diff --git a/core/control/ContentController.php b/core/control/ContentController.php index db64cb4e5..547419d5a 100644 --- a/core/control/ContentController.php +++ b/core/control/ContentController.php @@ -56,7 +56,7 @@ class ContentController extends Controller { */ public function ChildrenOf($parentRef) { $SQL_parentRef = Convert::raw2sql($parentRef); - $parent = DataObject::get_one('SiteTree', "URLSegment = '$SQL_parentRef'"); + $parent = DataObject::get_one('SiteTree', "\"URLSegment\" = '$SQL_parentRef'"); if(!$parent && is_numeric($parentRef)) $parent = DataObject::get_by_id('SiteTree', $SQL_parentRef); if($parent) { @@ -69,7 +69,7 @@ class ContentController extends Controller { public function Page($url) { $SQL_url = Convert::raw2sql($url); - return DataObject::get_one('SiteTree', "URLSegment = '$SQL_url'"); + return DataObject::get_one('SiteTree', "\"URLSegment\" = '$SQL_url'"); } public function init() { @@ -136,7 +136,7 @@ class ContentController extends Controller { */ public function getMenu($level = 1) { if($level == 1) { - $result = DataObject::get("SiteTree", "ShowInMenus = 1 AND ParentID = 0"); + $result = DataObject::get("SiteTree", "\"ShowInMenus\" AND \"ParentID\" = 0"); } else { $parent = $this->data(); diff --git a/core/control/Controller.php b/core/control/Controller.php index 3f821dec3..40ad78888 100644 --- a/core/control/Controller.php +++ b/core/control/Controller.php @@ -84,7 +84,7 @@ class Controller extends RequestHandler { if(Session::get('loggedInAs') && Security::database_is_ready()) { $member = Member::currentUser(); Cookie::set("PastMember", true); - DB::query("UPDATE Member SET LastVisited = NOW() WHERE ID = $member->ID", null); + DB::query("UPDATE \"Member\" SET \"LastVisited\" = NOW() WHERE \"ID\" = $member->ID", null); } // This is used to test that subordinate controllers are actually calling parent::init() - a common bug diff --git a/core/control/Director.php b/core/control/Director.php index 7a5948241..209158be9 100644 --- a/core/control/Director.php +++ b/core/control/Director.php @@ -283,9 +283,9 @@ class Director { if(isset(Director::$urlParams['URLSegment'])) { $SQL_urlSegment = Convert::raw2sql(Director::$urlParams['URLSegment']); if (Translatable::is_enabled()) { - return Translatable::get_one("SiteTree", "URLSegment = '$SQL_urlSegment'"); + return Translatable::get_one("SiteTree", "\"URLSegment\" = '$SQL_urlSegment'"); } else { - return DataObject::get_one("SiteTree", "URLSegment = '$SQL_urlSegment'"); + return DataObject::get_one("SiteTree", "\"URLSegment\" = '$SQL_urlSegment'"); } } else { return Controller::curr(); diff --git a/core/control/ModelAsController.php b/core/control/ModelAsController.php index 65147e324..e19be2f96 100644 --- a/core/control/ModelAsController.php +++ b/core/control/ModelAsController.php @@ -33,9 +33,9 @@ class ModelAsController extends Controller implements NestedController { if($this->urlParams['URLSegment']) { $SQL_URLSegment = Convert::raw2sql($this->urlParams['URLSegment']); if (Translatable::is_enabled()) { - $child = Translatable::get_one("SiteTree", "URLSegment = '$SQL_URLSegment'", false); + $child = Translatable::get_one("SiteTree", "\"URLSegment\" = '$SQL_URLSegment'", false); } else { - $child = DataObject::get_one("SiteTree", "URLSegment = '$SQL_URLSegment'", false); + $child = DataObject::get_one("SiteTree", "\"URLSegment\" = '$SQL_URLSegment'", false); } if(!$child) { if($child = $this->findOldPage($SQL_URLSegment)) { @@ -82,8 +82,8 @@ class ModelAsController extends Controller implements NestedController { protected function findOldPage($urlSegment) { $versionedQuery = new SQLQuery ( - 'RecordID', 'SiteTree_versions', - "\"WasPublished\" = 1 AND \"URLSegment\" = '$urlSegment'", + '"RecordID"', '"SiteTree_versions"', + "\"WasPublished\" AND \"URLSegment\" = '$urlSegment'", '"LastEdited" DESC, "WasPublished"', null, null, 1 ); @@ -98,8 +98,8 @@ class ModelAsController extends Controller implements NestedController { } protected function get404Page() { - if($page = DataObject::get_one("ErrorPage", "ErrorCode = '404'")) return $page; - else return DataObject::get_one("SiteTree", "URLSegment = '404'"); + if($page = DataObject::get_one("ErrorPage", "\"ErrorCode\" = '404'")) return $page; + else return DataObject::get_one("SiteTree", "\"URLSegment\" = '404'"); } } diff --git a/core/model/ComponentSet.php b/core/model/ComponentSet.php index 142072ddf..50297a42e 100755 --- a/core/model/ComponentSet.php +++ b/core/model/ComponentSet.php @@ -128,14 +128,15 @@ class ComponentSet extends DataObjectSet { $parentField = $this->ownerClass . 'ID'; $childField = ($this->childClass == $this->ownerClass) ? "ChildID" : ($this->childClass . 'ID'); - DB::query( "DELETE FROM \"$this->tableName\" WHERE $parentField = {$this->ownerObj->ID} AND $childField = {$item->ID}" ); + DB::query( "DELETE FROM \"$this->tableName\" WHERE \"$parentField\" = {$this->ownerObj->ID} AND \"$childField\" = {$item->ID}" ); - $extraSQL = ''; + $extraKeys = $extraValues = ''; if($extraFields) foreach($extraFields as $k => $v) { - $extraSQL .= ", $k = '" . addslashes($v) . "'"; + $extraKeys .= ", \"$k\""; + $extraValues .