diff --git a/core/control/Controller.php b/core/control/Controller.php index 40ad78888..96c3ae08b 100644 --- a/core/control/Controller.php +++ b/core/control/Controller.php @@ -83,8 +83,10 @@ class Controller extends RequestHandler { // Directly access the session variable just in case the Group or Member tables don't yet exist if(Session::get('loggedInAs') && Security::database_is_ready()) { $member = Member::currentUser(); - Cookie::set("PastMember", true); - DB::query("UPDATE \"Member\" SET \"LastVisited\" = NOW() WHERE \"ID\" = $member->ID", null); + if($member) { + Cookie::set("PastMember", true); + DB::query("UPDATE \"Member\" SET \"LastVisited\" = NOW() WHERE \"ID\" = $member->ID", null); + } } // This is used to test that subordinate controllers are actually calling parent::init() - a common bug diff --git a/core/model/Database.php b/core/model/Database.php index 220091be2..ae36a2033 100755 --- a/core/model/Database.php +++ b/core/model/Database.php @@ -429,7 +429,7 @@ abstract class Database extends Object { case "insert": if(!isset($writeInfo['fields']['ID']) && isset($writeInfo['id'])) { - $columnList[] = "\"$ID\""; + $columnList[] = "\"ID\""; $valueList[] = (int)$writeInfo['id']; } $columnList = implode(", ", $columnList); diff --git a/core/model/DatabaseAdmin.php b/core/model/DatabaseAdmin.php index 316b2bc3c..3f1e5d4c3 100644 --- a/core/model/DatabaseAdmin.php +++ b/core/model/DatabaseAdmin.php @@ -199,6 +199,7 @@ class DatabaseAdmin extends Controller { /** * Clear all data out of the database + * @todo Move this code into Database class, for DB abstraction */ function clearAllData() { $tables = DB::query("SHOW TABLES")->column(); @@ -244,7 +245,7 @@ class DatabaseAdmin extends Controller { foreach($subclasses as $subclass) { $recordExists[$subclass] = - DB::query("SELECT ID FROM \"$subclass")->keyedColumn(); + DB::query("SELECT \"ID\" FROM \"$subclass\"")->keyedColumn(); } foreach($records as $record) { diff --git a/core/model/GhostPage.php b/core/model/GhostPage.php index 44ae78429..50af7f131 100755 --- a/core/model/GhostPage.php +++ b/core/model/GhostPage.php @@ -124,7 +124,7 @@ class GhostPage_ComponentSet extends ComponentSet { function remove($item) { $id = is_object($item) ? $item->ID : $item; - $ghosts = DataObject::get("GhostPage","ParentID = $id AND LinkedPageID = {$this->ownerObj->ID}"); + $ghosts = DataObject::get("GhostPage","\"ParentID\" = $id AND \"LinkedPageID\" = {$this->ownerObj->ID}"); if($ghosts) { foreach($ghosts as $ghost) { $ghost->delete(); diff --git a/core/model/MySQLDatabase.php b/core/model/MySQLDatabase.php index 4ba31d6e3..889a9d556 100644 --- a/core/model/MySQLDatabase.php +++ b/core/model/MySQLDatabase.php @@ -590,7 +590,6 @@ class MySQLDatabase extends Database { if(isset($limit['start']) && is_numeric($limit['start']) && isset($limit['limit']) && is_numeric($limit['limit'])) { // @todo MySQL specific LIMIT syntax - //$combinedLimit = (int)$limit['start'] . ',' . (int)$limit['limit']; $combinedLimit = "$limit[limit] OFFSET $limit[start]"; } elseif(isset($limit['limit']) && is_numeric($limit['limit'])) { $combinedLimit = (int)$limit['limit']; diff --git a/core/model/SiteTree.php b/core/model/SiteTree.php index da13e75d3..58bb386d2 100644 --- a/core/model/SiteTree.php +++ b/core/model/SiteTree.php @@ -291,9 +291,9 @@ class SiteTree extends DataObject { * @return DataObjectSet Comments on this page. */ public function Comments() { - $spamfilter = isset($_GET['showspam']) ? '' : 'AND IsSpam=0'; - $unmoderatedfilter = Permission::check('ADMIN') ? '' : 'AND NeedsModeration = 0'; - $comments = DataObject::get("PageComment", "ParentID = '" . Convert::raw2sql($this->ID) . "' $spamfilter $unmoderatedfilter", "Created DESC"); + $spamfilter = isset($_GET['showspam']) ? '' : 'AND NOT "IsSpam"'; + $unmoderatedfilter = Permission::check('ADMIN') ? '' : 'AND NOT "NeedsModeration"'; + $comments = DataObject::get("PageComment", "\"ParentID\" = '" . Convert::raw2sql($this->ID) . "' $spamfilter $unmoderatedfilter", "\"Created\" DESC"); return $comments ? $comments : new DataObjectSet(); } @@ -484,7 +484,7 @@ class SiteTree extends DataObject { */ public function getParent() { if ($this->getField("ParentID")) { - return DataObject::get_one("SiteTree", "\"SiteTree\".ID = " . $this->getField("ParentID")); + return DataObject::get_one("SiteTree", "\"SiteTree\".