Overview
Comment:Repasse pour suppression des double quotes dans les requêtes SQLite + suppression appel DB::getInstance() inutile
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: 63cb8357be0bde5348653b640bf8c41247065cab
User & Date: bohwaz on 2014-04-21 02:28:07
Other Links: manifest | tags
Context
2014-04-21
15:54
Tri sans tenir compte des accents check-in: 2e309d8b4a user: bohwaz tags: trunk
02:28
Repasse pour suppression des double quotes dans les requêtes SQLite + suppression appel DB::getInstance() inutile check-in: 63cb8357be user: bohwaz tags: trunk
02:20
Sécurité sur les requêtes exécutées dans les squelettes check-in: 92d8611330 user: bohwaz tags: trunk
Changes

Modified src/include/class.compta_comptes_bancaires.php from [53301e3cb2] to [eb158efea8].

13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
        $data['parent'] = self::NUMERO_PARENT_COMPTES;
        $data['id'] = null;

        $this->_checkBankFields($data);

        $new_id = parent::add($data);

        $db = DB::getInstance();
        $db->simpleInsert('compta_comptes_bancaires', [
            'id'        =>  $new_id,
            'banque'    =>  $data['banque'],
            'iban'      =>  $data['iban'],
            'bic'       =>  $data['bic'],
        ]);








<







13
14
15
16
17
18
19

20
21
22
23
24
25
26
        $data['parent'] = self::NUMERO_PARENT_COMPTES;
        $data['id'] = null;

        $this->_checkBankFields($data);

        $new_id = parent::add($data);


        $db->simpleInsert('compta_comptes_bancaires', [
            'id'        =>  $new_id,
            'banque'    =>  $data['banque'],
            'iban'      =>  $data['iban'],
            'bic'       =>  $data['bic'],
        ]);

Modified src/include/class.compta_exercices.php from [e093553e7a] to [b79696ceb1].

255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
            strftime(\'%s\', fin) AS fin,
            (SELECT COUNT(*) FROM compta_journal WHERE id_exercice = compta_exercices.id) AS nb_operations
            FROM compta_exercices ORDER BY fin DESC;', SQLITE3_ASSOC);
    }

    protected function _checkFields(&$data)
    {
        $db = DB::getInstance();

        if (empty($data['libelle']) || !trim($data['libelle']))
        {
            throw new UserException('Le libellé ne peut rester vide.');
        }

        $data['libelle'] = trim($data['libelle']);








<
<







255
256
257
258
259
260
261


262
263
264
265
266
267
268
            strftime(\'%s\', fin) AS fin,
            (SELECT COUNT(*) FROM compta_journal WHERE id_exercice = compta_exercices.id) AS nb_operations
            FROM compta_exercices ORDER BY fin DESC;', SQLITE3_ASSOC);
    }

    protected function _checkFields(&$data)
    {


        if (empty($data['libelle']) || !trim($data['libelle']))
        {
            throw new UserException('Le libellé ne peut rester vide.');
        }

        $data['libelle'] = trim($data['libelle']);

Modified src/include/class.config.php from [f4d561c746] to [78ccf5c62f].

251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
                {
                    throw new UserException('Le champ '.$value.' n\'existe pas pour la configuration de '.$key);
                }

                // Vérification que le champ est unique pour l'identifiant
                if ($key == 'champ_identifiant' 
                    && !$db->simpleQuerySingle('SELECT (COUNT(DISTINCT '.$value.') = COUNT(*)) 
                        FROM membres WHERE '.$value.' IS NOT NULL AND '.$value.' != "";'))
                {
                    throw new UserException('Le champ '.$value.' comporte des doublons et ne peut donc pas servir comme identifiant pour la connexion.');
                }
                break;
            }
            case 'categorie_cotisations':
            case 'categorie_dons':







|







251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
                {
                    throw new UserException('Le champ '.$value.' n\'existe pas pour la configuration de '.$key);
                }

                // Vérification que le champ est unique pour l'identifiant
                if ($key == 'champ_identifiant' 
                    && !$db->simpleQuerySingle('SELECT (COUNT(DISTINCT '.$value.') = COUNT(*)) 
                        FROM membres WHERE '.$value.' IS NOT NULL AND '.$value.' != \'\';'))
                {
                    throw new UserException('Le champ '.$value.' comporte des doublons et ne peut donc pas servir comme identifiant pour la connexion.');
                }
                break;
            }
            case 'categorie_cotisations':
            case 'categorie_dons':

Modified src/include/class.membres_import.php from [3e606d8182] to [83a485e0d8].

