mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

escape all identifiers with backticks

This commit is contained in:
jfd 2012-07-30 20:46:14 +02:00 committed by Jörn Friedrich Dreyer
parent 3c5670b662
commit ede464f058
39 changed files with 337 additions and 330 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
apps/bookmarks/ajax/editBookmark.php
View File

@ -36,6 +36,8 @@ if( $CONFIG_DBTYPE == 'sqlite' or $CONFIG_DBTYPE == 'sqlite3' ){
$_ut = "strftime('%s','now')";
} elseif($CONFIG_DBTYPE == 'pgsql') {
$_ut = 'date_part(\'epoch\',now())::integer';
} elseif($CONFIG_DBTYPE == 'oci') {
$_ut = '(oracletime - to_date(\'19700101\',\'YYYYMMDD\')) * 86400';
} else {
$_ut = "UNIX_TIMESTAMP()";
}
@ -43,12 +45,13 @@ if( $CONFIG_DBTYPE == 'sqlite' or $CONFIG_DBTYPE == 'sqlite3' ){
$bookmark_id = (int)$_POST["id"];
$user_id = OCP\USER::getUser();
$query = OCP\DB::prepare("
UPDATE *PREFIX*bookmarks
SET url = ?, title =?, lastmodified = $_ut
WHERE id = ?
AND user_id = ?
");
//TODO check using CURRENT_TIMESTAMP? prepare already does magic when using now()
$query = OCP\DB::prepare('
UPDATE `*PREFIX*bookmarks`
SET `url` = ?, `title` = ?, `lastmodified` = '.$_ut.'
WHERE `id` = ?
AND `user_id` = ?
');
$params=array(
htmlspecialchars_decode($_POST["url"]),
@ -63,18 +66,22 @@ $result = $query->execute($params);
if ($result->numRows() == 0) exit();
# Remove old tags and insert new ones.
$query = OCP\DB::prepare("
DELETE FROM *PREFIX*bookmarks_tags
WHERE bookmark_id = $bookmark_id
");
$query = OCP\DB::prepare('
DELETE FROM `*PREFIX*bookmarks_tags`
WHERE `bookmark_id` = ?
');
$query->execute();
$params=array(
$bookmark_id
);
$query = OCP\DB::prepare("
INSERT INTO *PREFIX*bookmarks_tags
(bookmark_id, tag)
$query->execute($params);
$query = OCP\DB::prepare('
INSERT INTO `*PREFIX*bookmarks_tags`
(`bookmark_id`, `tag`)
VALUES (?, ?)
");
');
$tags = explode(' ', urldecode($_POST["tags"]));
foreach ($tags as $tag) {

12
apps/bookmarks/ajax/recordClick.php
View File

@ -30,12 +30,12 @@ $RUNTIME_NOSETUPFS=true;
OCP\JSON::checkLoggedIn();
OCP\JSON::checkAppEnabled('bookmarks');
$query = OCP\DB::prepare("
UPDATE *PREFIX*bookmarks
SET clickcount = clickcount + 1
WHERE user_id = ?
AND url LIKE ?
");
$query = OCP\DB::prepare('
UPDATE `*PREFIX*bookmarks`
SET `clickcount` = `clickcount` + 1
WHERE `user_id` = ?
AND `url` LIKE ?
');
$params=array(OCP\USER::getUser(), htmlspecialchars_decode($_POST["url"]));
$bookmarks = $query->execute($params);

8
apps/bookmarks/appinfo/migrate.php
View File

@ -35,23 +35,23 @@ class OC_Migration_Provider_Bookmarks extends OC_Migration_Provider{
switch( $this->appinfo->version ){
default:
// All versions of the app have had the same db structure, so all can use the same import function
$query = $this->content->prepare( "SELECT * FROM bookmarks WHERE user_id LIKE ?" );
$query = $this->content->prepare( "SELECT * FROM `bookmarks` WHERE `user_id` LIKE ?" );
$results = $query->execute( array( $this->olduid ) );
$idmap = array();
while( $row = $results->fetchRow() ){
// Import each bookmark, saving its id into the map
$query = OCP\DB::prepare( "INSERT INTO *PREFIX*bookmarks(url, title, user_id, public, added, lastmodified) VALUES (?, ?, ?, ?, ?, ?)" );
$query = OCP\DB::prepare( "INSERT INTO `*PREFIX*bookmarks`(`url`, `title`, `user_id`, `public`, `added`, `lastmodified`) VALUES (?, ?, ?, ?, ?, ?)" );
$query->execute( array( $row['url'], $row['title'], $this->uid, $row['public'], $row['added'], $row['lastmodified'] ) );
// Map the id
$idmap[$row['id']] = OCP\DB::insertid();
}
// Now tags
foreach($idmap as $oldid => $newid){
$query = $this->content->prepare( "SELECT * FROM bookmarks_tags WHERE bookmark_id LIKE ?" );
$query = $this->content->prepare( "SELECT * FROM `bookmarks_tags` WHERE `bookmark_id` LIKE ?" );
$results = $query->execute( array( $oldid ) );
while( $row = $results->fetchRow() ){
// Import the tags for this bookmark, using the new bookmark id
$query = OCP\DB::prepare( "INSERT INTO *PREFIX*bookmarks_tags(bookmark_id, tag) VALUES (?, ?)" );
$query = OCP\DB::prepare( "INSERT INTO `*PREFIX*bookmarks_tags`(`bookmark_id`, `tag`) VALUES (?, ?)" );
$query->execute( array( $newid, $row['tag'] ) );
}
}

10
apps/bookmarks/bookmarksHelper.php
View File

@ -83,8 +83,8 @@ function addBookmark($url, $title, $tags='') {
//FIXME: Detect when user adds a known URL
$query = OCP\DB::prepare("
INSERT INTO *PREFIX*bookmarks
(url, title, user_id, public, added, lastmodified)
INSERT INTO `*PREFIX*bookmarks`
(`url`, `title`, `user_id`, `public`, `added`, `lastmodified`)
VALUES (?, ?, ?, 0, $_ut, $_ut)
");
@ -109,8 +109,8 @@ function addBookmark($url, $title, $tags='') {
if($b_id !== false) {
$query = OCP\DB::prepare("
INSERT INTO *PREFIX*bookmarks_tags
(bookmark_id, tag)
INSERT INTO `*PREFIX*bookmarks_tags`
(`bookmark_id`, `tag`)
VALUES (?, ?)
");
@ -126,4 +126,4 @@ function addBookmark($url, $title, $tags='') {
return $b_id;
}
}
}

50
apps/bookmarks/lib/bookmarks.php
View File

@ -71,14 +71,14 @@ class OC_Bookmarks_Bookmarks{
if($CONFIG_DBTYPE == 'pgsql' ){
$query = OCP\DB::prepare('
SELECT id, url, title, '.($filterTagOnly?'':'url || title ||').' array_to_string(array_agg(tag), \' \') as tags
FROM *PREFIX*bookmarks
LEFT JOIN *PREFIX*bookmarks_tags ON *PREFIX*bookmarks.id = *PREFIX*bookmarks_tags.bookmark_id
SELECT `id`, `url`, `title`, '.($filterTagOnly?'':'`url` || `title` ||').' array_to_string(array_agg(`tag`), \' \') as `tags`
FROM `*PREFIX*bookmarks`
LEFT JOIN `*PREFIX*bookmarks_tags` ON `*PREFIX*bookmarks`.`id` = `*PREFIX*bookmarks_tags`.`bookmark_id`
WHERE
*PREFIX*bookmarks.user_id = ?
GROUP BY id, url, title
`*PREFIX*bookmarks`.`user_id` = ?
GROUP BY `id`, `url`, `title`
'.$sqlFilterTag.'
ORDER BY *PREFIX*bookmarks.'.$sqlSortColumn.' DESC
ORDER BY `*PREFIX*bookmarks`.`'.$sqlSortColumn.'` DESC
LIMIT 10
OFFSET '. $offset);
} else {
@ -88,25 +88,25 @@ class OC_Bookmarks_Bookmarks{
$concatFunction = 'Concat(Concat( url, title), ';
$query = OCP\DB::prepare('
SELECT id, url, title, '
SELECT `id`, `url`, `title`, '
.($filterTagOnly?'':$concatFunction).
'CASE WHEN *PREFIX*bookmarks.id = *PREFIX*bookmarks_tags.bookmark_id
THEN GROUP_CONCAT( tag ' .$_gc_separator. ' )
'CASE WHEN `*PREFIX*bookmarks`.`id` = `*PREFIX*bookmarks_tags`.`bookmark_id`
THEN GROUP_CONCAT( `tag` ' .$_gc_separator. ' )
ELSE \' \'
END '
.($filterTagOnly?'':')').'
AS tags
FROM *PREFIX*bookmarks
LEFT JOIN *PREFIX*bookmarks_tags ON 1=1
WHERE (*PREFIX*bookmarks.id = *PREFIX*bookmarks_tags.bookmark_id
OR *PREFIX*bookmarks.id NOT IN (
SELECT *PREFIX*bookmarks_tags.bookmark_id FROM *PREFIX*bookmarks_tags
AS `tags`
FROM `*PREFIX*bookmarks`
LEFT JOIN `*PREFIX*bookmarks_tags` ON 1=1
WHERE (`*PREFIX*bookmarks`.`id` = `*PREFIX*bookmarks_tags`.`bookmark_id`
OR `*PREFIX*bookmarks`.`id` NOT IN (
SELECT `*PREFIX*bookmarks_tags`.`bookmark_id` FROM `*PREFIX*bookmarks_tags`
)
)
AND *PREFIX*bookmarks.user_id = ?
GROUP BY url
AND `*PREFIX*bookmarks`.`user_id` = ?
GROUP BY `url`
'.$sqlFilterTag.'
ORDER BY *PREFIX*bookmarks.'.$sqlSortColumn.' DESC
ORDER BY `*PREFIX*bookmarks`.`'.$sqlSortColumn.'` DESC
LIMIT '.$offset.', 10');
}
@ -119,9 +119,9 @@ class OC_Bookmarks_Bookmarks{
$user = OCP\USER::getUser();
$query = OCP\DB::prepare("
SELECT id FROM *PREFIX*bookmarks
WHERE id = ?
AND user_id = ?
SELECT `id` FROM `*PREFIX*bookmarks`
WHERE `id` = ?
AND `user_id` = ?
");
$result = $query->execute(array($id, $user));
@ -131,15 +131,15 @@ class OC_Bookmarks_Bookmarks{
}
$query = OCP\DB::prepare("
DELETE FROM *PREFIX*bookmarks
WHERE id = $id
DELETE FROM `*PREFIX*bookmarks`
WHERE `id` = $id
");
$result = $query->execute();
$query = OCP\DB::prepare("
DELETE FROM *PREFIX*bookmarks_tags
WHERE bookmark_id = $id
DELETE FROM `*PREFIX*bookmarks_tags`
WHERE `bookmark_id` = $id
");
$result = $query->execute();

6
apps/calendar/appinfo/update.php
View File

@ -2,7 +2,7 @@
$installedVersion=OCP\Config::getAppValue('calendar', 'installed_version');
if (version_compare($installedVersion, '0.2.1', '<')) {
$stmt = OCP\DB::prepare( 'SELECT id, calendarcolor FROM *PREFIX*calendar_calendars WHERE calendarcolor IS NOT NULL' );
$stmt = OCP\DB::prepare( 'SELECT `id`, `calendarcolor` FROM `*PREFIX*calendar_calendars` WHERE `calendarcolor` IS NOT NULL' );
$result = $stmt->execute();
while( $row = $result->fetchRow()) {
$id = $row['id'];
@ -11,7 +11,7 @@ if (version_compare($installedVersion, '0.2.1', '<')) {
continue;
}
$color = '#' .$color;
$stmt = OCP\DB::prepare( 'UPDATE *PREFIX*calendar_calendars SET calendarcolor=? WHERE id=?' );
$stmt = OCP\DB::prepare( 'UPDATE `*PREFIX*calendar_calendars` SET `calendarcolor`=? WHERE `id`=?' );
$r = $stmt->execute(array($color,$id));
}
}
}

20
apps/calendar/lib/calendar.php
View File

@ -51,10 +51,10 @@ class OC_Calendar_Calendar{
$values = array($uid);
$active_where = '';
if (!is_null($active) && $active){
$active_where = ' AND active = ?';
$active_where = ' AND `active` = ?';
$values[] = $active;
}
$stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*calendar_calendars WHERE userid = ?' . $active_where );
$stmt = OCP\DB::prepare( 'SELECT * FROM `*PREFIX*calendar_calendars` WHERE `userid` = ?' . $active_where );
$result = $stmt->execute($values);
$calendars = array();
@ -81,7 +81,7 @@ class OC_Calendar_Calendar{
* @return associative array
*/
public static function find($id){
$stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*calendar_calendars WHERE id = ?' );
$stmt = OCP\DB::prepare( 'SELECT * FROM `*PREFIX*calendar_calendars` WHERE `id` = ?' );
$result = $stmt->execute(array($id));
return $result->fetchRow();
@ -106,7 +106,7 @@ class OC_Calendar_Calendar{
$uri = self::createURI($name, $uris );
$stmt = OCP\DB::prepare( 'INSERT INTO *PREFIX*calendar_calendars (userid,displayname,uri,ctag,calendarorder,calendarcolor,timezone,components) VALUES(?,?,?,?,?,?,?,?)' );
$stmt = OCP\DB::prepare( 'INSERT INTO `*PREFIX*calendar_calendars` (`userid`,`displayname`,`uri`,`ctag`,`calendarorder`,`calendarcolor`,`timezone`,`components`) VALUES(?,?,?,?,?,?,?,?)' );
$result = $stmt->execute(array($userid,$name,$uri,1,$order,$color,$timezone,$components));
return OCP\DB::insertid('*PREFIX*calendar_calendars');
@ -126,7 +126,7 @@ class OC_Calendar_Calendar{
public static function addCalendarFromDAVData($principaluri,$uri,$name,$components,$timezone,$order,$color){
$userid = self::extractUserID($principaluri);
$stmt = OCP\DB::prepare( 'INSERT INTO *PREFIX*calendar_calendars (userid,displayname,uri,ctag,calendarorder,calendarcolor,timezone,components) VALUES(?,?,?,?,?,?,?,?)' );
$stmt = OCP\DB::prepare( 'INSERT INTO `*PREFIX*calendar_calendars` (`userid`,`displayname`,`uri`,`ctag`,`calendarorder`,`calendarcolor`,`timezone`,`components`) VALUES(?,?,?,?,?,?,?,?)' );
$result = $stmt->execute(array($userid,$name,$uri,1,$order,$color,$timezone,$components));
return OCP\DB::insertid('*PREFIX*calendar_calendars');
@ -155,7 +155,7 @@ class OC_Calendar_Calendar{
if(is_null($order)) $order = $calendar['calendarorder'];
if(is_null($color)) $color = $calendar['calendarcolor'];
$stmt = OCP\DB::prepare( 'UPDATE *PREFIX*calendar_calendars SET displayname=?,calendarorder=?,calendarcolor=?,timezone=?,components=?,ctag=ctag+1 WHERE id=?' );
$stmt = OCP\DB::prepare( 'UPDATE `*PREFIX*calendar_calendars` SET `displayname`=?,`calendarorder`=?,`calendarcolor`=?,`timezone`=?,`components`=?,`ctag`=`ctag`+1 WHERE `id`=?' );
$result = $stmt->execute(array($name,$order,$color,$timezone,$components,$id));
return true;
@ -168,7 +168,7 @@ class OC_Calendar_Calendar{
* @return boolean
*/
public static function setCalendarActive($id,$active){
$stmt = OCP\DB::prepare( 'UPDATE *PREFIX*calendar_calendars SET active = ? WHERE id = ?' );
$stmt = OCP\DB::prepare( 'UPDATE `*PREFIX*calendar_calendars` SET `active` = ? WHERE `id` = ?' );
$stmt->execute(array($active, $id));
return true;
@ -180,7 +180,7 @@ class OC_Calendar_Calendar{
* @return boolean
*/
public static function touchCalendar($id){
$stmt = OCP\DB::prepare( 'UPDATE *PREFIX*calendar_calendars SET ctag = ctag + 1 WHERE id = ?' );
$stmt = OCP\DB::prepare( 'UPDATE `*PREFIX*calendar_calendars` SET `ctag` = `ctag` + 1 WHERE `id` = ?' );
$stmt->execute(array($id));
return true;
@ -192,10 +192,10 @@ class OC_Calendar_Calendar{
* @return boolean
*/
public static function deleteCalendar($id){
$stmt = OCP\DB::prepare( 'DELETE FROM *PREFIX*calendar_calendars WHERE id = ?' );
$stmt = OCP\DB::prepare( 'DELETE FROM `*PREFIX*calendar_calendars` WHERE `id` = ?' );
$stmt->execute(array($id));
$stmt = OCP\DB::prepare( 'DELETE FROM *PREFIX*calendar_objects WHERE calendarid = ?' );
$stmt = OCP\DB::prepare( 'DELETE FROM `*PREFIX*calendar_objects` WHERE `calendarid` = ?' );
$stmt->execute(array($id));
return true;

