[evolvis-commits] r13715: Ongoing migration to db_query_params()

mirabilos at evolvis.org mirabilos at evolvis.org
Mon Feb 28 02:55:54 CET 2011


Author: mirabilos
Date: 2011-02-28 02:55:54 +0100 (Mon, 28 Feb 2011)
New Revision: 13715

Modified:
   trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/admin/form-extrafieldcopy.php
   trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/admin/index.php
   trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/admin/updates.php
   trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/browse.php
   trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/include/ArtifactHtml.class.php
   trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/mod.php
   trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/query.php
Log:
Ongoing migration to db_query_params()

Modified: trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/admin/form-extrafieldcopy.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/admin/form-extrafieldcopy.php	2011-02-28 01:55:50 UTC (rev 13714)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/admin/form-extrafieldcopy.php	2011-02-28 01:55:54 UTC (rev 13715)
@@ -3,27 +3,30 @@
 //
 //  FORM TO COPY Choices configured by admin for extra_field BOXES 
 //
-		$id = getIntFromRequest('id');
-		$fb= new ArtifactExtraField($ath,$id);
+$id = getIntFromRequest('id');
+$fb= new ArtifactExtraField($ath,$id);
 
-		// Get a list of all extra fields in trackers and groups that you have perms to admin
-		$sql="SELECT g.unix_group_name, agl.name AS tracker_name, aefl.field_name, aefl.extra_field_id
+// Get a list of all extra fields in trackers and groups that you have perms to admin
+
+$res = db_query_params ('SELECT g.unix_group_name, agl.name AS tracker_name, aefl.field_name, aefl.extra_field_id
 			FROM groups g, 
 			artifact_group_list agl, 
 			artifact_extra_field_list aefl,
 			user_group ug,
 			artifact_perm ap
 			WHERE 
-			(ug.admin_flags='A' OR ug.artifact_flags='2' OR ap.perm_level>='2')
-			AND ug.user_id='".user_getid()."'
+			(ug.admin_flags=$1 OR ug.artifact_flags=2 OR ap.perm_level>=2)
+			AND ug.user_id=$2
 			AND ug.group_id=g.group_id
 			AND g.group_id=agl.group_id 
 			AND agl.group_artifact_id=ap.group_artifact_id
-			AND ap.user_id='".user_getid()."'
+			AND ap.user_id=$2
 			AND aefl.group_artifact_id=agl.group_artifact_id
-			AND aefl.extra_field_id != $id
-			AND aefl.field_type IN (1,2,3,5,7)";
-		$res=db_query($sql);
+			AND aefl.extra_field_id != $3
+			AND aefl.field_type IN (1,2,3,5,7)',
+			array ('A',
+			       user_getid(),
+			       $id));
 		if (db_numrows($res) < 1) {
 			exit_error('Cannot find a destination tracker where you have administration rights.');
 		}
@@ -41,7 +44,7 @@
 		<form action="<?php echo getStringFromServer('PHP_SELF') .'?group_id='.$group_id.'&atid='.$ath->getID(); ?>" method="post" >        
 		<table>
 		<tr>
-		<td></td><td><center><strong>';
+		<td></td><td><center><strong>
 		<?php echo _('Copy From') ?>
 		<br />
 		<?php echo $fb->getName() ?>

Modified: trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/admin/index.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/admin/index.php	2011-02-28 01:55:50 UTC (rev 13714)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/admin/index.php	2011-02-28 01:55:54 UTC (rev 13715)
@@ -62,8 +62,9 @@
 		include $gfwww.'tracker/admin/updates.php';
 
 	} elseif (getStringFromRequest('deletetemplate')) {
-
-		db_query("UPDATE artifact_group_list SET custom_renderer='' WHERE group_artifact_id='".$ath->getID()."'");
+		db_query_params ('UPDATE artifact_group_list SET custom_renderer=$1 WHERE group_artifact_id=$2',
+				 array ('',
+					$ath->getID()));
 		echo db_error();
 		$feedback .= 'Renderer Deleted';
 		$next = 'add_extrafield';

Modified: trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/admin/updates.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/admin/updates.php	2011-02-28 01:55:50 UTC (rev 13714)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/admin/updates.php	2011-02-28 01:55:54 UTC (rev 13715)
@@ -333,7 +333,9 @@
 			$size = $input_file['size'];
 			$input_data = addslashes(fread(fopen($input_file['tmp_name'], 'r'), $size));
 
-			db_query("UPDATE artifact_group_list SET custom_renderer='$input_data' WHERE group_artifact_id='".$ath->getID()."'");
+			db_query_params ('UPDATE artifact_group_list SET custom_renderer=$1 WHERE group_artifact_id=$2',
+					 array ($input_data,
+						$ath->getID()));
 			echo db_error();
 			$feedback .= _('Renderer Uploaded');
 		//

