From ede464f05872574a703c36d8d976b5c97e55c23f Mon Sep 17 00:00:00 2001 From: jfd Date: Mon, 30 Jul 2012 20:46:14 +0200 Subject: [PATCH] escape all identifiers with backticks --- apps/bookmarks/ajax/editBookmark.php | 37 +++++++++------ apps/bookmarks/ajax/recordClick.php | 12 ++--- apps/bookmarks/appinfo/migrate.php | 8 ++-- apps/bookmarks/bookmarksHelper.php | 10 ++-- apps/bookmarks/lib/bookmarks.php | 50 ++++++++++---------- apps/calendar/appinfo/update.php | 6 +-- apps/calendar/lib/calendar.php | 20 ++++---- apps/calendar/lib/object.php | 28 ++++++------ apps/calendar/lib/share.php | 36 +++++++-------- apps/contacts/appinfo/migrate.php | 4 +- apps/contacts/lib/addressbook.php | 16 +++---- apps/contacts/lib/vcard.php | 24 +++++----- apps/files/appinfo/update.php | 18 ++++---- apps/files_sharing/lib_share.php | 58 ++++++++++++------------ apps/files_sharing/sharedstorage.php | 4 +- apps/gallery/appinfo/app.php | 2 +- apps/gallery/appinfo/update.php | 4 +- apps/gallery/lib/album.php | 26 +++++------ apps/gallery/lib/managers.php | 4 +- apps/gallery/lib/photo.php | 24 +++++----- apps/gallery/lib/sharing.php | 14 +++--- apps/media/lib_ampache.php | 10 ++-- apps/media/lib_collection.php | 50 ++++++++++---------- apps/media/lib_media.php | 4 +- apps/remoteStorage/lib_remoteStorage.php | 10 ++-- apps/user_ldap/appinfo/update.php | 2 +- apps/user_ldap/lib_ldap.php | 26 +++++------ apps/user_openid/user_openid.php | 2 +- lib/app.php | 4 +- lib/appconfig.php | 26 +++++------ lib/connector/sabre/locks.php | 12 ++--- lib/connector/sabre/node.php | 10 ++-- lib/filecache.php | 46 +++++++++---------- lib/group/database.php | 20 ++++---- lib/migrate.php | 2 +- lib/migration/content.php | 4 +- lib/preferences.php | 22 ++++----- lib/user/database.php | 10 ++-- lib/vcategories.php | 2 +- 39 files changed, 337 insertions(+), 330 deletions(-) diff --git a/apps/bookmarks/ajax/editBookmark.php b/apps/bookmarks/ajax/editBookmark.php index 36258f7096..8c1b19cf0c 100644 --- a/apps/bookmarks/ajax/editBookmark.php +++ b/apps/bookmarks/ajax/editBookmark.php @@ -36,6 +36,8 @@ if( $CONFIG_DBTYPE == 'sqlite' or $CONFIG_DBTYPE == 'sqlite3' ){ $_ut = "strftime('%s','now')"; } elseif($CONFIG_DBTYPE == 'pgsql') { $_ut = 'date_part(\'epoch\',now())::integer'; +} elseif($CONFIG_DBTYPE == 'oci') { + $_ut = '(oracletime - to_date(\'19700101\',\'YYYYMMDD\')) * 86400'; } else { $_ut = "UNIX_TIMESTAMP()"; } @@ -43,12 +45,13 @@ if( $CONFIG_DBTYPE == 'sqlite' or $CONFIG_DBTYPE == 'sqlite3' ){ $bookmark_id = (int)$_POST["id"]; $user_id = OCP\USER::getUser(); -$query = OCP\DB::prepare(" - UPDATE *PREFIX*bookmarks - SET url = ?, title =?, lastmodified = $_ut - WHERE id = ? - AND user_id = ? - "); +//TODO check using CURRENT_TIMESTAMP? prepare already does magic when using now() +$query = OCP\DB::prepare(' + UPDATE `*PREFIX*bookmarks` + SET `url` = ?, `title` = ?, `lastmodified` = '.$_ut.' + WHERE `id` = ? + AND `user_id` = ? + '); $params=array( htmlspecialchars_decode($_POST["url"]), @@ -63,18 +66,22 @@ $result = $query->execute($params); if ($result->numRows() == 0) exit(); # Remove old tags and insert new ones. -$query = OCP\DB::prepare(" - DELETE FROM *PREFIX*bookmarks_tags - WHERE bookmark_id = $bookmark_id - "); +$query = OCP\DB::prepare(' + DELETE FROM `*PREFIX*bookmarks_tags` + WHERE `bookmark_id` = ? + '); -$query->execute(); +$params=array( + $bookmark_id + ); -$query = OCP\DB::prepare(" - INSERT INTO *PREFIX*bookmarks_tags - (bookmark_id, tag) +$query->execute($params); + +$query = OCP\DB::prepare(' + INSERT INTO `*PREFIX*bookmarks_tags` + (`bookmark_id`, `tag`) VALUES (?, ?) - "); + '); $tags = explode(' ', urldecode($_POST["tags"])); foreach ($tags as $tag) { diff --git a/apps/bookmarks/ajax/recordClick.php b/apps/bookmarks/ajax/recordClick.php index 1eee1718d1..332d58262e 100644 --- a/apps/bookmarks/ajax/recordClick.php +++ b/apps/bookmarks/ajax/recordClick.php @@ -30,12 +30,12 @@ $RUNTIME_NOSETUPFS=true; OCP\JSON::checkLoggedIn(); OCP\JSON::checkAppEnabled('bookmarks'); -$query = OCP\DB::prepare(" - UPDATE *PREFIX*bookmarks - SET clickcount = clickcount + 1 - WHERE user_id = ? - AND url LIKE ? - "); +$query = OCP\DB::prepare(' + UPDATE `*PREFIX*bookmarks` + SET `clickcount` = `clickcount` + 1 + WHERE `user_id` = ? + AND `url` LIKE ? + '); $params=array(OCP\USER::getUser(), htmlspecialchars_decode($_POST["url"])); $bookmarks = $query->execute($params); diff --git a/apps/bookmarks/appinfo/migrate.php b/apps/bookmarks/appinfo/migrate.php index e7e572f52d..f14469269a 100644 --- a/apps/bookmarks/appinfo/migrate.php +++ b/apps/bookmarks/appinfo/migrate.php @@ -35,23 +35,23 @@ class OC_Migration_Provider_Bookmarks extends OC_Migration_Provider{ switch( $this->appinfo->version ){ default: // All versions of the app have had the same db structure, so all can use the same import function - $query = $this->content->prepare( "SELECT * FROM bookmarks WHERE user_id LIKE ?" ); + $query = $this->content->prepare( "SELECT * FROM `bookmarks` WHERE `user_id` LIKE ?" ); $results = $query->execute( array( $this->olduid ) ); $idmap = array(); while( $row = $results->fetchRow() ){ // Import each bookmark, saving its id into the map - $query = OCP\DB::prepare( "INSERT INTO *PREFIX*bookmarks(url, title, user_id, public, added, lastmodified) VALUES (?, ?, ?, ?, ?, ?)" ); + $query = OCP\DB::prepare( "INSERT INTO `*PREFIX*bookmarks`(`url`, `title`, `user_id`, `public`, `added`, `lastmodified`) VALUES (?, ?, ?, ?, ?, ?)" ); $query->execute( array( $row['url'], $row['title'], $this->uid, $row['public'], $row['added'], $row['lastmodified'] ) ); // Map the id $idmap[$row['id']] = OCP\DB::insertid(); } // Now tags foreach($idmap as $oldid => $newid){ - $query = $this->content->prepare( "SELECT * FROM bookmarks_tags WHERE bookmark_id LIKE ?" ); + $query = $this->content->prepare( "SELECT * FROM `bookmarks_tags` WHERE `bookmark_id` LIKE ?" ); $results = $query->execute( array( $oldid ) ); while( $row = $results->fetchRow() ){ // Import the tags for this bookmark, using the new bookmark id - $query = OCP\DB::prepare( "INSERT INTO *PREFIX*bookmarks_tags(bookmark_id, tag) VALUES (?, ?)" ); + $query = OCP\DB::prepare( "INSERT INTO `*PREFIX*bookmarks_tags`(`bookmark_id`, `tag`) VALUES (?, ?)" ); $query->execute( array( $newid, $row['tag'] ) ); } } diff --git a/apps/bookmarks/bookmarksHelper.php b/apps/bookmarks/bookmarksHelper.php index 01b551111e..cb0ca06c72 100644 --- a/apps/bookmarks/bookmarksHelper.php +++ b/apps/bookmarks/bookmarksHelper.php @@ -83,8 +83,8 @@ function addBookmark($url, $title, $tags='') { //FIXME: Detect when user adds a known URL $query = OCP\DB::prepare(" - INSERT INTO *PREFIX*bookmarks - (url, title, user_id, public, added, lastmodified) + INSERT INTO `*PREFIX*bookmarks` + (`url`, `title`, `user_id`, `public`, `added`, `lastmodified`) VALUES (?, ?, ?, 0, $_ut, $_ut) "); @@ -109,8 +109,8 @@ function addBookmark($url, $title, $tags='') { if($b_id !== false) { $query = OCP\DB::prepare(" - INSERT INTO *PREFIX*bookmarks_tags - (bookmark_id, tag) + INSERT INTO `*PREFIX*bookmarks_tags` + (`bookmark_id`, `tag`) VALUES (?, ?) "); @@ -126,4 +126,4 @@ function addBookmark($url, $title, $tags='') { return $b_id; } -} \ No newline at end of file +} diff --git a/apps/bookmarks/lib/bookmarks.php b/apps/bookmarks/lib/bookmarks.php index e0005968f3..4b9e3d6438 100644 --- a/apps/bookmarks/lib/bookmarks.php +++ b/apps/bookmarks/lib/bookmarks.php @@ -71,14 +71,14 @@ class OC_Bookmarks_Bookmarks{ if($CONFIG_DBTYPE == 'pgsql' ){ $query = OCP\DB::prepare(' - SELECT id, url, title, '.($filterTagOnly?'':'url || title ||').' array_to_string(array_agg(tag), \' \') as tags - FROM *PREFIX*bookmarks - LEFT JOIN *PREFIX*bookmarks_tags ON *PREFIX*bookmarks.id = *PREFIX*bookmarks_tags.bookmark_id + SELECT `id`, `url`, `title`, '.($filterTagOnly?'':'`url` || `title` ||').' array_to_string(array_agg(`tag`), \' \') as `tags` + FROM `*PREFIX*bookmarks` + LEFT JOIN `*PREFIX*bookmarks_tags` ON `*PREFIX*bookmarks`.`id` = `*PREFIX*bookmarks_tags`.`bookmark_id` WHERE - *PREFIX*bookmarks.user_id = ? - GROUP BY id, url, title + `*PREFIX*bookmarks`.`user_id` = ? + GROUP BY `id`, `url`, `title` '.$sqlFilterTag.' - ORDER BY *PREFIX*bookmarks.'.$sqlSortColumn.' DESC + ORDER BY `*PREFIX*bookmarks`.`'.$sqlSortColumn.'` DESC LIMIT 10 OFFSET '. $offset); } else { @@ -88,25 +88,25 @@ class OC_Bookmarks_Bookmarks{ $concatFunction = 'Concat(Concat( url, title), '; $query = OCP\DB::prepare(' - SELECT id, url, title, ' + SELECT `id`, `url`, `title`, ' .($filterTagOnly?'':$concatFunction). - 'CASE WHEN *PREFIX*bookmarks.id = *PREFIX*bookmarks_tags.bookmark_id - THEN GROUP_CONCAT( tag ' .$_gc_separator. ' ) + 'CASE WHEN `*PREFIX*bookmarks`.`id` = `*PREFIX*bookmarks_tags`.`bookmark_id` + THEN GROUP_CONCAT( `tag` ' .$_gc_separator. ' ) ELSE \' \' END ' .($filterTagOnly?'':')').' - AS tags - FROM *PREFIX*bookmarks - LEFT JOIN *PREFIX*bookmarks_tags ON 1=1 - WHERE (*PREFIX*bookmarks.id = *PREFIX*bookmarks_tags.bookmark_id - OR *PREFIX*bookmarks.id NOT IN ( - SELECT *PREFIX*bookmarks_tags.bookmark_id FROM *PREFIX*bookmarks_tags + AS `tags` + FROM `*PREFIX*bookmarks` + LEFT JOIN `*PREFIX*bookmarks_tags` ON 1=1 + WHERE (`*PREFIX*bookmarks`.`id` = `*PREFIX*bookmarks_tags`.`bookmark_id` + OR `*PREFIX*bookmarks`.`id` NOT IN ( + SELECT `*PREFIX*bookmarks_tags`.`bookmark_id` FROM `*PREFIX*bookmarks_tags` ) ) - AND *PREFIX*bookmarks.user_id = ? - GROUP BY url + AND `*PREFIX*bookmarks`.`user_id` = ? + GROUP BY `url` '.$sqlFilterTag.' - ORDER BY *PREFIX*bookmarks.'.$sqlSortColumn.' DESC + ORDER BY `*PREFIX*bookmarks`.`'.$sqlSortColumn.'` DESC LIMIT '.