mirror of
https://github.com/silverstripe/silverstripe-subsites
synced 2024-10-22 09:05:55 +00:00
BUGFIX: queries changed to use $q as a placeholder for backticks or doublequotes
This commit is contained in:
parent
a3beb2cf05
commit
beffd4e526
@ -41,18 +41,18 @@ class FileSubsites extends DataObjectDecorator {
|
||||
*/
|
||||
function augmentSQL(SQLQuery &$query) {
|
||||
// If you're querying by ID, ignore the sub-site - this is a bit ugly...
|
||||
if(strpos($query->where[0], ".\"ID\" = ") === false && strpos($query->where[0], ".\"ID\" = ") === false) {
|
||||
if(defined('DB::USE_ANSI_SQL'))
|
||||
$q="\"";
|
||||
else $q='`';
|
||||
|
||||
if(strpos($query->where[0], ".{$q}ID{$q} = ") === false && strpos($query->where[0], ".{$q}ID{$q} = ") === false) {
|
||||
|
||||
if($context = DataObject::context_obj()) $subsiteID = (int) $context->SubsiteID;
|
||||
else $subsiteID = (int) Subsite::currentSubsiteID();
|
||||
|
||||
// The foreach is an ugly way of getting the first key :-)
|
||||
foreach($query->from as $tableName => $info) {
|
||||
$where = "`$tableName`.SubsiteID IN (0, $subsiteID)";
|
||||
if(defined('DB::USE_ANSI_SQL')) {
|
||||
$where = "\"$tableName\".\"SubsiteID\" IN (0, $subsiteID)";
|
||||
}
|
||||
|
||||
$where = "{$q}$tableName{$q}.{$q}SubsiteID{$q} IN (0, $subsiteID)";
|
||||
$query->where[] = $where;
|
||||
break;
|
||||
}
|
||||
|
@ -69,19 +69,19 @@ class GroupSubsites extends DataObjectDecorator {
|
||||
function augmentSQL(SQLQuery &$query) {
|
||||
if(Subsite::$disable_subsite_filter) return;
|
||||
|
||||
if(defined('DB::USE_ANSI_SQL'))
|
||||
$q="\"";
|
||||
else $q='`';
|
||||
|
||||
// If you're querying by ID, ignore the sub-site - this is a bit ugly...
|
||||
if(!$query->where || (strpos($query->where[0], ".\"ID\" = ") === false && strpos($query->where[0], ".\"ID\" = ") === false && strpos($query->where[0], ".\"ID\" = ") === false)) {
|
||||
if(!$query->where || (strpos($query->where[0], ".{$q}ID{$q} = ") === false && strpos($query->where[0], ".{$q}ID{$q} = ") === false && strpos($query->where[0], ".{$q}ID{$q} = ") === false)) {
|
||||
|
||||
if($context = DataObject::context_obj()) $subsiteID = (int) $context->SubsiteID;
|
||||
else $subsiteID = (int) Subsite::currentSubsiteID();
|
||||
|
||||
// The foreach is an ugly way of getting the first key :-)
|
||||
foreach($query->from as $tableName => $info) {
|
||||
$where = "`$tableName`.SubsiteID IN (0, $subsiteID)";
|
||||
if(defined('DB::USE_ANSI_SQL')) {
|
||||
$where = "\"$tableName\".\"SubsiteID\" IN (0, $subsiteID)";
|
||||
}
|
||||
|
||||
$where = "{$q}$tableName{$q}.{$q}SubsiteID{$q} IN (0, $subsiteID)";
|
||||
$query->where[] = $where;
|
||||
break;
|
||||
}
|
||||
|
@ -54,8 +54,12 @@ class SiteTreeSubsites extends DataObjectDecorator {
|
||||
function augmentSQL(SQLQuery &$query) {
|
||||
if(Subsite::$disable_subsite_filter) return;
|
||||
|
||||
if(defined('DB::USE_ANSI_SQL'))
|
||||
$q="\"";
|
||||
else $q='`';
|
||||
|
||||
// If you're querying by ID, ignore the sub-site - this is a bit ugly...
