From 7ea61ba9701a04bc593d7c5960c5135ce39805a8 Mon Sep 17 00:00:00 2001 From: wei <> Date: Wed, 3 Jan 2007 11:31:18 +0000 Subject: quote the criteria string in ActiveRecord. --- .../protected/pages/Database/ActiveRecord.page | 4 ++-- framework/Data/ActiveRecord/Vendor/TDbMetaData.php | 1 + .../Data/ActiveRecord/Vendor/TDbMetaDataCommon.php | 6 +++--- framework/Data/ActiveRecord/Vendor/TMysqlMetaData.php | 17 +++++++++++++---- framework/Data/ActiveRecord/Vendor/TPgsqlMetaData.php | 17 +++++++++++++---- framework/Data/ActiveRecord/Vendor/TSqliteMetaData.php | 17 +++++++++++++---- tests/simple_unit/ActiveRecord/records/DepSections.php | 2 +- .../ActiveRecord/records/DepartmentRecord.php | 2 +- tests/simple_unit/ActiveRecord/records/SimpleUser.php | 2 +- tests/simple_unit/ActiveRecord/records/SqliteUsers.php | 2 +- tests/simple_unit/ActiveRecord/records/UserRecord.php | 2 +- 11 files changed, 50 insertions(+), 22 deletions(-) diff --git a/demos/quickstart/protected/pages/Database/ActiveRecord.page b/demos/quickstart/protected/pages/Database/ActiveRecord.page index 017b8d45..e3da53c0 100644 --- a/demos/quickstart/protected/pages/Database/ActiveRecord.page +++ b/demos/quickstart/protected/pages/Database/ActiveRecord.page @@ -74,7 +74,7 @@ class UserRecord extends TActiveRecord public $username; //the column named "username" in the "users" table public $email; - private static $_tablename='users'; //table name + public static $_tablename='users'; //table name /** * @return TActiveRecord active record finder instance @@ -88,7 +88,7 @@ class UserRecord extends TActiveRecord

Each property of the UserRecord class must correspond to a column with the same name in the "users" table. The static class variable - $_tablename is optional when the class name is the same as + $_tablename (must be public) is optional when the class name is the same as the table name in the database, otherwise $_tablename must specify the table name that corresponds to your Active Record class.

diff --git a/framework/Data/ActiveRecord/Vendor/TDbMetaData.php b/framework/Data/ActiveRecord/Vendor/TDbMetaData.php index 4bbc62ee..efb7c467 100644 --- a/framework/Data/ActiveRecord/Vendor/TDbMetaData.php +++ b/framework/Data/ActiveRecord/Vendor/TDbMetaData.php @@ -21,6 +21,7 @@ * @package System.Data.ActiveRecord.Vendor * @since 3.1 */ + abstract class TDbMetaData extends TComponent { private $_primaryKeys=array(); diff --git a/framework/Data/ActiveRecord/Vendor/TDbMetaDataCommon.php b/framework/Data/ActiveRecord/Vendor/TDbMetaDataCommon.php index 44b33ab1..74c97689 100644 --- a/framework/Data/ActiveRecord/Vendor/TDbMetaDataCommon.php +++ b/framework/Data/ActiveRecord/Vendor/TDbMetaDataCommon.php @@ -49,7 +49,7 @@ abstract class TDbMetaDataCommon extends TDbMetaData public function getFindByCriteriaCommand($conn, $criteria=null) { $columns = $this->getSelectionColumns(); - $conditions = $criteria!==null?$this->getSqlFromCriteria($criteria) : ''; + $conditions = $criteria!==null?$this->getSqlFromCriteria($conn,$criteria) : ''; $table = $this->getTableName(); $sql = "SELECT {$columns} FROM {$table} {$conditions}"; return $this->createCriteriaBindedCommand($conn,$sql, $criteria); @@ -64,13 +64,13 @@ abstract class TDbMetaDataCommon extends TDbMetaData public function getCountRecordsCommand($conn, $criteria) { $columns = $this->getSelectionColumns(); - $conditions = $this->getSqlFromCriteria($criteria); + $conditions = $this->getSqlFromCriteria($conn,$criteria); $table = $this->getTableName(); $sql = "SELECT count(*) FROM {$table} {$conditions}"; return $this->createCriteriaBindedCommand($conn,$sql, $criteria); } - abstract protected