$offset.', 10'); } @@ -119,9 +119,9 @@ class OC_Bookmarks_Bookmarks{ $user = OCP\USER::getUser(); $query = OCP\DB::prepare(" - SELECT id FROM *PREFIX*bookmarks - WHERE id = ? - AND user_id = ? + SELECT `id` FROM `*PREFIX*bookmarks` + WHERE `id` = ? + AND `user_id` = ? "); $result = $query->execute(array($id, $user)); @@ -131,15 +131,15 @@ class OC_Bookmarks_Bookmarks{ } $query = OCP\DB::prepare(" - DELETE FROM *PREFIX*bookmarks - WHERE id = $id + DELETE FROM `*PREFIX*bookmarks` + WHERE `id` = $id "); $result = $query->execute(); $query = OCP\DB::prepare(" - DELETE FROM *PREFIX*bookmarks_tags - WHERE bookmark_id = $id + DELETE FROM `*PREFIX*bookmarks_tags` + WHERE `bookmark_id` = $id "); $result = $query->execute(); diff --git a/apps/calendar/appinfo/update.php b/apps/calendar/appinfo/update.php index ce7f304a49..3b5998d998 100644 --- a/apps/calendar/appinfo/update.php +++ b/apps/calendar/appinfo/update.php @@ -2,7 +2,7 @@ $installedVersion=OCP\Config::getAppValue('calendar', 'installed_version'); if (version_compare($installedVersion, '0.2.1', '<')) { - $stmt = OCP\DB::prepare( 'SELECT id, calendarcolor FROM *PREFIX*calendar_calendars WHERE calendarcolor IS NOT NULL' ); + $stmt = OCP\DB::prepare( 'SELECT `id`, `calendarcolor` FROM `*PREFIX*calendar_calendars` WHERE `calendarcolor` IS NOT NULL' ); $result = $stmt->execute(); while( $row = $result->fetchRow()) { $id = $row['id']; @@ -11,7 +11,7 @@ if (version_compare($installedVersion, '0.2.1', '<')) { continue; } $color = '#' .$color; - $stmt = OCP\DB::prepare( 'UPDATE *PREFIX*calendar_calendars SET calendarcolor=? WHERE id=?' ); + $stmt = OCP\DB::prepare( 'UPDATE `*PREFIX*calendar_calendars` SET `calendarcolor`=? WHERE `id`=?' ); $r = $stmt->execute(array($color,$id)); } -} \ No newline at end of file +} diff --git a/apps/calendar/lib/calendar.php b/apps/calendar/lib/calendar.php index 869b35e2e1..09cbee204d 100644 --- a/apps/calendar/lib/calendar.php +++ b/apps/calendar/lib/calendar.php @@ -51,10 +51,10 @@ class OC_Calendar_Calendar{ $values = array($uid); $active_where = ''; if (!is_null($active) && $active){ - $active_where = ' AND active = ?'; + $active_where = ' AND `active` = ?'; $values[] = $active; } - $stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*calendar_calendars WHERE userid = ?' . $active_where ); + $stmt = OCP\DB::prepare( 'SELECT * FROM `*PREFIX*calendar_calendars` WHERE `userid` = ?' . $active_where ); $result = $stmt->execute($values); $calendars = array(); @@ -81,7 +81,7 @@ class OC_Calendar_Calendar{ * @return associative array */ public static function find($id){ - $stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*calendar_calendars WHERE id = ?' ); + $stmt = OCP\DB::prepare( 'SELECT * FROM `*PREFIX*calendar_calendars` WHERE `id` = ?' ); $result = $stmt->execute(array($id)); return $result->fetchRow(); @@ -106,7 +106,7 @@ class OC_Calendar_Calendar{ $uri = self::createURI($name, $uris ); - $stmt = OCP\DB::prepare( 'INSERT INTO *PREFIX*calendar_calendars (userid,displayname,uri,ctag,calendarorder,calendarcolor,timezone,components) VALUES(?,?,?,?,?,?,?,?)' ); + $stmt = OCP\DB::prepare( 'INSERT INTO `*PREFIX*calendar_calendars` (`userid`,`displayname`,`uri`,`ctag`,`calendarorder`,`calendarcolor`,`timezone`,`components`) VALUES(?,?,?,?,?,?,?,?)' ); $result = $stmt->execute(array($userid,$name,$uri,1,$order,$color,$timezone,$components)); return OCP\DB::insertid('*PREFIX*calendar_calendars'); @@ -126,7 +126,7 @@ class OC_Calendar_Calendar{ public static function addCalendarFromDAVData($principaluri,$uri,$name,$components,$timezone,$order,$color){ $userid = self::extractUserID($principaluri); - $stmt = OCP\DB::prepare( 'INSERT INTO *PREFIX*calendar_calendars (userid,displayname,uri,ctag,calendarorder,calendarcolor,timezone,components) VALUES(?,?,?,?,?,?,?,?)' ); + $stmt = OCP\DB::prepare( 'INSERT INTO `*PREFIX*calendar_calendars` (`userid`,`displayname`,`uri`,`ctag`,`calendarorder`,`calendarcolor`,`timezone`,`components`) VALUES(?,?,?,?,?,?,?,?)' ); $result = $stmt->execute(array($userid,$name,$uri,1,$order,$color,$timezone,$components)); return OCP\DB::insertid('*PREFIX*calendar_calendars'); @@ -155,7 +155,7 @@ class OC_Calendar_Calendar{ if(is_null($order)) $order = $calendar['calendarorder']; if(is_null($color)) $color = $calendar['calendarcolor']; - $stmt = OCP\DB::prepare( 'UPDATE *PREFIX*calendar_calendars SET displayname=?,calendarorder=?,calendarcolor=?,timezone=?,components=?,ctag=ctag+1 WHERE id=?' ); + $stmt = OCP\DB::prepare( 'UPDATE `*PREFIX*calendar_calendars` SET `displayname`=?,`calendarorder`=?,`calendarcolor`=?,`timezone`=?,`components`=?,`ctag`=`ctag`+1 WHERE `id`=?' ); $result = $stmt->execute(array($name,$order,$color,$timezone,$components,$id)); return true; @@ -168,7 +168,7 @@ class OC_Calendar_Calendar{ * @return boolean */ public static function setCalendarActive($id,$active){ - $stmt = OCP\DB::prepare( 'UPDATE *PREFIX*calendar_calendars SET active = ? WHERE id = ?' ); + $stmt = OCP\DB::prepare( 'UPDATE `*PREFIX*calendar_calendars` SET `active` = ? WHERE `id` = ?' ); $stmt->execute(array($active, $id)); return true; @@ -180,7 +180,7 @@ class OC_Calendar_Calendar{ * @return boolean */ public static function touchCalendar($id){ - $stmt = OCP\DB::prepare( 'UPDATE *PREFIX*calendar_calendars SET ctag = ctag + 1 WHERE id = ?' ); + $stmt = OCP\DB::prepare( 'UPDATE `*PREFIX*calendar_calendars` SET `ctag` = `ctag` + 1 WHERE `id` = ?' ); $stmt->execute(array($id)); return true; @@ -192,10 +192,10 @@ class OC_Calendar_Calendar{ * @return boolean */ public static function deleteCalendar($id){ - $stmt = OCP\DB::prepare( 'DELETE FROM *PREFIX*calendar_calendars WHERE id = ?' ); + $stmt = OCP\DB::prepare( 'DELETE FROM `*PREFIX*calendar_calendars` WHERE `id` = ?' ); $stmt->execute(array($id)); - $stmt = OCP\DB::prepare( 'DELETE FROM *PREFIX*calendar_objects WHERE calendarid = ?' ); + $stmt = OCP\DB::prepare( 'DELETE FROM `*PREFIX*calendar_objects` WHERE `calendarid` = ?' ); $stmt->execute(array($id)); return true; diff --git a/apps/calendar/lib/object.php b/apps/calendar/lib/object.php index 2a6ceaf468..df866bd3c5 100644 --- a/apps/calendar/lib/object.php +++ b/apps/calendar/lib/object.php @@ -19,7 +19,7 @@ class OC_Calendar_Object{ * ['calendardata'] */ public static function all($id){ - $stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*calendar_objects WHERE calendarid = ?' ); + $stmt = OCP\DB::prepare( 'SELECT * FROM `*PREFIX*calendar_objects` WHERE `calendarid` = ?' ); $result = $stmt->execute(array($id)); $calendarobjects = array(); @@ -41,10 +41,10 @@ class OC_Calendar_Object{ * in ['calendardata'] */ public static function allInPeriod($id, $start, $end){ - $stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*calendar_objects WHERE calendarid = ?' - .' AND ((startdate >= ? AND startdate <= ? AND repeating = 0)' - .' OR (enddate >= ? AND enddate <= ? AND repeating = 0)' - .' OR (startdate <= ? AND repeating = 1))' ); + $stmt = OCP\DB::prepare( 'SELECT * FROM `*PREFIX*calendar_objects` WHERE `calendarid` = ?' + .' AND ((`startdate` >= ? AND `startdate` <= ? AND `repeating` = 0)' + .' OR (`enddate` >= ? AND `enddate` <= ? AND `repeating` = 0)' + .' OR (`startdate` <= ? AND `repeating` = 1))' ); $start = self::getUTCforMDB($start); $end = self::getUTCforMDB($end); $result = $stmt->execute(array($id, @@ -66,7 +66,7 @@ class OC_Calendar_Object{ * @return associative array */ public static function find($id){ - $stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*calendar_objects WHERE id = ?' ); + $stmt = OCP\DB::prepare( 'SELECT * FROM `*PREFIX*calendar_objects` WHERE `id` = ?' ); $result = $stmt->execute(array($id)); return $result->fetchRow(); @@ -79,7 +79,7 @@ class OC_Calendar_Object{ * @return associative array */ public static function findWhereDAVDataIs($cid,$uri){ - $stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*calendar_objects WHERE calendarid = ? AND uri = ?' ); + $stmt = OCP\DB::prepare( 'SELECT * FROM `*PREFIX*calendar_objects` WHERE `calendarid` = ? AND `uri` = ?' ); $result = $stmt->execute(array($cid,$uri)); return $result->fetchRow(); @@ -103,7 +103,7 @@ class OC_Calendar_Object{ $uri = 'owncloud-'.md5($data.rand().time()).'.ics'; - $stmt = OCP\DB::prepare( 'INSERT INTO *PREFIX*calendar_objects (calendarid,objecttype,startdate,enddate,repeating,summary,calendardata,uri,lastmodified) VALUES(?,?,?,?,?,?,?,?,?)' ); + $stmt = OCP\DB::prepare( 'INSERT INTO `*PREFIX*calendar_objects` (`calendarid`,`objecttype`,`startdate`,`enddate`,`repeating`,`summary`,`calendardata`,`uri`,`lastmodified`) VALUES(?,?,?,?,?,?,?,?,?)' ); $stmt->execute(array($id,$type,$startdate,$enddate,$repeating,$summary,$data,$uri,time())); $object_id = OCP\DB::insertid('*PREFIX*calendar_objects'); @@ -123,7 +123,7 @@ class OC_Calendar_Object{ $object = OC_VObject::parse($data); list($type,$startdate,$enddate,$summary,$repeating,$uid) = self::extractData($object); - $stmt = OCP\DB::prepare( 'INSERT INTO *PREFIX*calendar_objects (calendarid,objecttype,startdate,enddate,repeating,summary,calendardata,uri,lastmodified) VALUES(?,?,?,?,?,?,?,?,?)' ); + $stmt = OCP\DB::prepare( 'INSERT INTO `*PREFIX*calendar_objects` (`calendarid`,`objecttype`,`startdate`,`enddate`,`repeating`,`summary`,`calendardata`,`uri`,`lastmodified`) VALUES(?,?,?,?,?,?,?,?,?)' ); $stmt->execute(array($id,$type,$startdate,$enddate,$repeating,$summary,$data,$uri,time())); $object_id = OCP\DB::insertid('*PREFIX*calendar_objects'); @@ -145,7 +145,7 @@ class OC_Calendar_Object{ OC_Calendar_App::loadCategoriesFromVCalendar($object); list($type,$startdate,$enddate,$summary,$repeating,$uid) = self::extractData($object); - $stmt = OCP\DB::prepare( 'UPDATE *PREFIX*calendar_objects SET objecttype=?,startdate=?,enddate=?,repeating=?,summary=?,calendardata=?, lastmodified = ? WHERE id = ?' ); + $stmt = OCP\DB::prepare( 'UPDATE `*PREFIX*calendar_objects` SET `objecttype`=?,`startdate`=?,`enddate`=?,`repeating`=?,`summary`=?,`calendardata`=?,`lastmodified`= ? WHERE `id` = ?' ); $stmt->execute(array($type,$startdate,$enddate,$repeating,$summary,$data,time(),$id)); OC_Calendar_Calendar::touchCalendar($oldobject['calendarid']); @@ -166,7 +166,7 @@ class OC_Calendar_Object{ $object = OC_VObject::parse($data); list($type,$startdate,$enddate,$summary,$repeating,$uid) = self::extractData($object); - $stmt = OCP\DB::prepare( 'UPDATE *PREFIX*calendar_objects SET objecttype=?,startdate=?,enddate=?,repeating=?,summary=?,calendardata=?, lastmodified = ? WHERE id = ?' ); + $stmt = OCP\DB::prepare( 'UPDATE `*PREFIX*calendar_objects` SET `objecttype`=?,`startdate`=?,`enddate`=?,`repeating`=?,`summary`=?,`calendardata`=?,`lastmodified`= ? WHERE `id` = ?' ); $stmt->execute(array($type,$startdate,$enddate,$repeating,$summary,$data,time(),$oldobject['id'])); OC_Calendar_Calendar::touchCalendar($oldobject['calendarid']); @@ -181,7 +181,7 @@ class OC_Calendar_Object{ */ public static function delete($id){ $oldobject = self::find($id); - $stmt = OCP\DB::prepare( 'DELETE FROM *PREFIX*calendar_objects WHERE id = ?' ); + $stmt = OCP\DB::prepare( 'DELETE FROM `*PREFIX*calendar_objects` WHERE `id` = ?' ); $stmt->execute(array($id)); OC_Calendar_Calendar::touchCalendar($oldobject['calendarid']); @@ -195,7 +195,7 @@ class OC_Calendar_Object{ * @return boolean */ public static function deleteFromDAVData($cid,$uri){ - $stmt = OCP\DB::prepare( 'DELETE FROM *PREFIX*calendar_objects WHERE calendarid = ? AND uri=?' ); + $stmt = OCP\DB::prepare( 'DELETE FROM `*PREFIX*calendar_objects` WHERE `calendarid`= ? AND `uri`=?' ); $stmt->execute(array($cid,$uri)); OC_Calendar_Calendar::touchCalendar($cid); @@ -203,7 +203,7 @@ class OC_Calendar_Object{ } public static function moveToCalendar($id, $calendarid){ - $stmt = OCP\DB::prepare( 'UPDATE *PREFIX*calendar_objects SET calendarid=? WHERE id = ?' ); + $stmt = OCP\DB::prepare( 'UPDATE `*PREFIX*calendar_objects` SET `calendarid`=? WHERE `id`=?' ); $stmt->execute(array($calendarid,$id)); OC_Calendar_Calendar::touchCalendar($id); diff --git a/apps/calendar/lib/share.php b/apps/calendar/lib/share.php index 54c531892f..aba2722165 100644 --- a/apps/calendar/lib/share.php +++ b/apps/calendar/lib/share.php @@ -25,7 +25,7 @@ class OC_Calendar_Share{ }else{ $active_where = ''; } - $stmt = OCP\DB::prepare("SELECT * FROM *PREFIX*calendar_share_" . $type . " WHERE ((share = ? AND sharetype = 'user') " . $group_where . ") AND owner <> ? " . $permission_where . " " . $active_where); + $stmt = OCP\DB::prepare("SELECT * FROM `*PREFIX*calendar_share_" . $type . "` WHERE ((`share` = ? AND `sharetype` = 'user') " . $group_where . ") AND `owner` <> ? " . $permission_where . " " . $active_where); $result = $stmt->execute(array($userid, $userid)); $return = array(); while( $row = $result->fetchRow()){ @@ -40,7 +40,7 @@ class OC_Calendar_Share{ * @return: (array) $users - information about users a calendar / event is shared with */ public static function allUsersSharedwith($id, $type){ - $stmt = OCP\DB::prepare('SELECT * FROM *PREFIX*calendar_share_' . $type . ' WHERE ' . $type . 'id = ? ORDER BY share'); + $stmt = OCP\DB::prepare('SELECT * FROM `*PREFIX*calendar_share_' . $type . '` WHERE `' . $type . 'id` = ? ORDER BY `share`'); $result = $stmt->execute(array($id)); $users = array(); while( $row = $result->fetchRow()){ @@ -72,7 +72,7 @@ class OC_Calendar_Share{ if($sharetype == 'public'){ $share = self::generate_token($id, $type); } - $stmt = OCP\DB::prepare('INSERT INTO *PREFIX*calendar_share_' . $type . ' (owner,share,sharetype,' . $type . 'id,permissions' . (($type == self::CALENDAR)?', active':'') . ') VALUES(?,?,?,?,0' . (($type == self::CALENDAR)?', 1':'') . ')' ); + $stmt = OCP\DB::prepare('INSERT INTO `*PREFIX*calendar_share_' . $type . '` (`owner`,`share`,`sharetype`,`' . $type . 'id`,`permissions`' . (($type == self::CALENDAR)?',`active`':'') . ') VALUES(?,?,?,?,0' . (($type == self::CALENDAR)?', 1':'') . ')' ); $result = $stmt->execute(array($owner,$share,$sharetype,$id)); if($sharetype == 'public'){ return $share; @@ -90,7 +90,7 @@ class OC_Calendar_Share{ * @return (bool) */ public static function unshare($owner, $share, $sharetype, $id, $type){ - $stmt = OCP\DB::prepare('DELETE FROM *PREFIX*calendar_share_' . $type . ' WHERE owner = ? ' . (($sharetype != 'public')?'AND share = ?':'') . ' AND sharetype = ? AND ' . $type . 'id = ?'); + $stmt = OCP\DB::prepare('DELETE FROM `*PREFIX*calendar_share_' . $type . '` WHERE `owner` = ? ' . (($sharetype != 'public')?'AND `share` = ?':'') . ' AND `sharetype` = ? AND `' . $type . 'id` = ?'); if($sharetype != 'public'){ $stmt->execute(array($owner,$share,$sharetype,$id)); }else{ @@ -111,7 +111,7 @@ class OC_Calendar_Share{ if($sharetype == 'public' && $permission == 1){ $permission = 0; } - $stmt = OCP\DB::prepare('UPDATE *PREFIX*calendar_share_' . $type . ' SET permissions = ? WHERE share = ? AND sharetype = ? AND ' . $type . 'id = ?'); + $stmt = OCP\DB::prepare('UPDATE `*PREFIX*calendar_share_' . $type . '` SET `permissions` = ? WHERE `share` = ? AND `sharetype` = ? AND `' . $type . 'id` = ?'); $stmt->execute(array($permission, $share, $sharetype, $id)); return true; } @@ -148,7 +148,7 @@ class OC_Calendar_Share{ * @return (bool) */ public static function is_already_shared($owner, $share, $sharetype, $id, $type){ - $stmt = OCP\DB::prepare('SELECT * FROM *PREFIX*calendar_share_' . $type . ' WHERE owner = ? AND share = ? AND sharetype = ? AND ' . $type . 'id = ?'); + $stmt = OCP\DB::prepare('SELECT * FROM `*PREFIX*calendar_share_' . $type . '` WHERE `owner` = ? AND `share` = ? AND `sharetype` = ? AND `' . $type . 'id` = ?'); $result = $stmt->execute(array($owner, $share, $sharetype, $id)); if($result->numRows() > 0){ return true; @@ -160,7 +160,7 @@ class OC_Calendar_Share{ $i = 0; foreach($groups as $group){ $group_where .= ' OR '; - $group_where .= " (share = '" . $group . "' AND sharetype = 'group') "; + $group_where .= ' (`share` = \'' . $group . '\' AND `sharetype` = \'group\') '; $i++; } return $group_where; @@ -168,7 +168,7 @@ class OC_Calendar_Share{ private static function permission_sql($permission = null){ $permission_where = ''; if(!is_null($permission)){ - $permission_where = ' AND permissions = '; + $permission_where = ' AND `permissions` = '; $permission_where .= ($permission=='rw')?"'1'":"'0'"; } return $permission_where; @@ -176,7 +176,7 @@ class OC_Calendar_Share{ private static function active_sql($active = null){ $active_where = ''; if(!is_null($active)){ - $active_where = 'AND active = '; + $active_where = 'AND `active` = '; $active_where .= (!is_null($active) && $active)?'1':'0'; } return $active_where; @@ -191,7 +191,7 @@ class OC_Calendar_Share{ public static function is_editing_allowed($share, $id, $type){ $group_where = self::group_sql(OC_Group::getUserGroups($share)); $permission_where = self::permission_sql('rw'); - $stmt = OCP\DB::prepare("SELECT * FROM *PREFIX*calendar_share_" . $type . " WHERE ((share = ? AND sharetype = 'user') " . $group_where . ") " . $permission_where); + $stmt = OCP\DB::prepare('SELECT * FROM `*PREFIX*calendar_share_' . $type . '` WHERE ((`share` = ? AND `sharetype` = \'user\') ' . $group_where . ') ' . $permission_where); $result = $stmt->execute(array($share)); if($result->numRows() == 1){ return true; @@ -211,7 +211,7 @@ class OC_Calendar_Share{ */ public static function check_access($share, $id, $type){ $group_where = self::group_sql(OC_Group::getUserGroups($share)); - $stmt = OCP\DB::prepare("SELECT * FROM *PREFIX*calendar_share_" . $type . " WHERE (" . $type . "id = ? AND (share = ? AND sharetype = 'user') " . $group_where . ")"); + $stmt = OCP\DB::prepare('SELECT * FROM `*PREFIX*calendar_share`_' . $type . '` WHERE (`' . $type . 'id` = ? AND (`share` = ? AND `sharetype` = \'user\') ' . $group_where . ')'); $result = $stmt->execute(array($id,$share)); $rows = $result->numRows(); if($rows > 0){ @@ -229,9 +229,9 @@ class OC_Calendar_Share{ * @return: mixed - bool if false, array with type and id if true */ public static function getElementByToken($token){ - $stmt_calendar = OCP\DB::prepare("SELECT * FROM *PREFIX*calendar_share_" . OC_Calendar_Share::CALENDAR . " WHERE sharetype = 'public' AND share = ?"); + $stmt_calendar = OCP\DB::prepare("SELECT * FROM `*PREFIX*calendar_share_" . OC_Calendar_Share::CALENDAR . "` WHERE `sharetype` = 'public' AND `share` = ?"); $result_calendar = $stmt_calendar->execute(array($token)); - $stmt_event = OCP\DB::prepare("SELECT * FROM *PREFIX*calendar_share_" . OC_Calendar_Share::EVENT . " WHERE sharetype = 'public' AND share = ?"); + $stmt_event = OCP\DB::prepare("SELECT * FROM `*PREFIX*calendar_share_" . OC_Calendar_Share::EVENT . "` WHERE `sharetype` = 'public' AND `share` = ?"); $result_event = $stmt_event->execute(array($token)); $return = array(); if($result_calendar->numRows() == 0 && $result_event->numRows() == 0){ @@ -253,7 +253,7 @@ class OC_Calendar_Share{ * @param (string) $ */ public static function set_active($share, $id, $active){ - $stmt = OCP\DB::prepare("UPDATE *PREFIX*calendar_share_calendar SET active = ? WHERE share = ? AND sharetype = 'user' AND calendarid = ?"); + $stmt = OCP\DB::prepare("UPDATE `*PREFIX*calendar_share_calendar` SET `active` = ? WHERE `share` = ? AND `sharetype` = 'user' AND `calendarid` = ?"); $stmt->execute(array($active, $share, $id)); } @@ -263,13 +263,13 @@ class OC_Calendar_Share{ * @return (bool) */ public static function post_userdelete($userid){ - $stmt = OCP\DB::prepare('DELETE FROM *PREFIX*calendar_share_calendar WHERE owner = ?'); + $stmt = OCP\DB::prepare('DELETE FROM `*PREFIX*calendar_share_calendar` WHERE `owner` = ?'); $stmt->execute(array($userid)); - $stmt = OCP\DB::prepare('DELETE FROM *PREFIX*calendar_share_event WHERE owner = ?'); + $stmt = OCP\DB::prepare('DELETE FROM `*PREFIX*calendar_share_event` WHERE `owner` = ?'); $stmt->execute(array($userid)); - $stmt = OCP\DB::prepare("DELETE FROM *PREFIX*calendar_share_calendar WHERE share = ? AND sharetype = 'user'"); + $stmt = OCP\DB::prepare("DELETE FROM `*PREFIX*calendar_share_calendar` WHERE `share` = ? AND `sharetype` = 'user'"); $stmt->execute(array($userid)); - $stmt = OCP\DB::prepare("DELETE FROM *PREFIX*calendar_share_event WHERE share = ? AND sharetype = 'user'"); + $stmt = OCP\DB::prepare("DELETE FROM `*PREFIX*calendar_share_event` WHERE `share` = ? AND `sharetype` = 'user'"); $stmt->execute(array($userid)); return true; } diff --git a/apps/contacts/appinfo/migrate.php b/apps/contacts/appinfo/migrate.php index 1400cdf79d..f43126e5c2 100644 --- a/apps/contacts/appinfo/migrate.php +++ b/apps/contacts/appinfo/migrate.php @@ -40,7 +40,7 @@ class OC_Migration_Provider_Contacts extends OC_Migration_Provider{ $idmap = array(); while( $row = $results->fetchRow() ){ // Import each bookmark, saving its id into the map - $query = OCP\DB::prepare( "INSERT INTO *PREFIX*contacts_addressbooks (`userid`, `displayname`, `uri`, `description`, `ctag`) VALUES (?, ?, ?, ?, ?)" ); + $query = OCP\DB::prepare( "INSERT INTO `*PREFIX*contacts_addressbooks` (`userid`, `displayname`, `uri`, `description`, `ctag`) VALUES (?, ?, ?, ?, ?)" ); $query->execute( array( $this->uid, $row['displayname'], $row['uri'], $row['description'], $row['ctag'] ) ); // Map the id $idmap[$row['id']] = OCP\DB::insertid(); @@ -51,7 +51,7 @@ class OC_Migration_Provider_Contacts extends OC_Migration_Provider{ $results = $query->execute( array( $oldid ) ); while( $row = $results->fetchRow() ){ // Import the tags for this bookmark, using the new bookmark id - $query = OCP\DB::prepare( "INSERT INTO *PREFIX*contacts_cards (`addressbookid`, `fullname`, `carddata`, `uri`, `lastmodified`) VALUES (?, ?, ?, ?, ?)" ); + $query = OCP\DB::prepare( "INSERT INTO `*PREFIX*contacts_cards` (`addressbookid`, `fullname`, `carddata`, `uri`, `lastmodified`) VALUES (?, ?, ?, ?, ?)" ); $query->execute( array( $newid, $row['fullname'], $row['carddata'], $row['uri'], $row['lastmodified'] ) ); } } diff --git a/apps/contacts/lib/addressbook.php b/apps/contacts/lib/addressbook.php index 634d59eb9b..1953b29661 100644 --- a/apps/contacts/lib/addressbook.php +++ b/apps/contacts/lib/addressbook.php @@ -44,7 +44,7 @@ class OC_Contacts_Addressbook{ * @return array */ public static function all($uid){ - $stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*contacts_addressbooks WHERE userid = ? ORDER BY displayname' ); + $stmt = OCP\DB::prepare( 'SELECT * FROM `*PREFIX*contacts_addressbooks` WHERE `userid` = ? ORDER BY `displayname`' ); $result = $stmt->execute(array($uid)); $addressbooks = array(); @@ -72,7 +72,7 @@ class OC_Contacts_Addressbook{ */ public static function find($id){ try { - $stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*contacts_addressbooks WHERE id = ?' ); + $stmt = OCP\DB::prepare( 'SELECT * FROM `*PREFIX*contacts_addressbooks` WHERE `id` = ?' ); $result = $stmt->execute(array($id)); return $result->fetchRow(); } catch(Exception $e) { @@ -98,7 +98,7 @@ class OC_Contacts_Addressbook{ $uri = self::createURI($name, $uris ); - $stmt = OCP\DB::prepare( 'INSERT INTO *PREFIX*contacts_addressbooks (userid,displayname,uri,description,ctag) VALUES(?,?,?,?,?)' ); + $stmt = OCP\DB::prepare( 'INSERT INTO `*PREFIX*contacts_addressbooks` (`userid`,`displayname`,`uri`,`description`,`ctag`) VALUES(?,?,?,?,?)' ); $result = $stmt->execute(array($userid,$name,$uri,$description,1)); return OCP\DB::insertid('*PREFIX*contacts_addressbooks'); @@ -115,7 +115,7 @@ class OC_Contacts_Addressbook{ public static function addFromDAVData($principaluri,$uri,$name,$description){ $userid = self::extractUserID($principaluri); - $stmt = OCP\DB::prepare( 'INSERT INTO *PREFIX*contacts_addressbooks (userid,displayname,uri,description,ctag) VALUES(?,?,?,?,?)' ); + $stmt = OCP\DB::prepare( 'INSERT INTO `*PREFIX*contacts_addressbooks` (`userid`,`displayname`,`uri`,`description`,`ctag`) VALUES(?,?,?,?,?)' ); $result = $stmt->execute(array($userid,$name,$uri,$description,1)); return OCP\DB::insertid('*PREFIX*contacts_addressbooks'); @@ -139,7 +139,7 @@ class OC_Contacts_Addressbook{ $description = $addressbook['description']; } - $stmt = OCP\DB::prepare( 'UPDATE *PREFIX*contacts_addressbooks SET displayname=?,description=?, ctag=ctag+1 WHERE id=?' ); + $stmt = OCP\DB::prepare( 'UPDATE `*PREFIX*contacts_addressbooks` SET `displayname`=?,`description`=?, `ctag`=`ctag`+1 WHERE `id`=?' ); $result = $stmt->execute(array($name,$description,$id)); return true; @@ -208,7 +208,7 @@ class OC_Contacts_Addressbook{ return $addressbooks; } $ids_sql = join(',', array_fill(0, count($active), '?')); - $prep = 'SELECT * FROM *PREFIX*contacts_addressbooks WHERE id IN ('.$ids_sql.') ORDER BY displayname'; + $prep = 'SELECT * FROM `*PREFIX*contacts_addressbooks` WHERE `id` IN ('.$ids_sql.') ORDER BY `displayname`'; try { $stmt = OCP\DB::prepare( $prep ); $result = $stmt->execute($active); @@ -275,7 +275,7 @@ class OC_Contacts_Addressbook{ public static function delete($id){ // FIXME: There's no error checking at all. self::setActive($id, false); - $stmt = OCP\DB::prepare( 'DELETE FROM *PREFIX*contacts_addressbooks WHERE id = ?' ); + $stmt = OCP\DB::prepare( 'DELETE FROM `*PREFIX*contacts_addressbooks` WHERE `id` = ?' ); $stmt->execute(array($id)); $cards = OC_Contacts_VCard::all($id); @@ -292,7 +292,7 @@ class OC_Contacts_Addressbook{ * @return boolean */ public static function touch($id){ - $stmt = OCP\DB::prepare( 'UPDATE *PREFIX*contacts_addressbooks SET ctag = ctag + 1 WHERE id = ?' ); + $stmt = OCP\DB::prepare( 'UPDATE `*PREFIX*contacts_addressbooks` SET `ctag` = `ctag` + 1 WHERE `id` = ?' ); $stmt->execute(array($id)); return true; diff --git a/apps/contacts/lib/vcard.php b/apps/contacts/lib/vcard.php index 7c8dbd2ee4..a0491c6323 100644 --- a/apps/contacts/lib/vcard.php +++ b/apps/contacts/lib/vcard.php @@ -51,7 +51,7 @@ class OC_Contacts_VCard{ $result = null; if(is_array($id) && count($id) > 1) { $id_sql = join(',', array_fill(0, count($id), '?')); - $prep = 'SELECT * FROM *PREFIX*contacts_cards WHERE addressbookid IN ('.$id_sql.') ORDER BY fullname'; + $prep = 'SELECT * FROM `*PREFIX*contacts_cards` WHERE `addressbookid` IN ('.$id_sql.') ORDER BY `fullname`'; try { $stmt = OCP\DB::prepare( $prep ); $result = $stmt->execute($id); @@ -68,7 +68,7 @@ class OC_Contacts_VCard{ $id = $id[0]; } try { - $stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*contacts_cards WHERE addressbookid = ? ORDER BY fullname' ); + $stmt = OCP\DB::prepare( 'SELECT * FROM `*PREFIX*contacts_cards` WHERE `addressbookid` = ? ORDER BY `fullname`' ); $result = $stmt->execute(array($id)); } catch(Exception $e) { OCP\Util::writeLog('contacts','OC_Contacts_VCard:all:, exception: '.$e->getMessage(),OCP\Util::ERROR); @@ -94,7 +94,7 @@ class OC_Contacts_VCard{ * @return associative array */ public static function find($id){ - $stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*contacts_cards WHERE id = ?' ); + $stmt = OCP\DB::prepare( 'SELECT * FROM `*PREFIX*contacts_cards` WHERE `id` = ?' ); $result = $stmt->execute(array($id)); return $result->fetchRow(); @@ -107,7 +107,7 @@ class OC_Contacts_VCard{ * @return associative array */ public static function findWhereDAVDataIs($aid,$uri){ - $stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*contacts_cards WHERE addressbookid = ? AND uri = ?' ); + $stmt = OCP\DB::prepare( 'SELECT * FROM `*PREFIX*contacts_cards` WHERE `addressbookid` = ? AND `uri` = ?' ); $result = $stmt->execute(array($aid,$uri)); return $result->fetchRow(); @@ -156,7 +156,7 @@ class OC_Contacts_VCard{ * @returns true if the UID has been changed. */ protected static function trueUID($aid, &$uid) { - $stmt = OCP\DB::prepare( 'SELECT * FROM *PREFIX*contacts_cards WHERE addressbookid = ? AND uri = ?' ); + $stmt = OCP\DB::prepare( 'SELECT * FROM `*PREFIX*contacts_cards` WHERE `addressbookid` = ? AND `uri` = ?' ); $uri = $uid.'.vcf'; $result = $stmt->execute(array($aid,$uri)); if($result->numRows() > 0){ @@ -297,7 +297,7 @@ class OC_Contacts_VCard{ } $data = $card->serialize(); - $stmt = OCP\DB::prepare( 'INSERT INTO *PREFIX*contacts_cards (addressbookid,fullname,carddata,uri,lastmodified) VALUES(?,?,?,?,?)' ); + $stmt = OCP\DB::prepare( 'INSERT INTO `*PREFIX*contacts_cards` (`addressbookid`,`fullname`,`carddata`,`uri`,`lastmodified`) VALUES(?,?,?,?,?)' ); $result = $stmt->execute(array($aid,$fn,$data,$uri,time())); $newid = OCP\DB::insertid('*PREFIX*contacts_cards'); @@ -323,7 +323,7 @@ class OC_Contacts_VCard{ * @param array $objects An array of [id, carddata]. */ public static function updateDataByID($objects){ - $stmt = OCP\DB::prepare( 'UPDATE *PREFIX*contacts_cards SET carddata = ?, lastmodified = ? WHERE id = ?' ); + $stmt = OCP\DB::prepare( 'UPDATE `*PREFIX*contacts_cards` SET `carddata` = ?, `lastmodified` = ? WHERE `id` = ?' ); $now = new DateTime; foreach($objects as $object) { $vcard = OC_VObject::parse($object[1]); @@ -365,7 +365,7 @@ class OC_Contacts_VCard{ $card->setString('REV', $now->format(DateTime::W3C)); $data = $card->serialize(); - $stmt = OCP\DB::prepare( 'UPDATE *PREFIX*contacts_cards SET fullname = ?,carddata = ?, lastmodified = ? WHERE id = ?' ); + $stmt = OCP\DB::prepare( 'UPDATE `*PREFIX*contacts_cards` SET `fullname` = ?,`carddata` = ?, `lastmodified` = ? WHERE `id` = ?' ); $result = $stmt->execute(array($fn,$data,time(),$id)); OC_Contacts_Addressbook::touch($oldcard['addressbookid']); @@ -397,7 +397,7 @@ class OC_Contacts_VCard{ */ public static function delete($id){ // FIXME: Add error checking. - $stmt = OCP\DB::prepare( 'DELETE FROM *PREFIX*contacts_cards WHERE id = ?' ); + $stmt = OCP\DB::prepare( 'DELETE FROM `*PREFIX*contacts_cards` WHERE `id` = ?' ); $stmt->execute(array($id)); return true; @@ -411,7 +411,7 @@ class OC_Contacts_VCard{ */ public static function deleteFromDAVData($aid,$uri){ // FIXME: Add error checking. Deleting a card gives an Kontact/Akonadi error. - $stmt = OCP\DB::prepare( 'DELETE FROM *PREFIX*contacts_cards WHERE addressbookid = ? AND uri=?' ); + $stmt = OCP\DB::prepare( 'DELETE FROM `*PREFIX*contacts_cards` WHERE `addressbookid` = ? AND `uri`=?' ); $stmt->execute(array($aid,$uri)); OC_Contacts_Addressbook::touch($aid); @@ -546,7 +546,7 @@ class OC_Contacts_VCard{ OC_Contacts_App::getAddressbook($aid); // check for user ownership. if(is_array($id)) { $id_sql = join(',', array_fill(0, count($id), '?')); - $prep = 'UPDATE *PREFIX*contacts_cards SET addressbookid = ? WHERE id IN ('.$id_sql.')'; + $prep = 'UPDATE `*PREFIX*contacts_cards` SET `addressbookid` = ? WHERE `id` IN ('.$id_sql.')'; try { $stmt = OCP\DB::prepare( $prep ); //$aid = array($aid); @@ -560,7 +560,7 @@ class OC_Contacts_VCard{ } } else { try { - $stmt = OCP\DB::prepare( 'UPDATE *PREFIX*contacts_cards SET addressbookid = ? WHERE id = ?' ); + $stmt = OCP\DB::prepare( 'UPDATE `*PREFIX*contacts_cards` SET `addressbookid` = ? WHERE `id` = ?' ); $result = $stmt->execute(array($aid, $id)); } catch(Exception $e) { OCP\Util::writeLog('contacts','OC_Contacts_VCard::moveToAddressBook:, exception: '.$e->getMessage(),OCP\Util::DEBUG); diff --git a/apps/files/appinfo/update.php b/apps/files/appinfo/update.php index 769a1a8e3e..c3e51debb5 100644 --- a/apps/files/appinfo/update.php +++ b/apps/files/appinfo/update.php @@ -1,14 +1,14 @@ execute(); - while( $row = $result->fetchRow()){ - $query = OC_DB::prepare( 'UPDATE *PREFIX*properties SET propertyname = ? WHERE userid = ? AND propertypath = ?' ); - $query->execute( array( preg_replace("/^{.