|
||||
if(!$query->where || (strpos($query->where[0], ".\"ID\" = ") === false && strpos($query->where[0], ".\"ID\" = ") === false && strpos($query->where[0], ".\"ID\" = ") === false && strpos($query->where[0], "\"ID\" = ") !== 0)) {
|
||||
if(!$query->where || (strpos($query->where[0], ".{$q}ID{$q} = ") === false && strpos($query->where[0], ".{$q}ID{$q} = ") === false && strpos($query->where[0], ".{$q}ID{$q} = ") === false && strpos($query->where[0], "{$q}ID{$q} = ") !== 0)) {
|
||||
|
||||
$context = DataObject::context_obj();
|
||||
if($context && is_numeric($context->SubsiteID)) $subsiteID = (int) $context->SubsiteID;
|
||||
@ -63,10 +67,7 @@ class SiteTreeSubsites extends DataObjectDecorator {
|
||||
|
||||
// The foreach is an ugly way of getting the first key :-)
|
||||
foreach($query->from as $tableName => $info) {
|
||||
$where = "`$tableName`.SubsiteID IN ($subsiteID)";
|
||||
if(defined('DB::USE_ANSI_SQL')) {
|
||||
$where = "\"$tableName\".\"SubsiteID\" IN ($subsiteID)";
|
||||
}
|
||||
$where = "{$q}$tableName{$q}.{$q}SubsiteID{$q} IN ($subsiteID)";
|
||||
|
||||
// The tableName should be SiteTree or SiteTree_Live...
|
||||
if(strpos($tableName,'SiteTree') === false) break;
|
||||
|
@ -340,25 +340,19 @@ JS;
|
||||
|
||||
$SQL_permissionCodes = join("','", $SQL_permissionCodes);
|
||||
|
||||
if(defined('DB::USE_ANSI_SQL')) {
|
||||
return DataObject::get(
|
||||
'Member',
|
||||
"\"Group\".\"SubsiteID\" = $this->ID AND \"Permission\".\"Code\" IN ('$SQL_permissionCodes')",
|
||||
'',
|
||||
"LEFT JOIN \"Group_Members\" ON \"Member\".\"ID\" = \"Group_Members\".\"MemberID\"
|
||||
LEFT JOIN \"Group\" ON \"Group\".\"ID\" = \"Group_Members\".\"GroupID\"
|
||||
LEFT JOIN \"Permission\" ON \"Permission\".\"GroupID\" = \"Group\".\"ID\""
|
||||
);
|
||||
}
|
||||
if(defined('DB::USE_ANSI_SQL'))
|
||||
$q="\"";
|
||||
else $q='`';
|
||||
|
||||
return DataObject::get(
|
||||
'Member',
|
||||
"\"Group\".\"SubsiteID\" = $this->ID AND \"Permission\".\"Code\" IN ('$SQL_permissionCodes')",
|
||||
"{$q}Group{$q}.{$q}SubsiteID{$q} = $this->ID AND {$q}Permission{$q}.{$q}Code{$q} IN ('$SQL_permissionCodes')",
|
||||
'',
|
||||
"LEFT JOIN \"Group_Members\" ON \"Member\".\"ID\" = \"Group_Members\".\"MemberID\"
|
||||
LEFT JOIN \"Group\" ON \"Group\".\"ID\" = \"Group_Members\".\"GroupID\"
|
||||
LEFT JOIN \"Permission\" ON \"Permission\".\"GroupID\" = \"Group\".\"ID\""
|
||||
"LEFT JOIN {$q}Group_Members{$q} ON {$q}Member{$q}.{$q}ID{$q} = {$q}Group_Members{$q}.{$q}MemberID{$q}
|
||||
LEFT JOIN {$q}Group{$q} ON {$q}Group{$q}.{$q}ID{$q} = {$q}Group_Members{$q}.{$q}GroupID{$q}
|
||||
LEFT JOIN {$q}Permission{$q} ON {$q}Permission{$q}.{$q}GroupID{$q} = {$q}Group{$q}.{$q}ID{$q}"
|
||||
);
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
@ -374,23 +368,18 @@ JS;
|
||||
return DataObject::get('Subsite');
|
||||
}
|
||||
|
||||
if(defined('DB::USE_ANSI_SQL')) {
|
||||
return DataObject::get(
|
||||
'Subsite',
|
||||