28
apps/calendar/lib/object.php
View File

@ -19,7 +19,7 @@ class OC_Calendar_Object{
* ['calendardata']
*/
public static function all($id){
$stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*calendar_objects WHERE calendarid = ?' );
$stmt = OCP\DB::prepare( 'SELECT * FROM `*PREFIX*calendar_objects` WHERE `calendarid` = ?' );
$result = $stmt->execute(array($id));
$calendarobjects = array();
@ -41,10 +41,10 @@ class OC_Calendar_Object{
* in ['calendardata']
*/
public static function allInPeriod($id, $start, $end){
$stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*calendar_objects WHERE calendarid = ?'
.' AND ((startdate >= ? AND startdate <= ? AND repeating = 0)'
.' OR (enddate >= ? AND enddate <= ? AND repeating = 0)'
.' OR (startdate <= ? AND repeating = 1))' );
$stmt = OCP\DB::prepare( 'SELECT * FROM `*PREFIX*calendar_objects` WHERE `calendarid` = ?'
.' AND ((`startdate` >= ? AND `startdate` <= ? AND `repeating` = 0)'
.' OR (`enddate` >= ? AND `enddate` <= ? AND `repeating` = 0)'
.' OR (`startdate` <= ? AND `repeating` = 1))' );
$start = self::getUTCforMDB($start);
$end = self::getUTCforMDB($end);
$result = $stmt->execute(array($id,
@ -66,7 +66,7 @@ class OC_Calendar_Object{
* @return associative array
*/
public static function find($id){
$stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*calendar_objects WHERE id = ?' );
$stmt = OCP\DB::prepare( 'SELECT * FROM `*PREFIX*calendar_objects` WHERE `id` = ?' );
$result = $stmt->execute(array($id));
return $result->fetchRow();
@ -79,7 +79,7 @@ class OC_Calendar_Object{
* @return associative array
*/
public static function findWhereDAVDataIs($cid,$uri){
$stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*calendar_objects WHERE calendarid = ? AND uri = ?' );
$stmt = OCP\DB::prepare( 'SELECT * FROM `*PREFIX*calendar_objects` WHERE `calendarid` = ? AND `uri` = ?' );
$result = $stmt->execute(array($cid,$uri));
return $result->fetchRow();
@ -103,7 +103,7 @@ class OC_Calendar_Object{
$uri = 'owncloud-'.md5($data.rand().time()).'.ics';
$stmt = OCP\DB::prepare( 'INSERT INTO *PREFIX*calendar_objects (calendarid,objecttype,startdate,enddate,repeating,summary,calendardata,uri,lastmodified) VALUES(?,?,?,?,?,?,?,?,?)' );
$stmt = OCP\DB::prepare( 'INSERT INTO `*PREFIX*calendar_objects` (`calendarid`,`objecttype`,`startdate`,`enddate`,`repeating`,`summary`,`calendardata`,`uri`,`lastmodified`) VALUES(?,?,?,?,?,?,?,?,?)' );
$stmt->execute(array($id,$type,$startdate,$enddate,$repeating,$summary,$data,$uri,time()));
$object_id = OCP\DB::insertid('*PREFIX*calendar_objects');
@ -123,7 +123,7 @@ class OC_Calendar_Object{
$object = OC_VObject::parse($data);
list($type,$startdate,$enddate,$summary,$repeating,$uid) = self::extractData($object);
$stmt = OCP\DB::prepare( 'INSERT INTO *PREFIX*calendar_objects (calendarid,objecttype,startdate,enddate,repeating,summary,calendardata,uri,lastmodified) VALUES(?,?,?,?,?,?,?,?,?)' );
$stmt = OCP\DB::prepare( 'INSERT INTO `*PREFIX*calendar_objects` (`calendarid`,`objecttype`,`startdate`,`enddate`,`repeating`,`summary`,`calendardata`,`uri`,`lastmodified`) VALUES(?,?,?,?,?,?,?,?,?)' );
$stmt->execute(array($id,$type,$startdate,$enddate,$repeating,$summary,$data,$uri,time()));
$object_id = OCP\DB::insertid('*PREFIX*calendar_objects');
@ -145,7 +145,7 @@ class OC_Calendar_Object{
OC_Calendar_App::loadCategoriesFromVCalendar($object);
list($type,$startdate,$enddate,$summary,$repeating,$uid) = self::extractData($object);
$stmt = OCP\DB::prepare( 'UPDATE *PREFIX*calendar_objects SET objecttype=?,startdate=?,enddate=?,repeating=?,summary=?,calendardata=?, lastmodified = ? WHERE id = ?' );
$stmt = OCP\DB::prepare( 'UPDATE `*PREFIX*calendar_objects` SET `objecttype`=?,`startdate`=?,`enddate`=?,`repeating`=?,`summary`=?,`calendardata`=?,`lastmodified`= ? WHERE `id` = ?' );
$stmt->execute(array($type,$startdate,$enddate,$repeating,$summary,$data,time(),$id));
OC_Calendar_Calendar::touchCalendar($oldobject['calendarid']);
@ -166,7 +166,7 @@ class OC_Calendar_Object{
$object = OC_VObject::parse($data);
list($type,$startdate,$enddate,$summary,$repeating,$uid) = self::extractData($object);
$stmt = OCP\DB::prepare( 'UPDATE *PREFIX*calendar_objects SET objecttype=?,startdate=?,enddate=?,repeating=?,summary=?,calendardata=?, lastmodified = ? WHERE id = ?' );
$stmt = OCP\DB::prepare( 'UPDATE `*PREFIX*calendar_objects` SET `objecttype`=?,`startdate`=?,`enddate`=?,`repeating`=?,`summary`=?,`calendardata`=?,`lastmodified`= ? WHERE `id` = ?' );
$stmt->execute(array($type,$startdate,$enddate,$repeating,$summary,$data,time(),$oldobject['id']));
OC_Calendar_Calendar::touchCalendar($oldobject['calendarid']);
@ -181,7 +181,7 @@ class OC_Calendar_Object{
*/
public static function delete($id){
$oldobject = self::find($id);
$stmt = OCP\DB::prepare( 'DELETE FROM *PREFIX*calendar_objects WHERE id = ?' );
$stmt = OCP\DB::prepare( 'DELETE FROM `*PREFIX*calendar_objects` WHERE `id` = ?' );
$stmt->execute(array($id));
OC_Calendar_Calendar::touchCalendar($oldobject['calendarid']);
@ -195,7 +195,7 @@ class OC_Calendar_Object{
* @return boolean
*/
public static function deleteFromDAVData($cid,$uri){
$stmt = OCP\DB::prepare( 'DELETE FROM *PREFIX*calendar_objects WHERE calendarid = ? AND uri=?' );
$stmt = OCP\DB::prepare( 'DELETE FROM `*PREFIX*calendar_objects` WHERE `calendarid`= ? AND `uri`=?' );
$stmt->execute(array($cid,$uri));
OC_Calendar_Calendar::touchCalendar($cid);
@ -203,7 +203,7 @@ class OC_Calendar_Object{
}
public static function moveToCalendar($id, $calendarid){
$stmt = OCP\DB::prepare( 'UPDATE *PREFIX*calendar_objects SET calendarid=? WHERE id = ?' );
$stmt = OCP\DB::prepare( 'UPDATE `*PREFIX*calendar_objects` SET `calendarid`=? WHERE `id`=?' );
$stmt->execute(array($calendarid,$id));
OC_Calendar_Calendar::touchCalendar($id);

36
apps/calendar/lib/share.php
View File

@ -25,7 +25,7 @@ class OC_Calendar_Share{
}else{
$active_where = '';
}
$stmt = OCP\DB::prepare("SELECT * FROM *PREFIX*calendar_share_" . $type . " WHERE ((share = ? AND sharetype = 'user') " . $group_where . ") AND owner <> ? " . $permission_where . " " . $active_where);
$stmt = OCP\DB::prepare("SELECT * FROM `*PREFIX*calendar_share_" . $type . "` WHERE ((`share` = ? AND `sharetype` = 'user') " . $group_where . ") AND `owner` <> ? " . $permission_where . " " . $active_where);
$result = $stmt->execute(array($userid, $userid));
$return = array();
while( $row = $result->fetchRow()){
@ -40,7 +40,7 @@ class OC_Calendar_Share{
* @return: (array) $users - information about users a calendar / event is shared with
*/
public static function allUsersSharedwith($id, $type){
$stmt = OCP\DB::prepare('SELECT * FROM *PREFIX*calendar_share_' . $type . ' WHERE ' . $type . 'id = ? ORDER BY share');
$stmt = OCP\DB::prepare('SELECT * FROM `*PREFIX*calendar_share_' . $type . '` WHERE `' . $type . 'id` = ? ORDER BY `share`');
$result = $stmt->execute(array($id));
$users = array();
while( $row = $result->fetchRow()){
@ -72,7 +72,7 @@ class OC_Calendar_Share{
if($sharetype == 'public'){
$share = self::generate_token($id, $type);
}
$stmt = OCP\DB::prepare('INSERT INTO *PREFIX*calendar_share_' . $type . ' (owner,share,sharetype,' . $type . 'id,permissions' . (($type == self::CALENDAR)?', active':'') . ') VALUES(?,?,?,?,0' . (($type == self::CALENDAR)?', 1':'') . ')' );
$stmt = OCP\DB::prepare('INSERT INTO `*PREFIX*calendar_share_' . $type . '` (`owner`,`share`,`sharetype`,`' . $type . 'id`,`permissions`' . (($type == self::CALENDAR)?',`active`':'') . ') VALUES(?,?,?,?,0' . (($type == self::CALENDAR)?', 1':'') . ')' );
$result = $stmt->execute(array($owner,$share,$sharetype,$id));
if($sharetype == 'public'){
return $share;
@ -90,7 +90,7 @@ class OC_Calendar_Share{
* @return (bool)
*/
public static function unshare($owner, $share, $sharetype, $id, $type){
$stmt = OCP\DB::prepare('DELETE FROM *PREFIX*calendar_share_' . $type . ' WHERE owner = ? ' . (($sharetype != 'public')?'AND share = ?':'') . ' AND sharetype = ? AND ' . $type . 'id = ?');
$stmt = OCP\DB::prepare('DELETE FROM `*PREFIX*calendar_share_' . $type . '` WHERE `owner` = ? ' . (($sharetype != 'public')?'AND `share` = ?':'') . ' AND `sharetype` = ? AND `' . $type . 'id` = ?');
if($sharetype != 'public'){
$stmt->execute(array($owner,$share,$sharetype,$id));
}else{
@ -111,7 +111,7 @@ class OC_Calendar_Share{
if($sharetype == 'public' && $permission == 1){
$permission = 0;
}
$stmt = OCP\DB::prepare('UPDATE *PREFIX*calendar_share_' . $type . ' SET permissions = ? WHERE share = ? AND sharetype = ? AND ' . $type . 'id = ?');
$stmt = OCP\DB::prepare('UPDATE `*PREFIX*calendar_share_' . $type . '` SET `permissions` = ? WHERE `share` = ? AND `sharetype` = ? AND `' . $type . 'id` = ?');
$stmt->execute(array($permission, $share, $sharetype, $id));
return true;
}
@ -148,7 +148,7 @@ class OC_Calendar_Share{
* @return (bool)
*/
public static function is_already_shared($owner, $share, $sharetype, $id, $type){
$stmt = OCP\DB::prepare('SELECT * FROM *PREFIX*calendar_share_' . $type . ' WHERE owner = ? AND share = ? AND sharetype = ? AND ' . $type . 'id = ?');
$stmt = OCP\DB::prepare('SELECT * FROM `*PREFIX*calendar_share_' . $type . '` WHERE `owner` = ? AND `share` = ? AND `sharetype` = ? AND `' . $type . 'id` = ?');
$result = $stmt->execute(array($owner, $share, $sharetype, $id));
if($result->numRows() > 0){
return true;
@ -160,7 +160,7 @@ class OC_Calendar_Share{
$i = 0;
foreach($groups as $group){
$group_where .= ' OR ';
$group_where .= " (share = '" . $group . "' AND sharetype = 'group') ";
$group_where .= ' (`share` = \'' . $group . '\' AND `sharetype` = \'group\') ';
$i++;
}
return $group_where;
@ -168,7 +168,7 @@ class OC_Calendar_Share{
private static function permission_sql($permission = null){
$permission_where = '';
if(!is_null($permission)){
$permission_where = ' AND permissions = ';
$permission_where = ' AND `permissions` = ';
$permission_where .= ($permission=='rw')?"'1'":"'0'";
}
return $permission_where;
@ -176,7 +176,7 @@ class OC_Calendar_Share{
private static function active_sql($active = null){
$active_where = '';
if(!is_null($active)){
$active_where = 'AND active = ';
$active_where = 'AND `active` = ';
$active_where .= (!is_null($active) && $active)?'1':'0';
}
return $active_where;
@ -191,7 +191,7 @@ class OC_Calendar_Share{
public static function is_editing_allowed($share, $id, $type){
$group_where = self::group_sql(OC_Group::getUserGroups($share));
$permission_where = self::permission_sql('rw');
$stmt = OCP\DB::prepare("SELECT * FROM *PREFIX*calendar_share_" . $type . " WHERE ((share = ? AND sharetype = 'user') " . $group_where . ") " . $permission_where);
$stmt = OCP\DB::prepare('SELECT * FROM `*PREFIX*calendar_share_' . $type . '` WHERE ((`share` = ? AND `sharetype` = \'user\') ' . $group_where . ') ' . $permission_where);
$result = $stmt->execute(array($share));
if($result->numRows() == 1){
return true;
@ -211,7 +211,7 @@ class OC_Calendar_Share{
*/
public static function check_access($share, $id, $type){
$group_where = self::group_sql(OC_Group::getUserGroups($share));
$stmt = OCP\DB::prepare("SELECT * FROM *PREFIX*calendar_share_" . $type . " WHERE (" . $type . "id = ? AND (share = ? AND sharetype = 'user') " . $group_where . ")");
$stmt = OCP\DB::prepare('SELECT * FROM `*PREFIX*calendar_share`_' . $type . '` WHERE (`' . $type . 'id` = ? AND (`share` = ? AND `sharetype` = \'user\') ' . $group_where . ')');
$result = $stmt->execute(array($id,$share));
$rows = $result->numRows();
if($rows > 0){
@ -229,9 +229,9 @@ class OC_Calendar_Share{
* @return: mixed - bool if false, array with type and id if true
*/
public static function getElementByToken($token){
$stmt_calendar = OCP\DB::prepare("SELECT * FROM *PREFIX*calendar_share_" . OC_Calendar_Share::CALENDAR . " WHERE sharetype = 'public' AND share = ?");
$stmt_calendar = OCP\DB::prepare("SELECT * FROM `*PREFIX*calendar_share_" . OC_Calendar_Share::CALENDAR . "` WHERE `sharetype` = 'public' AND `share` = ?");
$result_calendar = $stmt_calendar->execute(array($token));
$stmt_event = OCP\DB::prepare("SELECT * FROM *PREFIX*calendar_share_" . OC_Calendar_Share::EVENT . " WHERE sharetype = 'public' AND share = ?");
$stmt_event = OCP\DB::prepare("SELECT * FROM `*PREFIX*calendar_share_" . OC_Calendar_Share::EVENT . "` WHERE `sharetype` = 'public' AND `share` = ?");
$result_event = $stmt_event->execute(array($token));
$return = array();
if($result_calendar->numRows() == 0 && $result_event->numRows() == 0){
@ -253,7 +253,7 @@ class OC_Calendar_Share{
* @param (string) $
*/
public static function set_active($share, $id, $active){
$stmt = OCP\DB::prepare("UPDATE *PREFIX*calendar_share_calendar SET active = ? WHERE share = ? AND sharetype = 'user' AND calendarid = ?");
$stmt = OCP\DB::prepare("UPDATE `*PREFIX*calendar_share_calendar` SET `active` = ? WHERE `share` = ? AND `sharetype` = 'user' AND `calendarid` = ?");
$stmt->execute(array($active, $share, $id));
}
@ -263,13 +263,13 @@ class OC_Calendar_Share{
* @return (bool)
*/
public static function post_userdelete($userid){
$stmt = OCP\DB::prepare('DELETE FROM *PREFIX*calendar_share_calendar WHERE owner = ?');
$stmt = OCP\DB::prepare('DELETE FROM `*PREFIX*calendar_share_calendar` WHERE `owner` = ?');
$stmt->execute(array($userid));
$stmt = OCP\DB::prepare('DELETE FROM *PREFIX*calendar_share_event WHERE owner = ?');
$stmt = OCP\DB::prepare('DELETE FROM `*PREFIX*calendar_share_event` WHERE `owner` = ?');
$stmt->execute(array($userid));
$stmt = OCP\DB::prepare("DELETE FROM *PREFIX*calendar_share_calendar WHERE share = ? AND sharetype = 'user'");
$stmt = OCP\DB::prepare("DELETE FROM `*PREFIX*calendar_share_calendar` WHERE `share` = ? AND `sharetype` = 'user'");
$stmt->execute(array($userid));
$stmt = OCP\DB::prepare("DELETE FROM *PREFIX*calendar_share_event WHERE share = ? AND sharetype = 'user'");
$stmt = OCP\DB::prepare("DELETE FROM `*PREFIX*calendar_share_event` WHERE `share` = ? AND `sharetype` = 'user'");
$stmt->execute(array($userid));
return true;
}