*}/", "", $row["propertyname"]),$row["userid"], $row["propertypath"] )); - } +// fix webdav properties, remove namespace information between curly bracket update for OC4 +$installedVersion=OCP\Config::getAppValue('files', 'installed_version'); +if (version_compare($installedVersion, '1.1.2', '<')) { + $query = OC_DB::prepare( "SELECT propertyname, propertypath, userid FROM `*PREFIX*properties`" ); + $result = $query->execute(); + while( $row = $result->fetchRow()){ + $query = OC_DB::prepare( 'UPDATE `*PREFIX*properties` SET `propertyname` = ? WHERE `userid` = ? AND `propertypath` = ?' ); + $query->execute( array( preg_replace("/^{.*}/", "", $row["propertyname"]),$row["userid"], $row["propertypath"] )); + } } //update from OC 3 diff --git a/apps/files_sharing/lib_share.php b/apps/files_sharing/lib_share.php index 29a69360d3..05a80b7916 100644 --- a/apps/files_sharing/lib_share.php +++ b/apps/files_sharing/lib_share.php @@ -40,7 +40,7 @@ class OC_Share { */ public function __construct($source, $uid_shared_with, $permissions) { $uid_owner = OCP\USER::getUser(); - $query = OCP\DB::prepare("INSERT INTO *PREFIX*sharing VALUES(?,?,?,?,?)"); + $query = OCP\DB::prepare('INSERT INTO `*PREFIX*sharing` VALUES(?,?,?,?,?)'); // Check if this is a reshare and use the original source if ($result = OC_Share::getSource($source)) { $source = $result; @@ -78,7 +78,7 @@ class OC_Share { } foreach ($uid_shared_with as $uid) { // Check if this item is already shared with the user - $checkSource = OCP\DB::prepare("SELECT source FROM *PREFIX*sharing WHERE source = ? AND uid_shared_with ".self::getUsersAndGroups($uid, false)); + $checkSource = OCP\DB::prepare('SELECT `source` FROM `*PREFIX*sharing` WHERE `source` = ? AND `uid_shared_with` '.self::getUsersAndGroups($uid, false)); $resultCheckSource = $checkSource->execute(array($source))->fetchAll(); // TODO Check if the source is inside a folder if (count($resultCheckSource) > 0) { @@ -92,7 +92,7 @@ class OC_Share { // Check if the target already exists for the user, if it does append a number to the name $sharedFolder = '/'.$uid.'/files/Shared'; $target = $sharedFolder."/".basename($source); - $checkTarget = OCP\DB::prepare("SELECT source FROM *PREFIX*sharing WHERE target = ? AND uid_shared_with ".self::getUsersAndGroups($uid, false)." LIMIT 1"); + $checkTarget = OCP\DB::prepare('SELECT `source` FROM `*PREFIX*sharing` WHERE `target` = ? AND `uid_shared_with` '.self::getUsersAndGroups($uid, false).' LIMIT 1'); $result = $checkTarget->execute(array($target))->fetchAll(); if (count($result) > 0) { if ($pos = strrpos($target, ".")) { @@ -211,7 +211,7 @@ class OC_Share { $folders = self::getParentFolders($oldTarget); $source = $folders['source'].substr($oldTarget, strlen($folders['target'])); $item = self::getItem($folders['target']); - $query = OCP\DB::prepare("INSERT INTO *PREFIX*sharing VALUES(?,?,?,?,?)"); + $query = OCP\DB::prepare('INSERT INTO `*PREFIX*sharing` VALUES(?,?,?,?,?)'); $query->execute(array($item[0]['uid_owner'], OCP\USER::getUser(), $source, $newTarget, $item[0]['permissions'])); } @@ -222,7 +222,7 @@ class OC_Share { */ public static function getItem($target) { $target = self::cleanPath($target); - $query = OCP\DB::prepare("SELECT uid_owner, source, permissions FROM *PREFIX*sharing WHERE target = ? AND uid_shared_with = ? LIMIT 1"); + $query = OCP\DB::prepare('SELECT `uid_owner`, `source`, `permissions` FROM `*PREFIX*sharing` WHERE `target` = ? AND `uid_shared_with` = ? LIMIT 1'); return $query->execute(array($target, OCP\USER::getUser()))->fetchAll(); } @@ -233,7 +233,7 @@ class OC_Share { */ public static function getMySharedItem($source) { $source = self::cleanPath($source); - $query = OCP\DB::prepare("SELECT uid_shared_with, permissions FROM *PREFIX*sharing WHERE source = ? AND uid_owner = ?"); + $query = OCP\DB::prepare('SELECT `uid_shared_with`, `permissions` FROM `*PREFIX*sharing` WHERE `source` = ? AND `uid_owner` = ?'); $result = $query->execute(array($source, OCP\USER::getUser()))->fetchAll(); if (count($result) > 0) { return $result; @@ -249,7 +249,7 @@ class OC_Share { * @return An array with all items the user is sharing */ public static function getMySharedItems() { - $query = OCP\DB::prepare("SELECT uid_shared_with, source, permissions FROM *PREFIX*sharing WHERE uid_owner = ?"); + $query = OCP\DB::prepare('SELECT `uid_shared_with`, `source`, `permissions` FROM `*PREFIX*sharing` WHERE `uid_owner` = ?'); return $query->execute(array(OCP\USER::getUser()))->fetchAll(); } @@ -268,7 +268,7 @@ class OC_Share { $folder .= "/"; } $length = strlen($folder); - $query = OCP\DB::prepare("SELECT uid_owner, source, target, permissions FROM *PREFIX*sharing WHERE SUBSTR(source, 1, ?) = ? OR SUBSTR(target, 1, ?) = ? AND uid_shared_with ".self::getUsersAndGroups()); + $query = OCP\DB::prepare('SELECT `uid_owner`, `source`, `target`, `permissions` FROM `*PREFIX*sharing` WHERE SUBSTR(`source`, 1, ?) = ? OR SUBSTR(`target`, 1, ?) = ? AND `uid_shared_with` '.self::getUsersAndGroups()); return $query->execute(array($length, $folder, $length, $folder))->fetchAll(); } @@ -279,7 +279,7 @@ class OC_Share { */ public static function getParentFolders($target) { $target = self::cleanPath($target); - $query = OCP\DB::prepare("SELECT source FROM *PREFIX*sharing WHERE target = ? AND uid_shared_with".self::getUsersAndGroups()." LIMIT 1"); + $query = OCP\DB::prepare('SELECT `source` FROM `*PREFIX*sharing` WHERE `target` = ? AND `uid_shared_with` '.self::getUsersAndGroups().' LIMIT 1'); // Prevent searching for user directory e.g. '/MTGap/files' $userDirectory = substr($target, 0, strpos($target, "files") + 5); $target = dirname($target); @@ -287,9 +287,9 @@ class OC_Share { while ($target != "" && $target != "/" && $target != "." && $target != $userDirectory && $target != "\\") { // Check if the parent directory of this target location is shared $result = $query->execute(array($target))->fetchAll(); - if (count($result) > 0) { - break; - } + if (count($result) > 0) { + break; + } $target = dirname($target); } if (count($result) > 0) { @@ -307,7 +307,7 @@ class OC_Share { */ public static function getSource($target) { $target = self::cleanPath($target); - $query = OCP\DB::prepare("SELECT source FROM *PREFIX*sharing WHERE target = ? AND uid_shared_with ".self::getUsersAndGroups()." LIMIT 1"); + $query = OCP\DB::prepare('SELECT `source` FROM `*PREFIX*sharing` WHERE `target` = ? AND `uid_shared_with` '.self::getUsersAndGroups().' LIMIT 1'); $result = $query->execute(array($target))->fetchAll(); if (count($result) > 0) { return $result[0]['source']; @@ -318,12 +318,12 @@ class OC_Share { } else { return false; } - } - } + } +} public static function getTarget($source) { $source = self::cleanPath($source); - $query = OCP\DB::prepare("SELECT target FROM *PREFIX*sharing WHERE source = ? AND uid_owner = ? LIMIT 1"); + $query = OCP\DB::prepare('SELECT `target` FROM `*PREFIX*sharing` WHERE `source` = ? AND `uid_owner` = ? LIMIT 1'); $result = $query->execute(array($source, OCP\USER::getUser()))->fetchAll(); if (count($result) > 0) { return $result[0]['target']; @@ -340,7 +340,7 @@ class OC_Share { */ public static function getPermissions($target) { $target = self::cleanPath($target); - $query = OCP\DB::prepare("SELECT permissions FROM *PREFIX*sharing WHERE target = ? AND uid_shared_with ".self::getUsersAndGroups()." LIMIT 1"); + $query = OCP\DB::prepare('SELECT `permissions` FROM `*PREFIX*sharing` WHERE `target` = ? AND `uid_shared_with` '.self::getUsersAndGroups().' LIMIT 1'); $result = $query->execute(array($target))->fetchAll(); if (count($result) > 0) { return $result[0]['permissions']; @@ -372,7 +372,7 @@ class OC_Share { * @return The token of the public link, a sha1 hash */ public static function getTokenFromSource($source) { - $query = OCP\DB::prepare("SELECT target FROM *PREFIX*sharing WHERE source = ? AND uid_shared_with = ? AND uid_owner = ? LIMIT 1"); + $query = OCP\DB::prepare('SELECT `target` FROM `*PREFIX*sharing` WHERE `source` = ? AND `uid_shared_with` = ? AND `uid_owner` = ? LIMIT 1'); $result = $query->execute(array($source, self::PUBLICLINK, OCP\USER::getUser()))->fetchAll(); if (count($result) > 0) { return $result[0]['target']; @@ -392,7 +392,7 @@ class OC_Share { public static function setTarget($oldTarget, $newTarget) { $oldTarget = self::cleanPath($oldTarget); $newTarget = self::cleanPath($newTarget); - $query = OCP\DB::prepare("UPDATE *PREFIX*sharing SET target = REPLACE(target, ?, ?) WHERE uid_shared_with ".self::getUsersAndGroups()); + $query = OCP\DB::prepare('UPDATE `*PREFIX*sharing` SET `target` = `REPLACE(`target`, ?, ?) WHERE `uid_shared_with` '.self::getUsersAndGroups()); $query->execute(array($oldTarget, $newTarget)); } @@ -407,7 +407,7 @@ class OC_Share { */ public static function setPermissions($source, $uid_shared_with, $permissions) { $source = self::cleanPath($source); - $query = OCP\DB::prepare("UPDATE *PREFIX*sharing SET permissions = ? WHERE SUBSTR(source, 1, ?) = ? AND uid_owner = ? AND uid_shared_with ".self::getUsersAndGroups($uid_shared_with)); + $query = OCP\DB::prepare('UPDATE `*PREFIX*sharing` SET `permissions` = ? WHERE SUBSTR(`source`, 1, ?) = ? AND `uid_owner` = ? AND `uid_shared_with` '.self::getUsersAndGroups($uid_shared_with)); $query->execute(array($permissions, strlen($source), $source, OCP\USER::getUser())); } @@ -422,7 +422,7 @@ class OC_Share { public static function unshare($source, $uid_shared_with) { $source = self::cleanPath($source); $uid_owner = OCP\USER::getUser(); - $query = OCP\DB::prepare("DELETE FROM *PREFIX*sharing WHERE SUBSTR(source, 1, ?) = ? AND uid_owner = ? AND uid_shared_with ".self::getUsersAndGroups($uid_shared_with, false)); + $query = OCP\DB::prepare('DELETE FROM `*PREFIX*sharing` WHERE SUBSTR(`source`, 1, ?) = ? AND `uid_owner` = ? AND `uid_shared_with` '.self::getUsersAndGroups($uid_shared_with, false)); $query->execute(array(strlen($source), $source, $uid_owner)); self::updateFolder($uid_shared_with); } @@ -438,10 +438,10 @@ class OC_Share { public static function unshareFromMySelf($target, $delete = true) { $target = self::cleanPath($target); if ($delete) { - $query = OCP\DB::prepare("DELETE FROM *PREFIX*sharing WHERE SUBSTR(target, 1, ?) = ? AND uid_shared_with ".self::getUsersAndGroups()); + $query = OCP\DB::prepare('DELETE FROM `*PREFIX*sharing` WHERE SUBSTR(`target`, 1, ?) = ? AND `uid_shared_with` '.self::getUsersAndGroups()); $query->execute(array(strlen($target), $target)); } else { - $query = OCP\DB::prepare("UPDATE *PREFIX*sharing SET permissions = ? WHERE SUBSTR(target, 1, ?) = ? AND uid_shared_with ".self::getUsersAndGroups()); + $query = OCP\DB::prepare('UPDATE `*PREFIX*sharing` SET `permissions` = ? WHERE SUBSTR(`target`, 1, ?) = ? AND `uid_shared_with` '.self::getUsersAndGroups()); $query->execute(array(self::UNSHARED, strlen($target), $target)); } } @@ -458,7 +458,7 @@ class OC_Share { self::updateFolder($item['uid_shared_with']); } } - $query = OCP\DB::prepare("DELETE FROM *PREFIX*sharing WHERE SUBSTR(source, 1, ?) = ? AND uid_owner = ?"); + $query = OCP\DB::prepare('DELETE FROM `*PREFIX*sharing` WHERE SUBSTR(`source`, 1, ?) = ? AND `uid_owner` = ?'); $query->execute(array(strlen($source), $source, OCP\USER::getUser())); } @@ -469,7 +469,7 @@ class OC_Share { public static function renameItem($arguments) { $oldSource = "/".OCP\USER::getUser()."