Overview
Comment: | Implémentation du critère {age} dans les squelettes (fix [6938d30404]). Utilisation de bindValue de SQLite plutôt que escapeString dans les squelettes, c'est mieux. |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA1: |
5eca57ed8c8b203684c8f6e70e5c5c51 |
User & Date: | bohwaz on 2015-01-18 04:52:28 |
Other Links: | manifest | tags |
Context
2015-01-18
| ||
04:59 | Correction enregistrement de la date check-in: 8ddd48cc48 user: bohwaz tags: trunk | |
04:52 | Implémentation du critère {age} dans les squelettes (fix [6938d30404]). Utilisation de bindValue de SQLite plutôt que escapeString dans les squelettes, c'est mieux. check-in: 5eca57ed8c user: bohwaz tags: trunk | |
04:50 | filtre euros check-in: 52c1b4a5fe user: bohwaz tags: trunk | |
Changes
Modified src/include/lib/Garradin/Squelette.php from [b6c3807dbf] to [3636f0a074].
︙ | ︙ | |||
313 314 315 316 317 318 319 320 321 322 323 324 325 326 | return $out; } protected function processLoop($loopName, $loopType, $loopCriterias, $loopContent, $preContent, $postContent, $altContent) { $query = $loopStart = ''; // Types de boucles natifs if ($loopType == 'articles' || $loopType == 'rubriques' || $loopType == 'pages') { $where = $order = ''; $limit = $begin = 0; | > > > | | 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 | return $out; } protected function processLoop($loopName, $loopType, $loopCriterias, $loopContent, $preContent, $postContent, $altContent) { $query = $loopStart = ''; $query_args = []; // Types de boucles natifs if ($loopType == 'articles' || $loopType == 'rubriques' || $loopType == 'pages') { $where = $order = ''; $limit = $begin = 0; $query = 'SELECT w.*, '; $query.= 'strftime(\\\'%s\\\', w.date_creation) AS date_creation, '; $query.= 'strftime(\\\'%s\\\', w.date_modification) AS date_modification'; if (trim($loopContent)) { $query .= ', r.contenu AS texte FROM wiki_pages AS w LEFT JOIN wiki_revisions AS r ON (w.id = r.id_page AND w.revision = r.revision) '; } else { |
︙ | ︙ | |||
343 344 345 346 347 348 349 | } elseif ($loopType == 'rubriques') { $where .= 'AND (SELECT COUNT(id) FROM wiki_pages WHERE parent = w.id) > 0 '; } $allowed_fields = ['id', 'uri', 'titre', 'date', 'date_creation', 'date_modification', | | | | 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 | } elseif ($loopType == 'rubriques') { $where .= 'AND (SELECT COUNT(id) FROM wiki_pages WHERE parent = w.id) > 0 '; } $allowed_fields = ['id', 'uri', 'titre', 'date', 'date_creation', 'date_modification', 'parent', 'rubrique', 'revision', 'points', 'recherche', 'texte', 'age']; $search = $search_rank = false; foreach ($loopCriterias as $criteria_id => $criteria) { if (isset($criteria['field'])) { if (!in_array($criteria['field'], $allowed_fields)) { throw new \KD2\MiniSkelMarkupException("Critère '".$criteria['field']."' invalide pour la boucle '$loopName' de type '$loopType'."); } |
︙ | ︙ | |||
371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 | if ($criteria['action'] != \KD2\MiniSkel::ACTION_ORDER_BY) { throw new \KD2\MiniSkelMarkupException("Le critère 'points' n\'est pas valide dans ce contexte."); } $search_rank = true; } } switch ($criteria['action']) { case \KD2\MiniSkel::ACTION_ORDER_BY: if (!$order) $order = 'ORDER BY '.$criteria['field'].''; else $order .= ', '.$criteria['field'].''; break; case \KD2\MiniSkel::ACTION_ORDER_DESC: if ($order) $order .