4
apps/contacts/appinfo/migrate.php
View File

@ -40,7 +40,7 @@ class OC_Migration_Provider_Contacts extends OC_Migration_Provider{
$idmap = array();
while( $row = $results->fetchRow() ){
// Import each bookmark, saving its id into the map
$query = OCP\DB::prepare( "INSERT INTO *PREFIX*contacts_addressbooks (`userid`, `displayname`, `uri`, `description`, `ctag`) VALUES (?, ?, ?, ?, ?)" );
$query = OCP\DB::prepare( "INSERT INTO `*PREFIX*contacts_addressbooks` (`userid`, `displayname`, `uri`, `description`, `ctag`) VALUES (?, ?, ?, ?, ?)" );
$query->execute( array( $this->uid, $row['displayname'], $row['uri'], $row['description'], $row['ctag'] ) );
// Map the id
$idmap[$row['id']] = OCP\DB::insertid();
@ -51,7 +51,7 @@ class OC_Migration_Provider_Contacts extends OC_Migration_Provider{
$results = $query->execute( array( $oldid ) );
while( $row = $results->fetchRow() ){
// Import the tags for this bookmark, using the new bookmark id
$query = OCP\DB::prepare( "INSERT INTO *PREFIX*contacts_cards (`addressbookid`, `fullname`, `carddata`, `uri`, `lastmodified`) VALUES (?, ?, ?, ?, ?)" );
$query = OCP\DB::prepare( "INSERT INTO `*PREFIX*contacts_cards` (`addressbookid`, `fullname`, `carddata`, `uri`, `lastmodified`) VALUES (?, ?, ?, ?, ?)" );
$query->execute( array( $newid, $row['fullname'], $row['carddata'], $row['uri'], $row['lastmodified'] ) );
}
}

16
apps/contacts/lib/addressbook.php
View File

@ -44,7 +44,7 @@ class OC_Contacts_Addressbook{
* @return array
*/
public static function all($uid){
$stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*contacts_addressbooks WHERE userid = ? ORDER BY displayname' );
$stmt = OCP\DB::prepare( 'SELECT * FROM `*PREFIX*contacts_addressbooks` WHERE `userid` = ? ORDER BY `displayname`' );
$result = $stmt->execute(array($uid));
$addressbooks = array();
@ -72,7 +72,7 @@ class OC_Contacts_Addressbook{
*/
public static function find($id){
try {
$stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*contacts_addressbooks WHERE id = ?' );
$stmt = OCP\DB::prepare( 'SELECT * FROM `*PREFIX*contacts_addressbooks` WHERE `id` = ?' );
$result = $stmt->execute(array($id));
return $result->fetchRow();
} catch(Exception $e) {
@ -98,7 +98,7 @@ class OC_Contacts_Addressbook{
$uri = self::createURI($name, $uris );
$stmt = OCP\DB::prepare( 'INSERT INTO *PREFIX*contacts_addressbooks (userid,displayname,uri,description,ctag) VALUES(?,?,?,?,?)' );
$stmt = OCP\DB::prepare( 'INSERT INTO `*PREFIX*contacts_addressbooks` (`userid`,`displayname`,`uri`,`description`,`ctag`) VALUES(?,?,?,?,?)' );
$result = $stmt->execute(array($userid,$name,$uri,$description,1));
return OCP\DB::insertid('*PREFIX*contacts_addressbooks');
@ -115,7 +115,7 @@ class OC_Contacts_Addressbook{
public static function addFromDAVData($principaluri,$uri,$name,$description){
$userid = self::extractUserID($principaluri);
$stmt = OCP\DB::prepare( 'INSERT INTO *PREFIX*contacts_addressbooks (userid,displayname,uri,description,ctag) VALUES(?,?,?,?,?)' );
$stmt = OCP\DB::prepare( 'INSERT INTO `*PREFIX*contacts_addressbooks` (`userid`,`displayname`,`uri`,`description`,`ctag`) VALUES(?,?,?,?,?)' );
$result = $stmt->execute(array($userid,$name,$uri,$description,1));
return OCP\DB::insertid('*PREFIX*contacts_addressbooks');
@ -139,7 +139,7 @@ class OC_Contacts_Addressbook{
$description = $addressbook['description'];
}
$stmt = OCP\DB::prepare( 'UPDATE *PREFIX*contacts_addressbooks SET displayname=?,description=?, ctag=ctag+1 WHERE id=?' );
$stmt = OCP\DB::prepare( 'UPDATE `*PREFIX*contacts_addressbooks` SET `displayname`=?,`description`=?, `ctag`=`ctag`+1 WHERE `id`=?' );
$result = $stmt->execute(array($name,$description,$id));
return true;
@ -208,7 +208,7 @@ class OC_Contacts_Addressbook{
return $addressbooks;
}
$ids_sql = join(',', array_fill(0, count($active), '?'));
$prep = 'SELECT * FROM *PREFIX*contacts_addressbooks WHERE id IN ('.$ids_sql.') ORDER BY displayname';
$prep = 'SELECT * FROM `*PREFIX*contacts_addressbooks` WHERE `id` IN ('.$ids_sql.') ORDER BY `displayname`';
try {
$stmt = OCP\DB::prepare( $prep );
$result = $stmt->execute($active);
@ -275,7 +275,7 @@ class OC_Contacts_Addressbook{
public static function delete($id){
// FIXME: There's no error checking at all.
self::setActive($id, false);
$stmt = OCP\DB::prepare( 'DELETE FROM *PREFIX*contacts_addressbooks WHERE id = ?' );
$stmt = OCP\DB::prepare( 'DELETE FROM `*PREFIX*contacts_addressbooks` WHERE `id` = ?' );
$stmt->execute(array($id));
$cards = OC_Contacts_VCard::all($id);
@ -292,7 +292,7 @@ class OC_Contacts_Addressbook{
* @return boolean
*/
public static function touch($id){
$stmt = OCP\DB::prepare( 'UPDATE *PREFIX*contacts_addressbooks SET ctag = ctag + 1 WHERE id = ?' );
$stmt = OCP\DB::prepare( 'UPDATE `*PREFIX*contacts_addressbooks` SET `ctag` = `ctag` + 1 WHERE `id` = ?' );
$stmt->execute(array($id));
return true;

24
apps/contacts/lib/vcard.php
View File

@ -51,7 +51,7 @@ class OC_Contacts_VCard{
$result = null;
if(is_array($id) && count($id) > 1) {
$id_sql = join(',', array_fill(0, count($id), '?'));
$prep = 'SELECT * FROM *PREFIX*contacts_cards WHERE addressbookid IN ('.$id_sql.') ORDER BY fullname';
$prep = 'SELECT * FROM `*PREFIX*contacts_cards` WHERE `addressbookid` IN ('.$id_sql.') ORDER BY `fullname`';
try {
$stmt = OCP\DB::prepare( $prep );
$result = $stmt->execute($id);
@ -68,7 +68,7 @@ class OC_Contacts_VCard{
$id = $id[0];
}
try {
$stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*contacts_cards WHERE addressbookid = ? ORDER BY fullname' );
$stmt = OCP\DB::prepare( 'SELECT * FROM `*PREFIX*contacts_cards` WHERE `addressbookid` = ? ORDER BY `fullname`' );
$result = $stmt->execute(array($id));
} catch(Exception $e) {
OCP\Util::writeLog('contacts','OC_Contacts_VCard:all:, exception: '.$e->getMessage(),OCP\Util::ERROR);
@ -94,7 +94,7 @@ class OC_Contacts_VCard{
* @return associative array
*/
public static function find($id){
$stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*contacts_cards WHERE id = ?' );
$stmt = OCP\DB::prepare( 'SELECT * FROM `*PREFIX*contacts_cards` WHERE `id` = ?' );
$result = $stmt->execute(array($id));
return $result->fetchRow();
@ -107,7 +107,7 @@ class OC_Contacts_VCard{
* @return associative array
*/
public static function findWhereDAVDataIs($aid,$uri){
$stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*contacts_cards WHERE addressbookid = ? AND uri = ?' );
$stmt = OCP\DB::prepare( 'SELECT * FROM `*PREFIX*contacts_cards` WHERE `addressbookid` = ? AND `uri` = ?' );
$result = $stmt->execute(array($aid,$uri));
return $result->fetchRow();
@ -156,7 +156,7 @@ class OC_Contacts_VCard{
* @returns true if the UID has been changed.
*/
protected static function trueUID($aid, &$uid) {
$stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*contacts_cards WHERE addressbookid = ? AND uri = ?' );
$stmt = OCP\DB::prepare( 'SELECT * FROM `*PREFIX*contacts_cards` WHERE `addressbookid` = ? AND `uri` = ?' );
$uri = $uid.'.vcf';
$result = $stmt->execute(array($aid,$uri));
if($result->numRows() > 0){
@ -297,7 +297,7 @@ class OC_Contacts_VCard{
}
$data = $card->serialize();
$stmt = OCP\DB::prepare( 'INSERT INTO *PREFIX*contacts_cards (addressbookid,fullname,carddata,uri,lastmodified) VALUES(?,?,?,?,?)' );
$stmt = OCP\DB::prepare( 'INSERT INTO `*PREFIX*contacts_cards` (`addressbookid`,`fullname`,`carddata`,`uri`,`lastmodified`) VALUES(?,?,?,?,?)' );
$result = $stmt->execute(array($aid,$fn,$data,$uri,time()));
$newid = OCP\DB::insertid('*PREFIX*contacts_cards');
@ -323,7 +323,7 @@ class OC_Contacts_VCard{
* @param array $objects An array of [id, carddata].
*/
public static function updateDataByID($objects){
$stmt = OCP\DB::prepare( 'UPDATE *PREFIX*contacts_cards SET carddata = ?, lastmodified = ? WHERE id = ?' );
$stmt = OCP\DB::prepare( 'UPDATE `*PREFIX*contacts_cards` SET `carddata` = ?, `lastmodified` = ? WHERE `id` = ?' );
$now = new DateTime;
foreach($objects as $object) {
$vcard = OC_VObject::parse($object[1]);
@ -365,7 +365,7 @@ class OC_Contacts_VCard{
$card->setString('REV', $now->format(DateTime::W3C));
$data = $card->serialize();
$stmt = OCP\DB::prepare( 'UPDATE *PREFIX*contacts_cards SET fullname = ?,carddata = ?, lastmodified = ? WHERE id = ?' );
$stmt = OCP\DB::prepare( 'UPDATE `*PREFIX*contacts_cards` SET `fullname` = ?,`carddata` = ?, `lastmodified` = ? WHERE `id` = ?' );
$result = $stmt->execute(array($fn,$data,time(),$id));
OC_Contacts_Addressbook::touch($oldcard['addressbookid']);
@ -397,7 +397,7 @@ class OC_Contacts_VCard{
*/
public static function delete($id){
// FIXME: Add error checking.
$stmt = OCP\DB::prepare( 'DELETE FROM *PREFIX*contacts_cards WHERE id = ?' );
$stmt = OCP\DB::prepare( 'DELETE FROM `*PREFIX*contacts_cards` WHERE `id` = ?' );
$stmt->execute(array($id));
return true;
@ -411,7 +411,7 @@ class OC_Contacts_VCard{
*/
public static function deleteFromDAVData($aid,$uri){
// FIXME: Add error checking. Deleting a card gives an Kontact/Akonadi error.
$stmt = OCP\DB::prepare( 'DELETE FROM *PREFIX*contacts_cards WHERE addressbookid = ? AND uri=?' );
$stmt = OCP\DB::prepare( 'DELETE FROM `*PREFIX*contacts_cards` WHERE `addressbookid` = ? AND `uri`=?' );
$stmt->execute(array($aid,$uri));
OC_Contacts_Addressbook::touch($aid);
@ -546,7 +546,7 @@ class OC_Contacts_VCard{
OC_Contacts_App::getAddressbook($aid); // check for user ownership.
if(is_array($id)) {
$id_sql = join(',', array_fill(0, count($id), '?'));
$prep = 'UPDATE *PREFIX*contacts_cards SET addressbookid = ? WHERE id IN ('.$id_sql.')';
$prep = 'UPDATE `*PREFIX*contacts_cards` SET `addressbookid` = ? WHERE `id` IN ('.$id_sql.')';
try {
$stmt = OCP\DB::prepare( $prep );
//$aid = array($aid);
@ -560,7 +560,7 @@ class OC_Contacts_VCard{
}
} else {
try {
$stmt = OCP\DB::prepare( 'UPDATE *PREFIX*contacts_cards SET addressbookid = ? WHERE id = ?' );
$stmt = OCP\DB::prepare( 'UPDATE `*PREFIX*contacts_cards` SET `addressbookid` = ? WHERE `id` = ?' );
$result = $stmt->execute(array($aid, $id));
} catch(Exception $e) {
OCP\Util::writeLog('contacts','OC_Contacts_VCard::moveToAddressBook:, exception: '.$e->getMessage(),OCP\Util::DEBUG);

18
apps/files/appinfo/update.php
View File

@ -1,14 +1,14 @@
<?php
// fix webdav properties, remove namespace information between curly bracket update for OC4
$installedVersion=OCP\Config::getAppValue('files', 'installed_version');
if (version_compare($installedVersion, '1.1.2', '<')) {
$query = OC_DB::prepare( "SELECT propertyname, propertypath, userid FROM `*PREFIX*properties`" );
$result = $query->execute();
while( $row = $result->fetchRow()){
$query = OC_DB::prepare( 'UPDATE *PREFIX*properties SET propertyname = ? WHERE userid = ? AND propertypath = ?' );
$query->execute( array( preg_replace("/^{.*}/", "", $row["propertyname"]),$row["userid"], $row["propertypath"] ));
}
// fix webdav properties, remove namespace information between curly bracket update for OC4
$installedVersion=OCP\Config::getAppValue('files', 'installed_version');
if (version_compare($installedVersion, '1.1.2', '<')) {
$query = OC_DB::prepare( "SELECT propertyname, propertypath, userid FROM `*PREFIX*properties`" );
$result = $query->execute();
while( $row = $result->fetchRow()){
$query = OC_DB::prepare( 'UPDATE `*PREFIX*properties` SET `propertyname` = ? WHERE `userid` = ? AND `propertypath` = ?' );
$query->execute( array( preg_replace("/^{.*}/", "", $row["propertyname"]),$row["userid"], $row["propertypath"] ));
}
}
//update from OC 3

