diff options
author | wei <> | 2007-01-03 11:31:18 +0000 |
---|---|---|
committer | wei <> | 2007-01-03 11:31:18 +0000 |
commit | 7ea61ba9701a04bc593d7c5960c5135ce39805a8 (patch) | |
tree | 55cc29fdd679440bfb7a86d12aecca684dc6dbb0 /framework/Data/ActiveRecord | |
parent | 46484d91f49721a10b76e2c25071ad594f0b32d4 (diff) |
quote the criteria string in ActiveRecord.
Diffstat (limited to 'framework/Data/ActiveRecord')
5 files changed, 43 insertions, 15 deletions
diff --git a/framework/Data/ActiveRecord/Vendor/TDbMetaData.php b/framework/Data/ActiveRecord/Vendor/TDbMetaData.php index 4bbc62ee..efb7c467 100644 --- a/framework/Data/ActiveRecord/Vendor/TDbMetaData.php +++ b/framework/Data/ActiveRecord/Vendor/TDbMetaData.php @@ -21,6 +21,7 @@ * @package System.Data.ActiveRecord.Vendor
* @since 3.1
*/ +
abstract class TDbMetaData extends TComponent
{
private $_primaryKeys=array();
diff --git a/framework/Data/ActiveRecord/Vendor/TDbMetaDataCommon.php b/framework/Data/ActiveRecord/Vendor/TDbMetaDataCommon.php index 44b33ab1..74c97689 100644 --- a/framework/Data/ActiveRecord/Vendor/TDbMetaDataCommon.php +++ b/framework/Data/ActiveRecord/Vendor/TDbMetaDataCommon.php @@ -49,7 +49,7 @@ abstract class TDbMetaDataCommon extends TDbMetaData public function getFindByCriteriaCommand($conn, $criteria=null)
{
$columns = $this->getSelectionColumns();
- $conditions = $criteria!==null?$this->getSqlFromCriteria($criteria) : '';
+ $conditions = $criteria!==null?$this->getSqlFromCriteria($conn,$criteria) : '';
$table = $this->getTableName();
$sql = "SELECT {$columns} FROM {$table} {$conditions}";
return $this->createCriteriaBindedCommand($conn,$sql, $criteria);
@@ -64,13 +64,13 @@ abstract class TDbMetaDataCommon extends TDbMetaData public function getCountRecordsCommand($conn, $criteria)
{
$columns = $this->getSelectionColumns();
- $conditions = $this->getSqlFromCriteria($criteria);
+ $conditions = $this->getSqlFromCriteria($conn,$criteria);
$table = $this->getTableName();
$sql = "SELECT count(*) FROM {$table} {$conditions}";
return $this->createCriteriaBindedCommand($conn,$sql, $criteria);
}
- abstract protected function getSqlFromCriteria(TActiveRecordCriteria $criteria);
+ abstract protected function getSqlFromCriteria($conn,TActiveRecordCriteria $criteria);
/**
* Sql command with parameters binded.
diff --git a/framework/Data/ActiveRecord/Vendor/TMysqlMetaData.php b/framework/Data/ActiveRecord/Vendor/TMysqlMetaData.php index 1289afa5..0ac3798d 100644 --- a/framework/Data/ActiveRecord/Vendor/TMysqlMetaData.php +++ b/framework/Data/ActiveRecord/Vendor/TMysqlMetaData.php @@ -24,27 +24,36 @@ class TMysqlMetaData extends TDbMetaDataCommon {
/**
* Build the SQL search string from the criteria object for Postgress database.
+ * @param TDbConnection database connection.
* @param TActiveRecordCriteria search criteria.
* @return string SQL search.