/files".self::cleanPath($arguments['oldpath']); $newSource = "/".OCP\USER::getUser()."/files".self::cleanPath($arguments['newpath']); - $query = OCP\DB::prepare("UPDATE *PREFIX*sharing SET source = REPLACE(source, ?, ?) WHERE uid_owner = ?"); + $query = OCP\DB::prepare('UPDATE `*PREFIX*sharing` SET `source` = REPLACE(`source`, ?, ?) WHERE `uid_owner` = ?'); $query->execute(array($oldSource, $newSource, OCP\USER::getUser())); } @@ -484,21 +484,21 @@ class OC_Share { } public static function removeUser($arguments) { - $query = OCP\DB::prepare("SELECT uid_shared_with FROM *PREFIX*sharing WHERE uid_owner = ?"); + $query = OCP\DB::prepare('SELECT `uid_shared_with` FROM `*PREFIX*sharing` WHERE `uid_owner` = ?'); $result = $query->execute(array($arguments['uid']))->fetchAll(); if (is_array($result)) { $result = array_unique($result); foreach ($result as $item) { self::updateFolder($item['uid_shared_with']); } - $query = OCP\DB::prepare('DELETE FROM *PREFIX*sharing WHERE uid_owner = ? OR uid_shared_with '.self::getUsersAndGroups($arguments['uid'])); + $query = OCP\DB::prepare('DELETE FROM `*PREFIX*sharing` WHERE `uid_owner` = ? OR `uid_shared_with` '.self::getUsersAndGroups($arguments['uid'])); $query->execute(array($arguments['uid'])); } } public static function addToGroupShare($arguments) { $length = -strlen($arguments['gid']) - 1; - $query = OCP\DB::prepare('SELECT uid_owner, source, permissions FROM *PREFIX*sharing WHERE SUBSTR(uid_shared_with, '.$length.') = ?'); + $query = OCP\DB::prepare('SELECT `uid_owner`, `source`, `permissions` FROM `*PREFIX*sharing` WHERE SUBSTR(`uid_shared_with`, '.$length.') = ?'); $gid = '@'.$arguments['gid']; $result = $query->execute(array($gid))->fetchAll(); if (count($result) > 0) { @@ -513,7 +513,7 @@ class OC_Share { } public static function removeFromGroupShare($arguments) { - $query = OCP\DB::prepare('DELETE FROM *PREFIX*sharing WHERE uid_shared_with = ?'); + $query = OCP\DB::prepare('DELETE FROM `*PREFIX*sharing` WHERE `uid_shared_with` = ?'); $query->execute(array($arguments['uid'].'@'.$arguments['gid'])); self::updateFolder($arguments['uid']); } diff --git a/apps/files_sharing/sharedstorage.php b/apps/files_sharing/sharedstorage.php index 41af077b5a..8b19338283 100644 --- a/apps/files_sharing/sharedstorage.php +++ b/apps/files_sharing/sharedstorage.php @@ -222,7 +222,7 @@ class OC_Filestorage_Shared extends OC_Filestorage { } if ($size > 0) { $dbpath = rtrim($this->datadir.$path, "/"); -// $query = OCP\DB::prepare("INSERT INTO *PREFIX*foldersize VALUES(?,?)"); +// $query = OCP\DB::prepare("INSERT INTO `*PREFIX*foldersize` VALUES(?,?)"); // $result = $query->execute(array($dbpath, $size)); } } @@ -236,7 +236,7 @@ class OC_Filestorage_Shared extends OC_Filestorage { $path = dirname($path); } $dbpath = rtrim($this->datadir.$path, "/"); -// $query = OCP\DB::prepare("DELETE FROM *PREFIX*/*foldersize*/ WHERE path = ?"); +// $query = OCP\DB::prepare("DELETE FROM `*PREFIX*/*foldersize*/` WHERE `path` = ?"); // $result = $query->execute(array($dbpath)); if ($path != "/" && $path != "") { $parts = explode("/", $path); diff --git a/apps/gallery/appinfo/app.php b/apps/gallery/appinfo/app.php index 8033774183..3d38b85b7e 100644 --- a/apps/gallery/appinfo/app.php +++ b/apps/gallery/appinfo/app.php @@ -45,7 +45,7 @@ OCP\App::addNavigationEntry( array( class OC_GallerySearchProvider extends OC_Search_Provider{ function search($query){ - $stmt = OCP\DB::prepare('SELECT * FROM *PREFIX*gallery_albums WHERE uid_owner = ? AND album_name LIKE ?'); + $stmt = OCP\DB::prepare('SELECT * FROM `*PREFIX*gallery_albums` WHERE `uid_owner` = ? AND `album_name` LIKE ?'); $result = $stmt->execute(array(OCP\USER::getUser(),'%'.$query.'%')); $results=array(); while($row=$result->fetchRow()){ diff --git a/apps/gallery/appinfo/update.php b/apps/gallery/appinfo/update.php index a0997ab5e8..c112bb3f89 100644 --- a/apps/gallery/appinfo/update.php +++ b/apps/gallery/appinfo/update.php @@ -2,9 +2,9 @@ $currentVersion=OC_Appconfig::getValue('gallery', 'installed_version'); if (version_compare($currentVersion, '0.5.0', '<')) { - $stmt = OCP\DB::prepare('DROP TABLE IF EXISTS *PREFIX*gallery_photos'); + $stmt = OCP\DB::prepare('DROP TABLE IF EXISTS `*PREFIX*gallery_photos`'); $stmt->execute(); - $stmt = OCP\DB::prepare('DROP TABLE IF EXISTS *PREFIX*gallery_albums'); + $stmt = OCP\DB::prepare('DROP TABLE IF EXISTS `*PREFIX*gallery_albums`'); $stmt->execute(); \OC_DB::createDbFromStructure(OC::$APPSROOT.'/apps/'.$appid.'/appinfo/database.xml'); diff --git a/apps/gallery/lib/album.php b/apps/gallery/lib/album.php index 5f962f12f1..b9aa535629 100644 --- a/apps/gallery/lib/album.php +++ b/apps/gallery/lib/album.php @@ -23,7 +23,7 @@ class OC_Gallery_Album { public static function create($owner, $name, $path){ - $stmt = OCP\DB::prepare('INSERT INTO *PREFIX*gallery_albums (uid_owner, album_name, album_path, parent_path) VALUES (?, ?, ?, ?)'); + $stmt = OCP\DB::prepare('INSERT INTO `*PREFIX*gallery_albums` (`uid_owner`, `album_name`, `album_path`, `parent_path`) ALUES (?, ?, ?, ?)'); $stmt->execute(array($owner, $name, $path, self::getParentPath($path))); } @@ -40,18 +40,18 @@ class OC_Gallery_Album { } public static function remove($owner, $name=null, $path=null, $parent=null) { - $sql = 'DELETE FROM *PREFIX*gallery_albums WHERE uid_owner LIKE ?'; + $sql = 'DELETE FROM `*PREFIX*gallery_albums` WHERE `uid_owner` LIKE ?'; $args = array($owner); if (!is_null($name)){ - $sql .= ' AND album_name LIKE ?'; + $sql .= ' AND `album_name` LIKE ?'; $args[] = $name; } if (!is_null($path)){ - $sql .= ' AND album_path LIKE ?'; + $sql .= ' AND `album_path` LIKE ?'; $args[] = $path; } if (!is_null($parent)){ - $sql .= ' AND parent_path LIKE ?'; + $sql .= ' AND `parent_path` LIKE ?'; $args[] = $parent; } $stmt = OCP\DB::prepare($sql); @@ -63,29 +63,29 @@ class OC_Gallery_Album { public static function removeByParentPath($owner, $parent) { self::remove($owner, null, null, $parent); } public static function find($owner, $name=null, $path=null, $parent=null){ - $sql = 'SELECT * FROM *PREFIX*gallery_albums WHERE uid_owner = ?'; + $sql = 'SELECT * FROM `*PREFIX*gallery_albums` WHERE `uid_owner` = ?'; $args = array($owner); if (!is_null($name)){ - $sql .= ' AND album_name = ?'; + $sql .= ' AND `album_name` = ?'; $args[] = $name; } if (!is_null($path)){ - $sql .= ' AND album_path = ?'; + $sql .= ' AND `album_path` = ?'; $args[] = $path; } if (!is_null($parent)){ - $sql .= ' AND parent_path = ?'; + $sql .= ' AND `parent_path` = ?'; $args[] = $parent; } $order = OCP\Config::getUserValue($owner, 'gallery', 'order', 'ASC'); - $sql .= ' ORDER BY album_name ' . $order; + $sql .= ' ORDER BY `album_name` ' . $order; $stmt = OCP\DB::prepare($sql); return $stmt->execute($args); } public static function changePath($oldname, $newname, $owner) { - $stmt = OCP\DB::prepare('UPDATE *PREFIX*gallery_albums SET album_path=? WHERE uid_owner=? AND album_path=?'); + $stmt = OCP\DB::prepare('UPDATE `*PREFIX*gallery_albums` SET `album_path`=? WHERE `uid_owner`=? AND `album_path`=?'); $stmt->execute(array($newname, $owner, $oldname)); } @@ -96,7 +96,7 @@ class OC_Gallery_Album { } public static function getAlbumSize($id){ - $sql = 'SELECT COUNT(*) as size FROM *PREFIX*gallery_photos WHERE album_id = ?'; + $sql = 'SELECT COUNT(*) AS `size` FROM `*PREFIX*gallery_photos` WHERE `album_id` = ?'; $stmt = OCP\DB::prepare($sql); $result=$stmt->execute(array($id))->fetchRow(); return $result['size']; @@ -104,7 +104,7 @@ class OC_Gallery_Album { public static function getIntermediateGallerySize($path) { $path .= '%'; - $sql = 'SELECT COUNT(*) as size FROM *PREFIX*gallery_photos photos, *PREFIX*gallery_albums albums WHERE photos.album_id = albums.album_id AND uid_owner = ? AND file_path LIKE ?'; + $sql = 'SELECT COUNT(*) AS `size` FROM `*PREFIX*gallery_photos` AS `photos`, `*PREFIX*gallery_albums` AS `albums` WHERE `photos`.`album_id` = `albums`.`album_id` AND `uid_owner` = ? AND `file_path` LIKE ?'; $stmt = OCP\DB::prepare($sql); $result = $stmt->execute(array(OCP\USER::getUser(), $path))->fetchRow(); return $result['size']; diff --git a/apps/gallery/lib/managers.php b/apps/gallery/lib/managers.php index da09c565cb..82356e54dd 100644 --- a/apps/gallery/lib/managers.php +++ b/apps/gallery/lib/managers.php @@ -17,7 +17,7 @@ class DatabaseManager { public function getFileData($path) { $gallery_path = \OCP\Config::getSystemValue( 'datadirectory' ).'/'.\OC_User::getUser().'/gallery'; $path = $gallery_path.$path; - $stmt = \OCP\DB::prepare('SELECT * FROM *PREFIX*pictures_images_cache WHERE uid_owner LIKE ? AND path = ?'); + $stmt = \OCP\DB::prepare('SELECT * FROM `*PREFIX*pictures_images_cache` WHERE `uid_owner` LIKE ? AND `path` = ?'); $result = $stmt->execute(array(\OCP\USER::getUser(), $path)); if (($row = $result->fetchRow()) != false) { return $row; @@ -26,7 +26,7 @@ class DatabaseManager { if (!