58
apps/files_sharing/lib_share.php
View File

@ -40,7 +40,7 @@ class OC_Share {
*/
public function __construct($source, $uid_shared_with, $permissions) {
$uid_owner = OCP\USER::getUser();
$query = OCP\DB::prepare("INSERT INTO *PREFIX*sharing VALUES(?,?,?,?,?)");
$query = OCP\DB::prepare('INSERT INTO `*PREFIX*sharing` VALUES(?,?,?,?,?)');
// Check if this is a reshare and use the original source
if ($result = OC_Share::getSource($source)) {
$source = $result;
@ -78,7 +78,7 @@ class OC_Share {
}
foreach ($uid_shared_with as $uid) {
// Check if this item is already shared with the user
$checkSource = OCP\DB::prepare("SELECT source FROM *PREFIX*sharing WHERE source = ? AND uid_shared_with ".self::getUsersAndGroups($uid, false));
$checkSource = OCP\DB::prepare('SELECT `source` FROM `*PREFIX*sharing` WHERE `source` = ? AND `uid_shared_with` '.self::getUsersAndGroups($uid, false));
$resultCheckSource = $checkSource->execute(array($source))->fetchAll();
// TODO Check if the source is inside a folder
if (count($resultCheckSource) > 0) {
@ -92,7 +92,7 @@ class OC_Share {
// Check if the target already exists for the user, if it does append a number to the name
$sharedFolder = '/'.$uid.'/files/Shared';
$target = $sharedFolder."/".basename($source);
$checkTarget = OCP\DB::prepare("SELECT source FROM *PREFIX*sharing WHERE target = ? AND uid_shared_with ".self::getUsersAndGroups($uid, false)." LIMIT 1");
$checkTarget = OCP\DB::prepare('SELECT `source` FROM `*PREFIX*sharing` WHERE `target` = ? AND `uid_shared_with` '.self::getUsersAndGroups($uid, false).' LIMIT 1');
$result = $checkTarget->execute(array($target))->fetchAll();
if (count($result) > 0) {
if ($pos = strrpos($target, ".")) {
@ -211,7 +211,7 @@ class OC_Share {
$folders = self::getParentFolders($oldTarget);
$source = $folders['source'].substr($oldTarget, strlen($folders['target']));
$item = self::getItem($folders['target']);
$query = OCP\DB::prepare("INSERT INTO *PREFIX*sharing VALUES(?,?,?,?,?)");
$query = OCP\DB::prepare('INSERT INTO `*PREFIX*sharing` VALUES(?,?,?,?,?)');
$query->execute(array($item[0]['uid_owner'], OCP\USER::getUser(), $source, $newTarget, $item[0]['permissions']));
}
@ -222,7 +222,7 @@ class OC_Share {
*/
public static function getItem($target) {
$target = self::cleanPath($target);
$query = OCP\DB::prepare("SELECT uid_owner, source, permissions FROM *PREFIX*sharing WHERE target = ? AND uid_shared_with = ? LIMIT 1");
$query = OCP\DB::prepare('SELECT `uid_owner`, `source`, `permissions` FROM `*PREFIX*sharing` WHERE `target` = ? AND `uid_shared_with` = ? LIMIT 1');
return $query->execute(array($target, OCP\USER::getUser()))->fetchAll();
}
@ -233,7 +233,7 @@ class OC_Share {
*/
public static function getMySharedItem($source) {
$source = self::cleanPath($source);
$query = OCP\DB::prepare("SELECT uid_shared_with, permissions FROM *PREFIX*sharing WHERE source = ? AND uid_owner = ?");
$query = OCP\DB::prepare('SELECT `uid_shared_with`, `permissions` FROM `*PREFIX*sharing` WHERE `source` = ? AND `uid_owner` = ?');
$result = $query->execute(array($source, OCP\USER::getUser()))->fetchAll();
if (count($result) > 0) {
return $result;
@ -249,7 +249,7 @@ class OC_Share {
* @return An array with all items the user is sharing
*/
public static function getMySharedItems() {
$query = OCP\DB::prepare("SELECT uid_shared_with, source, permissions FROM *PREFIX*sharing WHERE uid_owner = ?");
$query = OCP\DB::prepare('SELECT `uid_shared_with`, `source`, `permissions` FROM `*PREFIX*sharing` WHERE `uid_owner` = ?');
return $query->execute(array(OCP\USER::getUser()))->fetchAll();
}
@ -268,7 +268,7 @@ class OC_Share {
$folder .= "/";
}
$length = strlen($folder);
$query = OCP\DB::prepare("SELECT uid_owner, source, target, permissions FROM *PREFIX*sharing WHERE SUBSTR(source, 1, ?) = ? OR SUBSTR(target, 1, ?) = ? AND uid_shared_with ".self::getUsersAndGroups());
$query = OCP\DB::prepare('SELECT `uid_owner`, `source`, `target`, `permissions` FROM `*PREFIX*sharing` WHERE SUBSTR(`source`, 1, ?) = ? OR SUBSTR(`target`, 1, ?) = ? AND `uid_shared_with` '.self::getUsersAndGroups());
return $query->execute(array($length, $folder, $length, $folder))->fetchAll();
}
@ -279,7 +279,7 @@ class OC_Share {
*/
public static function getParentFolders($target) {
$target = self::cleanPath($target);
$query = OCP\DB::prepare("SELECT source FROM *PREFIX*sharing WHERE target = ? AND uid_shared_with".self::getUsersAndGroups()." LIMIT 1");
$query = OCP\DB::prepare('SELECT `source` FROM `*PREFIX*sharing` WHERE `target` = ? AND `uid_shared_with` '.self::getUsersAndGroups().' LIMIT 1');
// Prevent searching for user directory e.g. '/MTGap/files'
$userDirectory = substr($target, 0, strpos($target, "files") + 5);
$target = dirname($target);
@ -287,9 +287,9 @@ class OC_Share {
while ($target != "" && $target != "/" && $target != "." && $target != $userDirectory && $target != "\\") {
// Check if the parent directory of this target location is shared
$result = $query->execute(array($target))->fetchAll();
if (count($result) > 0) {
break;
}
if (count($result) > 0) {
break;
}
$target = dirname($target);
}
if (count($result) > 0) {
@ -307,7 +307,7 @@ class OC_Share {
*/
public static function getSource($target) {
$target = self::cleanPath($target);
$query = OCP\DB::prepare("SELECT source FROM *PREFIX*sharing WHERE target = ? AND uid_shared_with ".self::getUsersAndGroups()." LIMIT 1");
$query = OCP\DB::prepare('SELECT `source` FROM `*PREFIX*sharing` WHERE `target` = ? AND `uid_shared_with` '.self::getUsersAndGroups().' LIMIT 1');
$result = $query->execute(array($target))->fetchAll();
if (count($result) > 0) {
return $result[0]['source'];
@ -318,12 +318,12 @@ class OC_Share {
} else {
return false;
}
}
}
}
}
public static function getTarget($source) {
$source = self::cleanPath($source);
$query = OCP\DB::prepare("SELECT target FROM *PREFIX*sharing WHERE source = ? AND uid_owner = ? LIMIT 1");
$query = OCP\DB::prepare('SELECT `target` FROM `*PREFIX*sharing` WHERE `source` = ? AND `uid_owner` = ? LIMIT 1');
$result = $query->execute(array($source, OCP\USER::getUser()))->fetchAll();
if (count($result) > 0) {
return $result[0]['target'];
@ -340,7 +340,7 @@ class OC_Share {
*/
public static function getPermissions($target) {
$target = self::cleanPath($target);
$query = OCP\DB::prepare("SELECT permissions FROM *PREFIX*sharing WHERE target = ? AND uid_shared_with ".self::getUsersAndGroups()." LIMIT 1");
$query = OCP\DB::prepare('SELECT `permissions` FROM `*PREFIX*sharing` WHERE `target` = ? AND `uid_shared_with` '.self::getUsersAndGroups().' LIMIT 1');
$result = $query->execute(array($target))->fetchAll();
if (count($result) > 0) {
return $result[0]['permissions'];
@ -372,7 +372,7 @@ class OC_Share {
* @return The token of the public link, a sha1 hash
*/
public static function getTokenFromSource($source) {
$query = OCP\DB::prepare("SELECT target FROM *PREFIX*sharing WHERE source = ? AND uid_shared_with = ? AND uid_owner = ? LIMIT 1");
$query = OCP\DB::prepare('SELECT `target` FROM `*PREFIX*sharing` WHERE `source` = ? AND `uid_shared_with` = ? AND `uid_owner` = ? LIMIT 1');
$result = $query->execute(array($source, self::PUBLICLINK, OCP\USER::getUser()))->fetchAll();
if (count($result) > 0) {
return $result[0]['target'];
@ -392,7 +392,7 @@ class OC_Share {
public static function setTarget($oldTarget, $newTarget) {
$oldTarget = self::cleanPath($oldTarget);
$newTarget = self::cleanPath($newTarget);
$query = OCP\DB::prepare("UPDATE *PREFIX*sharing SET target = REPLACE(target, ?, ?) WHERE uid_shared_with ".self::getUsersAndGroups());
$query = OCP\DB::prepare('UPDATE `*PREFIX*sharing` SET `target` = `REPLACE(`target`, ?, ?) WHERE `uid_shared_with` '.self::getUsersAndGroups());
$query->execute(array($oldTarget, $newTarget));
}
@ -407,7 +407,7 @@ class OC_Share {
*/
public static function setPermissions($source, $uid_shared_with, $permissions) {
$source = self::cleanPath($source);
$query = OCP\DB::prepare("UPDATE *PREFIX*sharing SET permissions = ? WHERE SUBSTR(source, 1, ?) = ? AND uid_owner = ? AND uid_shared_with ".self::getUsersAndGroups($uid_shared_with));
$query = OCP\DB::prepare('UPDATE `*PREFIX*sharing` SET `permissions` = ? WHERE SUBSTR(`source`, 1, ?) = ? AND `uid_owner` = ? AND `uid_shared_with` '.self::getUsersAndGroups($uid_shared_with));
$query->execute(array($permissions, strlen($source), $source, OCP\USER::getUser()));
}
@ -422,7 +422,7 @@ class OC_Share {
public static function unshare($source, $uid_shared_with) {
$source = self::cleanPath($source);
$uid_owner = OCP\USER::getUser();
$query = OCP\DB::prepare("DELETE FROM *PREFIX*sharing WHERE SUBSTR(source, 1, ?) = ? AND uid_owner = ? AND uid_shared_with ".self::getUsersAndGroups($uid_shared_with, false));
$query = OCP\DB::prepare('DELETE FROM `*PREFIX*sharing` WHERE SUBSTR(`source`, 1, ?) = ? AND `uid_owner` = ? AND `uid_shared_with` '.self::getUsersAndGroups($uid_shared_with, false));
$query->execute(array(strlen($source), $source, $uid_owner));
self::updateFolder($uid_shared_with);
}
@ -438,10 +438,10 @@ class OC_Share {
public static function unshareFromMySelf($target, $delete = true) {
$target = self::cleanPath($target);
if ($delete) {
$query = OCP\DB::prepare("DELETE FROM *PREFIX*sharing WHERE SUBSTR(target, 1, ?) = ? AND uid_shared_with ".self::getUsersAndGroups());
$query = OCP\DB::prepare('DELETE FROM `*PREFIX*sharing` WHERE SUBSTR(`target`, 1, ?) = ? AND `uid_shared_with` '.self::getUsersAndGroups());
$query->execute(array(strlen($target), $target));
} else {
$query = OCP\DB::prepare("UPDATE *PREFIX*sharing SET permissions = ? WHERE SUBSTR(target, 1, ?) = ? AND uid_shared_with ".self::getUsersAndGroups());
$query = OCP\DB::prepare('UPDATE `*PREFIX*sharing` SET `permissions` = ? WHERE SUBSTR(`target`, 1, ?) = ? AND `uid_shared_with` '.self::getUsersAndGroups());
$query->execute(array(self::UNSHARED, strlen($target), $target));
}
}
@ -458,7 +458,7 @@ class OC_Share {
self::updateFolder($item['uid_shared_with']);
}
}
$query = OCP\DB::prepare("DELETE FROM *PREFIX*sharing WHERE SUBSTR(source, 1, ?) = ? AND uid_owner = ?");
$query = OCP\DB::prepare('DELETE FROM `*PREFIX*sharing` WHERE SUBSTR(`source`, 1, ?) = ? AND `uid_owner` = ?');
$query->execute(array(strlen($source), $source, OCP\USER::getUser()));
}
@ -469,7 +469,7 @@ class OC_Share {
public static function renameItem($arguments) {
$oldSource = "/".OCP\USER::getUser()."/files".self::cleanPath($arguments['oldpath']);
$newSource = "/".OCP\USER::getUser()."/files".self::cleanPath($arguments['newpath']);
$query = OCP\DB::prepare("UPDATE *PREFIX*sharing SET source = REPLACE(source, ?, ?) WHERE uid_owner = ?");
$query = OCP\DB::prepare('UPDATE `*PREFIX*sharing` SET `source` = REPLACE(`source`, ?, ?) WHERE `uid_owner` = ?');
$query->execute(array($oldSource, $newSource, OCP\USER::getUser()));
}
@ -484,21 +484,21 @@ class OC_Share {
}
public static function removeUser($arguments) {
$query = OCP\DB::prepare("SELECT uid_shared_with FROM *PREFIX*sharing WHERE uid_owner = ?");
$query = OCP\DB::prepare('SELECT `uid_shared_with` FROM `*PREFIX*sharing` WHERE `uid_owner` = ?');
$result = $query->execute(array($arguments['uid']))->fetchAll();
if (is_array($result)) {
$result = array_unique($result);
foreach ($result as $item) {
self::updateFolder($item['uid_shared_with']);
}
$query = OCP\DB::prepare('DELETE FROM *PREFIX*sharing WHERE uid_owner = ? OR uid_shared_with '.self::getUsersAndGroups($arguments['uid']));
$query = OCP\DB::prepare('DELETE FROM `*PREFIX*sharing` WHERE `uid_owner` = ? OR `uid_shared_with` '.self::getUsersAndGroups($arguments['uid']));
$query->execute(array($arguments['uid']));
}
}
public static function addToGroupShare($arguments) {
$length = -strlen($arguments['gid']) - 1;
$query = OCP\DB::prepare('SELECT uid_owner, source, permissions FROM *PREFIX*sharing WHERE SUBSTR(uid_shared_with, '.$length.') = ?');
$query = OCP\DB::prepare('SELECT `uid_owner`, `source`, `permissions` FROM `*PREFIX*sharing` WHERE SUBSTR(`uid_shared_with`, '.$length.') = ?');
$gid = '@'.$arguments['gid'];
$result = $query->execute(array($gid))->fetchAll();
if (count($result) > 0) {
@ -513,7 +513,7 @@ class OC_Share {
}
public static function removeFromGroupShare($arguments) {
$query = OCP\DB::prepare('DELETE FROM *PREFIX*sharing WHERE uid_shared_with = ?');
$query = OCP\DB::prepare('DELETE FROM `*PREFIX*sharing` WHERE `uid_shared_with` = ?');
$query->execute(array($arguments['uid'].'@'.$arguments['gid']));
self::updateFolder($arguments['uid']);
}

4
apps/files_sharing/sharedstorage.php
View File

@ -222,7 +222,7 @@ class OC_Filestorage_Shared extends OC_Filestorage {
}
if ($size > 0) {
$dbpath = rtrim($this->datadir.$path, "/");
// $query = OCP\DB::prepare("INSERT INTO *PREFIX*foldersize VALUES(?,?)");
// $query = OCP\DB::prepare("INSERT INTO `*PREFIX*foldersize` VALUES(?,?)");
// $result = $query->execute(array($dbpath, $size));
}
}
@ -236,7 +236,7 @@ class OC_Filestorage_Shared extends OC_Filestorage {
$path = dirname($path);
}
$dbpath = rtrim($this->datadir.$path, "/");
// $query = OCP\DB::prepare("DELETE FROM *PREFIX*/*foldersize*/ WHERE path = ?");
// $query = OCP\DB::prepare("DELETE FROM `*PREFIX*/*foldersize*/` WHERE `path` = ?");
// $result = $query->execute(array($dbpath));
if ($path != "/" && $path != "") {
$parts = explode("/", $path);

2
apps/gallery/appinfo/app.php
View File

@ -45,7 +45,7 @@ OCP\App::addNavigationEntry( array(
class OC_GallerySearchProvider extends OC_Search_Provider{
function search($query){
$stmt = OCP\DB::prepare('SELECT * FROM *PREFIX*gallery_albums WHERE uid_owner = ? AND album_name LIKE ?');
$stmt = OCP\DB::prepare('SELECT * FROM `*PREFIX*gallery_albums` WHERE `uid_owner` = ? AND `album_name` LIKE ?');
$result = $stmt->execute(array(OCP\USER::getUser(),'%'.$query.'%'));
$results=array();
while($row=$result->fetchRow()){

4
apps/gallery/appinfo/update.php
View File

@ -2,9 +2,9 @@
$currentVersion=OC_Appconfig::getValue('gallery', 'installed_version');
if (version_compare($currentVersion, '0.5.0', '<')) {
$stmt = OCP\DB::prepare('DROP TABLE IF EXISTS *PREFIX*gallery_photos');
$stmt = OCP\DB::prepare('DROP TABLE IF EXISTS `*PREFIX*gallery_photos`');
$stmt->execute();
$stmt = OCP\DB::prepare('DROP TABLE IF EXISTS *PREFIX*gallery_albums');
$stmt = OCP\DB::prepare('DROP TABLE IF EXISTS `*PREFIX*gallery_albums`');
$stmt->execute();
\OC_DB::createDbFromStructure(OC::$APPSROOT.'/apps/'.$appid.'/appinfo/database.xml');

