Overview
Comment: | Repasse pour suppression des double quotes dans les requêtes SQLite + suppression appel DB::getInstance() inutile |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA1: |
63cb8357be0bde5348653b640bf8c412 |
User & Date: | bohwaz on 2014-04-21 02:28:07 |
Other Links: | manifest | tags |
Context
2014-04-21
| ||
15:54 | Tri sans tenir compte des accents check-in: 2e309d8b4a user: bohwaz tags: trunk | |
02:28 | Repasse pour suppression des double quotes dans les requêtes SQLite + suppression appel DB::getInstance() inutile check-in: 63cb8357be user: bohwaz tags: trunk | |
02:20 | Sécurité sur les requêtes exécutées dans les squelettes check-in: 92d8611330 user: bohwaz tags: trunk | |
Changes
Modified src/include/class.compta_comptes_bancaires.php from [53301e3cb2] to [eb158efea8].
13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 |
$data['parent'] = self::NUMERO_PARENT_COMPTES;
$data['id'] = null;
$this->_checkBankFields($data);
$new_id = parent::add($data);
$db = DB::getInstance();
$db->simpleInsert('compta_comptes_bancaires', [
'id' => $new_id,
'banque' => $data['banque'],
'iban' => $data['iban'],
'bic' => $data['bic'],
]);
|
< |
13 14 15 16 17 18 19 20 21 22 23 24 25 26 |
$data['parent'] = self::NUMERO_PARENT_COMPTES; $data['id'] = null; $this->_checkBankFields($data); $new_id = parent::add($data); $db->simpleInsert('compta_comptes_bancaires', [ 'id' => $new_id, 'banque' => $data['banque'], 'iban' => $data['iban'], 'bic' => $data['bic'], ]); |
Modified src/include/class.compta_exercices.php from [e093553e7a] to [b79696ceb1].
255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 |
strftime(\'%s\', fin) AS fin,
(SELECT COUNT(*) FROM compta_journal WHERE id_exercice = compta_exercices.id) AS nb_operations
FROM compta_exercices ORDER BY fin DESC;', SQLITE3_ASSOC);
}
protected function _checkFields(&$data)
{
$db = DB::getInstance();
if (empty($data['libelle']) || !trim($data['libelle']))
{
throw new UserException('Le libellé ne peut rester vide.');
}
$data['libelle'] = trim($data['libelle']);
|
< < |
255 256 257 258 259 260 261 262 263 264 265 266 267 268 |
strftime(\'%s\', fin) AS fin, (SELECT COUNT(*) FROM compta_journal WHERE id_exercice = compta_exercices.id) AS nb_operations FROM compta_exercices ORDER BY fin DESC;', SQLITE3_ASSOC); } protected function _checkFields(&$data) { if (empty($data['libelle']) || !trim($data['libelle'])) { throw new UserException('Le libellé ne peut rester vide.'); } $data['libelle'] = trim($data['libelle']); |
Modified src/include/class.config.php from [f4d561c746] to [78ccf5c62f].
251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 |
{
throw new UserException('Le champ '.$value.' n\'existe pas pour la configuration de '.$key);
}
// Vérification que le champ est unique pour l'identifiant
if ($key == 'champ_identifiant'
&& !$db->simpleQuerySingle('SELECT (COUNT(DISTINCT '.$value.') = COUNT(*))
FROM membres WHERE '.$value.' IS NOT NULL AND '.$value.' != "";'))
{
throw new UserException('Le champ '.$value.' comporte des doublons et ne peut donc pas servir comme identifiant pour la connexion.');
}
break;
}
case 'categorie_cotisations':
case 'categorie_dons':
|
| |
251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 |
{
throw new UserException('Le champ '.$value.' n\'existe pas pour la configuration de '.$key);
}
// Vérification que le champ est unique pour l'identifiant
if ($key == 'champ_identifiant'
&& !$db->simpleQuerySingle('SELECT (COUNT(DISTINCT '.$value.') = COUNT(*))
FROM membres WHERE '.$value.' IS NOT NULL AND '.$value.' != \'\';'))
{
throw new UserException('Le champ '.$value.' comporte des doublons et ne peut donc pas servir comme identifiant pour la connexion.');
}
break;
}
case 'categorie_cotisations':
case 'categorie_dons':
|
Modified src/include/class.membres_import.php from [3e606d8182] to [83a485e0d8].