= ", '" . addslashes($v) . "'"; } - DB::query("INSERT INTO \"$this->tableName\" SET $parentField = {$this->ownerObj->ID}, $childField = {$item->ID} $extraSQL"); + DB::query("INSERT INTO \"$this->tableName\" (\"$parentField\",\"$childField\" $extraKeys) VALUES ({$this->ownerObj->ID}, {$item->ID} $extraValues)"); } } @@ -206,7 +207,7 @@ class ComponentSet extends DataObjectSet { } else { $parentField = $this->ownerClass . 'ID'; $childField = ($this->childClass == $this->ownerClass) ? "ChildID" : ($this->childClass . 'ID'); - DB::query("DELETE FROM \"$this->tableName\" WHERE $parentField = {$this->ownerObj->ID} AND $childField = {$item->ID}"); + DB::query("DELETE FROM \"$this->tableName\" WHERE \"$parentField\" = {$this->ownerObj->ID} AND \"$childField\" = {$item->ID}"); } } @@ -232,7 +233,7 @@ class ComponentSet extends DataObjectSet { $itemCSV = implode(", ", $itemList); $parentField = $this->ownerClass . 'ID'; $childField = ($this->childClass == $this->ownerClass) ? "ChildID" : ($this->childClass . 'ID'); - DB::query("DELETE FROM \"$this->tableName\" WHERE $parentField = {$this->ownerObj->ID} AND $childField IN ($itemCSV)"); + DB::query("DELETE FROM \"$this->tableName\" WHERE \"$parentField\" = {$this->ownerObj->ID} AND \"$childField\" IN ($itemCSV)"); } } @@ -243,7 +244,7 @@ class ComponentSet extends DataObjectSet { */ function removeByFilter($filter) { $parentField = $this->ownerClass . 'ID'; - DB::query("DELETE FROM \"$this->tableName\" WHERE $parentField = {$this->ownerObj->ID} AND $filter"); + DB::query("DELETE FROM \"$this->tableName\" WHERE \"$parentField\" = {$this->ownerObj->ID} AND $filter"); } /** @@ -252,7 +253,7 @@ class ComponentSet extends DataObjectSet { function removeAll() { if(!empty($this->tableName)) { $parentField = $this->ownerClass . 'ID'; - DB::query("DELETE FROM \"$this->tableName\" WHERE $parentField = {$this->ownerObj->ID}"); + DB::query("DELETE FROM \"$this->tableName\" WHERE \"$parentField\" = {$this->ownerObj->ID}"); } else { foreach($this->items as $item) { $this->remove($item); diff --git a/core/model/DataObject.php b/core/model/DataObject.php index 1e3575330..02d9695ef 100644 --- a/core/model/DataObject.php +++ b/core/model/DataObject.php @@ -743,7 +743,7 @@ class DataObject extends ViewableData implements DataObjectInterface,i18nEntityP if((!isset($this->record['ID']) || !$this->record['ID']) && isset($ancestry[0])) { $baseTable = $ancestry[0]; - DB::query("INSERT INTO \"{$baseTable}\" SET Created = NOW()"); + DB::query("INSERT INTO \"{$baseTable}\" (\"Created\") VALUES (NOW())"); $this->record['ID'] = DB::getGeneratedID($baseTable); $this->changed['ID'] = 2; @@ -770,7 +770,6 @@ class DataObject extends ViewableData implements DataObjectInterface,i18nEntityP if(!$fieldObj instanceof CompositeDBField) { $fieldObj->setValue($this->record[$fieldName], $this->record); } - $fieldObj->writeToManipulation($manipulation[$class]); } } @@ -1171,10 +1170,10 @@ class DataObject extends ViewableData implements DataObjectInterface,i18nEntityP $query = $componentObj->extendedSQL( - "\"$table\".$parentField = $this->ID", // filter + "\"$table\".\"$parentField\" = $this->ID", // filter $sort, $limit, - "INNER JOIN \"$table\" ON \"$table\".$componentField = \"$componentBaseClass\".ID" // join + "INNER JOIN \"$table\" ON \"$table\".\"$componentField\" = \"$componentBaseClass\".\"ID\"" // join ); array_unshift($query->select, "\"$table\".*"); @@ -1872,10 +1871,10 @@ class DataObject extends ViewableData implements DataObjectInterface,i18nEntityP $permissionCache[$memberID][$perm] = $query->execute()->column(); if($perm == "View") { - $query = new SQLQuery("\"SiteTree\".ID", array( + $query = new SQLQuery("\"SiteTree\".\"ID\"", array( "\"SiteTree\"", - "LEFT JOIN \"Page_CanView\" ON \"Page_CanView\".PageID = \"SiteTree\".ID" - ), "\"Page_CanView\".PageID IS NULL"); + "LEFT JOIN \"Page_CanView\" ON \"Page_CanView\".\"PageID\" = \"SiteTree\".\"ID\"" + ), "\"Page_CanView\".\"PageID\" IS NULL"); $unsecuredPages = $query->execute()->column(); if($permissionCache[$memberID][$perm]) { @@ -2058,6 +2057,8 @@ class DataObject extends ViewableData implements DataObjectInterface,i18nEntityP if(!$sort) { $sort = $this->stat('default_sort'); } + // Add quoting to sort expression if it's a simple column name + if(preg_match('/^[A-Z][A-Z0-9_]*$/i', $sort)) $sort = "\"$sort\""; // Get the tables to join to $tableClasses = ClassInfo::dataClassesFor($this->class); @@ -2091,7 +2092,7 @@ class DataObject extends ViewableData implements DataObjectInterface,i18nEntityP // Join all the tables if($tableClasses && self::$subclass_access) { foreach($tableClasses as $tableClass) { - $query->from[$tableClass] = "LEFT JOIN \"$tableClass\" ON \"$tableClass\".ID = \"$baseClass\".ID"; + $query->from[$tableClass] = "LEFT JOIN \"$tableClass\" ON \"$tableClass\".\"ID\" = \"$baseClass\".\"ID\""; $query->select[] = "\"$tableClass\".*"; // Add SQL for multi-value fields @@ -2108,8 +2109,8 @@ class DataObject extends ViewableData implements DataObjectInterface,i18nEntityP } //TODO: DB ABSTRACTION: IF STATEMENT: - $query->select[] = "\"$baseClass\".ID"; - $query->select[] = "if(\"$baseClass\".ClassName,\"$baseClass\".ClassName,'$baseClass') AS RecordClassName"; + $query->select[] = "\"$baseClass\".\"ID\""; + $query->select[] = "CASE WHEN \"$baseClass\".\"ClassName\" IS NOT NULL THEN \"$baseClass\".