242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
		return true;
	}

    public function toCSV()
    {
        $db = DB::getInstance();

        $res = $db->prepare('SELECT m.id, c.nom AS "categorie", m.* FROM membres AS m 
            LEFT JOIN membres_categories AS c ON m.id_categorie = c.id ORDER BY c.id;')->execute();

        $fp = fopen('php://output', 'w');
        $header = false;

        while ($row = $res->fetchArray(SQLITE3_ASSOC))
        {







|







242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
		return true;
	}

    public function toCSV()
    {
        $db = DB::getInstance();

        $res = $db->prepare('SELECT m.id, c.nom AS categorie, m.* FROM membres AS m 
            LEFT JOIN membres_categories AS c ON m.id_categorie = c.id ORDER BY c.id;')->execute();

        $fp = fopen('php://output', 'w');
        $header = false;

        while ($row = $res->fetchArray(SQLITE3_ASSOC))
        {

Modified src/include/class.rappels.php from [addb036ece] to [17914b30dc].

171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
				WHEN c.fin IS NOT NULL THEN c.fin ELSE 0 END AS expiration
			FROM rappels AS r
				INNER JOIN cotisations AS c ON c.id = r.id_cotisation
				INNER JOIN cotisations_membres AS cm ON cm.id_cotisation = c.id
				INNER JOIN membres AS m ON m.id = cm.id_membre
			WHERE
				/* Inutile de sélectionner les membres sans email */
				m.email IS NOT NULL AND m.email != ""
				/* Les cotisations ponctuelles ne comptent pas */
				AND (c.fin IS NOT NULL OR c.duree IS NOT NULL)
				/* Rien nest envoyé aux membres des catégories cachées, logique */
				AND m.id_categorie NOT IN (SELECT id FROM membres_categories WHERE cacher = 1)
			ORDER BY r.delai ASC
		)
		WHERE nb_jours >= delai 







|







171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
				WHEN c.fin IS NOT NULL THEN c.fin ELSE 0 END AS expiration
			FROM rappels AS r
				INNER JOIN cotisations AS c ON c.id = r.id_cotisation
				INNER JOIN cotisations_membres AS cm ON cm.id_cotisation = c.id
				INNER JOIN membres AS m ON m.id = cm.id_membre
			WHERE
				/* Inutile de sélectionner les membres sans email */
				m.email IS NOT NULL AND m.email != \'\'
				/* Les cotisations ponctuelles ne comptent pas */
				AND (c.fin IS NOT NULL OR c.duree IS NOT NULL)
				/* Rien nest envoyé aux membres des catégories cachées, logique */
				AND m.id_categorie NOT IN (SELECT id FROM membres_categories WHERE cacher = 1)
			ORDER BY r.delai ASC
		)
		WHERE nb_jours >= delai 

Modified src/include/class.wiki.php from [1dd8836624] to [0c2e7be215].

280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
        return true;
    }

    public function search($query)
    {
        $db = DB::getInstance();
        return $db->simpleStatementFetch('SELECT
            p.uri, r.*, snippet(wiki_recherche, "<b>", "</b>", "...", -1, -50) AS snippet,
            rank(matchinfo(wiki_recherche), 0, 1.0, 1.0) AS points
            FROM wiki_recherche AS r INNER JOIN wiki_pages AS p ON p.id = r.id
            WHERE '.$this->_getLectureClause('p.').' AND wiki_recherche MATCH \''.$db->escapeString($query).'\'
            ORDER BY points DESC LIMIT 0,50;');
    }

    public function setRestrictionCategorie($id, $droit_wiki)







|







280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
        return true;
    }

    public function search($query)
    {
        $db = DB::getInstance();
        return $db->simpleStatementFetch('SELECT
            p.uri, r.*, snippet(wiki_recherche, \'<b>\', \'</b>\', \'...\', -1, -50) AS snippet,
            rank(matchinfo(wiki_recherche), 0, 1.0, 1.0) AS points
            FROM wiki_recherche AS r INNER JOIN wiki_pages AS p ON p.id = r.id
            WHERE '.$this->_getLectureClause('p.').' AND wiki_recherche MATCH \''.$db->escapeString($query).'\'
            ORDER BY points DESC LIMIT 0,50;');
    }

    public function setRestrictionCategorie($id, $droit_wiki)