$image->loadFromFile($path)) { return false; } - $stmt = \OCP\DB::prepare('INSERT INTO *PREFIX*pictures_images_cache (uid_owner, path, width, height) VALUES (?, ?, ?, ?)'); + $stmt = \OCP\DB::prepare('INSERT INTO `*PREFIX*pictures_images_cache` (`uid_owner`, `path`, `width`, `height`) VALUES (?, ?, ?, ?)'); $stmt->execute(array(\OCP\USER::getUser(), $path, $image->width(), $image->height())); $ret = array('path' => $path, 'width' => $image->width(), 'height' => $image->height()); unset($image); diff --git a/apps/gallery/lib/photo.php b/apps/gallery/lib/photo.php index 99384af621..1b4f908773 100644 --- a/apps/gallery/lib/photo.php +++ b/apps/gallery/lib/photo.php @@ -23,14 +23,14 @@ class OC_Gallery_Photo { public static function create($albumId, $img){ - $stmt = OCP\DB::prepare('INSERT INTO *PREFIX*gallery_photos (album_id, file_path) VALUES (?, ?)'); + $stmt = OCP\DB::prepare('INSERT INTO `*PREFIX*gallery_photos` (`album_id`, `file_path`) VALUES (?, ?)'); $stmt->execute(array($albumId, $img)); } public static function find($albumId, $img=null){ - $sql = 'SELECT * FROM *PREFIX*gallery_photos WHERE album_id = ?'; + $sql = 'SELECT * FROM `*PREFIX*gallery_photos` WHERE `album_id` = ?'; $args = array($albumId); if (!is_null($img)){ - $sql .= ' AND file_path = ?'; + $sql .= ' AND `file_path` = ?'; $args[] = $img; } $stmt = OCP\DB::prepare($sql); @@ -38,31 +38,31 @@ class OC_Gallery_Photo { } public static function findForAlbum($owner, $album_name){ $stmt = OCP\DB::prepare('SELECT *' - .' FROM *PREFIX*gallery_photos photos,' - .' *PREFIX*gallery_albums albums' - .' WHERE albums.uid_owner = ?' - .' AND albums.album_name = ?' - .' AND photos.album_id = albums.album_id'); + .' FROM `*PREFIX*gallery_photos photos`,' + .' `*PREFIX*gallery_albums albums`' + .' WHERE `albums`.`uid_owner` = ?' + .' AND `albums`.`album_name` = ?' + .' AND `photos`.`album_id` = `albums`.`album_id`'); return $stmt->execute(array($owner, $album_name)); } public static function removeByPath($path, $album_id) { - $stmt = OCP\DB::prepare('DELETE FROM *PREFIX*gallery_photos WHERE file_path LIKE ? and album_id = ?'); + $stmt = OCP\DB::prepare('DELETE FROM `*PREFIX*gallery_photos` WHERE `file_path` LIKE ? AND `album_id` = ?'); $stmt->execute(array($path, $album_id)); } public static function removeById($id) { - $stmt = OCP\DB::prepare('DELETE FROM *PREFIX*gallery_photos WHERE photo_id = ?'); + $stmt = OCP\DB::prepare('DELETE FROM `*PREFIX*gallery_photos` WHERE `photo_id` = ?'); $stmt->execute(array($id)); } public static function removeByAlbumId($albumid) { - $stmt = OCP\DB::prepare('DELETE FROM *PREFIX*gallery_photos WHERE album_id = ?'); + $stmt = OCP\DB::prepare('DELETE FROM `*PREFIX*gallery_photos` WHERE `album_id` = ?'); $stmt->execute(array($albumid)); } public static function changePath($oldAlbumId, $newAlbumId, $oldpath, $newpath) { - $stmt = OCP\DB::prepare("UPDATE *PREFIX*gallery_photos SET file_path = ?, album_id = ? WHERE album_id = ? and file_path = ?"); + $stmt = OCP\DB::prepare("UPDATE `*PREFIX*gallery_photos` SET `file_path` = ?, `album_id` = ? WHERE `album_id` = ? AND `file_path` = ?"); $stmt->execute(array($newpath, $newAlbumId, $oldAlbumId, $oldpath)); } diff --git a/apps/gallery/lib/sharing.php b/apps/gallery/lib/sharing.php index fffeca032a..e79692392a 100644 --- a/apps/gallery/lib/sharing.php +++ b/apps/gallery/lib/sharing.php @@ -23,7 +23,7 @@ class OC_Gallery_Sharing { private static function getEntries($token) { - $sql = 'SELECT * FROM *PREFIX*gallery_sharing WHERE token = ?'; + $sql = 'SELECT * FROM `*PREFIX*gallery_sharing` WHERE `token` = ?'; $stmt = OCP\DB::prepare($sql); return $stmt->execute(array($token)); } @@ -44,7 +44,7 @@ class OC_Gallery_Sharing { $r = self::getEntries($token); if ($row = $r->fetchRow()) { $galleryId = $row['gallery_id']; - $sql = 'SELECT * FROM *PREFIX*gallery_albums WHERE album_id = ?'; + $sql = 'SELECT * FROM `*PREFIX*gallery_albums` WHERE `album_id` = ?'; $stmt = OCP\DB::prepare($sql); $r = $stmt->execute(array($galleryId)); if ($row = $r->fetchRow()) @@ -57,7 +57,7 @@ class OC_Gallery_Sharing { $r = self::getEntries($token); if ($row = $r->fetchRow()) { $galleryId = $row['gallery_id']; - $sql = 'SELECT * FROM *PREFIX*gallery_albums WHERE album_id = ?'; + $sql = 'SELECT * FROM `*PREFIX*gallery_albums` WHERE `album_id` = ?'; $stmt = OCP\DB::prepare($sql); $r = $stmt->execute(array($galleryId)); if ($row = $r->fetchRow()) @@ -66,23 +66,23 @@ class OC_Gallery_Sharing { } public static function updateSharingByToken($token, $recursive) { - $stmt = OCP\DB::prepare('UPDATE *PREFIX*gallery_sharing SET recursive = ? WHERE token = ?'); + $stmt = OCP\DB::prepare('UPDATE `*PREFIX*gallery_sharing` SET `recursive` = ? WHERE `token` = ?'); $stmt->execute(array($recursive, $token)); } public static function getEntryByAlbumId($album_id) { - $stmt = OCP\DB::prepare('SELECT * FROM *PREFIX*gallery_sharing WHERE gallery_id = ?'); + $stmt = OCP\DB::prepare('SELECT * FROM `*PREFIX*gallery_sharing` WHERE `gallery_id` = ?'); return $stmt->execute(array($album_id)); } public static function addShared($token, $albumId, $recursive) { - $sql = 'INSERT INTO *PREFIX*gallery_sharing (token, gallery_id, recursive) VALUES (?, ?, ?)'; + $sql = 'INSERT INTO `*PREFIX*gallery_sharing` (`token`, `gallery_id`, `recursive`) VALUES (?, ?, ?)'; $stmt = OCP\DB::prepare($sql); $stmt->execute(array($token, $albumId, $recursive)); } public static function remove($albumId) { - $stmt = OCP\DB::prepare('DELETE FROM *PREFIX*gallery_sharing WHERE gallery_id = ?'); + $stmt = OCP\DB::prepare('DELETE FROM `*PREFIX*gallery_sharing` WHERE `gallery_id` = ?'); $stmt->execute(array($albumId)); } } diff --git a/apps/media/lib_ampache.php b/apps/media/lib_ampache.php index 63682100d4..8f8f1e985a 100644 --- a/apps/media/lib_ampache.php +++ b/apps/media/lib_ampache.php @@ -65,7 +65,7 @@ class OC_MEDIA_AMPACHE{ "); } if($auth and $user and $time){ - $query=OCP\DB::prepare("SELECT user_id, user_password_sha256 from *PREFIX*media_users WHERE user_id=?"); + $query=OCP\DB::prepare("SELECT `user_id`, `user_password_sha256` FROM `*PREFIX*media_users` WHERE `user_id`=?"); $users=$query->execute(array($user))->fetchAll(); if(count($users)>0){ $pass=$users[0]['user_password_sha256']; @@ -77,7 +77,7 @@ class OC_MEDIA_AMPACHE{ $songs=OC_MEDIA_COLLECTION::getSongCount(); $artists=OC_MEDIA_COLLECTION::getArtistCount(); $albums=OC_MEDIA_COLLECTION::getAlbumCount(); - $query=OCP\DB::prepare("INSERT INTO *PREFIX*media_sessions (`session_id`, `token`, `user_id`, `start`) VALUES (NULL, ?, ?, now());"); + $query=OCP\DB::prepare("INSERT INTO `*PREFIX*media_sessions` (`session_id`, `token`, `user_id`, `start`) VALUES (NULL, ?, ?, now());"); $query->execute(array($token,$user)); $expire=date('c',time()+600); echo(''); @@ -137,10 +137,10 @@ class OC_MEDIA_AMPACHE{ } } //remove old sessions - $query=OCP\DB::prepare("DELETE from *PREFIX*media_sessions WHERE start<(NOW()-600)"); + $query=OCP\DB::prepare("DELETE FROM `*PREFIX*media_sessions` WHERE `start`<(NOW()-600)"); $query->execute(); - $query=OCP\DB::prepare("SELECT user_id from *PREFIX*media_sessions WHERE token=?"); + $query=OCP\DB::prepare("SELECT `user_id` FROM `*PREFIX*media_sessions` WHERE `token`=?"); $users=$query->execute(array($auth))->fetchAll(); if(count($users)>0){ OC_MEDIA_COLLECTION::$uid=$users[0]['user_id']; @@ -152,7 +152,7 @@ class OC_MEDIA_AMPACHE{ } public static function updateAuth($auth){ - $query=OCP\DB::prepare("UPDATE *PREFIX*media_sessions SET start=CURRENT_TIMESTAMP WHERE token=?"); + $query=OCP\DB::prepare("UPDATE `*PREFIX*media_sessions` SET `start`=CURRENT_TIMESTAMP WHERE `token`=?"); $query->execute(array($auth)); } diff --git a/apps/media/lib_collection.php b/apps/media/lib_collection.php index 598c08d32e..b59e6f8210 100644 --- a/apps/media/lib_collection.php +++ b/apps/media/lib_collection.php @@ -43,7 +43,7 @@ class OC_MEDIA_COLLECTION{ if(isset(self::$artistIdCache[$name])){ return self::$artistIdCache[$name]; }else{ - $query=OCP\DB::prepare("SELECT artist_id FROM *PREFIX*media_artists WHERE lower(artist_name) LIKE ?"); + $query=OCP\DB::prepare("SELECT `artist_id` FROM `*PREFIX*media_artists` WHERE lower(`artist_name`) LIKE ?"); $artists=$query->execute(array($name))->fetchAll(); if(is_array($artists) and isset($artists[0])){ self::$artistIdCache[$name]=$artists[0]['artist_id']; @@ -71,7 +71,7 @@ class OC_MEDIA_COLLECTION{ if(isset(self::$albumIdCache[$artistId][$name])){ return self::$albumIdCache[$artistId][$name]; }else{ - $query=OCP\DB::prepare("SELECT album_id FROM *PREFIX*media_albums WHERE lower(album_name) LIKE ? AND album_artist=?"); + $query=OCP\DB::prepare("SELECT `album_id` FROM `*PREFIX*media_albums` WHERE lower(`album_name`) LIKE ? AND `album_artist`=?"); $albums=$query->execute(array($name,$artistId))->fetchAll(); if(is_array($albums) and isset($albums[0])){ self::$albumIdCache[$artistId][$name]=$albums[0]['album_id']; @@ -104,7 +104,7 @@ class OC_MEDIA_COLLECTION{ return self::$albumIdCache[$artistId][$albumId][$name]; }else{ $uid=$_SESSION['user_id']; - $query=OCP\DB::prepare("SELECT song_id FROM *PREFIX*media_songs WHERE song_user=? AND lower(song_name) LIKE ? AND song_artist=? AND song_album=?"); + $query=OCP\DB::prepare("SELECT `song_id` FROM `*PREFIX*media_songs` WHERE `song_user`=? AND lower(`song_name`) LIKE ? AND `song_artist`=? AND `song_album`=?"); $songs=$query->execute(array($uid,$name,$artistId,$albumId))->fetchAll(); if(is_array($songs) and isset($songs[0])){ self::$albumIdCache[$artistId][$albumId][$name]=$songs[0]['song_id']; @@ -130,8 +130,8 @@ class OC_MEDIA_COLLECTION{ }elseif($search==''){ $search='%'; } - $query=OCP\DB::prepare("SELECT DISTINCT artist_name, artist_id FROM *PREFIX*media_artists - INNER JOIN *PREFIX*media_songs ON artist_id=song_artist WHERE artist_name LIKE ? AND song_user=? ORDER BY artist_name"); + $query=OCP\DB::prepare("SELECT DISTINCT `artist_name`, `artist_id` FROM `*PREFIX*media_artists` + INNER JOIN `*PREFIX*media_songs` ON `artist_id`=`song_artist` WHERE `artist_name` LIKE ? AND `song_user`=? ORDER BY `artist_name`"); $result=$query->execute(array($search,self::$uid)); return $result->fetchAll(); } @@ -168,21 +168,21 @@ class OC_MEDIA_COLLECTION{ if(empty($uid)){ $uid=self::$uid=$_SESSION['user_id']; } - $cmd="SELECT DISTINCT album_name, album_artist, album_id - FROM *PREFIX*media_albums INNER JOIN *PREFIX*media_songs ON album_id=song_album WHERE song_user=? "; + $cmd="SELECT DISTINCT `album_name`, `album_artist`, `album_id` + FROM `*PREFIX*media_albums` INNER JOIN `*PREFIX*media_songs` ON `album_id`=`song_album` WHERE `song_user`=? "; $params=array(self::$uid); if($artist!