\"ClassName\" ELSE '$baseClass' END AS \"RecordClassName\""; // Get the ClassName values to filter to $classNames = ClassInfo::subclassesFor($this->class); @@ -2126,7 +2127,7 @@ class DataObject extends ViewableData implements DataObjectInterface,i18nEntityP user_error("DataObject::get() Can't find data sub-classes for '$callerClass'"); } - $query->where[] = "\"$baseClass\".ClassName IN ('" . implode("','", $classNames) . "')"; + $query->where[] = "\"$baseClass\".\"ClassName\" IN ('" . implode("','", $classNames) . "')"; } if($having) { @@ -2135,7 +2136,14 @@ class DataObject extends ViewableData implements DataObjectInterface,i18nEntityP if($join) { $query->from[] = $join; - $query->groupby[] = reset($query->from) . ".ID"; + if(DB::getConn() instanceof MySQLDatabase) { + // TODO: This needs to be resolved for all databases + $query->groupby[] = reset($query->from) . ".\"ID\""; + /* this needs to be fixed - this doesn't work when you add additional fields from other tables into the mix. + $fields = $this->databaseFields(); + foreach(array_keys($fields) as $field) $query->groupby[] = "\"$field\""; + */ + } } return $query; diff --git a/core/model/DatabaseAdmin.php b/core/model/DatabaseAdmin.php index 8a6174dc7..316b2bc3c 100644 --- a/core/model/DatabaseAdmin.php +++ b/core/model/DatabaseAdmin.php @@ -253,7 +253,7 @@ class DatabaseAdmin extends Controller { if(($record['ClassName'] != $subclass) && (!is_subclass_of($record['ClassName'], $subclass)) && ($recordExists[$subclass][$id])) { - $sql = "DELETE FROM \"$subclass\" WHERE ID = $record[ID]"; + $sql = "DELETE FROM \"$subclass\" WHERE \"ID\" = $record[ID]"; echo "
  • $sql"; DB::query($sql); } diff --git a/core/model/ErrorPage.php b/core/model/ErrorPage.php index 6922ced2c..1263ddcec 100755 --- a/core/model/ErrorPage.php +++ b/core/model/ErrorPage.php @@ -31,7 +31,7 @@ class ErrorPage extends Page { function requireDefaultRecords() { parent::requireDefaultRecords(); - if(!DataObject::get_one('ErrorPage', "ErrorCode = '404'")) { + if(!DataObject::get_one('ErrorPage', "\"ErrorCode\" = '404'")) { $errorpage = new ErrorPage(); $errorpage->ErrorCode = 404; $errorpage->Title = _t('ErrorPage.DEFAULTERRORPAGETITLE', 'Page not found'); diff --git a/core/model/Hierarchy.php b/core/model/Hierarchy.php index 8cd0c15f6..701dfea1f 100644 --- a/core/model/Hierarchy.php +++ b/core/model/Hierarchy.php @@ -477,7 +477,7 @@ class Hierarchy extends DataObjectDecorator { public function numChildren() { $baseClass = ClassInfo::baseDataClass($this->owner->class); // We build the query in an extension-friendly way. - $query = new SQLQuery("COUNT(*)","\"$baseClass\"","ParentID = " . (int)$this->owner->ID); + $query = new SQLQuery("COUNT(*)","\"$baseClass\"","\"ParentID\" = " . (int)$this->owner->ID); $this->owner->extend('augmentSQL', $query); return $query->execute()->value(); } @@ -488,9 +488,9 @@ class Hierarchy extends DataObjectDecorator { * @return DataObjectSet */ public function stageChildren($showAll = false) { - $extraFilter = $showAll ? '' : " AND ShowInMenus = 1"; + $extraFilter = $showAll ? '' : " AND \"ShowInMenus\""; $baseClass = ClassInfo::baseDataClass($this->owner->class); - return DataObject::get($baseClass, "\"{$baseClass}\".\"ParentID\" = " . (int)$this->owner->ID . " AND \"{$baseClass}\".ID != " . (int)$this->owner->ID . $extraFilter, ""); + return DataObject::get($baseClass, "\"{$baseClass}\".\"ParentID\" = " . (int)$this->owner->ID . " AND \"{$baseClass}\".\"ID\" != " . (int)$this->owner->ID . $extraFilter, ""); } /** @@ -499,9 +499,9 @@ class Hierarchy extends DataObjectDecorator { * @return DataObjectSet */ public function liveChildren($showAll = false) { - $extraFilter = $showAll ? '' : " AND ShowInMenus = 1"; + $extraFilter = $showAll ? '' : " AND \"ShowInMenus\""; $baseClass = ClassInfo::baseDataClass($this->owner->class); - return Versioned::get_by_stage($baseClass, "Live", "\"{$baseClass}\".\"ParentID\" = " . (int)$this->owner->ID . " AND \"{$baseClass}\".ID != " . (int)$this->owner->ID. $extraFilter, ""); + return Versioned::get_by_stage($baseClass, "Live", "\"{$baseClass}\".\"ParentID\" = " . (int)$this->owner->ID . " AND \"{$baseClass}\".\"ID\" != " . (int)$this->owner->ID. $extraFilter, ""); } /** @@ -511,7 +511,7 @@ class Hierarchy extends DataObjectDecorator { public function getParent($filter = '') { if($p = $this->owner->__get("ParentID")) { $className = $this->owner->class; - $filter .= $filter?" AND ":""."\"$className\".ID = $p"; + $filter .= $filter?" AND ":""."\"$className\".\"ID\" = $p"; return DataObject::get_one($className, $filter); } } diff --git a/core/model/SiteTree.php b/core/model/SiteTree.php index 2f8fea7f3..da13e75d3 100644 --- a/core/model/SiteTree.php +++ b/core/model/SiteTree.php @@ -399,7 +399,7 @@ class SiteTree extends DataObject { SiteTree::$currentSectionIDs = array(); while($nextID) { self::$currentSectionIDs[] = $nextID; - $nextID = DB::query("SELECT ParentID FROM SiteTree WHERE ID = $nextID")->value(); + $nextID = DB::query("SELECT \"ParentID\" FROM \"SiteTree\" WHERE \"ID\" = $nextID")->value(); } } } @@ -885,7 +885,7 @@ class SiteTree extends DataObject { // default pages if($this->class == 'SiteTree') { - if(!DataObject::get_one("SiteTree", "URLSegment = 'home'")) { + if(!DataObject::get_one("SiteTree", "\"URLSegment\" = 'home'")) { $homepage = new Page(); $homepage->Title = _t('SiteTree.DEFAULTHOMETITLE', 'Home'); @@ -898,7 +898,7 @@ class SiteTree extends DataObject { Database::alteration_message("Home page created","created"); } - if(DB::query("SELECT COUNT(*) FROM SiteTree")->value() == 1) { + if(DB::query("SELECT COUNT(*) FROM \"SiteTree\"")->value() == 1) { $aboutus = new Page(); $aboutus->Title = _t('SiteTree.DEFAULTABOUTTITLE', 'About Us'); $aboutus->Content = _t('SiteTree.DEFAULTABOUTCONTENT', '