\"ID\" = " . $this->getField("ParentID")); } } @@ -937,8 +937,7 @@ class SiteTree extends DataObject { protected function onBeforeWrite() { if(!$this->Sort && $this->ParentID) { - $this->Sort = DB::query( - "SELECT MAX(Sort) + 1 FROM SiteTree WHERE ParentID = $this->ParentID")->value(); + $this->Sort = DB::query("SELECT MAX(\"Sort\") + 1 FROM \"SiteTree\" WHERE \"ParentID\" = $this->ParentID")->value(); } // Auto-set URLSegment @@ -1378,10 +1377,11 @@ class SiteTree extends DataObject { GoogleSitemap::ping(); // Fix the sort order for this page's siblings - DB::query("UPDATE SiteTree_Live - INNER JOIN SiteTree ON SiteTree_Live.ID = SiteTree.ID - SET SiteTree_Live.Sort = SiteTree.Sort - WHERE SiteTree_Live.ParentID = " . sprintf('%d', $this->ParentID)); + DB::query("UPDATE \"SiteTree_Live\" + SET \"Sort\" = \"SiteTree\".\"Sort\" + FROM \"SiteTree\" + WHERE \"SiteTree_Live\".\"ID\" = \"SiteTree\".\"ID\" + AND \"SiteTree_Live\".\"ParentID\" = " . sprintf('%d', $this->ParentID) ); // Handle activities undertaken by decorators $this->extend('onAfterPublish', $original); @@ -1466,7 +1466,7 @@ class SiteTree extends DataObject { function MultipleParents() { $parents = new GhostPage_ComponentSet($this->Parent); $parents->setOwner($this); - $ghostPages = DataObject::get("GhostPage", "LinkedPageID = '$this->ID'"); + $ghostPages = DataObject::get("GhostPage", "\"LinkedPageID\" = '$this->ID'"); if($ghostPages) { foreach($ghostPages as $ghostPage) { diff --git a/core/model/Translatable.php b/core/model/Translatable.php index 43feb3e73..7099b8d0f 100755 --- a/core/model/Translatable.php +++ b/core/model/Translatable.php @@ -225,7 +225,7 @@ class Translatable extends DataObjectDecorator { $langsAvailable[] = self::default_lang(); $lang = self::choose_site_lang($langsAvailable); if (isset($lang)) { - $transrecord = self::get_one_by_lang($callerClass, $lang, "\"$callerClass\".ID = $record->ID"); + $transrecord = self::get_one_by_lang($callerClass, $lang, "\"$callerClass\".\"ID\" = $record->ID"); if ($transrecord) { self::set_reading_lang($lang); $record = $transrecord; @@ -524,13 +524,13 @@ class Translatable extends DataObjectDecorator { // populate lang field $manipulation["{$table}_lang"]['fields']['Lang'] = "'$lang'" ; // get a valid id, pre-inserting - DB::query("INSERT INTO {$table}_lang SET Created = NOW(), Lang = '$lang'"); + DB::query("INSERT INTO \"{$table}_lang\" (\"Created\", \"Lang\") VALUES (NOW(), '$lang')"); $manipulation["{$table}_lang"]['id'] = $manipulation["{$table}_lang"]['fields']['ID'] = DB::getGeneratedID("{$table}_lang"); $manipulation["{$table}_lang"]['command'] = 'update'; // we don't have to insert anything in $table if we are inserting in $table_lang unset($manipulation[$table]); // now dataobjects may create a record before the real write in the base table, so we have to delete it - 20/08/2007 - if (is_numeric($fakeID)) DB::query("DELETE FROM $table WHERE ID=$fakeID"); + if (is_numeric($fakeID)) DB::query("DELETE FROM \"$table\" WHERE \"ID\"=$fakeID"); } else { if (!isset($manipulation[$table]['fields']['OriginalLangID'])) { @@ -545,7 +545,7 @@ class Translatable extends DataObjectDecorator { } else { $manipulation["{$table}_lang"]['where'] = "(Lang = '$lang') AND (OriginalLangID = $id)"; } - $realID = DB::query("SELECT ID FROM {$table}_lang WHERE (OriginalLangID = $id) AND (Lang = '$lang') LIMIT 1")->value(); + $realID = DB::query("SELECT \"ID\" FROM \"{$table}_lang\" WHERE (\"OriginalLangID\" = $id) AND (\"Lang\" = '$lang') LIMIT 1")->value(); $manipulation["{$table}_lang"]['id'] = $realID; $manipulation["{$table}_lang"]['RecordID'] = $manipulation["{$table}_lang"]['fields']['OriginalLangID']; // we could be updating non-translatable fields at the same time, so these will remain diff --git a/core/model/Versioned.php b/core/model/Versioned.php index 7321047ae..a95d4ff7a 100755 --- a/core/model/Versioned.php +++ b/core/model/Versioned.php @@ -99,19 +99,20 @@ class Versioned extends DataObjectDecorator { * This is used by the versioning system to