26
apps/gallery/lib/album.php
View File

@ -23,7 +23,7 @@
class OC_Gallery_Album {
public static function create($owner, $name, $path){
$stmt = OCP\DB::prepare('INSERT INTO *PREFIX*gallery_albums (uid_owner, album_name, album_path, parent_path) VALUES (?, ?, ?, ?)');
$stmt = OCP\DB::prepare('INSERT INTO `*PREFIX*gallery_albums` (`uid_owner`, `album_name`, `album_path`, `parent_path`) ALUES (?, ?, ?, ?)');
$stmt->execute(array($owner, $name, $path, self::getParentPath($path)));
}
@ -40,18 +40,18 @@ class OC_Gallery_Album {
}
public static function remove($owner, $name=null, $path=null, $parent=null) {
$sql = 'DELETE FROM *PREFIX*gallery_albums WHERE uid_owner LIKE ?';
$sql = 'DELETE FROM `*PREFIX*gallery_albums` WHERE `uid_owner` LIKE ?';
$args = array($owner);
if (!is_null($name)){
$sql .= ' AND album_name LIKE ?';
$sql .= ' AND `album_name` LIKE ?';
$args[] = $name;
}
if (!is_null($path)){
$sql .= ' AND album_path LIKE ?';
$sql .= ' AND `album_path` LIKE ?';
$args[] = $path;
}
if (!is_null($parent)){
$sql .= ' AND parent_path LIKE ?';
$sql .= ' AND `parent_path` LIKE ?';
$args[] = $parent;
}
$stmt = OCP\DB::prepare($sql);
@ -63,29 +63,29 @@ class OC_Gallery_Album {
public static function removeByParentPath($owner, $parent) { self::remove($owner, null, null, $parent); }
public static function find($owner, $name=null, $path=null, $parent=null){
$sql = 'SELECT * FROM *PREFIX*gallery_albums WHERE uid_owner = ?';
$sql = 'SELECT * FROM `*PREFIX*gallery_albums` WHERE `uid_owner` = ?';
$args = array($owner);
if (!is_null($name)){
$sql .= ' AND album_name = ?';
$sql .= ' AND `album_name` = ?';
$args[] = $name;
}
if (!is_null($path)){
$sql .= ' AND album_path = ?';
$sql .= ' AND `album_path` = ?';
$args[] = $path;
}
if (!is_null($parent)){
$sql .= ' AND parent_path = ?';
$sql .= ' AND `parent_path` = ?';
$args[] = $parent;
}
$order = OCP\Config::getUserValue($owner, 'gallery', 'order', 'ASC');
$sql .= ' ORDER BY album_name ' . $order;
$sql .= ' ORDER BY `album_name` ' . $order;
$stmt = OCP\DB::prepare($sql);
return $stmt->execute($args);
}
public static function changePath($oldname, $newname, $owner) {
$stmt = OCP\DB::prepare('UPDATE *PREFIX*gallery_albums SET album_path=? WHERE uid_owner=? AND album_path=?');
$stmt = OCP\DB::prepare('UPDATE `*PREFIX*gallery_albums` SET `album_path`=? WHERE `uid_owner`=? AND `album_path`=?');
$stmt->execute(array($newname, $owner, $oldname));
}
@ -96,7 +96,7 @@ class OC_Gallery_Album {
}
public static function getAlbumSize($id){
$sql = 'SELECT COUNT(*) as size FROM *PREFIX*gallery_photos WHERE album_id = ?';
$sql = 'SELECT COUNT(*) AS `size` FROM `*PREFIX*gallery_photos` WHERE `album_id` = ?';
$stmt = OCP\DB::prepare($sql);
$result=$stmt->execute(array($id))->fetchRow();
return $result['size'];
@ -104,7 +104,7 @@ class OC_Gallery_Album {
public static function getIntermediateGallerySize($path) {
$path .= '%';
$sql = 'SELECT COUNT(*) as size FROM *PREFIX*gallery_photos photos, *PREFIX*gallery_albums albums WHERE photos.album_id = albums.album_id AND uid_owner = ? AND file_path LIKE ?';
$sql = 'SELECT COUNT(*) AS `size` FROM `*PREFIX*gallery_photos` AS `photos`, `*PREFIX*gallery_albums` AS `albums` WHERE `photos`.`album_id` = `albums`.`album_id` AND `uid_owner` = ? AND `file_path` LIKE ?';
$stmt = OCP\DB::prepare($sql);
$result = $stmt->execute(array(OCP\USER::getUser(), $path))->fetchRow();
return $result['size'];

4
apps/gallery/lib/managers.php
View File

@ -17,7 +17,7 @@ class DatabaseManager {
public function getFileData($path) {
$gallery_path = \OCP\Config::getSystemValue( 'datadirectory' ).'/'.\OC_User::getUser().'/gallery';
$path = $gallery_path.$path;
$stmt = \OCP\DB::prepare('SELECT * FROM *PREFIX*pictures_images_cache WHERE uid_owner LIKE ? AND path = ?');
$stmt = \OCP\DB::prepare('SELECT * FROM `*PREFIX*pictures_images_cache` WHERE `uid_owner` LIKE ? AND `path` = ?');
$result = $stmt->execute(array(\OCP\USER::getUser(), $path));
if (($row = $result->fetchRow()) != false) {
return $row;
@ -26,7 +26,7 @@ class DatabaseManager {
if (!$image->loadFromFile($path)) {
return false;
}
$stmt = \OCP\DB::prepare('INSERT INTO *PREFIX*pictures_images_cache (uid_owner, path, width, height) VALUES (?, ?, ?, ?)');
$stmt = \OCP\DB::prepare('INSERT INTO `*PREFIX*pictures_images_cache` (`uid_owner`, `path`, `width`, `height`) VALUES (?, ?, ?, ?)');
$stmt->execute(array(\OCP\USER::getUser(), $path, $image->width(), $image->height()));
$ret = array('path' => $path, 'width' => $image->width(), 'height' => $image->height());
unset($image);

24
apps/gallery/lib/photo.php
View File

@ -23,14 +23,14 @@
class OC_Gallery_Photo {
public static function create($albumId, $img){
$stmt = OCP\DB::prepare('INSERT INTO *PREFIX*gallery_photos (album_id, file_path) VALUES (?, ?)');
$stmt = OCP\DB::prepare('INSERT INTO `*PREFIX*gallery_photos` (`album_id`, `file_path`) VALUES (?, ?)');
$stmt->execute(array($albumId, $img));
}
public static function find($albumId, $img=null){
$sql = 'SELECT * FROM *PREFIX*gallery_photos WHERE album_id = ?';
$sql = 'SELECT * FROM `*PREFIX*gallery_photos` WHERE `album_id` = ?';
$args = array($albumId);
if (!is_null($img)){
$sql .= ' AND file_path = ?';
$sql .= ' AND `file_path` = ?';
$args[] = $img;
}
$stmt = OCP\DB::prepare($sql);
@ -38,31 +38,31 @@ class OC_Gallery_Photo {
}
public static function findForAlbum($owner, $album_name){
$stmt = OCP\DB::prepare('SELECT *'
.' FROM *PREFIX*gallery_photos photos,'
.' *PREFIX*gallery_albums albums'
.' WHERE albums.uid_owner = ?'
.' AND albums.album_name = ?'
.' AND photos.album_id = albums.album_id');
.' FROM `*PREFIX*gallery_photos photos`,'
.' `*PREFIX*gallery_albums albums`'
.' WHERE `albums`.`uid_owner` = ?'
.' AND `albums`.`album_name` = ?'
.' AND `photos`.`album_id` = `albums`.`album_id`');
return $stmt->execute(array($owner, $album_name));
}
public static function removeByPath($path, $album_id) {
$stmt = OCP\DB::prepare('DELETE FROM *PREFIX*gallery_photos WHERE file_path LIKE ? and album_id = ?');
$stmt = OCP\DB::prepare('DELETE FROM `*PREFIX*gallery_photos` WHERE `file_path` LIKE ? AND `album_id` = ?');
$stmt->execute(array($path, $album_id));
}
public static function removeById($id) {
$stmt = OCP\DB::prepare('DELETE FROM *PREFIX*gallery_photos WHERE photo_id = ?');
$stmt = OCP\DB::prepare('DELETE FROM `*PREFIX*gallery_photos` WHERE `photo_id` = ?');
$stmt->execute(array($id));
}
public static function removeByAlbumId($albumid) {
$stmt = OCP\DB::prepare('DELETE FROM *PREFIX*gallery_photos WHERE album_id = ?');
$stmt = OCP\DB::prepare('DELETE FROM `*PREFIX*gallery_photos` WHERE `album_id` = ?');
$stmt->execute(array($albumid));
}
public static function changePath($oldAlbumId, $newAlbumId, $oldpath, $newpath) {
$stmt = OCP\DB::prepare("UPDATE *PREFIX*gallery_photos SET file_path = ?, album_id = ? WHERE album_id = ? and file_path = ?");
$stmt = OCP\DB::prepare("UPDATE `*PREFIX*gallery_photos` SET `file_path` = ?, `album_id` = ? WHERE `album_id` = ? AND `file_path` = ?");
$stmt->execute(array($newpath, $newAlbumId, $oldAlbumId, $oldpath));
}

14
apps/gallery/lib/sharing.php
View File

@ -23,7 +23,7 @@
class OC_Gallery_Sharing {
private static function getEntries($token) {
$sql = 'SELECT * FROM *PREFIX*gallery_sharing WHERE token = ?';
$sql = 'SELECT * FROM `*PREFIX*gallery_sharing` WHERE `token` = ?';
$stmt = OCP\DB::prepare($sql);
return $stmt->execute(array($token));
}
@ -44,7 +44,7 @@ class OC_Gallery_Sharing {
$r = self::getEntries($token);
if ($row = $r->fetchRow()) {
$galleryId = $row['gallery_id'];
$sql = 'SELECT * FROM *PREFIX*gallery_albums WHERE album_id = ?';
$sql = 'SELECT * FROM `*PREFIX*gallery_albums` WHERE `album_id` = ?';
$stmt = OCP\DB::prepare($sql);
$r = $stmt->execute(array($galleryId));
if ($row = $r->fetchRow())
@ -57,7 +57,7 @@ class OC_Gallery_Sharing {
$r = self::getEntries($token);
if ($row = $r->fetchRow()) {
$galleryId = $row['gallery_id'];
$sql = 'SELECT * FROM *PREFIX*gallery_albums WHERE album_id = ?';
$sql = 'SELECT * FROM `*PREFIX*gallery_albums` WHERE `album_id` = ?';
$stmt = OCP\DB::prepare($sql);
$r = $stmt->execute(array($galleryId));
if ($row = $r->fetchRow())
@ -66,23 +66,23 @@ class OC_Gallery_Sharing {
}
public static function updateSharingByToken($token, $recursive) {
$stmt = OCP\DB::prepare('UPDATE *PREFIX*gallery_sharing SET recursive = ? WHERE token = ?');
$stmt = OCP\DB::prepare('UPDATE `*PREFIX*gallery_sharing` SET `recursive` = ? WHERE `token` = ?');
$stmt->execute(array($recursive, $token));
}
public static function getEntryByAlbumId($album_id) {
$stmt = OCP\DB::prepare('SELECT * FROM *PREFIX*gallery_sharing WHERE gallery_id = ?');
$stmt = OCP\DB::prepare('SELECT * FROM `*PREFIX*gallery_sharing` WHERE `gallery_id` = ?');
return $stmt->execute(array($album_id));
}
public static function addShared($token, $albumId, $recursive) {
$sql = 'INSERT INTO *PREFIX*gallery_sharing (token, gallery_id, recursive) VALUES (?, ?, ?)';
$sql = 'INSERT INTO `*PREFIX*gallery_sharing` (`token`, `gallery_id`, `recursive`) VALUES (?, ?, ?)';
$stmt = OCP\DB::prepare($sql);
$stmt->execute(array($token, $albumId, $recursive));
}
public static function remove($albumId) {
$stmt = OCP\DB::prepare('DELETE FROM *PREFIX*gallery_sharing WHERE gallery_id = ?');
$stmt = OCP\DB::prepare('DELETE FROM `*PREFIX*gallery_sharing` WHERE `gallery_id` = ?');
$stmt->execute(array($albumId));
}
}

10
apps/media/lib_ampache.php
View File

@ -65,7 +65,7 @@ class OC_MEDIA_AMPACHE{
</root>");
}
if($auth and $user and $time){
$query=OCP\DB::prepare("SELECT user_id, user_password_sha256 from *PREFIX*media_users WHERE user_id=?");
$query=OCP\DB::prepare("SELECT `user_id`, `user_password_sha256` FROM `*PREFIX*media_users` WHERE `user_id`=?");
$users=$query->execute(array($user))->fetchAll();
if(count($users)>0){
$pass=$users[0]['user_password_sha256'];
@ -77,7 +77,7 @@ class OC_MEDIA_AMPACHE{
$songs=OC_MEDIA_COLLECTION::getSongCount();
$artists=OC_MEDIA_COLLECTION::getArtistCount();
$albums=OC_MEDIA_COLLECTION::getAlbumCount();
$query=OCP\DB::prepare("INSERT INTO *PREFIX*media_sessions (`session_id`, `token`, `user_id`, `start`) VALUES (NULL, ?, ?, now());");
$query=OCP\DB::prepare("INSERT INTO `*PREFIX*media_sessions` (`session_id`, `token`, `user_id`, `start`) VALUES (NULL, ?, ?, now());");
$query->execute(array($token,$user));
$expire=date('c',time()+600);
echo('<?xml version="1.0" encoding="UTF-8"?>');
@ -137,10 +137,10 @@ class OC_MEDIA_AMPACHE{
}
}
//remove old sessions
$query=OCP\DB::prepare("DELETE from *PREFIX*media_sessions WHERE start<(NOW()-600)");
$query=OCP\DB::prepare("DELETE FROM `*PREFIX*media_sessions` WHERE `start`<(NOW()-600)");
$query->execute();
$query=OCP\DB::prepare("SELECT user_id from *PREFIX*media_sessions WHERE token=?");
$query=OCP\DB::prepare("SELECT `user_id` FROM `*PREFIX*media_sessions` WHERE `token`=?");
$users=$query->execute(array($auth))->fetchAll();
if(count($users)>0){
OC_MEDIA_COLLECTION::$uid=$users[0]['user_id'];
@ -152,7 +152,7 @@ class OC_MEDIA_AMPACHE{
}
public static function updateAuth($auth){
$query=OCP\DB::prepare("UPDATE *PREFIX*media_sessions SET start=CURRENT_TIMESTAMP WHERE token=?");
$query=OCP\DB::prepare("UPDATE `*PREFIX*media_sessions` SET `start`=CURRENT_TIMESTAMP WHERE `token`=?");
$query->execute(array($auth));
}