    You can fill this page out with your own content, or delete it and create your own pages.

    '); @@ -961,13 +961,13 @@ class SiteTree extends DataObject { // Ensure URLSegment is unique $idFilter = ($this->ID) - ? " AND \"SiteTree\".ID <> '$this->ID'" : + ? " AND \"SiteTree\".\"ID\" <> '$this->ID'" : ''; $count = 1; while ( (class_exists($this->URLSegment) && is_subclass_of($this->URLSegment, 'RequestHandler')) || - DataObject::get_one("SiteTree", "URLSegment = '$this->URLSegment' $idFilter") + DataObject::get_one("SiteTree", "\"URLSegment\" = '$this->URLSegment' $idFilter") ) { $count++; $this->URLSegment = ereg_replace('-[0-9]+$','', $this->URLSegment) . "-$count"; @@ -1026,7 +1026,7 @@ class SiteTree extends DataObject { * @return SiteTree The object with the given URL segment */ public static function get_by_url($urlSegment) { - return DataObject::get_one("SiteTree", "URLSegment = '" . addslashes((string) $urlSegment) . "'"); + return DataObject::get_one("SiteTree", "\"URLSegment\" = '" . addslashes((string) $urlSegment) . "'"); } /** @@ -1099,7 +1099,7 @@ class SiteTree extends DataObject { // Status / message // Create a status message for multiple parents if($this->ID && is_numeric($this->ID)) { - $linkedPages = DataObject::get("VirtualPage", "CopyContentFromID = $this->ID"); + $linkedPages = DataObject::get("VirtualPage", "\"CopyContentFromID\" = $this->ID"); } if(isset($linkedPages)) { @@ -1454,7 +1454,7 @@ class SiteTree extends DataObject { if($this->isNew()) return false; - return (DB::query("SELECT ID FROM \"SiteTree_Live\" WHERE ID = $this->ID")->value()) + return (DB::query("SELECT \"ID\" FROM \"SiteTree_Live\" WHERE \"ID\" = $this->ID")->value()) ? true : false; } @@ -1494,6 +1494,7 @@ class SiteTree extends DataObject { $currentAddAction = null; $currentClass = null; + $result = array(); foreach($classes as $class) { $instance = singleton($class); if((($instance instanceof HiddenClass) || !$instance->canCreate()) && ($class != $this->class)) continue; @@ -1624,9 +1625,9 @@ class SiteTree extends DataObject { // If somthing if(!$this->CheckedPublicationDifferences && $this->ID) { $stageVersion = - DB::query("SELECT Version FROM SiteTree WHERE ID = $this->ID")->value(); + DB::query("SELECT \"Version\" FROM \"SiteTree\" WHERE \"ID\" = $this->ID")->value(); $liveVersion = - DB::query("SELECT Version FROM SiteTree_Live WHERE ID = $this->ID")->value(); + DB::query("SELECT \"Version\" FROM \"SiteTree_Live\" WHERE \"ID\" = $this->ID")->value(); if($stageVersion && !$liveVersion) $this->AddedToStage = true; diff --git a/core/model/Versioned.php b/core/model/Versioned.php index 7dc3616b7..7321047ae 100755 --- a/core/model/Versioned.php +++ b/core/model/Versioned.php @@ -268,7 +268,7 @@ class Versioned extends DataObjectDecorator { if(!isset($manipulation[$table]['fields']['Version'])) { // Add any extra, unchanged fields to the version record. - $data = DB::query("SELECT * FROM $table WHERE ID = $id")->record(); + $data = DB::query("SELECT * FROM \"$table\" WHERE \"ID\" = $id")->record(); if($data) foreach($data as $k => $v) { if (!isset($newManipulation['fields'][$k])) $newManipulation['fields'][$k] = "'" . addslashes($v) . "'"; } @@ -280,7 +280,7 @@ class Versioned extends DataObjectDecorator { // Create a new version # if (isset($version_table[$table])) $nextVersion = $version_table[$table]; else unset($nextVersion); - if($rid && !isset($nextVersion)) $nextVersion = DB::query("SELECT MAX(Version) + 1 FROM {$table}_versions WHERE RecordID = $rid")->value(); + if($rid && !isset($nextVersion)) $nextVersion = DB::query("SELECT MAX(\"Version\") + 1 FROM \"{$table}_versions\" WHERE \"RecordID\" = $rid")->value(); $newManipulation['fields']['Version'] = $nextVersion ? $nextVersion : 1; $newManipulation['fields']['AuthorID'] = Member::currentUserID() ? Member::currentUserID() : 0; @@ -371,7 +371,7 @@ class Versioned extends DataObjectDecorator { $table2 = $table1 . "_$this->liveStage"; - return DB::query("SELECT $table1.Version = $table2.Version FROM $table1 INNER JOIN $table2 ON $table1.ID = $table2.ID WHERE $table1.ID = ". $this->owner->ID)->value(); + return DB::query("SELECT \"$table1\".\"Version\" = \"$table2\".\"Version\" FROM \"$table1\" INNER JOIN \"$table2\" ON \"$table1\".\"ID\" = \"$table2\".\"ID\" WHERE \"$table1\".\"ID\" = ". $this->owner->ID)->value(); } /** @@ -435,7 +435,7 @@ class Versioned extends DataObjectDecorator { // We test for equality - if one of the versions doesn't exist, this will be false //TODO: DB Abstraction: if statement here: - $stagesAreEqual = DB::query("SELECT if(\"$table1\".Version=\"$table2\".Version,1,0) FROM \"$table1\" INNER JOIN \"$table2\" ON \"$table1\".ID = \"$table2\".ID AND \"$table1\".ID = {$this->owner->ID}")->value(); + $stagesAreEqual = DB::query("SELECT CASE WHEN \"$table1\".