return database content on that date. * @param string $baseTable The base table. * @param string $date The date. + * @todo Ensure that this is DB abstracted */ protected function requireArchiveTempTable($baseTable, $date) { if(!isset(self::$createdArchiveTempTable[$baseTable])) { self::$createdArchiveTempTable[$baseTable] = true; - DB::query("CREATE TEMPORARY TABLE _Archive$baseTable ( - RecordID INT NOT NULL PRIMARY KEY, - Version INT NOT NULL + DB::query("CREATE TEMPORARY TABLE \"_Archive$baseTable\" ( + \"RecordID\" INT NOT NULL PRIMARY KEY, + \"Version\" INT NOT NULL )"); - DB::query("INSERT INTO _Archive$baseTable - SELECT RecordID, max(Version) FROM {$baseTable}_versions - WHERE LastEdited <= '$date' - GROUP BY RecordID"); + DB::query("INSERT INTO \"_Archive$baseTable\" + SELECT \"RecordID\", max(\"Version\") FROM \"{$baseTable}_versions\" + WHERE \"LastEdited\" <= '$date' + GROUP BY \"RecordID\""); } } /** @@ -398,7 +399,7 @@ class Versioned extends DataObjectDecorator { if(!$createNewVersion) $from->migrateVersion($from->Version); // Mark this version as having been published at some stage - DB::query("UPDATE \"{$extTable}_versions\" SET WasPublished = 1, PublisherID = $publisherID WHERE RecordID = $from->ID AND Version = $from->Version"); + DB::query("UPDATE \"{$extTable}_versions\" SET \"WasPublished\" = '1', \"PublisherID\" = $publisherID WHERE \"RecordID\" = $from->ID AND \"Version\" = $from->Version"); $oldStage = Versioned::$reading_stage; Versioned::$reading_stage = $toStage; diff --git a/dev/Debug.php b/dev/Debug.php index a4be32329..33f14cfb5 100644 --- a/dev/Debug.php +++ b/dev/Debug.php @@ -583,16 +583,16 @@ class Debug { $memberID = $_SESSION['loggedInAs']; - $groups = DB::query("SELECT GroupID from Group_Members WHERE MemberID=" . $memberID); + $groups = DB::query("SELECT \"GroupID\" from \"Group_Members\" WHERE \"MemberID\" = " . $memberID); $groupCSV = implode($groups->column(), ','); $permission = DB::query(" - SELECT ID - FROM Permission + SELECT \"ID\" + FROM \"Permission\" WHERE ( - Code = 'ADMIN' - AND Type = " . Permission::GRANT_PERMISSION . " - AND GroupID IN ($groupCSV) + \"Code\" = 'ADMIN' + AND \"Type\" = " . Permission::GRANT_PERMISSION . " + AND \"GroupID\" IN ($groupCSV) ) ")->value(); diff --git a/dev/SapphireTest.php b/dev/SapphireTest.php index f4bb5638b..dc63cc0a7 100644 --- a/dev/SapphireTest.php +++ b/dev/SapphireTest.php @@ -200,6 +200,9 @@ class SapphireTest extends PHPUnit_Framework_TestCase { return $dbConn && (substr($dbConn->currentDatabase(),0,5) == 'tmpdb'); } + /** + * @todo Make this db agnostic + */ static function kill_temp_db() { // Delete our temporary database if(self::using_temp_db()) { @@ -212,6 +215,9 @@ class SapphireTest extends PHPUnit_Framework_TestCase { } } + /** + * @todo Make this db agnostic + */ static function create_temp_db() { // Create a temporary database $dbConn = DB::getConn(); diff --git a/email/Email.php b/email/Email.php index 3cb046908..8033f8eff 100755 --- a/email/Email.php +++ b/email/Email.php @@ -514,7 +514,7 @@ class Email_BounceHandler extends Controller { $SQL_email = Convert::raw2sql($email); $SQL_bounceTime = Convert::raw2sql("$date $time"); - $duplicateBounce = DataObject::get_one("Email_BounceRecord", "BounceEmail = '$SQL_email' AND (BounceTime+INTERVAL 1 MINUTE) > '$SQL_bounceTime'"); + $duplicateBounce = DataObject::get_one("Email_BounceRecord", "\"BounceEmail\" = '$SQL_email' AND (\"BounceTime\"+INTERVAL 1 MINUTE) > '$SQL_bounceTime'"); if(!$duplicateBounce) { $record = new Email_BounceRecord(); @@ -536,7 +536,7 @@ class Email_BounceHandler extends Controller { $SQL_memberID = Convert::raw2sql($member->ID); $SQL_newsletterID = Convert::raw2sql($newsletter_id_date_parts[0]); // Log the bounce - $oldNewsletterSentRecipient = DataObject::get_one("Newsletter_SentRecipient", "MemberID = '$SQL_memberID' AND ParentID = '$SQL_newsletterID' AND Email = '$SQL_email'"); + $oldNewsletterSentRecipient = DataObject::get_one("Newsletter_SentRecipient", "\"MemberID\" = '$SQL_memberID' AND \"ParentID\" = '$SQL_newsletterID' AND \"Email\" = '$SQL_email'"); // Update the Newsletter_SentRecipient record if it exists if($oldNewsletterSentRecipient) { $oldNewsletterSentRecipient->Result = 'Bounced'; diff --git a/filesystem/File.php b/filesystem/File.php index f2dfeb8f2..5c7bcb9e5 100755 --- a/filesystem/File.php +++ b/filesystem/File.php @@ -150,7 +150,7 @@ class File extends DataObject { foreach($parts as $part) { if($part == "assets" && !