function getSqlFromCriteria(TActiveRecordCriteria $criteria); + abstract protected function getSqlFromCriteria($conn,TActiveRecordCriteria $criteria); /** * Sql command with parameters binded. diff --git a/framework/Data/ActiveRecord/Vendor/TMysqlMetaData.php b/framework/Data/ActiveRecord/Vendor/TMysqlMetaData.php index 1289afa5..0ac3798d 100644 --- a/framework/Data/ActiveRecord/Vendor/TMysqlMetaData.php +++ b/framework/Data/ActiveRecord/Vendor/TMysqlMetaData.php @@ -24,27 +24,36 @@ class TMysqlMetaData extends TDbMetaDataCommon { /** * Build the SQL search string from the criteria object for Postgress database. + * @param TDbConnection database connection. * @param TActiveRecordCriteria search criteria. * @return string SQL search. */ - protected function getSqlFromCriteria(TActiveRecordCriteria $criteria) + protected function getSqlFromCriteria($conn, TActiveRecordCriteria $criteria) { $sql = ''; if(($condition = $criteria->getCondition())!==null) $sql .= $condition; $orders=array(); foreach($criteria->getOrdersBy() as $by=>$ordering) - $orders[] = $by.' '.$ordering; + $orders[] = $conn->quoteString($by).' '.$this->getOrdering($ordering); if(count($orders) > 0) $sql .= ' ORDER BY '.implode(', ', $orders); if(($limit = $criteria->getLimit())!==null) { $offset = $criteria->getOffset(); - $offset = $offset===null?0:$offset; - $sql .= ' LIMIT '.$offset.', '.$limit; + $offset = $offset===null?0:intval($offset); //assumes integer offset + $sql .= ' LIMIT '.$offset.', '.intval($limit); //assumes integer limit } return strlen($sql) > 0 ? ' WHERE '.$sql : ''; } + + private function getOrdering($direction) + { + if(strtolower($direction)=='desc') + return 'DESC'; + else + return 'ASC'; + } } ?> \ No newline at end of file diff --git a/framework/Data/ActiveRecord/Vendor/TPgsqlMetaData.php b/framework/Data/ActiveRecord/Vendor/TPgsqlMetaData.php index 5fc0fcaf..35452849 100644 --- a/framework/Data/ActiveRecord/Vendor/TPgsqlMetaData.php +++ b/framework/Data/ActiveRecord/Vendor/TPgsqlMetaData.php @@ -26,24 +26,33 @@ class TPgsqlMetaData extends TDbMetaDataCommon { /** * Build the SQL search string from the criteria object for Postgress database. + * @param TDbConnection database connection. * @param TActiveRecordCriteria search criteria. * @return string SQL search. */ - protected function getSqlFromCriteria(TActiveRecordCriteria $criteria) + protected function getSqlFromCriteria($conn, TActiveRecordCriteria $criteria) { $sql = ''; if(($condition = $criteria->getCondition())!==null) $sql .= $condition; $orders=array(); foreach($criteria->getOrdersBy() as $by=>$ordering) - $orders[] = $by.' '.$ordering; + $orders[] = $conn->quoteString($by).' '.$this->getOrdering($ordering); if(count($orders) > 0) $sql .= ' ORDER BY '.implode(', ', $orders); if(($limit = $criteria->getLimit())!==null) - $sql .= ' LIMIT '.$limit; + $sql .= ' LIMIT '.intval($limit); //assumes integer limit? if(($offset = $criteria->getOffset())!==null) - $sql .= ' OFFSET '.$offset; + $sql .= ' OFFSET '.intval($offset); //assumes integer offset? return strlen($sql) > 0 ? ' WHERE '.$sql : ''; } + + private function getOrdering($direction) + { + if(strtolower($direction) == 'desc') + return 'DESC'; + else + return 'ASC'; + } } ?> \ No newline at end of file diff --git a/framework/Data/ActiveRecord/Vendor/TSqliteMetaData.php b/framework/Data/ActiveRecord/Vendor/TSqliteMetaData.php index 75c30c93..22d1759b 100644 --- a/framework/Data/ActiveRecord/Vendor/TSqliteMetaData.php +++ b/framework/Data/ActiveRecord/Vendor/TSqliteMetaData.php @@ -24,28 +24,37 @@ class TSqliteMetaData extends TDbMetaDataCommon { /** * Build the SQL search string from the criteria object for Postgress database. + * @param TDbConnection database connection. * @param TActiveRecordCriteria search criteria. * @return string SQL search. */ - protected function getSqlFromCriteria(TActiveRecordCriteria $criteria) + protected function getSqlFromCriteria($conn, TActiveRecordCriteria $criteria) { $sql = ''; if(($condition = $criteria->getCondition())!