50
apps/media/lib_collection.php
View File

@ -43,7 +43,7 @@ class OC_MEDIA_COLLECTION{
if(isset(self::$artistIdCache[$name])){
return self::$artistIdCache[$name];
}else{
$query=OCP\DB::prepare("SELECT artist_id FROM *PREFIX*media_artists WHERE lower(artist_name) LIKE ?");
$query=OCP\DB::prepare("SELECT `artist_id` FROM `*PREFIX*media_artists` WHERE lower(`artist_name`) LIKE ?");
$artists=$query->execute(array($name))->fetchAll();
if(is_array($artists) and isset($artists[0])){
self::$artistIdCache[$name]=$artists[0]['artist_id'];
@ -71,7 +71,7 @@ class OC_MEDIA_COLLECTION{
if(isset(self::$albumIdCache[$artistId][$name])){
return self::$albumIdCache[$artistId][$name];
}else{
$query=OCP\DB::prepare("SELECT album_id FROM *PREFIX*media_albums WHERE lower(album_name) LIKE ? AND album_artist=?");
$query=OCP\DB::prepare("SELECT `album_id` FROM `*PREFIX*media_albums` WHERE lower(`album_name`) LIKE ? AND `album_artist`=?");
$albums=$query->execute(array($name,$artistId))->fetchAll();
if(is_array($albums) and isset($albums[0])){
self::$albumIdCache[$artistId][$name]=$albums[0]['album_id'];
@ -104,7 +104,7 @@ class OC_MEDIA_COLLECTION{
return self::$albumIdCache[$artistId][$albumId][$name];
}else{
$uid=$_SESSION['user_id'];
$query=OCP\DB::prepare("SELECT song_id FROM *PREFIX*media_songs WHERE song_user=? AND lower(song_name) LIKE ? AND song_artist=? AND song_album=?");
$query=OCP\DB::prepare("SELECT `song_id` FROM `*PREFIX*media_songs` WHERE `song_user`=? AND lower(`song_name`) LIKE ? AND `song_artist`=? AND `song_album`=?");
$songs=$query->execute(array($uid,$name,$artistId,$albumId))->fetchAll();
if(is_array($songs) and isset($songs[0])){
self::$albumIdCache[$artistId][$albumId][$name]=$songs[0]['song_id'];
@ -130,8 +130,8 @@ class OC_MEDIA_COLLECTION{
}elseif($search==''){
$search='%';
}
$query=OCP\DB::prepare("SELECT DISTINCT artist_name, artist_id FROM *PREFIX*media_artists
INNER JOIN *PREFIX*media_songs ON artist_id=song_artist WHERE artist_name LIKE ? AND song_user=? ORDER BY artist_name");
$query=OCP\DB::prepare("SELECT DISTINCT `artist_name`, `artist_id` FROM `*PREFIX*media_artists`
INNER JOIN `*PREFIX*media_songs` ON `artist_id`=`song_artist` WHERE `artist_name` LIKE ? AND `song_user`=? ORDER BY `artist_name`");
$result=$query->execute(array($search,self::$uid));
return $result->fetchAll();
}
@ -168,21 +168,21 @@ class OC_MEDIA_COLLECTION{
if(empty($uid)){
$uid=self::$uid=$_SESSION['user_id'];
}
$cmd="SELECT DISTINCT album_name, album_artist, album_id
FROM *PREFIX*media_albums INNER JOIN *PREFIX*media_songs ON album_id=song_album WHERE song_user=? ";
$cmd="SELECT DISTINCT `album_name`, `album_artist`, `album_id`
FROM `*PREFIX*media_albums` INNER JOIN `*PREFIX*media_songs` ON `album_id`=`song_album` WHERE `song_user`=? ";
$params=array(self::$uid);
if($artist!=0){
$cmd.="AND album_artist = ? ";
$cmd.="AND `album_artist` = ? ";
array_push($params,$artist);
}
if($search!='%'){
$cmd.="AND album_name LIKE ? ";
$cmd.="AND `album_name` LIKE ? ";
if(!$exact){
$search="%$search%";
}
array_push($params,$search);
}
$cmd.=' ORDER BY album_name';
$cmd.=' ORDER BY `album_name`';
$query=OCP\DB::prepare($cmd);
return $query->execute($params)->fetchAll();
}
@ -223,13 +223,13 @@ class OC_MEDIA_COLLECTION{
}
$params=array($uid);
if($artist!=0){
$artistString="AND song_artist = ?";
$artistString="AND `song_artist` = ?";
array_push($params,$artist);
}else{
$artistString='';
}
if($album!=0){
$albumString="AND song_album = ?";
$albumString="AND `song_album` = ?";
array_push($params,$album);
}else{
$albumString='';
@ -238,12 +238,12 @@ class OC_MEDIA_COLLECTION{
if(!$exact){
$search="%$search%";
}
$searchString ="AND song_name LIKE ?";
$searchString ="AND `song_name` LIKE ?";
array_push($params,$search);
}else{
$searchString='';
}
$query=OCP\DB::prepare("SELECT * FROM *PREFIX*media_songs WHERE song_user=? $artistString $albumString $searchString ORDER BY song_track, song_name, song_path");
$query=OCP\DB::prepare("SELECT * FROM `*PREFIX*media_songs` WHERE `song_user`=? $artistString $albumString $searchString ORDER BY `song_track`, `song_name`, `song_path`");
return $query->execute($params)->fetchAll();
}
@ -284,25 +284,25 @@ class OC_MEDIA_COLLECTION{
}
public static function getSongCount(){
$query=OCP\DB::prepare("SELECT COUNT(song_id) AS count FROM *PREFIX*media_songs");
$query=OCP\DB::prepare("SELECT COUNT(`song_id`) AS `count` FROM `*PREFIX*media_songs`");
$result=$query->execute()->fetchAll();
return $result[0]['count'];
}
public static function getArtistCount(){
$query=OCP\DB::prepare("SELECT COUNT(artist_id) AS count FROM *PREFIX*media_artists");
$query=OCP\DB::prepare("SELECT COUNT(`artist_id`) AS `count` FROM `*PREFIX*media_artists`");
$result=$query->execute()->fetchAll();
return $result[0]['count'];
}
public static function getAlbumCount(){
$query=OCP\DB::prepare("SELECT COUNT(album_id) AS count FROM *PREFIX*media_albums");
$query=OCP\DB::prepare("SELECT COUNT(`album_id`) AS `count` FROM `*PREFIX*media_albums`");
$result=$query->execute()->fetchAll();
return $result[0]['count'];
}
public static function getArtistName($artistId){
$query=OCP\DB::prepare("SELECT artist_name FROM *PREFIX*media_artists WHERE artist_id=?");
$query=OCP\DB::prepare("SELECT `artist_name` FROM `*PREFIX*media_artists` WHERE `artist_id`=?");
$artist=$query->execute(array($artistId))->fetchAll();
if(count($artist)>0){
return $artist[0]['artist_name'];
@ -312,7 +312,7 @@ class OC_MEDIA_COLLECTION{
}
public static function getAlbumName($albumId){
$query=OCP\DB::prepare("SELECT album_name FROM *PREFIX*media_albums WHERE album_id=?");
$query=OCP\DB::prepare("SELECT `album_name` FROM `*PREFIX*media_albums` WHERE `album_id`=?");
$album=$query->execute(array($albumId))->fetchAll();
if(count($album)>0){
return $album[0]['album_name'];
@ -322,7 +322,7 @@ class OC_MEDIA_COLLECTION{
}
public static function getSong($id){
$query=OCP\DB::prepare("SELECT * FROM *PREFIX*media_songs WHERE song_id=?");
$query=OCP\DB::prepare("SELECT * FROM `*PREFIX*media_songs` WHERE `song_id`=?");
$song=$query->execute(array($id))->fetchAll();
if(count($song)>0){
return $song[0];
@ -336,7 +336,7 @@ class OC_MEDIA_COLLECTION{
* @param string $path
*/
public static function getSongCountByPath($path){
$query=OCP\DB::prepare("SELECT COUNT(song_id) AS count FROM *PREFIX*media_songs WHERE song_path LIKE ?");
$query=OCP\DB::prepare("SELECT COUNT(`song_id`) AS `count` FROM `*PREFIX*media_songs` WHERE `song_path` LIKE ?");
$result=$query->execute(array("$path%"))->fetchAll();
return $result[0]['count'];
}
@ -348,7 +348,7 @@ class OC_MEDIA_COLLECTION{
* if a path of a folder is passed, all songs stored in the folder will be removed from the database
*/
public static function deleteSongByPath($path){
$query=OCP\DB::prepare("DELETE FROM *PREFIX*media_songs WHERE song_path LIKE ?");
$query=OCP\DB::prepare("DELETE FROM `*PREFIX*media_songs` WHERE `song_path` LIKE ?");
$query->execute(array("$path%"));
}
@ -358,7 +358,7 @@ class OC_MEDIA_COLLECTION{
*/
public static function registerPlay($songId){
$now=time();
$query=OCP\DB::prepare('UPDATE *PREFIX*media_songs SET song_playcount=song_playcount+1, song_lastplayed=? WHERE song_id=? AND song_lastplayed<?');
$query=OCP\DB::prepare('UPDATE `*PREFIX*media_songs` SET `song_playcount`=`song_playcount`+1, `song_lastplayed`=? WHERE `song_id`=? AND `song_lastplayed`<?');
$query->execute(array($now,$songId,$now-60));
}
@ -368,7 +368,7 @@ class OC_MEDIA_COLLECTION{
* @return int
*/
public static function getSongByPath($path){
$query=OCP\DB::prepare("SELECT song_id FROM *PREFIX*media_songs WHERE song_path = ?");
$query=OCP\DB::prepare("SELECT `song_id` FROM `*PREFIX*media_songs` WHERE `song_path` = ?");
$result=$query->execute(array($path));
if($row=$result->fetchRow()){
return $row['song_id'];
@ -383,7 +383,7 @@ class OC_MEDIA_COLLECTION{
* @param string $newPath
*/
public static function moveSong($oldPath,$newPath){
$query=OCP\DB::prepare("UPDATE *PREFIX*media_songs SET song_path = ? WHERE song_path = ?");
$query=OCP\DB::prepare("UPDATE `*PREFIX*media_songs` SET `song_path` = ? WHERE `song_path` = ?");
$query->execute(array($newPath,$oldPath));
}
}

4
apps/media/lib_media.php
View File

@ -41,11 +41,11 @@ class OC_MEDIA{
public static function loginListener($params){
if(isset($_POST['user']) and $_POST['password']){
$name=$_POST['user'];
$query=OCP\DB::prepare("SELECT user_id from *PREFIX*media_users WHERE user_id LIKE ?");
$query=OCP\DB::prepare("SELECT `user_id` from `*PREFIX*media_users` WHERE `user_id` LIKE ?");
$uid=$query->execute(array($name))->fetchAll();
if(count($uid)==0){
$password=hash('sha256',$_POST['password']);
$query=OCP\DB::prepare("INSERT INTO *PREFIX*media_users (user_id, user_password_sha256) VALUES (?, ?);");
$query=OCP\DB::prepare("INSERT INTO `*PREFIX*media_users` (`user_id`, `user_password_sha256`) VALUES (?, ?);");
$query->execute(array($name,$password));
}
}

10
apps/remoteStorage/lib_remoteStorage.php
View File

@ -2,7 +2,7 @@
class OC_remoteStorage {
public static function getValidTokens($ownCloudUser, $category) {
$query=OCP\DB::prepare("SELECT token,appUrl,category FROM *PREFIX*authtoken WHERE user=? LIMIT 100");
$query=OCP\DB::prepare("SELECT `token`,`appUrl`,`category` FROM `*PREFIX*authtoken` WHERE `user`=? LIMIT 100");
$result=$query->execute(array($ownCloudUser));
$ret = array();
while($row=$result->fetchRow()){
@ -15,7 +15,7 @@ class OC_remoteStorage {
public static function getTokenFor($appUrl, $categories) {
$user=OCP\USER::getUser();
$query=OCP\DB::prepare("SELECT token FROM *PREFIX*authtoken WHERE user=? AND appUrl=? AND category=? LIMIT 1");
$query=OCP\DB::prepare("SELECT `token` FROM `*PREFIX*authtoken` WHERE `user`=? AND `appUrl`=? AND `category`=? LIMIT 1");
$result=$query->execute(array($user, $appUrl, $categories));
$ret = array();
if($row=$result->fetchRow()) {
@ -27,7 +27,7 @@ class OC_remoteStorage {
public static function getAllTokens() {
$user=OCP\USER::getUser();
$query=OCP\DB::prepare("SELECT token,appUrl,category FROM *PREFIX*authtoken WHERE user=? LIMIT 100");
$query=OCP\DB::prepare("SELECT `token`,`appUrl`,`category` FROM `*PREFIX*authtoken` WHERE `user`=? LIMIT 100");
$result=$query->execute(array($user));
$ret = array();
while($row=$result->fetchRow()){
@ -41,13 +41,13 @@ class OC_remoteStorage {
public static function deleteToken($token) {
$user=OCP\USER::getUser();
$query=OCP\DB::prepare("DELETE FROM *PREFIX*authtoken WHERE token=? AND user=?");
$query=OCP\DB::prepare("DELETE FROM `*PREFIX*authtoken` WHERE `token`=? AND `user`=?");
$result=$query->execute(array($token,$user));
return 'unknown';//how can we see if any rows were affected?
}
private static function addToken($token, $appUrl, $categories){
$user=OCP\USER::getUser();
$query=OCP\DB::prepare("INSERT INTO *PREFIX*authtoken (`token`,`appUrl`,`user`,`category`) VALUES(?,?,?,?)");
$query=OCP\DB::prepare("INSERT INTO `*PREFIX*authtoken` (`token`,`appUrl`,`user`,`category`) VALUES(?,?,?,?)");
$result=$query->execute(array($token,$appUrl,$user,$categories));
}
public static function createCategories($appUrl, $categories) {

2
apps/user_ldap/appinfo/update.php
View File

@ -14,7 +14,7 @@ if(!is_null($pw)) {
//it's a bit spaghetti, but hey.
$state = OCP\Config::getSystemValue('ldapIgnoreNamingRules', 'doCheck');
if($state == 'doCheck'){
$sqlCleanMap = 'DELETE FROM *PREFIX*ldap_user_mapping';
$sqlCleanMap = 'DELETE FROM `*PREFIX*ldap_user_mapping`';
require_once(OC::$APPSROOT.'/apps/user_ldap/lib_ldap.php');
require_once(OC::$APPSROOT.'/apps/user_ldap/user_ldap.php');

26
apps/user_ldap/lib_ldap.php
View File

@ -153,9 +153,9 @@ class OC_LDAP {
$table = self::getMapTable($isUser);
$query = OCP\DB::prepare('
SELECT ldap_dn
FROM '.$table.'
WHERE owncloud_name = ?
SELECT `ldap_dn`
FROM `'.$table.'`
WHERE `owncloud_name` = ?
');
$record = $query->execute(array($name))->fetchOne();
@ -202,9 +202,9 @@ class OC_LDAP {
}
$query = OCP\DB::prepare('
SELECT owncloud_name
FROM '.$table.'
WHERE ldap_dn = ?
SELECT `owncloud_name`
FROM `'.$table.'`
WHERE `ldap_dn` = ?
');
$component = $query->execute(array($dn))->fetchOne();
@ -344,8 +344,8 @@ class OC_LDAP {
$table = self::getMapTable($isUsers);
$query = OCP\DB::prepare('
SELECT ldap_dn, owncloud_name
FROM '. $table
SELECT `ldap_dn`, `owncloud_name`
FROM `'. $table .'`'
);
return $query->execute()->fetchAll();
@ -391,18 +391,18 @@ class OC_LDAP {
$sqlAdjustment = '';
$dbtype = OCP\Config::getSystemValue('dbtype');
if($dbtype == 'mysql') {
$sqlAdjustment = 'FROM dual';
$sqlAdjustment = 'FROM `dual`';
}
$insert = OCP\DB::prepare('
INSERT INTO '.$table.' (ldap_dn, owncloud_name)
INSERT INTO `'.$table.'` (`ldap_dn`, `owncloud_name`)
SELECT ?,?
'.$sqlAdjustment.'
WHERE NOT EXISTS (
SELECT 1
FROM '.$table.'
WHERE ldap_dn = ?
OR owncloud_name = ? )
FROM `'.$table.'`
WHERE `ldap_dn` = ?
OR `owncloud_name` = ? )
');
$res = $insert->execute(array($dn, $ocname, $dn, $ocname));

2
apps/user_openid/user_openid.php
View File

@ -54,7 +54,7 @@ class OC_USER_OPENID extends OC_User_Backend {
* find the user that can be authenticated with an openid identity
*/
public static function findUserForIdentity($identity){
$query=OCP\DB::prepare('SELECT userid FROM *PREFIX*preferences WHERE appid=? AND configkey=? AND configvalue=?');
$query=OCP\DB::prepare('SELECT `userid` FROM `*PREFIX*preferences` WHERE `appid`=? AND `configkey`=? AND `configvalue`=?');
$result=$query->execute(array('user_openid','identity',$identity))->fetchAll();
if(count($result)>0){
return $result[0]['userid'];

4
lib/app.php
View File

@ -139,7 +139,7 @@ class OC_App{
*/
public static function getEnabledApps(){
$apps=array('files');
$query = OC_DB::prepare( 'SELECT appid FROM *PREFIX*appconfig WHERE configkey = \'enabled\' AND configvalue=\'yes\'' );
$query = OC_DB::prepare( 'SELECT `appid` FROM `*PREFIX*appconfig` WHERE `configkey` = \'enabled\' AND `configvalue`=\'yes\'' );
$result=$query->execute();
while($row=$result->fetchRow()){
if(array_search($row['appid'],$apps)===false){
@ -548,7 +548,7 @@ class OC_App{
*/
public static function getAppVersions(){
$versions=array();
$query = OC_DB::prepare( 'SELECT appid, configvalue FROM *PREFIX*appconfig WHERE configkey = \'installed_version\'' );
$query = OC_DB::prepare( 'SELECT `appid`, `configvalue` FROM `*PREFIX*appconfig` WHERE `configkey` = \'installed_version\'' );
$result = $query->execute();
while($row = $result->fetchRow()){
$versions[$row['appid']]=$row['configvalue'];