$parentID) continue; - $item = DataObject::get_one("File", "Name = '$part' AND ParentID = $parentID"); + $item = DataObject::get_one("File", "\"Name\" = '$part' AND \"ParentID\" = $parentID"); if(!$item) break; $parentID = $item->ID; } @@ -221,7 +221,7 @@ class File extends DataObject { * Delete the database record (recursively for folders) without touching the filesystem */ public function deleteDatabaseOnly() { - if(is_numeric($this->ID)) DB::query("DELETE FROM File WHERE \"ID\" = $this->ID"); + if(is_numeric($this->ID)) DB::query("DELETE FROM \"File\" WHERE \"ID\" = $this->ID"); } /** @@ -287,7 +287,7 @@ class File extends DataObject { $ext = ""; } $suffix = 1; - while(DataObject::get_one("File", "Name = '" . addslashes($name) . "' AND ParentID = " . (int)$this->ParentID)) { + while(DataObject::get_one("File", "\"Name\" = '" . addslashes($name) . "' AND \"ParentID\" = " . (int)$this->ParentID)) { $suffix++; $name = "$base-$suffix$ext"; } @@ -418,7 +418,7 @@ class File extends DataObject { function getRelativePath() { if($this->ParentID) { - $p = DataObject::get_one('Folder', "ID={$this->ParentID}"); + $p = DataObject::get_one('Folder', "\"ID\"={$this->ParentID}"); if($p->ID) return $p->getRelativePath() . $this->getField("Name"); else return ASSETS_DIR . "/" . $this->getField("Name"); @@ -560,13 +560,15 @@ class File extends DataObject { // In short, we select everything except File.Content $dataobject_select = array(); foreach($query->select as $item) { + /* if($item == "\"File\".*") { $fileColumns = DB::query("SHOW FIELDS IN \"File\"")->column(); $columnsToAdd = array_diff($fileColumns, $excludeDbColumns); foreach($columnsToAdd as $otherItem) $dataobject_select[] = '"File".' . $otherItem; } else { + */ $dataobject_select[] = $item; - } + //} } $query->select = $dataobject_select; diff --git a/filesystem/Filesystem.php b/filesystem/Filesystem.php index 83ea96d4e..786ac1015 100755 --- a/filesystem/Filesystem.php +++ b/filesystem/Filesystem.php @@ -107,7 +107,9 @@ class Filesystem extends Object { singleton('Folder')->syncChildren(); $finished = false; while(!$finished) { - $orphans = DB::query("SELECT C.ID FROM File AS C LEFT JOIN File AS P ON C.ParentID = P.ID WHERE P.ID IS NULL AND C.ParentID > 0"); + $orphans = DB::query("SELECT \"C\".\"ID\" FROM \"File\" AS \"C\" + LEFT JOIN \"File\" AS \"P\" ON \"C\".\"ParentID\" = \"P\".\"ID\" + WHERE \"P\".\"ID\" IS NULL AND \"C\".\"ParentID\" > 0"); $finished = true; if($orphans) foreach($orphans as $orphan) { $finished = false; diff --git a/filesystem/Folder.php b/filesystem/Folder.php index 6c7f4030f..80b801322 100755 --- a/filesystem/Folder.php +++ b/filesystem/Folder.php @@ -20,7 +20,7 @@ class Folder extends File { $parentID = 0; foreach($parts as $part) { - $item = DataObject::get_one("Folder", "Name = '$part' AND ParentID = $parentID"); + $item = DataObject::get_one("Folder", "\"Name\" = '$part' AND \"ParentID\" = $parentID"); if(!$item) { $item = new Folder(); $item->ParentID = $parentID; @@ -43,15 +43,15 @@ class Folder extends File { $deleted = 0; // First, merge any children that are duplicates - $duplicateChildrenNames = DB::query("SELECT Name FROM \"File\" WHERE ParentID = $parentID GROUP BY Name HAVING count(*) > 1")->column(); + $duplicateChildrenNames = DB::query("SELECT \"Name\" FROM \"File\" WHERE \"ParentID\" = $parentID GROUP BY \"Name\" HAVING count(*) > 1")->column(); if($duplicateChildrenNames) foreach($duplicateChildrenNames as $childName) { $childName = addslashes($childName); // Note, we do this in the database rather than object-model; otherwise we get all sorts of problems about deleting files - $children = DB::query("SELECT ID FROM \"File\" WHERE Name = '$childName' AND ParentID = $parentID")->column(); + $children = DB::query("SELECT \"ID\" FROM \"File\" WHERE \"Name\" = '$childName' AND \"ParentID\" = $parentID")->column(); if($children) { $keptChild = array_shift($children); foreach($children as $removedChild) { - DB::query("UPDATE \"File\" SET ParentID = $keptChild WHERE ParentID = $removedChild"); + DB::query("UPDATE \"File\" SET \"ParentID\" = $keptChild WHERE \"ParentID\" = $removedChild"); DB::query("DELETE FROM \"File\" WHERE \"ID\" = $removedChild"); } } else { @@ -62,7 +62,7 @@ class Folder extends File { // Get index of database content // We don't use DataObject so that things like subsites doesn't muck with this. - $dbChildren = DB::query("SELECT * FROM File WHERE ParentID = $parentID"); + $dbChildren = DB::query("SELECT * FROM \"File\" WHERE \"ParentID\" = $parentID"); $hasDbChild = array(); if($dbChildren) { foreach($dbChildren as $dbChild) { @@ -154,10 +154,9 @@ class Folder extends File { $name = addslashes($name); - DB::query("INSERT INTO \"File\" SET - ClassName = '$className', ParentID = $this->ID, OwnerID = $ownerID, - Name = '$name', Filename = '$filename', Created = NOW(), LastEdited = NOW(), - Title = '$name'"); + DB::query("INSERT INTO \"File\" + (\"ClassName\", \"ParentID\", \"OwnerID\", \"Name\", \"Filename\", \"Created\", \"LastEdited\", \"Title\") + VALUES ('$className', $this->ID, $ownerID, '$name', '$filename', NOW(), NOW(), '$name')"); return DB::getGeneratedID("File"); } @@ -253,7 +252,7 @@ class Folder extends File { if($a == "DataObject") $baseClass = -1; } - $g = DataObject::get($baseClass, "ParentID = " . $this->ID); + $g = DataObject::get($baseClass, "\"ParentID\" = " . $this->ID); return $g; } @@ -402,7 +401,7 @@ class Folder extends File { * @returns String where clause which will work as filter. */ protected function getUsedFilesList() { - $result = DB::query("SELECT DISTINCT FileID FROM SiteTree_ImageTracking"); + $result = DB::query("SELECT DISTINCT \"FileID\" FROM \"SiteTree_ImageTracking\""); $usedFiles = array(); $where = ""; if($result->numRecords() > 0) { @@ -431,9 +430,9 @@ class Folder extends File { foreach($usedFiles as $file) { $where .= $file->ID . ','; } - if($where == "") return "(ClassName = 'File' OR ClassName = 'Image')"; + if($where == "") return "(\"ClassName\" = 'File' OR \"ClassName\" = 'Image')"; $where = substr($where,0,strlen($where)-1); - $where = "\"File\".ID NOT IN (" . $where . ") AND (ClassName = 'File' OR ClassName = 'Image')"; + $where = "\"File\".\"ID\" NOT IN (" . $where . ") AND (\"ClassName\" = 'File' OR \"ClassName\" = 'Image')"; return $where; } diff --git a/forms/HtmlEditorField.php b/forms/HtmlEditorField.php index 660f1e894..a0754fe85 100755 --- a/forms/HtmlEditorField.php +++ b/forms/HtmlEditorField.php @@ -58,7 +58,7 @@ class HtmlEditorField extends TextareaField { } else if($link[0] == '/') { $broken = true; } else if(ereg('^assets/',$link)) { - if(!DataObject::get_one("File", "Filename = '$link'", false)) { + if(!DataObject::get_one("File", "\"Filename\" = '$link'", false)) { $broken = true; } } @@ -132,7 +132,7 @@ class HtmlEditorField extends TextareaField { } else if($link{0} == '/') { $record->HasBrokenLink = 1; - } else if($candidateFile = DataObject::get_one("File", "Filename = '" . Convert::raw2sql(urldecode($link)) . "'", false)) { + } else if($candidateFile = DataObject::get_one("File", "\"Filename\" = '" . Convert::raw2sql(urldecode($link)) . "'", false)) { $linkedFiles[] = $candidateFile->ID; // $candidateFile->destroy(); } @@ -145,7 +145,7 @@ class HtmlEditorField extends TextareaField { $image = Director::makeRelative($image); if(substr($image,0,7) == 'assets/') { - $candidateImage = DataObject::get_one("File", "Filename = '$image'"); + $candidateImage = DataObject::get_one("File", "\"Filename\" = '$image'"); if($candidateImage) $linkedFiles[] = $candidateImage->ID; else $record->HasBrokenFile = 1; } diff --git a/forms/ScaffoldingComplexTableField.php b/forms/ScaffoldingComplexTableField.php index 9497feb22..3577768cb 100644 --- a/forms/ScaffoldingComplexTableField.php +++ b/forms/ScaffoldingComplexTableField.php @@ -126,7 +126,7 @@ class ScaffoldingComplexTableField_Popup extends Form { $type = $request->getVar('type'); $value = $request->getVar('value'); if ($type && $value) { - $record = DataObject::get_one($this->dataObject->class, "$type = '$value'"); + $record = DataObject::get_one($this->dataObject->class, "\"$type\" = '$value'"); header("Content-Type: text/plain"); echo json_encode(array("record"=>$record->toMap())); } diff --git a/forms/TableListField.php b/forms/TableListField.php index 31015c59c..a079ea2ba 100755 --- a/forms/TableListField.php +++ b/forms/TableListField.php @@ -442,8 +442,8 @@ JS if($this->customQuery) { $query = clone $this->customQuery; $baseClass = ClassInfo::baseDataClass($this->sourceClass); - $query->select[] = "{$baseClass}.ID AS ID"; - $query->select[] = "{$baseClass}.ClassName AS ClassName"; + $query->select[] = "{$baseClass}.ID AS \"ID\""; + $query->select[] = "{$baseClass}.ClassName AS \"ClassName\""; $query->select[] = "{$baseClass}.ClassName AS \"RecordClassName\""; } else { $query = singleton($this->sourceClass)->extendedSQL($this->sourceFilter(), $this->sourceSort, null, $this->sourceJoin); @@ -830,7 +830,7 @@ JS } else { $countQuery->select = array(); $countQuery->groupby = array(); - $countQuery->select[] = "COUNT(DISTINCT {$baseClass}.ID) AS TotalCount"; + $countQuery->select[] = "COUNT(DISTINCT \"{$baseClass}\".\"ID\") AS \"TotalCount\""; $records = $countQuery->execute(); $record = $records->nextRecord(); $this->totalCount = $record['TotalCount']; diff --git a/forms/TreeDropdownField.php b/forms/TreeDropdownField.php index ff78b27fe..4d09c63b8 100755 --- a/forms/TreeDropdownField.php +++ b/forms/TreeDropdownField.php @@ -84,7 +84,7 @@ HTML; */ public function getsubtree() { if($this->keyField == "ID") $obj = DataObject::get_by_id($this->sourceObject, $_REQUEST['SubtreeRootID']); - else $obj = DataObject::get_one($this->sourceObject, "$this->keyField = '$_REQUEST[SubtreeRootID]'"); + else $obj = DataObject::get_one($this->sourceObject, "\"$this->keyField\" = '$_REQUEST[SubtreeRootID]'"); if(!$obj) user_error("Can't find database record $this->sourceObject with $this->keyField = $_REQUEST[SubtreeRootID]", E_USER_ERROR); if($this->filterFunc) $obj->setMarkingFilterFunction($this->filterFunc); @@ -103,7 +103,7 @@ HTML; if($this->keyField == 'ID') { return DataObject::get_by_id($this->sourceObject, $key); } else { - return DataObject::get_one($this->sourceObject, "$this->keyField = '$key'"); + return DataObject::get_one($this->sourceObject, "\"$this->keyField\" = '$key'"); } } diff --git a/search/SearchForm.php b/search/SearchForm.php index 5750909e1..abfe0dad1 100755 --- a/search/SearchForm.php +++ b/search/SearchForm.php @@ -176,14 +176,18 @@ class SearchForm extends Form { $baseClass = reset($queryContent->from); // There's no need to do all that joining $queryContent->from = array(str_replace(array('`','"'),'',$baseClass) => $baseClass); - $queryContent->select = array("ClassName","$baseClass.ID","ParentID","Title","URLSegment","Content","LastEdited","Created","_utf8'' AS Filename", "_utf8'' AS Name", "$relevanceContent AS Relevance", "CanViewType"); + $queryContent->select = array("\"ClassName\"","\"$baseClass\".\"ID\"","\"ParentID\"","\"Title\"", + "\"URLSegment\"","\"Content\"","\"LastEdited\"","\"Created\"","_utf8'' AS \"Filename\"", + "_utf8'' AS \"Name\"", "$relevanceContent AS \"Relevance\"", "\"CanViewType\""); $queryContent->orderby = null; $queryFiles = singleton('File')->extendedSQL($notMatch . $matchFile . $fileFilter, ""); $baseClass = reset($queryFiles->from); // There's no need to do all that joining $queryFiles->from = array(str_replace(array('`','"'),'',$baseClass) => $baseClass); - $queryFiles->select = array("ClassName","$baseClass.ID","_utf8'' AS ParentID","Title","_utf8'' AS URLSegment","Content","LastEdited","Created","Filename","Name","$relevanceFile AS Relevance","NULL AS CanViewType"); + $queryFiles->select = array("\"ClassName\"","\"$baseClass\".