"\"MemberID\" = {$member->ID}",
|
||||
'',
|
||||
"LEFT JOIN \"Group\" ON \"Subsite\".\"ID\" = \"SubsiteID\"
|
||||
LEFT JOIN \"Group_Members\" ON \"Group\".\"ID\" = \"Group_Members\".\"GroupID\""
|
||||
);
|
||||
}
|
||||
if(defined('DB::USE_ANSI_SQL'))
|
||||
$q="\"";
|
||||
else $q='`';
|
||||
|
||||
return DataObject::get(
|
||||
'Subsite',
|
||||
"MemberID = {$member->ID}",
|
||||
"{$q}MemberID{$q} = {$member->ID}",
|
||||
'',
|
||||
"LEFT JOIN `Group` ON `Subsite`.`ID` = `SubsiteID`
|
||||
LEFT JOIN `Group_Members` ON `Group`.`ID` = `Group_Members`.`GroupID`"
|
||||
"LEFT JOIN {$q}Group{$q} ON {$q}Subsite{$q}.{$q}ID{$q} = {$q}SubsiteID{$q}
|
||||
LEFT JOIN {$q}Group_Members{$q} ON {$q}Group{$q}.{$q}ID{$q} = {$q}Group_Members{$q}.{$q}GroupID{$q}"
|
||||
);
|
||||
|
||||
}
|
||||
|
||||
static function hasMainSitePermission($member = null, $permissionCodes = array('ADMIN')) {
|
||||
@ -493,28 +482,19 @@ JS;
|
||||
|
||||
$templateClassList = "'" . implode("', '", ClassInfo::subclassesFor("Subsite_Template")) . "'";
|
||||
|
||||
if(defined('DB::USE_ANSI_SQL')) {
|
||||
return DataObject::get(
|
||||
'Subsite',
|
||||
"\"Group_Members\".\"MemberID\" = $member->ID
|
||||
AND \"Permission\".\"Code\" IN ($SQL_codes, 'ADMIN')
|
||||
AND (\"Subdomain\" IS NOT NULL OR \"Subsite\".\"ClassName\" IN ($templateClassList)) AND \"Subsite\".\"Title\" != ''",
|
||||
'',
|
||||
"LEFT JOIN \"Group\" ON (\"SubsiteID\" = \"Subsite\".\"ID\" OR \"SubsiteID\" = 0)
|
||||
LEFT JOIN \"Group_Members\" ON \"Group_Members\".\"GroupID\" = \"Group\".\"ID\"
|
||||
LEFT JOIN \"Permission\" ON \"Group\".\"ID\" = \"Permission\".\"GroupID\""
|
||||
);
|
||||
}
|
||||
if(defined('DB::USE_ANSI_SQL'))
|
||||
$q="\"";
|
||||
else $q='`';
|
||||
|
||||
return DataObject::get(
|
||||
'Subsite',
|
||||
"\"Group_Members\".\"MemberID\" = $member->ID
|
||||
AND \"Permission\".\"Code\" IN ($SQL_codes, 'ADMIN')
|
||||
AND (\"Subdomain\" IS NOT NULL OR \"Subsite\".\"ClassName\" IN ($templateClassList)) AND \"Subsite\".\"Title\" != ''",
|
||||
"{$q}Group_Members{$q}.{$q}MemberID{$q} = $member->ID
|
||||
AND {$q}Permission{$q}.{$q}Code{$q} IN ($SQL_codes, 'ADMIN')
|
||||
AND ({$q}Subdomain{$q} IS NOT NULL OR {$q}Subsite{$q}.{$q}ClassName{$q} IN ($templateClassList)) AND {$q}Subsite{$q}.{$q}Title{$q} != ''",
|
||||
'',
|
||||
"LEFT JOIN \"Group\" ON (\"SubsiteID\"=\"Subsite\".\"ID\" OR \"SubsiteID\" = 0)
|
||||
LEFT JOIN \"Group_Members\" ON \"Group_Members\".\"GroupID\"=\"Group\".\"ID\"
|
||||
LEFT JOIN \"Permission\" ON \"Group\".\"ID\"=\"Permission\".\"GroupID\""
|
||||
"LEFT JOIN {$q}Group{$q} ON ({$q}SubsiteID{$q} = {$q}Subsite{$q}.{$q}ID{$q} OR {$q}SubsiteID{$q} = 0)
|
||||
LEFT JOIN {$q}Group_Members{$q} ON {$q}Group_Members{$q}.{$q}GroupID{$q} = {$q}Group{$q}.{$q}ID{$q}
|
||||
LEFT JOIN {$q}Permission{$q} ON {$q}Group{$q}.{$q}ID{$q} = {$q}Permission{$q}.{$q}GroupID{$q}"
|
||||
);
|
||||
}
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user