= ' DESC'; break; case \KD2\MiniSkel::ACTION_LIMIT: $begin = $criteria['begin']; $limit = $criteria['number']; break; case \KD2\MiniSkel::ACTION_MATCH_FIELD_BY_VALUE: | > > > > > | > | | > > | 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 | if ($criteria['action'] != \KD2\MiniSkel::ACTION_ORDER_BY) { throw new \KD2\MiniSkelMarkupException("Le critère 'points' n\'est pas valide dans ce contexte."); } $search_rank = true; } elseif ($criteria['field'] == 'age') { $criteria['field'] = 'julianday() - julianday(date_creation)'; $criteria['value'] = (int)$criteria['value']; } } switch ($criteria['action']) { case \KD2\MiniSkel::ACTION_ORDER_BY: if (!$order) $order = 'ORDER BY '.$criteria['field'].''; else $order .= ', '.$criteria['field'].''; break; case \KD2\MiniSkel::ACTION_ORDER_DESC: if ($order) $order .= ' DESC'; break; case \KD2\MiniSkel::ACTION_LIMIT: $begin = $criteria['begin']; $limit = $criteria['number']; break; case \KD2\MiniSkel::ACTION_MATCH_FIELD_BY_VALUE: $where .= ' AND '.$criteria['field'].' '.$criteria['comparison'].' ?'; $query_args[] = $criteria['value']; break; case \KD2\MiniSkel::ACTION_MATCH_FIELD: { if ($criteria['field'] == 'recherche') { $query = 'SELECT w.*, r.contenu AS texte, rank(matchinfo(wiki_recherche), 0, 1.0, 1.0) AS points FROM wiki_pages AS w INNER JOIN wiki_recherche AS r ON (w.id = r.id) '; $where .= ' AND wiki_recherche MATCH ?'; $search = true; } else { if ($criteria['field'] == 'parent') $field = 'id'; else $field = $criteria['field']; $where .= ' AND '.$criteria['field'].' = ?'; } $query_args[] = ['$this->getVariable(\'' . $criteria['field'] . '\')']; break; } default: break; } } |
︙ | ︙ | |||
457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 | // Ici le plugin peut soit peupler $query et $loopStart lui-même, soit faire un return include $plugin->path() . '/skel_loop.php'; } else { throw new \KD2\MiniSkelMarkupException("Le type de boucle '".$loopType."' est inconnu."); } } $hash = sha1(uniqid(mt_rand(), true)); $out = new Squelette_Snippet(); $out->append(1, '$parent_hash = $this->current[\'_self_hash\'];'); $out->append(1, '$this->parent =& $parent_hash ? $this->_vars[$parent_hash] : null;'); if (!empty($search)) { $out->append(1, 'if (trim($this->getVariable(\'recherche\'))) { '); } $out->append(1, '$statement = $db->prepare(\''.$query.'\'); '); // Sécurité anti injection $out->append(1, 'if (!$statement->readOnly()) { throw new \\MiniSkelMarkupException("Requête en écriture illégale: '.$query.'"); } '); $out->append(1, '$result_'.$hash.' = $statement->execute(); '); $out->append(1, '$nb_rows = $db->countRows($result_'.$hash.'); '); if (!empty($search)) { $out->append(1, '} else { $result_'.$hash.' = false; $nb_rows = 0; }'); } | > > > > > > > > > > > | 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 | // Ici le plugin peut soit peupler $query et $loopStart lui-même, soit faire un return include $plugin->path() . '/skel_loop.php'; } else { throw new \KD2\MiniSkelMarkupException("Le type de boucle '".$loopType."' est inconnu."); } if (empty($query)) { $query = 'SELECT 0 LIMIT 0;'; } } $hash = sha1(uniqid(mt_rand(), true)); $out = new Squelette_Snippet(); $out->append(1, '$parent_hash = $this->current[\'_self_hash\'];'); $out->append(1, '$this->parent =& $parent_hash ? $this->_vars[$parent_hash] : null;'); if (!empty($search)) { $out->append(1, 'if (trim($this->getVariable(\'recherche\'))) { '); } $out->append(1, '$statement = $db->prepare(\''.$query.'\'); '); // Sécurité anti injection $out->append(1, 'if (!$statement->readOnly()) { throw new \\MiniSkelMarkupException("Requête en écriture illégale: '.$query.'"); } '); foreach ($query_args as $k=>$arg) { $out->append(1, '$statement->bindValue(' . ($k+1) . ', ' . (is_array($arg) ? $arg[0] : var_export($arg, true)) . ');'); } $out->append(1, '$result_'.$hash.' = $statement->execute(); '); $out->append(1, '$nb_rows = $db->countRows($result_'.$hash.'); '); if (!empty($search)) { $out->append(1, '} else { $result_'.$hash.' = false; $nb_rows = 0; }'); } |
︙ | ︙ |