\"ID\"","_utf8'' AS \"ParentID\"","\"Title\"", + "_utf8'' AS \"URLSegment\"","\"Content\"","\"LastEdited\"","\"Created\"","\"Filename\"","\"Name\"", + "$relevanceFile AS \"Relevance\"","NULL AS \"CanViewType\""); $queryFiles->orderby = null; $fullQuery = $queryContent->sql() . " UNION " . $queryFiles->sql() . " ORDER BY $sortBy LIMIT $limit"; diff --git a/security/Group.php b/security/Group.php index 75de2097c..8b948943b 100644 --- a/security/Group.php +++ b/security/Group.php @@ -133,7 +133,7 @@ class Group extends DataObject { * @param string $groupcode */ static function addToGroupByName($member, $groupcode) { - $group = DataObject::get_one('Group', "Code = '" . Convert::raw2sql($groupcode). "'"); + $group = DataObject::get_one('Group', "\"Code\" = '" . Convert::raw2sql($groupcode). "'"); if($group) { $member->Groups()->add($group); $member->write(); @@ -158,9 +158,9 @@ class Group extends DataObject { if( is_numeric( $limit ) ) { if( is_numeric( $offset ) ) - $limit = "$offset, $limit"; + $limit = "$limit OFFSET $offset"; else - $limit = "0, $limit"; + $limit = "$limit OFFSET 0"; } else { $limit = ""; } @@ -248,7 +248,7 @@ class Group extends DataObject { * Override this so groups are ordered in the CMS */ public function stageChildren() { - return DataObject::get('Group', "\"Group\".\"ParentID\" = " . (int)$this->ID . " AND \"Group\".ID != " . (int)$this->ID, "Sort"); + return DataObject::get('Group', "\"Group\".\"ParentID\" = " . (int)$this->ID . " AND \"Group\".\"ID\" != " . (int)$this->ID, '"Sort"'); } public function TreeTitle() { diff --git a/security/Member.php b/security/Member.php index f82a71077..0b55eb7a9 100644 --- a/security/Member.php +++ b/security/Member.php @@ -216,7 +216,7 @@ class Member extends DataObject { list($uid, $token) = explode(':', Cookie::get('alc_enc'), 2); $SQL_uid = Convert::raw2sql($uid); - $member = DataObject::get_one("Member", "Member.ID = '$SQL_uid'"); + $member = DataObject::get_one("Member", "\"Member\".\"ID\" = '$SQL_uid'"); if($member && $member->RememberLoginToken != $token) { $member = null; @@ -462,7 +462,7 @@ class Member extends DataObject { if($existingRecord) { $newID = $existingRecord->ID; if($this->ID) { - DB::query("UPDATE Group_Members SET MemberID = $newID WHERE MemberID = $this->ID"); + DB::query("UPDATE \"Group_Members\" SET \"MemberID\" = $newID WHERE \"MemberID\" = $this->ID"); } $this->ID = $newID; // Merge existing data into the local record @@ -547,7 +547,7 @@ class Member extends DataObject { $groupCheckObj = DataObject::get_by_id('Group', $group); } elseif(is_string($group)) { $SQL_group = Convert::raw2sql($group); - $groupCheckObj = DataObject::get_one('Group', "Code = '{$SQL_group}'"); + $groupCheckObj = DataObject::get_one('Group', "\"Code\" = '{$SQL_group}'"); } elseif($group instanceof Group) { $groupCheckObj = $group; } else { @@ -749,7 +749,7 @@ class Member extends DataObject { $SQL_perms = "'" . implode("', '", Convert::raw2sql($perms)) . "'"; $groups = DataObject::get('Group', "", "", - "INNER JOIN \"Permission\" ON \"Permission\".GroupID = \"Group\".ID AND \"Permission\".Code IN ($SQL_perms)"); + "INNER JOIN \"Permission\" ON \"Permission\".\"GroupID\" = \"Group\".\"ID\" AND \"Permission\".\"Code\" IN ($SQL_perms)"); } $groupIDList = array(); @@ -1104,7 +1104,7 @@ class Member_GroupSet extends ComponentSet { */ function getGroupsFromIDs($ids){ if($ids && count($ids) > 1) { - return DataObject::get("Group", "ID IN (" . implode(",", $ids) . ")"); + return DataObject::get("Group", "\"ID\" IN (" . implode(",", $ids) . ")"); } else { return DataObject::get_by_id("Group", $ids[0]); } @@ -1149,7 +1149,7 @@ class Member_GroupSet extends ComponentSet { */ protected function codenamesToGroups($codenames) { $list = "'" . implode("', '", $codenames) . "'"; - $output = DataObject::get("Group", "Code IN ($list)"); + $output = DataObject::get("Group", "\"Code\" IN ($list)"); // Some are missing - throw warnings if(!$output || ($output->Count() != sizeof($list))) { @@ -1358,7 +1358,7 @@ class Member_Validator extends RequiredFields { $valid = parent::php($data); $member = DataObject::get_one('Member', - "Email = '". Convert::raw2sql($data['Email']) ."'"); + "\"Email\" = '". Convert::raw2sql($data['Email']) ."'"); // if we are in a complex table field popup, use ctf[childID], else use // ID diff --git a/security/MemberAuthenticator.php b/security/MemberAuthenticator.php index 554482ab1..a2d710ec9 100644 --- a/security/MemberAuthenticator.php +++ b/security/MemberAuthenticator.php @@ -50,7 +50,7 @@ class MemberAuthenticator extends Authenticator { $member->extend('authenticated'); } else { // failed login - we're trying to see if a user exists