\"Version\"=\"$table2\".\"Version\" THEN 1 ELSE 0 END FROM \"$table1\" INNER JOIN \"$table2\" ON \"$table1\".\"ID\" = \"$table2\".\"ID\" AND \"$table1\".\"ID\" = {$this->owner->ID}")->value(); return !$stagesAreEqual; } diff --git a/filesystem/File.php b/filesystem/File.php index d47865c20..f2dfeb8f2 100755 --- a/filesystem/File.php +++ b/filesystem/File.php @@ -221,7 +221,7 @@ class File extends DataObject { * Delete the database record (recursively for folders) without touching the filesystem */ public function deleteDatabaseOnly() { - if(is_numeric($this->ID)) DB::query("DELETE FROM File WHERE ID = $this->ID"); + if(is_numeric($this->ID)) DB::query("DELETE FROM File WHERE \"ID\" = $this->ID"); } /** diff --git a/filesystem/Folder.php b/filesystem/Folder.php index 73609c9bd..6c7f4030f 100755 --- a/filesystem/Folder.php +++ b/filesystem/Folder.php @@ -52,7 +52,7 @@ class Folder extends File { $keptChild = array_shift($children); foreach($children as $removedChild) { DB::query("UPDATE \"File\" SET ParentID = $keptChild WHERE ParentID = $removedChild"); - DB::query("DELETE FROM \"File\" WHERE ID = $removedChild"); + DB::query("DELETE FROM \"File\" WHERE \"ID\" = $removedChild"); } } else { user_error("Inconsistent database issue: SELECT ID FROM \"File\" WHERE Name = '$childName' AND ParentID = $parentID should have returned data", E_USER_WARNING); @@ -93,7 +93,7 @@ class Folder extends File { $child = $hasDbChild[$actualChild]; if( ($child->class != 'Folder' && is_dir($baseDir . $actualChild)) || ($child->class == 'Folder' && !is_dir($baseDir . $actualChild)) ) { - DB::query("DELETE FROM \"File\" WHERE ID = $child->ID"); + DB::query("DELETE FROM \"File\" WHERE \"ID\" = $child->ID"); unset($hasDbChild[$actualChild]); } } @@ -117,11 +117,11 @@ class Folder extends File { // Iterate through the unwanted children, removing them all if(isset($unwantedDbChildren)) foreach($unwantedDbChildren as $unwantedDbChild) { - DB::query("DELETE FROM \"File\" WHERE ID = $unwantedDbChild->ID"); + DB::query("DELETE FROM \"File\" WHERE \"ID\" = $unwantedDbChild->ID"); $deleted++; } } else { - DB::query("DELETE FROM \"File\" WHERE ID = $this->ID"); + DB::query("DELETE FROM \"File\" WHERE \"ID\" = $this->ID"); } return array('added' => $added, 'deleted' => $deleted); diff --git a/forms/HasManyComplexTableField.php b/forms/HasManyComplexTableField.php index 997d84ca1..0cb54cdf0 100644 --- a/forms/HasManyComplexTableField.php +++ b/forms/HasManyComplexTableField.php @@ -51,7 +51,7 @@ class HasManyComplexTableField extends ComplexTableField { $query = $this->customQuery; $query->select[] = "{$this->sourceClass}.ID AS ID"; $query->select[] = "{$this->sourceClass}.ClassName AS ClassName"; - $query->select[] = "{$this->sourceClass}.ClassName AS RecordClassName"; + $query->select[] = "{$this->sourceClass}.ClassName AS \"RecordClassName\""; } else { $query = singleton($this->sourceClass)->extendedSQL($this->sourceFilter, $this->sourceSort, $limitClause, $this->sourceJoin); diff --git a/forms/HtmlEditorField.php b/forms/HtmlEditorField.php index b532a4712..660f1e894 100755 --- a/forms/HtmlEditorField.php +++ b/forms/HtmlEditorField.php @@ -50,7 +50,7 @@ class HtmlEditorField extends TextareaField { $link = Director::makeRelative($link); $broken = false; if(ereg('^([A-Za-z0-9_\-]+)/?(#.*)?$', $link, $parts)) { - if(!DataObject::get_one("SiteTree", "URLSegment = '$parts[1]'", false)) { + if(!DataObject::get_one("SiteTree", "\"URLSegment\" = '$parts[1]'", false)) { $broken = true; // Prevents execution timeouts if a page has 50 identical broken links by only highlighting them once $alreadyHighlighted[$parts[1]] = true; @@ -120,7 +120,7 @@ class HtmlEditorField extends TextareaField { $link = Director::makeRelative($link); if(preg_match( '/^([A-Za-z0-9_-]+)\/?(#.*)?$/', $link, $parts ) ) { - $candidatePage = DataObject::get_one("SiteTree", "URLSegment = '" . urldecode( $parts[1] ). "'", false); + $candidatePage = DataObject::get_one("SiteTree", "\"URLSegment\" = '" . urldecode( $parts[1] ). "'", false); if($candidatePage) { $linkedPages[] = $candidatePage->ID; // This caused bugs in the publication script @@ -154,7 +154,7 @@ class HtmlEditorField extends TextareaField { $fieldName = $this->name; if($record->ID && $record->hasMethod('LinkTracking') && $linkTracking = $record->LinkTracking()) { - $linkTracking->removeByFilter("FieldName = '$fieldName'"); + $linkTracking->removeByFilter("\"FieldName\" = '$fieldName'"); if(isset($linkedPages)) foreach($linkedPages as $item) { $linkTracking->add($item, array("FieldName" => $fieldName)); @@ -163,7 +163,7 @@ class HtmlEditorField extends TextareaField { // $linkTracking->destroy(); } if($record->ID && $record->hasMethod('ImageTracking') && $imageTracking = $record->ImageTracking()) { - $imageTracking->removeByFilter("FieldName = '$fieldName'"); + $imageTracking->removeByFilter("\"FieldName\" = '$fieldName'"); if(isset($linkedFiles)) foreach($linkedFiles as $item) { $imageTracking->add($item, array("FieldName" => $fieldName)); } diff --git a/forms/ManyManyComplexTableField.php b/forms/ManyManyComplexTableField.php index 78d49aec6..012d54adb 100644 --- a/forms/ManyManyComplexTableField.php +++ b/forms/ManyManyComplexTableField.php @@ -47,7 +47,7 @@ class ManyManyComplexTableField extends HasManyComplexTableField { $query = $this->customQuery; $query->select[] = "{$this->sourceClass}.ID AS ID"; $query->select[] = "{$this->sourceClass}.ClassName AS ClassName"; - $query->select[] = "{$this->sourceClass}.ClassName AS RecordClassName"; + $query->select[] = "{$this->sourceClass}.ClassName AS \"RecordClassName\""; } else { $query = singleton($this->sourceClass)->extendedSQL($this->sourceFilter, $this->sourceSort, $limitClause, $this->sourceJoin); diff --git a/forms/TableListField.php b/forms/TableListField.php index 68320347e..31015c59c 100755 --- a/forms/TableListField.php +++ b/forms/TableListField.php @@ -444,7 +444,7 @@ JS $baseClass = ClassInfo::baseDataClass($this->sourceClass); $query->select[] = "{$baseClass}.ID AS ID"; $query->select[] = "{$baseClass}.ClassName AS ClassName"; - $query->select[] = "{$baseClass}.ClassName AS RecordClassName"; + $query->select[] = "{$baseClass}.ClassName AS \"RecordClassName\""; } else { $query = singleton($this->sourceClass)->extendedSQL($this->sourceFilter(), $this->sourceSort, null, $this->sourceJoin); @@ -475,12 +475,12 @@ JS $query = $this->customCsvQuery; $query->select[] = "{$baseClass}.ID AS ID"; $query->select[] = "{$baseClass}.ClassName AS ClassName"; - $query->select[] = "{$baseClass}.ClassName AS RecordClassName"; + $query->select[] = "{$baseClass}.ClassName AS \"RecordClassName\""; } else if($this->customQuery) { $query = $this->customQuery; $query->select[] = "{$baseClass}.ID AS ID"; $query->select[] = "{$baseClass}.ClassName AS ClassName"; - $query->select[] = "{$baseClass}.ClassName AS RecordClassName"; + $query->select[] = "{$baseClass}.ClassName AS \"RecordClassName\""; } else { $query = singleton($this->sourceClass)->extendedSQL($this->sourceFilter(), $this->sourceSort, null, $this->sourceJoin); diff --git a/search/AdvancedSearchForm.php b/search/AdvancedSearchForm.php index 3247346c7..3cd52077b 100755 --- a/search/AdvancedSearchForm.php +++ b/search/AdvancedSearchForm.php @@ -82,25 +82,25 @@ class AdvancedSearchForm extends SearchForm { foreach($_REQUEST['OnlyShow'] as $section => $checked) { $items = explode(",", $section); foreach($items as $item) { - $page = DataObject::get_one('SiteTree', "URLSegment = '" . addslashes($item) . "'"); + $page = DataObject::get_one('SiteTree', "\"URLSegment\" = '" . addslashes($item) . "'"); $pageList[] = $page->ID; if(!$page) user_error("Can't find a page called '$item'", E_USER_WARNING); $page->loadDescendantIDListInto($pageList); } } - $contentFilter = "ID IN (" . implode(",", $pageList) . ")"; + $contentFilter = "\"ID\" IN (" . implode(",", $pageList) . ")"; // Find the files associated with those pages - $fileList = DB::query("SELECT FileID FROM Page_ImageTracking WHERE PageID IN (" . implode(",", $pageList) . ")")->column(); - if($fileList) $fileFilter = "ID IN (" . implode(",", $fileList) . ")"; + $fileList = DB::query("SELECT \"FileID\" FROM \"Page_ImageTracking\" WHERE \"PageID\" IN (" . implode(",", $pageList) . ")")->column(); + if($fileList) $fileFilter = "\"ID\" IN (" . implode(",", $fileList) . ")"; else $fileFilter = " 1 = 2 "; } if($data['From']) { - $filter .= ($filter?" AND":"") . " LastEdited >= '$data[From]'"; + $filter .= ($filter?" AND":"") . " \"LastEdited\" >= '$data[From]'"; } if($data['To']) { - $filter .= ($filter?" AND":"") . " LastEdited <= '$data[To]'"; + $filter .= ($filter?" AND":"") . " \"LastEdited\" <= '$data[To]'"; } if($filter) { @@ -110,9 +110,9 @@ class AdvancedSearchForm extends SearchForm { if($data['sortby']) { $sorts = array( - 'LastUpdated' => 'LastEdited DESC', - 'PageTitle' => 'Title ASC', - 'Relevance' => 'Relevance DESC', + 'LastUpdated' => '"LastEdited" DESC', + 'PageTitle' => '"Title" ASC', + 'Relevance' => '"Relevance" DESC', ); $sortBy = $sorts[$data['sortby']] ? $sorts[$data['sortby']] : $sorts['Relevance']; } diff --git a/search/SearchContext.php b/search/SearchContext.php index df1b9aed5..db41c2666 100644 --- a/search/SearchContext.php +++ b/search/SearchContext.php @@ -88,7 +88,7 @@ class SearchContext extends Object { $fields = array("\"".ClassInfo::baseDataClass($this->modelClass).'".*'); if($this->modelClass != $classes[0]) $fields[] = '"'.$classes[0].'".*'; //$fields = array_keys($model->db()); - $fields[] = '"'.$classes[0].'".ClassName AS RecordClassName'; + $fields[] = '"'.$classes[0].'".ClassName AS "RecordClassName"'; return $fields; } diff --git a/security/Group.php b/security/Group.php index 86cd52011..75de2097c 100644 --- a/security/Group.php +++ b/security/Group.php @@ -168,8 +168,8 @@ class Group extends DataObject { // Get all of groups that this group contains $groupFamily = implode(", ", $this->collateFamilyIDs()); - $filter[] = "\"$table\".GroupID IN ($groupFamily)"; - $join .= " INNER JOIN \"$table\" ON \"$table\".MemberID = \"Member\".ID" . Convert::raw2sql($join); + $filter[] = "\"$table\".\"GroupID\" IN ($groupFamily)"; + $join .= " INNER JOIN \"$table\" ON \"$table\".\"MemberID\" = \"Member\".