreach($extraFields as $k => $v) { $extraKeys .= ", \"$k\""; - $extraValues .= ", '" . addslashes($v) . "'"; + $extraValues .= ", '" . DB::getConn()->addslashes($v) . "'"; } DB::query("INSERT INTO \"$this->tableName\" (\"$parentField\",\"$childField\" $extraKeys) VALUES ({$this->ownerObj->ID}, {$item->ID} $extraValues)"); diff --git a/core/model/SiteTree.php b/core/model/SiteTree.php index 80b800900..3c18fa7e4 100644 --- a/core/model/SiteTree.php +++ b/core/model/SiteTree.php @@ -86,8 +86,8 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid static $indexes = array( "SearchFields" => Array('type'=>'fulltext', 'value'=>'Title, MenuTitle, Content, MetaTitle, MetaDescription, MetaKeywords'), - "TitleSearchFields" => Array('type'=>'fulltext', 'value'=>'Title'), - "ContentSearchFields" => Array('type'=>'fulltext', 'value'=>'Content'), + //"TitleSearchFields" => Array('type'=>'fulltext', 'value'=>'Title'), + //"ContentSearchFields" => Array('type'=>'fulltext', 'value'=>'Content'), "URLSegment" => true, ); diff --git a/core/model/Versioned.php b/core/model/Versioned.php index 16781d6ba..7d2591f16 100755 --- a/core/model/Versioned.php +++ b/core/model/Versioned.php @@ -278,7 +278,7 @@ class Versioned extends DataObjectDecorator { // Add any extra, unchanged fields to the version record. $data = DB::query("SELECT * FROM \"$table\" WHERE \"ID\" = $id")->record(); if($data) foreach($data as $k => $v) { - if (!isset($newManipulation['fields'][$k])) $newManipulation['fields'][$k] = "'" . addslashes($v) . "'"; + if (!isset($newManipulation['fields'][$k])) $newManipulation['fields'][$k] = "'" . DB::getConn()->addslashes($v) . "'"; } // Set up a new entry in (table)_versions diff --git a/filesystem/Folder.php b/filesystem/Folder.php index ce4c7ed8b..70ec42cc0 100755 --- a/filesystem/Folder.php +++ b/filesystem/Folder.php @@ -45,7 +45,7 @@ class Folder extends File { // First, merge any children that are duplicates $duplicateChildrenNames = DB::query("SELECT \"Name\" FROM \"File\" WHERE \"ParentID\" = $parentID GROUP BY \"Name\" HAVING count(*) > 1")->column(); if($duplicateChildrenNames) foreach($duplicateChildrenNames as $childName) { - $childName = addslashes($childName); + $childName = DB::getConn()->addslashes($childName); // Note, we do this in the database rather than object-model; otherwise we get all sorts of problems about deleting files $children = DB::query("SELECT \"ID\" FROM \"File\" WHERE \"Name\" = '$childName' AND \"ParentID\" = $parentID")->column(); if($children) { @@ -149,10 +149,10 @@ class Folder extends File { if(Member::currentUser()) $ownerID = Member::currentUser()->ID; else $ownerID = 0; - $filename = addslashes($this->Filename . $name); + $filename = DB::getConn()->addslashes($this->Filename . $name); if($className == 'Folder' ) $filename .= '/'; - $name = addslashes($name); + $name = DB::getConn()->addslashes($name); DB::query("INSERT INTO \"File\" (\"ClassName\", \"ParentID\", \"OwnerID\", \"Name\", \"Filename\", \"Created\", \"LastEdited\", \"Title\") diff --git a/search/AdvancedSearchForm.php b/search/AdvancedSearchForm.php index e1696ed19..6be5cf12b 100755 --- a/search/AdvancedSearchForm.php +++ b/search/AdvancedSearchForm.php @@ -82,7 +82,7 @@ class AdvancedSearchForm extends SearchForm { foreach($_REQUEST['OnlyShow'] as $section => $checked) { $items = explode(",", $section); foreach($items as $item) { - $page = DataObject::get_one('SiteTree', "\"URLSegment\" = '" . addslashes($item) . "'"); + $page = DataObject::get_one('SiteTree', "\"URLSegment\" = '" . DB::getConn()->addslashes($item) . "'"); $pageList[] = $page->ID; if(!$page) user_error("Can't find a page called '$item'", E_USER_WARNING); $page->loadDescendantIDListInto($pageList);