with this email (disregarding wrong passwords) - $existingMember = DataObject::get_one("Member", "Email = '$SQL_user'"); + $existingMember = DataObject::get_one("Member", "\"Email\" = '$SQL_user'"); if($existingMember) { $attempt->MemberID = $existingMember->ID; diff --git a/security/MemberLoginForm.php b/security/MemberLoginForm.php index 71bdd4c8e..e5d08f013 100644 --- a/security/MemberLoginForm.php +++ b/security/MemberLoginForm.php @@ -193,7 +193,7 @@ class MemberLoginForm extends LoginForm { function forgotPassword($data) { $SQL_data = Convert::raw2sql($data); $SQL_email = $SQL_data['Email']; - $member = DataObject::get_one('Member', "Email = '{$SQL_email}'"); + $member = DataObject::get_one('Member', "\"Email\" = '{$SQL_email}'"); if($member) { $member->generateAutologinHash(); diff --git a/security/PasswordValidator.php b/security/PasswordValidator.php index 6f804f75d..9c1e51652 100644 --- a/security/PasswordValidator.php +++ b/security/PasswordValidator.php @@ -73,7 +73,7 @@ class PasswordValidator extends Object { } if($this->historicalPasswordCount) { - $previousPasswords = DataObject::get("MemberPassword", "MemberID = $member->ID", "Created DESC, ID Desc", "", $this->historicalPasswordCount); + $previousPasswords = DataObject::get("MemberPassword", "\"MemberID\" = $member->ID", "\"Created\" DESC, \"ID\" Desc", "", $this->historicalPasswordCount); if($previousPasswords) foreach($previousPasswords as $previousPasswords) { if($previousPasswords->checkPassword($password)) { $valid->error("You've already used that password in the past, please choose a new password", "PREVIOUS_PASSWORD"); diff --git a/security/Permission.php b/security/Permission.php index d6e93c810..97cb3bd5d 100755 --- a/security/Permission.php +++ b/security/Permission.php @@ -356,8 +356,8 @@ class Permission extends DataObject { $SQL_codeList = (is_array($code)) ? implode("','", Convert::raw2sql($code)) : Convert::raw2sql($code); - $SQL_filter = "Permission.Code IN ('" . $SQL_codeList . "') " . - "AND Permission.Type = " . self::GRANT_PERMISSION; + $SQL_filter = "\"Permission\".\"Code\" IN ('" . $SQL_codeList . "') " . + "AND \"Permission\".\"Type\" = " . self::GRANT_PERMISSION; $toplevelGroups = DataObject::get( 'Group', @@ -380,7 +380,7 @@ class Permission extends DataObject { $members = DataObject::get( Object::getCustomClass('Member'), - $_filter = "\"Group\".ID IN (" . implode(",",$groupIDs) . ")", + $_filter = "\"Group\".\"ID\" IN (" . implode(",",$groupIDs) . ")", $_sort = "", $_join = "LEFT JOIN \"Group_Members\" ON \"Member\".\"ID\" = \"Group_Members\".\"MemberID\" " . "LEFT JOIN \"Group\" ON \"Group_Members\".\"GroupID\" = \"Group\".\"ID\" " @@ -401,9 +401,9 @@ class Permission extends DataObject { return DataObject::get( 'Group', - "Permission.Code IN ('$SQL_codes')", + "\"Permission\".\"Code\" IN ('$SQL_codes')", "", - "LEFT JOIN Permission ON Group.ID = Permission.GroupID" + "LEFT JOIN \"Permission\" ON \"Group\".\"ID\" = \"Permission\".\"GroupID\"" ); } @@ -441,7 +441,7 @@ class Permission extends DataObject { } } - $otherPerms = DB::query("SELECT DISTINCT Code From Permission") + $otherPerms = DB::query("SELECT DISTINCT \"Code\" From \"Permission\"") ->column(); if($otherPerms) foreach($otherPerms as $otherPerm) { if(!array_key_exists($otherPerm, $allCodes)) diff --git a/security/Security.php b/security/Security.php index 073836fff..260b87e99 100644 --- a/security/Security.php +++ b/security/Security.php @@ -564,7 +564,7 @@ class Security extends Controller { && !empty(self::$default_username) && !empty(self::$default_password)) { $member = self::findAnAdministrator(); } else { - $member = DataObject::get_one("Member", "Email = '$SQL_email' AND Password IS NOT NULL"); + $member = DataObject::get_one("Member", "\"Email\" = '$SQL_email' AND \"Password\" IS NOT NULL"); if($member && ($member->checkPassword($RAW_password) == false)) { $member = null; } @@ -896,7 +896,7 @@ class Security extends Controller { // Are there members with a clear text password? $members = DataObject::get("Member", - "PasswordEncryption = 'none' AND Password IS NOT NULL"); + "\"PasswordEncryption\" = 'none' AND \"Password\" IS NOT NULL"); if(!$members) { print '