Modified: trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/browse.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/browse.php	2011-02-28 01:55:50 UTC (rev 13714)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/browse.php	2011-02-28 01:55:54 UTC (rev 13715)
@@ -230,16 +230,20 @@
 	<div class="tabbertab" title="'._('Advanced queries').'">';
 
 if (session_loggedin()) {
-	$filter = "AND (user_id='".user_getid()."' OR query_type>0)";
+	$res = db_query_params ('SELECT artifact_query_id,query_name, CASE WHEN query_type>0 THEN 1 ELSE 0 END as type
+	FROM artifact_query
+	WHERE group_artifact_id=$1 AND (user_id=$2 OR query_type>0)
+	ORDER BY type ASC, query_name ASC',
+				array ($ath->getID(),
+				       user_getid()));
 } else {
-	$filter = "AND query_type>0";
+	$res = db_query_params ('SELECT artifact_query_id,query_name, CASE WHEN query_type>0 THEN 1 ELSE 0 END as type
+	FROM artifact_query
+	WHERE group_artifact_id=$1 AND query_type>0
+	ORDER BY type ASC, query_name ASC',
+				array ($ath->getID()));
 }
 
-$sql="SELECT artifact_query_id,query_name, CASE WHEN query_type>0 THEN 1 ELSE 0 END as type 
-	FROM artifact_query 
-	WHERE group_artifact_id='".$ath->getID()."' $filter
-	ORDER BY type ASC, query_name ASC";
-$res = db_query($sql);
 
 if (db_numrows($res)>0) {
 	echo '<form action="'. getStringFromServer('PHP_SELF') .'" method="get">';

Modified: trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/include/ArtifactHtml.class.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/include/ArtifactHtml.class.php	2011-02-28 01:55:50 UTC (rev 13714)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/include/ArtifactHtml.class.php	2011-02-28 01:55:54 UTC (rev 13715)
@@ -150,21 +150,23 @@
 	}
 
 	function showRelations() {
-		global $Language;
-		
 		$aid = $this->getID();
-		
+
 		// Search for all relations pointing to this record.
-		$sql = "SELECT *
+
+		$res = db_query_params ('SELECT *
 		FROM artifact_extra_field_list, artifact_extra_field_data, artifact_group_list, artifact, groups
 		WHERE field_type=9
 		AND artifact_extra_field_list.extra_field_id=artifact_extra_field_data.extra_field_id
 		AND artifact_group_list.group_artifact_id = artifact_extra_field_list.group_artifact_id
 		AND artifact.artifact_id = artifact_extra_field_data.artifact_id
 		AND groups.group_id = artifact_group_list.group_id
-		AND (field_data = '$aid' OR field_data LIKE '$aid %' OR field_data LIKE '% $aid %' OR field_data LIKE '% $aid')
-		ORDER BY artifact_group_list.group_id ASC, name ASC, artifact.artifact_id ASC";
-		$res = db_query($sql);
+		AND (field_data = $1 OR field_data LIKE $2 OR field_data LIKE $3 OR field_data LIKE $4)
+		ORDER BY artifact_group_list.group_id ASC, name ASC, artifact.artifact_id ASC',
+					array($aid,
+					      "$aid %",
+					      "% $aid %",
+					      "% $aid"));
 		if (db_numrows($res)>0) {
 			?>
 <div class="tabbertab" title="<?php echo _('Backward Relations'); ?>">

Modified: trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/mod.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/mod.php	2011-02-28 01:55:50 UTC (rev 13714)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/mod.php	2011-02-28 01:55:54 UTC (rev 13715)
@@ -99,15 +99,19 @@
 	} else {
 		$alevel=' > 1';	
 	}
-	$sql="SELECT agl.group_artifact_id, agl.name 
+
+	$res = db_query_params ('SELECT agl.group_artifact_id, agl.name
 		FROM artifact_group_list agl, role_setting rs, user_group ug
 		WHERE agl.group_artifact_id=rs.ref_id
-		AND ug.user_id='". user_getid() ."' 
-		AND rs.value::integer $alevel
-		AND agl.group_id='$group_id'
+		AND ug.user_id=$1
+		AND rs.value::integer $2
+		AND agl.group_id=$3
                 AND ug.role_id = rs.role_id
-                AND rs.section_name='tracker'";
-	$res=db_query($sql);
+                AND rs.section_name=$4',
+				array(user_getid() ,
+				      $alevel,
+				      $group_id,
+				      'tracker'));
 
 	echo html_build_select_box ($res,'new_artifact_type_id',$ath->getID(),false);
 

Modified: trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/query.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/query.php	2011-02-28 01:55:50 UTC (rev 13714)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/query.php	2011-02-28 01:55:54 UTC (rev 13715)
@@ -223,8 +223,9 @@
 //
 //	get queries for this user
 //
-$res=db_query("SELECT artifact_query_id,query_name 
-	FROM artifact_query WHERE user_id='".user_getid()."' AND group_artifact_id='".$ath->getID()."'");
+$res = db_query_params ('SELECT artifact_query_id,query_name FROM artifact_query WHERE user_id=$1 AND group_artifact_id=$2',
+			array(user_getid(),
+			      $ath->getID()));
 
 
 //	Show the new pop-up boxes to select assigned to, status, etc
@@ -276,9 +277,10 @@
 echo'
 <table width="100%" class="tablecontent">';
 if ($ath->userIsAdmin()) {
-	$sql = "SELECT query_name 
-			FROM artifact_query WHERE query_type=2 AND group_artifact_id='".$ath->getID()."'";
-	$default_query = db_result(db_query($sql),0, 'query_name');
+	$default_query = db_result(db_query_params('"SELECT query_name FROM artifact_query WHERE query_type=2 AND group_artifact_id=$1',
+						   array ($ath->getID())),
+				   0,
+				   'query_name');
 	if ($default_query) {
 		if ($default_query == $aq->getName()) {
 			$note = '';



More information about the evolvis-commits mailing list