26
lib/appconfig.php
View File

@ -47,7 +47,7 @@ class OC_Appconfig{
*/
public static function getApps(){
// No magic in here!
$query = OC_DB::prepare( 'SELECT DISTINCT appid FROM *PREFIX*appconfig' );
$query = OC_DB::prepare( 'SELECT DISTINCT `appid` FROM `*PREFIX*appconfig`' );
$result = $query->execute();
$apps = array();
@ -68,7 +68,7 @@ class OC_Appconfig{
*/
public static function getKeys( $app ){
// No magic in here as well
$query = OC_DB::prepare( 'SELECT configkey FROM *PREFIX*appconfig WHERE appid = ?' );
$query = OC_DB::prepare( 'SELECT `configkey` FROM `*PREFIX*appconfig` WHERE `appid` = ?' );
$result = $query->execute( array( $app ));
$keys = array();
@ -91,7 +91,7 @@ class OC_Appconfig{
*/
public static function getValue( $app, $key, $default = null ){
// At least some magic in here :-)
$query = OC_DB::prepare( 'SELECT configvalue FROM *PREFIX*appconfig WHERE appid = ? AND configkey = ?' );
$query = OC_DB::prepare( 'SELECT `configvalue` FROM `*PREFIX*appconfig` WHERE `appid` = ? AND `configkey` = ?' );
$result = $query->execute( array( $app, $key ));
$row = $result->fetchRow();
if($row){
@ -124,11 +124,11 @@ class OC_Appconfig{
public static function setValue( $app, $key, $value ){
// Does the key exist? yes: update. No: insert
if(! self::hasKey($app,$key)){
$query = OC_DB::prepare( 'INSERT INTO *PREFIX*appconfig ( appid, configkey, configvalue ) VALUES( ?, ?, ? )' );
$query = OC_DB::prepare( 'INSERT INTO `*PREFIX*appconfig` ( `appid`, `configkey`, `configvalue` ) VALUES( ?, ?, ? )' );
$query->execute( array( $app, $key, $value ));
}
else{
$query = OC_DB::prepare( 'UPDATE *PREFIX*appconfig SET configvalue = ? WHERE appid = ? AND configkey = ?' );
$query = OC_DB::prepare( 'UPDATE `*PREFIX*appconfig` SET `configvalue` = :configvalue WHERE `appid` = ? AND `configkey` = ?' );
$query->execute( array( $value, $app, $key ));
}
}
@ -143,7 +143,7 @@ class OC_Appconfig{
*/
public static function deleteKey( $app, $key ){
// Boring!
$query = OC_DB::prepare( 'DELETE FROM *PREFIX*appconfig WHERE appid = ? AND configkey = ?' );
$query = OC_DB::prepare( 'DELETE FROM `*PREFIX*appconfig` WHERE `appid` = ? AND `configkey` = ?' );
$query->execute( array( $app, $key ));
return true;
@ -158,7 +158,7 @@ class OC_Appconfig{
*/
public static function deleteApp( $app ){
// Nothing special
$query = OC_DB::prepare( 'DELETE FROM *PREFIX*appconfig WHERE appid = ?' );
$query = OC_DB::prepare( 'DELETE FROM `*PREFIX*appconfig` WHERE `appid` = ?' );
$query->execute( array( $app ));
return true;
@ -175,20 +175,20 @@ class OC_Appconfig{
return false;
}
$where='WHERE';
$fields='configvalue';
$fields='`configvalue`';
$params=array();
if($app!==false){
$where.=' appid = ?';
$fields.=', configkey';
$where.=' `appid` = ?';
$fields.=', `configkey`';
$params[]=$app;
$key='configkey';
}else{
$fields.=', appid';
$where.=' configkey = ?';
$fields.=', `appid`';
$where.=' `configkey` = ?';
$params[]=$key;
$key='appid';
}
$queryString='SELECT '.$fields.' FROM *PREFIX*appconfig '.$where;
$queryString='SELECT '.$fields.' FROM `*PREFIX*appconfig` '.$where;
$query=OC_DB::prepare($queryString);
$result=$query->execute($params);
$values=array();

12
lib/connector/sabre/locks.php
View File

@ -41,7 +41,7 @@ class OC_Connector_Sabre_Locks extends Sabre_DAV_Locks_Backend_Abstract {
// NOTE: the following 10 lines or so could be easily replaced by
// pure sql. MySQL's non-standard string concatination prevents us
// from doing this though.
$query = 'SELECT * FROM *PREFIX*locks WHERE userid = ? AND (created + timeout) > ? AND ((uri = ?)';
$query = 'SELECT * FROM `*PREFIX*locks` WHERE `userid` = ? AND (`created` + `timeout`) > ? AND ((`uri` = ?)';
$params = array(OC_User::getUser(),time(),$uri);
// We need to check locks for every part in the uri.
@ -57,14 +57,14 @@ class OC_Connector_Sabre_Locks extends Sabre_DAV_Locks_Backend_Abstract {
if ($currentPath) $currentPath.='/';
$currentPath.=$part;
$query.=' OR (depth!=0 AND uri = ?)';
$query.=' OR (`depth` != 0 AND `uri` = ?)';
$params[] = $currentPath;
}
if ($returnChildLocks) {
$query.=' OR (uri LIKE ?)';
$query.=' OR (`uri` LIKE ?)';
$params[] = $uri . '/%';
}
@ -113,10 +113,10 @@ class OC_Connector_Sabre_Locks extends Sabre_DAV_Locks_Backend_Abstract {
}
if ($exists) {
$query = OC_DB::prepare( 'UPDATE *PREFIX*locks SET owner = ?, timeout = ?, scope = ?, depth = ?, uri = ?, created = ? WHERE userid = ? AND token = ?' );
$query = OC_DB::prepare( 'UPDATE `*PREFIX*locks` SET `owner` = ?, `timeout` = ?, `scope` = ?, `depth` = ?, `uri` = ?, `created` = ? WHERE `userid` = ? AND `token` = ?' );
$result = $query->execute( array($lockInfo->owner,$lockInfo->timeout,$lockInfo->scope,$lockInfo->depth,$uri,$lockInfo->created,OC_User::getUser(),$lockInfo->token));
} else {
$query = OC_DB::prepare( 'INSERT INTO *PREFIX*locks (userid,owner,timeout,scope,depth,uri,created,token) VALUES (?,?,?,?,?,?,?,?)' );
$query = OC_DB::prepare( 'INSERT INTO `*PREFIX*locks` (`userid`,`owner`,`timeout`,`scope`,`depth`,`uri`,`created`,`token`) VALUES (?,?,?,?,?,?,?,?)' );
$result = $query->execute( array(OC_User::getUser(),$lockInfo->owner,$lockInfo->timeout,$lockInfo->scope,$lockInfo->depth,$uri,$lockInfo->created,$lockInfo->token));
}
@ -133,7 +133,7 @@ class OC_Connector_Sabre_Locks extends Sabre_DAV_Locks_Backend_Abstract {
*/
public function unlock($uri,Sabre_DAV_Locks_LockInfo $lockInfo) {
$query = OC_DB::prepare( 'DELETE FROM *PREFIX*locks WHERE userid = ? AND uri=? AND token=?' );
$query = OC_DB::prepare( 'DELETE FROM `*PREFIX*locks` WHERE `userid` = ? AND `uri` = ? AND `token` = ?' );
$result = $query->execute( array(OC_User::getUser(),$uri,$lockInfo->token));
return $result->numRows() === 1;

10
lib/connector/sabre/node.php
View File

@ -77,7 +77,7 @@ abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IPr
$this->path = $newPath;
$query = OC_DB::prepare( 'UPDATE *PREFIX*properties SET propertypath = ? WHERE userid = ? AND propertypath = ?' );
$query = OC_DB::prepare( 'UPDATE `*PREFIX*properties` SET `propertypath` = ? WHERE `userid` = ? AND `propertypath` = ?' );
$query->execute( array( $newPath,OC_User::getUser(), $oldPath ));
}
@ -125,7 +125,7 @@ abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IPr
// If it was null, we need to delete the property
if (is_null($propertyValue)) {
if(array_key_exists( $propertyName, $existing )){
$query = OC_DB::prepare( 'DELETE FROM *PREFIX*properties WHERE userid = ? AND propertypath = ? AND propertyname = ?' );
$query = OC_DB::prepare( 'DELETE FROM `*PREFIX*properties` WHERE `userid` = ? AND `propertypath` = ? AND `propertyname` = ?' );
$query->execute( array( OC_User::getUser(), $this->path, $propertyName ));
}
}
@ -134,10 +134,10 @@ abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IPr
$this->touch($propertyValue);
} else {
if(!array_key_exists( $propertyName, $existing )){
$query = OC_DB::prepare( 'INSERT INTO *PREFIX*properties (userid,propertypath,propertyname,propertyvalue) VALUES(?,?,?,?)' );
$query = OC_DB::prepare( 'INSERT INTO `*PREFIX*properties` (`userid`,`propertypath`,`propertyname`,`propertyvalue`) VALUES(?,?,?,?)' );
$query->execute( array( OC_User::getUser(), $this->path, $propertyName,$propertyValue ));
} else {
$query = OC_DB::prepare( 'UPDATE *PREFIX*properties SET propertyvalue = ? WHERE userid = ? AND propertypath = ? AND propertyname = ?' );
$query = OC_DB::prepare( 'UPDATE `*PREFIX*properties` SET `propertyvalue` = ? WHERE `userid` = ? AND `propertypath` = ? AND `propertyname` = ?' );
$query->execute( array( $propertyValue,OC_User::getUser(), $this->path, $propertyName ));
}
}
@ -158,7 +158,7 @@ abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IPr
*/
function getProperties($properties) {
// At least some magic in here :-)
$query = OC_DB::prepare( 'SELECT * FROM *PREFIX*properties WHERE userid = ? AND propertypath = ?' );
$query = OC_DB::prepare( 'SELECT * FROM `*PREFIX*properties` WHERE `userid` = ? AND `propertypath` = ?' );
$result = $query->execute( array( OC_User::getUser(), $this->path ));
$existing = array();

46
lib/filecache.php
View File

@ -59,7 +59,7 @@ class OC_FileCache{
$root='';
}
$path=$root.$path;
$query=OC_DB::prepare('SELECT ctime,mtime,mimetype,size,encrypted,versioned,writable FROM *PREFIX*fscache WHERE path_hash=?');
$query=OC_DB::prepare('SELECT `ctime`,`mtime`,`mimetype`,`size`,`encrypted`,`versioned`,`writable` FROM `*PREFIX*fscache` WHERE `path_hash`=?');
$result=$query->execute(array(md5($path)))->fetchRow();
if(is_array($result)){
return $result;
@ -112,7 +112,7 @@ class OC_FileCache{
$data['encrypted']=(int)$data['encrypted'];
$data['versioned']=(int)$data['versioned'];
$user=OC_User::getUser();
$query=OC_DB::prepare('INSERT INTO *PREFIX*fscache(parent, name, path, path_hash, size, mtime, ctime, mimetype, mimepart,`user`,writable,encrypted,versioned) VALUES(?,?,?,?,?,?,?,?,?,?,?,?,?)');
$query=OC_DB::prepare('INSERT INTO `*PREFIX*fscache`(`parent`, `name`, `path`, `path_hash`, `size`, `mtime`, `ctime`, `mimetype`, `mimepart`,`user`,`writable`,`encrypted`,`versioned`) VALUES(?,?,?,?,?,?,?,?,?,?,?,?,?)');
$result=$query->execute(array($parent,basename($path),$path,md5($path),$data['size'],$data['mtime'],$data['ctime'],$data['mimetype'],$mimePart,$user,$data['writable'],$data['encrypted'],$data['versioned']));
if(OC_DB::isError($result)){
OC_Log::write('files','error while writing file('.$path.') to cache',OC_Log::ERROR);
@ -135,7 +135,7 @@ class OC_FileCache{
}else{
$arguments[] = $data[$attribute];
}
$queryParts[]=$attribute.'=?';
$queryParts[]='`'.$attribute.'`=?';
}
}
if(isset($data['mimetype'])){
@ -144,7 +144,7 @@ class OC_FileCache{
}
$arguments[]=$id;
$sql = 'UPDATE *PREFIX*fscache SET '.implode(' , ',$queryParts).' WHERE id=?';
$sql = 'UPDATE `*PREFIX*fscache` SET '.implode(' , ',$queryParts).' WHERE `id`=?';
$query=OC_DB::prepare($sql);
$result=$query->execute($arguments);
if(OC_DB::isError($result)){
@ -168,12 +168,12 @@ class OC_FileCache{
$oldPath=$root.$oldPath;
$newPath=$root.$newPath;
$newParent=self::getParentId($newPath);
$query=OC_DB::prepare('UPDATE *PREFIX*fscache SET parent=? ,name=?, path=?, path_hash=? WHERE path_hash=?');
$query=OC_DB::prepare('UPDATE `*PREFIX*fscache` SET `parent`=? ,`name`=?, `path`=?, `path_hash`=? WHERE `path_hash`=?');
$query->execute(array($newParent,basename($newPath),$newPath,md5($newPath),md5($oldPath)));
$query=OC_DB::prepare('SELECT path FROM *PREFIX*fscache WHERE path LIKE ?');
$query=OC_DB::prepare('SELECT `path` FROM `*PREFIX*fscache` WHERE `path` LIKE ?');
$oldLength=strlen($oldPath);
$updateQuery=OC_DB::prepare('UPDATE *PREFIX*fscache SET path=?, path_hash=? WHERE path_hash=?');
$updateQuery=OC_DB::prepare('UPDATE `*PREFIX*fscache` SET `path`=?, `path_hash`=? WHERE `path_hash`=?');
while($row= $query->execute(array($oldPath.'/%'))->fetchRow()){
$old=$row['path'];
$new=$newPath.substr($old,$oldLength);
@ -197,12 +197,12 @@ class OC_FileCache{
$path=$root.$file;
self::delete(self::getFileId($path));
}elseif($file!=-1){
$query=OC_DB::prepare('SELECT id FROM *PREFIX*fscache WHERE parent=?');
$query=OC_DB::prepare('SELECT `id` FROM `*PREFIX*fscache` WHERE `parent`=?');
$result=$query->execute(array($file));
while($child=$result->fetchRow()){
self::delete(intval($child['id']));
}
$query=OC_DB::prepare('DELETE FROM *PREFIX*fscache WHERE id=?');
$query=OC_DB::prepare('DELETE FROM `*PREFIX*fscache` WHERE `id`=?');
$query->execute(array($file));
}
}
@ -223,9 +223,9 @@ class OC_FileCache{
}
$rootLen=strlen($root);
if(!$returnData){
$query=OC_DB::prepare('SELECT path FROM *PREFIX*fscache WHERE name LIKE ? AND `user`=?');
$query=OC_DB::prepare('SELECT `path` FROM `*PREFIX*fscache` WHERE `name` LIKE ? AND `user`=?');
}else{
$query=OC_DB::prepare('SELECT * FROM *PREFIX*fscache WHERE name LIKE ? AND `user`=?');
$query=OC_DB::prepare('SELECT * FROM `*PREFIX*fscache` WHERE `name` LIKE ? AND `user`=?');
}
$result=$query->execute(array("%$search%",OC_User::getUser()));
$names=array();
@ -270,7 +270,7 @@ class OC_FileCache{
if($parent==-1){
return array();
}
$query=OC_DB::prepare('SELECT name,ctime,mtime,mimetype,size,encrypted,versioned,writable FROM *PREFIX*fscache WHERE parent=? AND (mimetype LIKE ? OR mimetype = ?)');
$query=OC_DB::prepare('SELECT `name`,`ctime`,`mtime`,`mimetype`,`size`,`encrypted`,`versioned`,`writable` FROM `*PREFIX*fscache` WHERE `parent`=? AND (`mimetype` LIKE ? OR `mimetype` = ?)');
$result=$query->execute(array($parent, $mimetype_filter.'%', 'httpd/unix-directory'))->fetchAll();
if(is_array($result)){
return $result;
@ -304,7 +304,7 @@ class OC_FileCache{
* @return int
*/
private static function getFileId($path){
$query=OC_DB::prepare('SELECT id FROM *PREFIX*fscache WHERE path_hash=?');
$query=OC_DB::prepare('SELECT `id` FROM `*PREFIX*fscache` WHERE `path_hash`=?');
if(OC_DB::isError($query)){
OC_Log::write('files','error while getting file id of '.$path,OC_Log::ERROR);
return -1;
@ -350,7 +350,7 @@ class OC_FileCache{
if(!$user){
$user=OC_User::getUser();
}
$query=OC_DB::prepare('SELECT path FROM *PREFIX*fscache WHERE id=? AND `user`=?');
$query=OC_DB::prepare('SELECT `path` FROM `*PREFIX*fscache` WHERE `id`=? AND `user`=?');
$result=$query->execute(array($id,$user));
$row=$result->fetchRow();
$path=$row['path'];
@ -396,7 +396,7 @@ class OC_FileCache{
if($dir){
if(self::inCache($path,$root) && $path != '/Shared'){
$parent=self::getFileId($fullPath);
$query=OC_DB::prepare('SELECT size FROM *PREFIX*fscache WHERE parent=?');
$query=OC_DB::prepare('SELECT `size` FROM `*PREFIX*fscache` WHERE `parent`=?');
$result=$query->execute(array($parent));
while($row=$result->fetchRow()){
$size+=$row['size'];
@ -424,7 +424,7 @@ class OC_FileCache{
}
}
$path=$root.$path;
$query=OC_DB::prepare('SELECT ctime,mtime,mimetype,size,encrypted,versioned,writable FROM *PREFIX*fscache WHERE path_hash=?');
$query=OC_DB::prepare('SELECT `ctime`,`mtime`,`mimetype`,`size`,`encrypted`,`versioned`,`writable` FROM `*PREFIX*fscache` WHERE `path_hash`=?');
$result=$query->execute(array(md5($path)))->fetchRow();
if(is_array($result)){
if(isset(self::$savedData[$path])){
@ -450,7 +450,7 @@ class OC_FileCache{
}
}
$path=$root.$path;
$query=OC_DB::prepare('SELECT size FROM *PREFIX*fscache WHERE path_hash=?');
$query=OC_DB::prepare('SELECT `size` FROM `*PREFIX*fscache` WHERE `path_hash`=?');
$result=$query->execute(array(md5($path)));
if($row=$result->fetchRow()){
return $row['size'];
@ -516,7 +516,7 @@ class OC_FileCache{
private static function increaseSize($path,$sizeDiff){
if($sizeDiff==0) return;
while(($id=self::getFileId($path))!=-1){//walk up the filetree increasing the size of all parent folders
$query=OC_DB::prepare('UPDATE *PREFIX*fscache SET size=size+? WHERE id=?');
$query=OC_DB::prepare('UPDATE `*PREFIX*fscache` SET `size`=`size`+? WHERE `id`=?');
$query->execute(array($sizeDiff,$id));
$path=dirname($path);
}
@ -616,10 +616,10 @@ class OC_FileCache{
$root .= '%';
$user=OC_User::getUser();
if(!$part2){
$query=OC_DB::prepare('SELECT path FROM *PREFIX*fscache WHERE mimepart=? AND `user`=? AND path LIKE ?');
$query=OC_DB::prepare('SELECT `path` FROM `*PREFIX*fscache` WHERE `mimepart`=? AND `user`=? AND `path` LIKE ?');
$result=$query->execute(array($part1,$user, $root));
}else{
$query=OC_DB::prepare('SELECT path FROM *PREFIX*fscache WHERE mimetype=? AND `user`=? AND path LIKE ? ');
$query=OC_DB::prepare('SELECT `path` FROM `*PREFIX*fscache` WHERE `mimetype`=? AND `user`=? AND `path` LIKE ? ');
$result=$query->execute(array($part1.'/'.$part2,$user, $root));
}
$names=array();
@ -652,7 +652,7 @@ class OC_FileCache{
$mtime=$view->filemtime($path.(($folder)?'/':''));
$isDir=$view->is_dir($path);
$fullPath=$root.$path;
$query=OC_DB::prepare('SELECT mtime FROM *PREFIX*fscache WHERE path_hash=?');
$query=OC_DB::prepare('SELECT `mtime` FROM `*PREFIX*fscache` WHERE `path_hash`=?');
$result=$query->execute(array(md5($fullPath)));
if($row=$result->fetchRow()){
$cachedMTime=$row['mtime'];
@ -713,7 +713,7 @@ class OC_FileCache{
}
//check for removed files, not using getFolderContent to prevent loops
$parent=self::getFileId($view->getRoot().$path);
$query=OC_DB::prepare('SELECT name FROM *PREFIX*fscache WHERE parent=?');
$query=OC_DB::prepare('SELECT `name` FROM `*PREFIX*fscache` WHERE `parent`=?');
$result=$query->execute(array($parent));
while($row=$result->fetchRow()){
$file=$path.'/'.$row['name'];
@ -731,7 +731,7 @@ class OC_FileCache{
* clean old pre-path_hash entries
*/
public static function clean(){
$query=OC_DB::prepare('DELETE FROM *PREFIX*fscache WHERE LENGTH(path_hash)<30');
$query=OC_DB::prepare('DELETE FROM `*PREFIX*fscache` WHERE LENGTH(`path_hash`)<30');
$query->execute();
}
}