*/
- protected function getSqlFromCriteria(TActiveRecordCriteria $criteria)
+ protected function getSqlFromCriteria($conn, TActiveRecordCriteria $criteria)
{
$sql = '';
if(($condition = $criteria->getCondition())!==null)
$sql .= $condition;
$orders=array();
foreach($criteria->getOrdersBy() as $by=>$ordering)
- $orders[] = $by.' '.$ordering;
+ $orders[] = $conn->quoteString($by).' '.$this->getOrdering($ordering);
if(count($orders) > 0)
$sql .= ' ORDER BY '.implode(', ', $orders);
if(($limit = $criteria->getLimit())!==null)
{
$offset = $criteria->getOffset();
- $offset = $offset===null?0:$offset;
- $sql .= ' LIMIT '.$offset.', '.$limit;
+ $offset = $offset===null?0:intval($offset); //assumes integer offset
+ $sql .= ' LIMIT '.$offset.', '.intval($limit); //assumes integer limit
}
return strlen($sql) > 0 ? ' WHERE '.$sql : '';
}
+
+ private function getOrdering($direction)
+ {
+ if(strtolower($direction)=='desc')
+ return 'DESC';
+ else
+ return 'ASC';
+ }
}
?>
\ No newline at end of file diff --git a/framework/Data/ActiveRecord/Vendor/TPgsqlMetaData.php b/framework/Data/ActiveRecord/Vendor/TPgsqlMetaData.php index 5fc0fcaf..35452849 100644 --- a/framework/Data/ActiveRecord/Vendor/TPgsqlMetaData.php +++ b/framework/Data/ActiveRecord/Vendor/TPgsqlMetaData.php @@ -26,24 +26,33 @@ class TPgsqlMetaData extends TDbMetaDataCommon {
/**
* Build the SQL search string from the criteria object for Postgress database.
+ * @param TDbConnection database connection.
* @param TActiveRecordCriteria search criteria.
* @return string SQL search.
*/
- protected function getSqlFromCriteria(TActiveRecordCriteria $criteria)
+ protected function getSqlFromCriteria($conn, TActiveRecordCriteria $criteria)
{
$sql = '';
if(($condition = $criteria->getCondition())!==null)
$sql .= $condition;
$orders=array();
foreach($criteria->getOrdersBy() as $by=>$ordering)
- $orders[] = $by.' '.$ordering;
+ $orders[] = $conn->quoteString($by).' '.$this->getOrdering($ordering);
if(count($orders) > 0)
$sql .= ' ORDER BY '.implode(', ', $orders);
if(($limit = $criteria->getLimit())!==null)
- $sql .= ' LIMIT '.$limit;
+ $sql .= ' LIMIT '.intval($limit); //assumes integer limit?
if(($offset = $criteria->getOffset())!==null)
- $sql .= ' OFFSET '.$offset;
+ $sql .= ' OFFSET '.intval($offset); //assumes integer offset?
return strlen($sql) > 0 ? ' WHERE '.$sql : '';
}
+
+ private function getOrdering($direction)
+ {
+ if(strtolower($direction) == 'desc')
+ return 'DESC';
+ else
+ return 'ASC';
+ }
} ?>
\ No newline at end of file diff --git a/framework/Data/ActiveRecord/Vendor/TSqliteMetaData.php b/framework/Data/ActiveRecord/Vendor/TSqliteMetaData.php index 75c30c93..22d1759b 100644 --- a/framework/Data/ActiveRecord/Vendor/TSqliteMetaData.php +++ b/framework/Data/ActiveRecord/Vendor/TSqliteMetaData.php @@ -24,28 +24,37 @@ class TSqliteMetaData extends TDbMetaDataCommon {
/**
* Build the SQL search string from the criteria object for Postgress database.
+ * @param TDbConnection database connection.
* @param TActiveRecordCriteria search criteria.
* @return string SQL search.
*/
- protected function getSqlFromCriteria(TActiveRecordCriteria $criteria)
+ protected function getSqlFromCriteria($conn, TActiveRecordCriteria $criteria)
{
$sql = '';
if(($condition = $criteria->getCondition())!==null)
$sql .= $condition;
$orders=array();
foreach($criteria->getOrdersBy() as $by=>$ordering)
- $orders[] = $by.' '.$ordering;
+ $orders[] = $conn->quoteString($by).' '.$this->getOrdering($ordering);
if(count($orders) > 0)
$sql .= ' ORDER BY '.implode(', ', $orders);
if(($limit = $criteria->getLimit())!==null)
{
$offset = $criteria->getOffset();
- $offset = $offset===null?0:$offset;
- $sql .= ' LIMIT '.$offset.', '.$limit;
+ $offset = $offset===null?0:intval($offset); //assume integer offset?
+ $sql .= ' LIMIT '.$offset.', '.intval($limit); //assume integer limit?
}
return strlen($sql) > 0 ? ' WHERE '.$sql : '';
}
+ private function getOrdering($direction)
+ {
+ if(strtolower($direction) == 'desc')
+ return 'DESC';
+ else
+ return 'ASC';
+ }
+
/**
* Remove quote from the keys in the data.
* @param mixed record row
|