==null) $sql .= $condition; $orders=array(); foreach($criteria->getOrdersBy() as $by=>$ordering) - $orders[] = $by.' '.$ordering; + $orders[] = $conn->quoteString($by).' '.$this->getOrdering($ordering); if(count($orders) > 0) $sql .= ' ORDER BY '.implode(', ', $orders); if(($limit = $criteria->getLimit())!==null) { $offset = $criteria->getOffset(); - $offset = $offset===null?0:$offset; - $sql .= ' LIMIT '.$offset.', '.$limit; + $offset = $offset===null?0:intval($offset); //assume integer offset? + $sql .= ' LIMIT '.$offset.', '.intval($limit); //assume integer limit? } return strlen($sql) > 0 ? ' WHERE '.$sql : ''; } + private function getOrdering($direction) + { + if(strtolower($direction) == 'desc') + return 'DESC'; + else + return 'ASC'; + } + /** * Remove quote from the keys in the data. * @param mixed record row diff --git a/tests/simple_unit/ActiveRecord/records/DepSections.php b/tests/simple_unit/ActiveRecord/records/DepSections.php index 9563dda6..476371bd 100644 --- a/tests/simple_unit/ActiveRecord/records/DepSections.php +++ b/tests/simple_unit/ActiveRecord/records/DepSections.php @@ -6,7 +6,7 @@ class DepSections extends TActiveRecord public $section_id; public $order; - private static $_tablename='department_sections'; + public static $_tablename='department_sections'; public static function finder() { diff --git a/tests/simple_unit/ActiveRecord/records/DepartmentRecord.php b/tests/simple_unit/ActiveRecord/records/DepartmentRecord.php index 62e5c3e4..64ab39d0 100644 --- a/tests/simple_unit/ActiveRecord/records/DepartmentRecord.php +++ b/tests/simple_unit/ActiveRecord/records/DepartmentRecord.php @@ -8,7 +8,7 @@ class DepartmentRecord extends TActiveRecord public $active; public $order; - private static $_tablename = 'departments'; + public static $_tablename = 'departments'; public static function finder() { diff --git a/tests/simple_unit/ActiveRecord/records/SimpleUser.php b/tests/simple_unit/ActiveRecord/records/SimpleUser.php index a6eb2f81..a256ffaf 100644 --- a/tests/simple_unit/ActiveRecord/records/SimpleUser.php +++ b/tests/simple_unit/ActiveRecord/records/SimpleUser.php @@ -4,7 +4,7 @@ class SimpleUser extends TActiveRecord { public $username; - private static $_tablename='simple_users'; + public static $_tablename='simple_users'; public static function finder() { diff --git a/tests/simple_unit/ActiveRecord/records/SqliteUsers.php b/tests/simple_unit/ActiveRecord/records/SqliteUsers.php index 7a8f3cbb..6a6b9be9 100644 --- a/tests/simple_unit/ActiveRecord/records/SqliteUsers.php +++ b/tests/simple_unit/ActiveRecord/records/SqliteUsers.php @@ -6,7 +6,7 @@ class SqliteUsers extends TActiveRecord public $password; public $email; - private static $_tablename='users'; + public static $_tablename='users'; public static function finder() { diff --git a/tests/simple_unit/ActiveRecord/records/UserRecord.php b/tests/simple_unit/ActiveRecord/records/UserRecord.php index 45b74d3a..02534d6f 100644 --- a/tests/simple_unit/ActiveRecord/records/UserRecord.php +++ b/tests/simple_unit/ActiveRecord/records/UserRecord.php @@ -18,7 +18,7 @@ class UserRecord extends TActiveRecord private $_level=-1; - protected static $_tablename='users'; + public static $_tablename='users'; public function getLevel() { -- cgit v1.2.3