242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 |
return true; } public function toCSV() { $db = DB::getInstance(); $res = $db->prepare('SELECT m.id, c.nom AS "categorie", m.* FROM membres AS m LEFT JOIN membres_categories AS c ON m.id_categorie = c.id ORDER BY c.id;')->execute(); $fp = fopen('php://output', 'w'); $header = false; while ($row = $res->fetchArray(SQLITE3_ASSOC)) { |
| |
242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 |
return true; } public function toCSV() { $db = DB::getInstance(); $res = $db->prepare('SELECT m.id, c.nom AS categorie, m.* FROM membres AS m LEFT JOIN membres_categories AS c ON m.id_categorie = c.id ORDER BY c.id;')->execute(); $fp = fopen('php://output', 'w'); $header = false; while ($row = $res->fetchArray(SQLITE3_ASSOC)) { |
Modified src/include/class.rappels.php from [addb036ece] to [17914b30dc].
171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 |
WHEN c.fin IS NOT NULL THEN c.fin ELSE 0 END AS expiration
FROM rappels AS r
INNER JOIN cotisations AS c ON c.id = r.id_cotisation
INNER JOIN cotisations_membres AS cm ON cm.id_cotisation = c.id
INNER JOIN membres AS m ON m.id = cm.id_membre
WHERE
/* Inutile de sélectionner les membres sans email */
m.email IS NOT NULL AND m.email != ""
/* Les cotisations ponctuelles ne comptent pas */
AND (c.fin IS NOT NULL OR c.duree IS NOT NULL)
/* Rien nest envoyé aux membres des catégories cachées, logique */
AND m.id_categorie NOT IN (SELECT id FROM membres_categories WHERE cacher = 1)
ORDER BY r.delai ASC
)
WHERE nb_jours >= delai
|
| |
171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 |
WHEN c.fin IS NOT NULL THEN c.fin ELSE 0 END AS expiration
FROM rappels AS r
INNER JOIN cotisations AS c ON c.id = r.id_cotisation
INNER JOIN cotisations_membres AS cm ON cm.id_cotisation = c.id
INNER JOIN membres AS m ON m.id = cm.id_membre
WHERE
/* Inutile de sélectionner les membres sans email */
m.email IS NOT NULL AND m.email != \'\'
/* Les cotisations ponctuelles ne comptent pas */
AND (c.fin IS NOT NULL OR c.duree IS NOT NULL)
/* Rien nest envoyé aux membres des catégories cachées, logique */
AND m.id_categorie NOT IN (SELECT id FROM membres_categories WHERE cacher = 1)
ORDER BY r.delai ASC
)
WHERE nb_jours >= delai
|
Modified src/include/class.wiki.php from [1dd8836624] to [0c2e7be215].
280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 |
return true; } public function search($query) { $db = DB::getInstance(); return $db->simpleStatementFetch('SELECT p.uri, r.*, snippet(wiki_recherche, "<b>", "</b>", "...", -1, -50) AS snippet, rank(matchinfo(wiki_recherche), 0, 1.0, 1.0) AS points FROM wiki_recherche AS r INNER JOIN wiki_pages AS p ON p.id = r.id WHERE '.$this->_getLectureClause('p.').' AND wiki_recherche MATCH \''.$db->escapeString($query).'\' ORDER BY points DESC LIMIT 0,50;'); } public function setRestrictionCategorie($id, $droit_wiki) |
| |
280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 |
return true; } public function search($query) { $db = DB::getInstance(); return $db->simpleStatementFetch('SELECT p.uri, r.*, snippet(wiki_recherche, \'<b>\', \'</b>\', \'...\', -1, -50) AS snippet, rank(matchinfo(wiki_recherche), 0, 1.0, 1.0) AS points FROM wiki_recherche AS r INNER JOIN wiki_pages AS p ON p.id = r.id WHERE '.$this->_getLectureClause('p.').' AND wiki_recherche MATCH \''.$db->escapeString($query).'\' ORDER BY points DESC LIMIT 0,50;'); } public function setRestrictionCategorie($id, $droit_wiki) |