\"ID\"" . Convert::raw2sql($join); $result = singleton("Member")->instance_get( $filter, @@ -217,7 +217,7 @@ class Group extends DataObject { // Get the children of *all* the groups identified in the previous chunk. // This minimises the number of SQL queries necessary - $sql = $this->extendedSQL("ParentID IN ($idList)", ""); + $sql = $this->extendedSQL("\"ParentID\" IN ($idList)", ""); $chunkToAdd = $sql->execute(); if(!$chunkToAdd->numRecords()) $chunkToAdd = null; } diff --git a/security/Member.php b/security/Member.php index 2797f3a89..f82a71077 100644 --- a/security/Member.php +++ b/security/Member.php @@ -35,7 +35,7 @@ class Member extends DataObject { static $many_many_extraFields = array(); - static $default_sort = "Surname, FirstName"; + static $default_sort = '"Surname", "FirstName"'; static $indexes = array( 'Email' => true, @@ -366,7 +366,7 @@ class Member extends DataObject { } if($id) { - return DataObject::get_one("Member", "Member.ID = $id"); + return DataObject::get_one("Member", "\"Member\".\"ID\" = $id"); } } @@ -449,13 +449,13 @@ class Member extends DataObject { if($this->Email) { if($this->ID) { - $idClause = "AND \"Member\".ID <> $this->ID"; + $idClause = "AND \"Member\".\"ID\" <> $this->ID"; } else { $idClause = ""; } $existingRecord = DataObject::get_one( - "Member", "Email = '" . addslashes($this->Email) . "' $idClause"); + "Member", "\"Email\" = '" . addslashes($this->Email) . "' $idClause"); // Debug::message("Found an existing member for email $this->Email"); @@ -649,7 +649,7 @@ class Member extends DataObject { if(count($collatedGroups) > 0) { $collatedGroups = implode(", ", array_unique($collatedGroups)); - $unfilteredGroups = singleton('Group')->instance_get("\"ID\" IN ($collatedGroups)", "ID", "", "", "Member_GroupSet"); + $unfilteredGroups = singleton('Group')->instance_get("\"ID\" IN ($collatedGroups)", '"ID"', "", "", "Member_GroupSet"); $result = new ComponentSet(); // Only include groups where allowedIPAddress() returns true @@ -886,7 +886,7 @@ class Member extends DataObject { function requireDefaultRecords() { parent::requireDefaultRecords(); - if(!DB::query("SELECT * FROM Member")->value() && isset($_REQUEST['username']) && isset($_REQUEST['password'])) { + if(!DB::query("SELECT * FROM \"Member\"")->value() && isset($_REQUEST['username']) && isset($_REQUEST['password'])) { Security::findAnAdministrator($_REQUEST['username'], $_REQUEST['password']); Database::alteration_message("Added admin account","created"); } diff --git a/security/MemberAuthenticator.php b/security/MemberAuthenticator.php index 5327024c5..554482ab1 100644 --- a/security/MemberAuthenticator.php +++ b/security/MemberAuthenticator.php @@ -27,7 +27,7 @@ class MemberAuthenticator extends Authenticator { if(Security::check_default_admin($RAW_data['Email'], $RAW_data['Password'])) { $member = Security::findAnAdministrator(); } else { - $member = DataObject::get_one("Member", "Email = '$SQL_user' AND Password IS NOT NULL"); + $member = DataObject::get_one("Member", "\"Email\" = '$SQL_user' AND \"Password\" IS NOT NULL"); if($member && ($member->checkPassword($RAW_data['Password']) == false)) { if($member->isLockedOut()) $isLockedOut = true; $member->registerFailedLogin(); diff --git a/security/Permission.php b/security/Permission.php index 0deb1f707..d6e93c810 100755 --- a/security/Permission.php +++ b/security/Permission.php @@ -141,11 +141,11 @@ class Permission extends DataObject { $argClause = ""; break; case "all": - $argClause = " AND Arg = -1"; + $argClause = " AND \"Arg\" = -1"; break; default: if(is_numeric($arg)) { - $argClause = "AND Arg IN (-1, $arg) "; + $argClause = "AND \"Arg\" IN (-1, $arg) "; } else { user_error("Permission::checkMember: bad arg '$arg'", E_USER_ERROR); @@ -163,12 +163,12 @@ class Permission extends DataObject { // Raw SQL for efficiency $permission = DB::query(" - SELECT ID - FROM Permission + SELECT \"ID\" + FROM \"Permission\" WHERE ( - Code IN ($SQL_codeList $adminFilter) - AND Type = " . self::GRANT_PERMISSION . " - AND GroupID IN ($groupCSV) + \"Code\" IN ($SQL_codeList $adminFilter) + AND \"Type\" = " . self::GRANT_PERMISSION . " + AND \"GroupID\" IN ($groupCSV) $argClause ) ")->value(); @@ -181,10 +181,10 @@ class Permission extends DataObject { if(!self::$strict_checking || !$strict) { $hasPermission = DB::query(" SELECT COUNT(*) - FROM Permission + FROM \"Permission\" WHERE ( - (Code IN '$SQL_code')' - AND (Type = " . self::GRANT_PERMISSION . ") + (\"Code\" IN '$SQL_code')' + AND (\"Type\" = " . self::GRANT_PERMISSION . ") ) ")->value(); if(!$hasPermission) { @@ -320,8 +320,8 @@ class Permission extends DataObject { parent::requireDefaultRecords(); // Add default content if blank - if(!DB::query("SELECT ID FROM Permission")->value() && array_key_exists('CanCMSAdmin', DB::fieldList('Group'))) { - $admins = DB::query("SELECT ID FROM \"Group\" WHERE CanCMSAdmin = 1") + if(!DB::query("SELECT \"ID\" FROM \"Permission\"")->value() && array_key_exists('CanCMSAdmin', DB::fieldList('Group'))) { + $admins = DB::query("SELECT \"ID\" FROM \"Group\" WHERE \"CanCMSAdmin\" = 1") ->column(); if(isset($admins)) { @@ -329,7 +329,7 @@ class Permission extends DataObject { Permission::grant($admin, "ADMIN"); } - $authors = DB::query("SELECT ID FROM \"Group\" WHERE CanCMS = 1") + $authors = DB::query("SELECT \"ID\" FROM \"Group\" WHERE \"CanCMS\" = 1") ->column(); if(isset($authors)) { foreach($authors as $author) { diff --git a/security/Security.php b/security/Security.php index 4a3273f3a..073836fff 100644 --- a/security/Security.php +++ b/security/Security.php @@ -581,7 +581,7 @@ class Security extends Controller { * privileges. */ static function findAnAdministrator($username = 'admin', $password = 'password') { - $permission = DataObject::get_one("Permission", "\"Code\" = 'ADMIN'", true, "ID"); + $permission = DataObject::get_one("Permission", "\"Code\" = 'ADMIN'", true, '"ID"'); $adminGroup = null; if($permission) $adminGroup = DataObject::get_one("Group", "\"Group\".