20
lib/group/database.php
View File

@ -53,7 +53,7 @@ class OC_Group_Database extends OC_Group_Backend {
*/
public static function createGroup( $gid ){
// Check for existence
$query = OC_DB::prepare( "SELECT gid FROM `*PREFIX*groups` WHERE gid = ?" );
$query = OC_DB::prepare( 'SELECT `gid` FROM `*PREFIX*groups` WHERE `gid` = ?' );
$result = $query->execute( array( $gid ));
if( $result->fetchRow() ){
@ -62,7 +62,7 @@ class OC_Group_Database extends OC_Group_Backend {
}
else{
// Add group and exit
$query = OC_DB::prepare( "INSERT INTO `*PREFIX*groups` ( `gid` ) VALUES( ? )" );
$query = OC_DB::prepare( 'INSERT INTO `*PREFIX*groups` ( `gid` ) VALUES( ? )' );
$result = $query->execute( array( $gid ));
return $result ? true : false;
@ -78,11 +78,11 @@ class OC_Group_Database extends OC_Group_Backend {
*/
public static function deleteGroup( $gid ){
// Delete the group
$query = OC_DB::prepare( "DELETE FROM `*PREFIX*groups` WHERE gid = ?" );
$query = OC_DB::prepare( 'DELETE FROM `*PREFIX*groups` WHERE `gid` = ?' );
$result = $query->execute( array( $gid ));
// Delete the group-user relation
$query = OC_DB::prepare( "DELETE FROM `*PREFIX*group_user` WHERE gid = ?" );
$query = OC_DB::prepare( 'DELETE FROM `*PREFIX*group_user` WHERE `gid` = ?' );
$result = $query->execute( array( $gid ));
return true;
@ -98,7 +98,7 @@ class OC_Group_Database extends OC_Group_Backend {
*/
public static function inGroup( $uid, $gid ){
// check
$query = OC_DB::prepare( "SELECT uid FROM `*PREFIX*group_user` WHERE gid = ? AND uid = ?" );
$query = OC_DB::prepare( 'SELECT `uid` FROM `*PREFIX*group_user` WHERE `gid` = ? AND `uid` = ?' );
$result = $query->execute( array( $gid, $uid ));
return $result->fetchRow() ? true : false;
@ -115,7 +115,7 @@ class OC_Group_Database extends OC_Group_Backend {
public static function addToGroup( $uid, $gid ){
// No duplicate entries!
if( !self::inGroup( $uid, $gid )){
$query = OC_DB::prepare( "INSERT INTO `*PREFIX*group_user` ( `uid`, `gid` ) VALUES( ?, ? )" );
$query = OC_DB::prepare( 'INSERT INTO `*PREFIX*group_user` ( `uid`, `gid` ) VALUES( ?, ? )' );
$result = $query->execute( array( $uid, $gid ));
return true;
}else{
@ -132,7 +132,7 @@ class OC_Group_Database extends OC_Group_Backend {
* removes the user from a group.
*/
public static function removeFromGroup( $uid, $gid ){
$query = OC_DB::prepare( "DELETE FROM *PREFIX*group_user WHERE uid = ? AND gid = ?" );
$query = OC_DB::prepare( 'DELETE FROM `*PREFIX*group_user` WHERE `uid` = ? AND `gid` = ?' );
$result = $query->execute( array( $uid, $gid ));
return true;
@ -148,7 +148,7 @@ class OC_Group_Database extends OC_Group_Backend {
*/
public static function getUserGroups( $uid ){
// No magic!
$query = OC_DB::prepare( "SELECT gid FROM `*PREFIX*group_user` WHERE uid = ?" );
$query = OC_DB::prepare( 'SELECT `gid` FROM `*PREFIX*group_user` WHERE `uid` = ?' );
$result = $query->execute( array( $uid ));
$groups = array();
@ -166,7 +166,7 @@ class OC_Group_Database extends OC_Group_Backend {
* Returns a list with all groups
*/
public static function getGroups(){
$query = OC_DB::prepare( "SELECT gid FROM `*PREFIX*groups`" );
$query = OC_DB::prepare( 'SELECT `gid` FROM `*PREFIX*groups`' );
$result = $query->execute();
$groups = array();
@ -182,7 +182,7 @@ class OC_Group_Database extends OC_Group_Backend {
* @returns array with user ids
*/
public static function usersInGroup($gid){
$query=OC_DB::prepare('SELECT uid FROM *PREFIX*group_user WHERE gid=?');
$query=OC_DB::prepare('SELECT `uid` FROM `*PREFIX*group_user` WHERE `gid`=?');
$users=array();
$result=$query->execute(array($gid));
while($row=$result->fetchRow()){

2
lib/migrate.php
View File

@ -447,7 +447,7 @@ class OC_Migrate{
);
// Add hash if user export
if( self::$exporttype == 'user' ){
$query = OC_DB::prepare( "SELECT password FROM *PREFIX*users WHERE uid = ?" );
$query = OC_DB::prepare( "SELECT `password` FROM `*PREFIX*users` WHERE `uid` = ?" );
$result = $query->execute( array( self::$uid ) );
$row = $result->fetchRow();
$hash = $row ? $row['password'] : false;

4
lib/migration/content.php
View File

@ -109,7 +109,7 @@ class OC_Migration_Content{
foreach( $options['matchval'] as $matchval ){
// Run the query for this match value (where x = y value)
$sql = "SELECT * FROM *PREFIX*" . $options['table'] . " WHERE " . $options['matchcol'] . " LIKE ?";
$sql = 'SELECT * FROM `*PREFIX*' . $options['table'] . '` WHERE `' . $options['matchcol'] . '` LIKE ?';
$query = OC_DB::prepare( $sql );
$results = $query->execute( array( $matchval ) );
$newreturns = $this->insertData( $results, $options );
@ -118,7 +118,7 @@ class OC_Migration_Content{
} else {
// Just get everything
$sql = "SELECT * FROM *PREFIX*" . $options['table'];
$sql = 'SELECT * FROM `*PREFIX*' . $options['table'] . '`';
$query = OC_DB::prepare( $sql );
$results = $query->execute();
$return = $this->insertData( $results, $options );

22
lib/preferences.php
View File

@ -47,7 +47,7 @@ class OC_Preferences{
*/
public static function getUsers(){
// No need for more comments
$query = OC_DB::prepare( 'SELECT DISTINCT( userid ) FROM *PREFIX*preferences' );
$query = OC_DB::prepare( 'SELECT DISTINCT( `userid` ) FROM `*PREFIX*preferences`' );
$result = $query->execute();
$users = array();
@ -68,7 +68,7 @@ class OC_Preferences{
*/
public static function getApps( $user ){
// No need for more comments
$query = OC_DB::prepare( 'SELECT DISTINCT( appid ) FROM *PREFIX*preferences WHERE userid = ?' );
$query = OC_DB::prepare( 'SELECT DISTINCT( `appid` ) FROM `*PREFIX*preferences` WHERE `userid` = ?' );
$result = $query->execute( array( $user ));
$apps = array();
@ -90,7 +90,7 @@ class OC_Preferences{
*/
public static function getKeys( $user, $app ){
// No need for more comments
$query = OC_DB::prepare( 'SELECT configkey FROM *PREFIX*preferences WHERE userid = ? AND appid = ?' );
$query = OC_DB::prepare( 'SELECT `configkey` FROM `*PREFIX*preferences` WHERE `userid` = ? AND `appid` = ?' );
$result = $query->execute( array( $user, $app ));
$keys = array();
@ -114,7 +114,7 @@ class OC_Preferences{
*/
public static function getValue( $user, $app, $key, $default = null ){
// Try to fetch the value, return default if not exists.
$query = OC_DB::prepare( 'SELECT configvalue FROM *PREFIX*preferences WHERE userid = ? AND appid = ? AND configkey = ?' );
$query = OC_DB::prepare( 'SELECT `configvalue` FROM `*PREFIX*preferences` WHERE `userid` = ? AND `appid` = ? AND `configkey` = ?' );
$result = $query->execute( array( $user, $app, $key ));
$row = $result->fetchRow();
@ -138,16 +138,16 @@ class OC_Preferences{
*/
public static function setValue( $user, $app, $key, $value ){
// Check if the key does exist
$query = OC_DB::prepare( 'SELECT configvalue FROM *PREFIX*preferences WHERE userid = ? AND appid = ? AND configkey = ?' );
$query = OC_DB::prepare( 'SELECT `configvalue` FROM `*PREFIX*preferences` WHERE `userid` = ? AND `appid` = ? AND `configkey` = ?' );
$values=$query->execute(array($user,$app,$key))->fetchAll();
$exists=(count($values)>0);
if( !$exists ){
$query = OC_DB::prepare( 'INSERT INTO *PREFIX*preferences ( userid, appid, configkey, configvalue ) VALUES( ?, ?, ?, ? )' );
$query = OC_DB::prepare( 'INSERT INTO `*PREFIX*preferences` ( `userid`, `appid`, `configkey`, `configvalue` ) VALUES( ?, ?, ?, ? )' );
$query->execute( array( $user, $app, $key, $value ));
}
else{
$query = OC_DB::prepare( 'UPDATE *PREFIX*preferences SET configvalue = ? WHERE userid = ? AND appid = ? AND configkey = ?' );
$query = OC_DB::prepare( 'UPDATE `*PREFIX*preferences` SET `configvalue` = ? WHERE `userid` = ? AND `appid` = ? AND `configkey` = ?' );
$query->execute( array( $value, $user, $app, $key ));
}
}
@ -163,7 +163,7 @@ class OC_Preferences{
*/
public static function deleteKey( $user, $app, $key ){
// No need for more comments
$query = OC_DB::prepare( 'DELETE FROM *PREFIX*preferences WHERE userid = ? AND appid = ? AND configkey = ?' );
$query = OC_DB::prepare( 'DELETE FROM `*PREFIX*preferences` WHERE `userid` = ? AND `appid` = ? AND `configkey` = ?' );
$result = $query->execute( array( $user, $app, $key ));
return true;
@ -179,7 +179,7 @@ class OC_Preferences{
*/
public static function deleteApp( $user, $app ){
// No need for more comments
$query = OC_DB::prepare( 'DELETE FROM *PREFIX*preferences WHERE userid = ? AND appid = ?' );
$query = OC_DB::prepare( 'DELETE FROM `*PREFIX*preferences` WHERE `userid` = ? AND `appid` = ?' );
$result = $query->execute( array( $user, $app ));
return true;
@ -194,7 +194,7 @@ class OC_Preferences{
*/
public static function deleteUser( $user ){
// No need for more comments
$query = OC_DB::prepare( 'DELETE FROM *PREFIX*preferences WHERE userid = ?' );
$query = OC_DB::prepare( 'DELETE FROM `*PREFIX*preferences` WHERE `userid` = ?' );
$result = $query->execute( array( $user ));
return true;
@ -209,7 +209,7 @@ class OC_Preferences{
*/
public static function deleteAppFromAllUsers( $app ){
// No need for more comments
$query = OC_DB::prepare( 'DELETE FROM *PREFIX*preferences WHERE appid = ?' );
$query = OC_DB::prepare( 'DELETE FROM `*PREFIX*preferences` WHERE `appid` = ?' );
$result = $query->execute( array( $app ));
return true;

10
lib/user/database.php
View File

@ -86,7 +86,7 @@ class OC_User_Database extends OC_User_Backend {
*/
public function deleteUser( $uid ){
// Delete user-group-relation
$query = OC_DB::prepare( "DELETE FROM `*PREFIX*users` WHERE uid = ?" );
$query = OC_DB::prepare( "DELETE FROM `*PREFIX*users` WHERE `uid` = ?" );
$result = $query->execute( array( $uid ));
return true;
}
@ -103,7 +103,7 @@ class OC_User_Database extends OC_User_Backend {
if( $this->userExists($uid) ){
$hasher=$this->getHasher();
$hash = $hasher->HashPassword($password.OC_Config::getValue('passwordsalt', ''));
$query = OC_DB::prepare( "UPDATE *PREFIX*users SET password = ? WHERE uid = ?" );
$query = OC_DB::prepare( "UPDATE `*PREFIX*users` SET `password` = ? WHERE `uid` = ?" );
$result = $query->execute( array( $hash, $uid ));
return true;
@ -123,7 +123,7 @@ class OC_User_Database extends OC_User_Backend {
* returns the user id or false
*/
public function checkPassword( $uid, $password ){
$query = OC_DB::prepare( "SELECT uid, password FROM *PREFIX*users WHERE uid = ?" );
$query = OC_DB::prepare( "SELECT `uid`, `password` FROM `*PREFIX*users` WHERE `uid` = ?" );
$result = $query->execute( array( $uid));
$row=$result->fetchRow();
@ -157,7 +157,7 @@ class OC_User_Database extends OC_User_Backend {
* Get a list of all users.
*/
public function getUsers(){
$query = OC_DB::prepare( "SELECT uid FROM *PREFIX*users" );
$query = OC_DB::prepare( "SELECT `uid` FROM `*PREFIX*users`" );
$result = $query->execute();
$users=array();
@ -173,7 +173,7 @@ class OC_User_Database extends OC_User_Backend {
* @return boolean
*/
public function userExists($uid){
$query = OC_DB::prepare( "SELECT * FROM `*PREFIX*users` WHERE uid = ?" );
$query = OC_DB::prepare( "SELECT * FROM `*PREFIX*users` WHERE `uid` = ?" );
$result = $query->execute( array( $uid ));
return $result->numRows() > 0;

2
lib/vcategories.php
View File

@ -118,7 +118,7 @@ class OC_VCategories {
* To get the object array, do something like:
* // For Addressbook:
* $categories = new OC_VCategories('contacts');
* $stmt = OC_DB::prepare( 'SELECT carddata FROM *PREFIX*contacts_cards' );
* $stmt = OC_DB::prepare( 'SELECT `carddata` FROM `*PREFIX*contacts_cards`' );
* $result = $stmt->execute();
* $objects = array();
* if(!is_null($result)) {