\"ID\" = '{$permission->GroupID}'", true, "\"Group\".\"ID\""); diff --git a/tests/DataObjectTest.php b/tests/DataObjectTest.php index a1a31ffd7..6303035c2 100644 --- a/tests/DataObjectTest.php +++ b/tests/DataObjectTest.php @@ -283,24 +283,24 @@ class DataObjectTest extends SapphireTest { $captainID = $this->idFromFixture('DataObjectTest_Player', 'player1'); $team->CaptainID = $captainID; $team->write(); - $this->assertEquals($captainID, DB::query("SELECT CaptainID FROM DataObjectTest_Team WHERE ID = $team->ID")->value()); + $this->assertEquals($captainID, DB::query("SELECT CaptainID FROM DataObjectTest_Team WHERE \"ID\" = $team->ID")->value()); /* After giving it a value, you should also be able to set it back to null */ $team->CaptainID = ''; $team->write(); - $this->assertEquals(0, DB::query("SELECT CaptainID FROM DataObjectTest_Team WHERE ID = $team->ID")->value()); + $this->assertEquals(0, DB::query("SELECT CaptainID FROM DataObjectTest_Team WHERE \"ID\" = $team->ID")->value()); /* You should also be able to save a blank to it when it's first created */ $team = new DataObjectTest_Team(); $team->CaptainID = ''; $team->write(); - $this->assertEquals(0, DB::query("SELECT CaptainID FROM DataObjectTest_Team WHERE ID = $team->ID")->value()); + $this->assertEquals(0, DB::query("SELECT CaptainID FROM DataObjectTest_Team WHERE \"ID\" = $team->ID")->value()); /* Ditto for existing records without a value */ $existingTeam = $this->objFromFixture('DataObjectTest_Team', 'team1'); $existingTeam->CaptainID = ''; $existingTeam->write(); - $this->assertEquals(0, DB::query("SELECT CaptainID FROM DataObjectTest_Team WHERE ID = $existingTeam->ID")->value()); + $this->assertEquals(0, DB::query("SELECT CaptainID FROM DataObjectTest_Team WHERE \"ID\" = $existingTeam->ID")->value()); } function testCanAccessHasOneObjectsAsMethods() { @@ -323,9 +323,9 @@ class DataObjectTest extends SapphireTest { $obj->write(); $this->assertNotNull($obj->ID); - $this->assertEquals('value1', DB::query("SELECT Data FROM DataObjectTest_FunnyFieldNames WHERE ID = $obj->ID")->value()); - $this->assertEquals('value2', DB::query("SELECT DbObject FROM DataObjectTest_FunnyFieldNames WHERE ID = $obj->ID")->value()); - $this->assertEquals('value3', DB::query("SELECT Duplicate FROM DataObjectTest_FunnyFieldNames WHERE ID = $obj->ID")->value()); + $this->assertEquals('value1', DB::query("SELECT Data FROM DataObjectTest_FunnyFieldNames WHERE \"ID\" = $obj->ID")->value()); + $this->assertEquals('value2', DB::query("SELECT DbObject FROM DataObjectTest_FunnyFieldNames WHERE \"ID\" = $obj->ID")->value()); + $this->assertEquals('value3', DB::query("SELECT Duplicate FROM DataObjectTest_FunnyFieldNames WHERE \"ID\" = $obj->ID")->value()); } /** @@ -508,7 +508,7 @@ class DataObjectTest extends SapphireTest { /* Creating a new object of a subclass should set the ClassName field correctly */ $obj = new DataObjectTest_SubTeam(); $obj->write(); - $this->assertEquals("DataObjectTest_SubTeam", DB::query("SELECT ClassName FROM DataObjectTest_Team WHERE ID = $obj->ID")->value()); + $this->assertEquals("DataObjectTest_SubTeam", DB::query("SELECT ClassName FROM DataObjectTest_Team WHERE \"ID\" = $obj->ID")->value()); } public function testForceInsert() { @@ -519,7 +519,7 @@ class DataObjectTest extends SapphireTest { $obj->SubclassDatabaseField = 'asdfasdf'; $obj->write(false, true); - $this->assertEquals("DataObjectTest_SubTeam", DB::query("SELECT ClassName FROM DataObjectTest_Team WHERE ID = $obj->ID")->value()); + $this->assertEquals("DataObjectTest_SubTeam", DB::query("SELECT ClassName FROM DataObjectTest_Team WHERE \"ID\" = $obj->ID")->value()); /* Check that it actually saves to the database with the correct ID */ $this->assertEquals("1001", DB::query("SELECT ID FROM DataObjectTest_SubTeam WHERE SubclassDatabaseField = 'asdfasdf'")->value()); diff --git a/tests/SiteTreeTest.php b/tests/SiteTreeTest.php index ce9ae4364..1c253778e 100644 --- a/tests/SiteTreeTest.php +++ b/tests/SiteTreeTest.php @@ -114,12 +114,12 @@ class SiteTreeTest extends SapphireTest { $parentID = $this->idFromFixture('Page', 'home'); $page->ParentID = $parentID; $page->write(); - $this->assertEquals($parentID, DB::query("SELECT ParentID FROM SiteTree WHERE ID = $page->ID")->value()); + $this->assertEquals($parentID, DB::query("SELECT ParentID FROM SiteTree WHERE \"ID\" = $page->ID")->value()); /* You should then be able to save a null/0/'' value to the relation */ $page->ParentID = null; $page->write(); - $this->assertEquals(0, DB::query("SELECT ParentID FROM SiteTree WHERE ID = $page->ID")->value()); + $this->assertEquals(0, DB::query("SELECT ParentID FROM SiteTree WHERE \"ID\" = $page->ID")->value()); } }