=0){ - $cmd.="AND album_artist = ? "; + $cmd.="AND `album_artist` = ? "; array_push($params,$artist); } if($search!='%'){ - $cmd.="AND album_name LIKE ? "; + $cmd.="AND `album_name` LIKE ? "; if(!$exact){ $search="%$search%"; } array_push($params,$search); } - $cmd.=' ORDER BY album_name'; + $cmd.=' ORDER BY `album_name`'; $query=OCP\DB::prepare($cmd); return $query->execute($params)->fetchAll(); } @@ -223,13 +223,13 @@ class OC_MEDIA_COLLECTION{ } $params=array($uid); if($artist!=0){ - $artistString="AND song_artist = ?"; + $artistString="AND `song_artist` = ?"; array_push($params,$artist); }else{ $artistString=''; } if($album!=0){ - $albumString="AND song_album = ?"; + $albumString="AND `song_album` = ?"; array_push($params,$album); }else{ $albumString=''; @@ -238,12 +238,12 @@ class OC_MEDIA_COLLECTION{ if(!$exact){ $search="%$search%"; } - $searchString ="AND song_name LIKE ?"; + $searchString ="AND `song_name` LIKE ?"; array_push($params,$search); }else{ $searchString=''; } - $query=OCP\DB::prepare("SELECT * FROM *PREFIX*media_songs WHERE song_user=? $artistString $albumString $searchString ORDER BY song_track, song_name, song_path"); + $query=OCP\DB::prepare("SELECT * FROM `*PREFIX*media_songs` WHERE `song_user`=? $artistString $albumString $searchString ORDER BY `song_track`, `song_name`, `song_path`"); return $query->execute($params)->fetchAll(); } @@ -284,25 +284,25 @@ class OC_MEDIA_COLLECTION{ } public static function getSongCount(){ - $query=OCP\DB::prepare("SELECT COUNT(song_id) AS count FROM *PREFIX*media_songs"); + $query=OCP\DB::prepare("SELECT COUNT(`song_id`) AS `count` FROM `*PREFIX*media_songs`"); $result=$query->execute()->fetchAll(); return $result[0]['count']; } public static function getArtistCount(){ - $query=OCP\DB::prepare("SELECT COUNT(artist_id) AS count FROM *PREFIX*media_artists"); + $query=OCP\DB::prepare("SELECT COUNT(`artist_id`) AS `count` FROM `*PREFIX*media_artists`"); $result=$query->execute()->fetchAll(); return $result[0]['count']; } public static function getAlbumCount(){ - $query=OCP\DB::prepare("SELECT COUNT(album_id) AS count FROM *PREFIX*media_albums"); + $query=OCP\DB::prepare("SELECT COUNT(`album_id`) AS `count` FROM `*PREFIX*media_albums`"); $result=$query->execute()->fetchAll(); return $result[0]['count']; } public static function getArtistName($artistId){ - $query=OCP\DB::prepare("SELECT artist_name FROM *PREFIX*media_artists WHERE artist_id=?"); + $query=OCP\DB::prepare("SELECT `artist_name` FROM `*PREFIX*media_artists` WHERE `artist_id`=?"); $artist=$query->execute(array($artistId))->fetchAll(); if(count($artist)>0){ return $artist[0]['artist_name']; @@ -312,7 +312,7 @@ class OC_MEDIA_COLLECTION{ } public static function getAlbumName($albumId){ - $query=OCP\DB::prepare("SELECT album_name FROM *PREFIX*media_albums WHERE album_id=?"); + $query=OCP\DB::prepare("SELECT `album_name` FROM `*PREFIX*media_albums` WHERE `album_id`=?"); $album=$query->execute(array($albumId))->fetchAll(); if(count($album)>0){ return $album[0]['album_name']; @@ -322,7 +322,7 @@ class OC_MEDIA_COLLECTION{ } public static function getSong($id){ - $query=OCP\DB::prepare("SELECT * FROM *PREFIX*media_songs WHERE song_id=?"); + $query=OCP\DB::prepare("SELECT * FROM `*PREFIX*media_songs` WHERE `song_id`=?"); $song=$query->execute(array($id))->fetchAll(); if(count($song)>0){ return $song[0]; @@ -336,7 +336,7 @@ class OC_MEDIA_COLLECTION{ * @param string $path */ public static function getSongCountByPath($path){ - $query=OCP\DB::prepare("SELECT COUNT(song_id) AS count FROM *PREFIX*media_songs WHERE song_path LIKE ?"); + $query=OCP\DB::prepare("SELECT COUNT(`song_id`) AS `count` FROM `*PREFIX*media_songs` WHERE `song_path` LIKE ?"); $result=$query->execute(array("$path%"))->fetchAll(); return $result[0]['count']; } @@ -348,7 +348,7 @@ class OC_MEDIA_COLLECTION{ * if a path of a folder is passed, all songs stored in the folder will be removed from the database */ public static function deleteSongByPath($path){ - $query=OCP\DB::prepare("DELETE FROM *PREFIX*media_songs WHERE song_path LIKE ?"); + $query=OCP\DB::prepare("DELETE FROM `*PREFIX*media_songs` WHERE `song_path` LIKE ?"); $query->execute(array("$path%")); } @@ -358,7 +358,7 @@ class OC_MEDIA_COLLECTION{ */ public static function registerPlay($songId){ $now=time(); - $query=OCP\DB::prepare('UPDATE *PREFIX*media_songs SET song_playcount=song_playcount+1, song_lastplayed=? WHERE song_id=? AND song_lastplayedexecute(array($now,$songId,$now-60)); } @@ -368,7 +368,7 @@ class OC_MEDIA_COLLECTION{ * @return int */ public static function getSongByPath($path){ - $query=OCP\DB::prepare("SELECT song_id FROM *PREFIX*media_songs WHERE song_path = ?"); + $query=OCP\DB::prepare("SELECT `song_id` FROM `*PREFIX*media_songs` WHERE `song_path` = ?"); $result=$query->execute(array($path)); if($row=$result->fetchRow()){ return $row['song_id']; @@ -383,7 +383,7 @@ class OC_MEDIA_COLLECTION{ * @param string $newPath */ public static function moveSong($oldPath,$newPath){ - $query=OCP\DB::prepare("UPDATE *PREFIX*media_songs SET song_path = ? WHERE song_path = ?"); + $query=OCP\DB::prepare("UPDATE `*PREFIX*media_songs` SET `song_path` = ? WHERE `song_path` = ?"); $query->execute(array($newPath,$oldPath)); } } diff --git a/apps/media/lib_media.php b/apps/media/lib_media.php index 71069fdf4b..f9f10584dd 100644 --- a/apps/media/lib_media.php +++ b/apps/media/lib_media.php @@ -41,11 +41,11 @@ class OC_MEDIA{ public static function loginListener($params){ if(isset($_POST['user']) and $_POST['password']){ $name=$_POST['user']; - $query=OCP\DB::prepare("SELECT user_id from *PREFIX*media_users WHERE user_id LIKE ?"); + $query=OCP\DB::prepare("SELECT `user_id` from `*PREFIX*media_users` WHERE `user_id` LIKE ?"); $uid=$query->execute(array($name))->fetchAll(); if(count($uid)==0){ $password=hash('sha256',$_POST['password']); - $query=OCP\DB::prepare("INSERT INTO *PREFIX*media_users (user_id, user_password_sha256) VALUES (?, ?);"); + $query=OCP\DB::prepare("INSERT INTO `*PREFIX*media_users` (`user_id`, `user_password_sha256`) VALUES (?, ?);"); $query->execute(array($name,$password)); } } diff --git a/apps/remoteStorage/lib_remoteStorage.php b/apps/remoteStorage/lib_remoteStorage.php index 42cd9c90f6..7c7e455d82 100644 --- a/apps/remoteStorage/lib_remoteStorage.php +++ b/apps/remoteStorage/lib_remoteStorage.php @@ -2,7 +2,7 @@ class OC_remoteStorage { public static function getValidTokens($ownCloudUser, $category) { - $query=OCP\DB::prepare("SELECT token,appUrl,category FROM *PREFIX*authtoken WHERE user=? LIMIT 100"); + $query=OCP\DB::prepare("SELECT `token`,`appUrl`,`category` FROM `*PREFIX*authtoken` WHERE `user`=? LIMIT 100"); $result=$query->execute(array($ownCloudUser)); $ret = array(); while($row=$result->fetchRow()){ @@ -15,7 +15,7 @@ class OC_remoteStorage { public static function getTokenFor($appUrl, $categories) { $user=OCP\USER::getUser(); - $query=OCP\DB::prepare("SELECT token FROM *PREFIX*authtoken WHERE user=? AND appUrl=? AND category=? LIMIT 1"); + $query=OCP\DB::prepare("SELECT `token` FROM `*PREFIX*authtoken` WHERE `user`=? AND `appUrl`=? AND `category`=? LIMIT 1"); $result=$query->execute(array($user, $appUrl, $categories)); $ret = array(); if($row=$result->fetchRow()) { @@ -27,7 +27,7 @@ class OC_remoteStorage { public static function getAllTokens() { $user=OCP\USER::getUser(); - $query=OCP\DB::prepare("SELECT token,appUrl,category FROM *PREFIX*authtoken WHERE user=? LIMIT 100"); + $query=OCP\DB::prepare("SELECT `token`,`appUrl`,`category` FROM `*PREFIX*authtoken` WHERE `user`=? LIMIT 100"); $result=$query->execute(array($user)); $ret = array(); while($row=$result->fetchRow()){ @@ -41,13 +41,13 @@ class OC_remoteStorage { public static function deleteToken($token) { $user=OCP\USER::getUser(); - $query=OCP\DB::prepare("DELETE FROM *PREFIX*authtoken WHERE token=? AND user=?"); + $query=OCP\DB::prepare("DELETE FROM `*PREFIX*authtoken` WHERE `token`=? AND `user`=?"); $result=$query->execute(array($token,$user)); return 'unknown';//how can we see if any rows were affected? } private static function addToken($token, $appUrl, $categories){ $user=OCP\USER::getUser(); - $query=OCP\DB::prepare("INSERT INTO *PREFIX*authtoken (`token`,`appUrl`,`user`,`category`) VALUES(?,?,?,?)"); + $query=OCP\DB::prepare("INSERT INTO `*PREFIX*authtoken` (`token`,`appUrl`,`user`,`category`) VALUES(?,?,?,?)"); $result=$query->execute(array($token,$appUrl,$user,$categories)); } public static function createCategories($appUrl, $categories) { diff --git a/apps/user_ldap/appinfo/update.php b/apps/user_ldap/appinfo/update.php index b3f7a397db..3ebb19c2fc 100644 --- a/apps/user_ldap/appinfo/update.php +++ b/apps/user_ldap/appinfo/update.php @@ -14,7 +14,7 @@ if(!is_null($pw)) { //it's a bit spaghetti, but hey. $state = OCP\Config::getSystemValue('ldapIgnoreNamingRules', 'doCheck'); if($state == 'doCheck'){ - $sqlCleanMap = 'DELETE FROM *PREFIX*ldap_user_mapping'; + $sqlCleanMap = 'DELETE FROM `*PREFIX*ldap_user_mapping`'; require_once(OC::$APPSROOT.'/apps/user_ldap/lib_ldap.php'); require_once(OC::$APPSROOT.'/apps/user_ldap/user_ldap.php'); diff --git a/apps/user_ldap/lib_ldap.php b/apps/user_ldap/lib_ldap.php index 4bd0ff4bbf..ab838812ae 100644 --- a/apps/user_ldap/lib_ldap.php +++ b/apps/user_ldap/lib_ldap.php @@ -153,9 +153,9 @@ class OC_LDAP { $table = self::getMapTable($isUser); $query = OCP\DB::prepare(' - SELECT ldap_dn - FROM '.$table.' - WHERE owncloud_name = ? + SELECT `ldap_dn` + FROM `'.$table.'` + WHERE `owncloud_name` = ? '); $record = $query->execute(array($name))->fetchOne(); @@ -202,9 +202,9 @@ class OC_LDAP { } $query = OCP\DB::prepare(' - SELECT owncloud_name - FROM '.$table.' - WHERE ldap_dn = ? + SELECT `owncloud_name` + FROM `'.$table.'` + WHERE `ldap_dn` = ? '); $component = $query->execute(array($dn))->fetchOne(); @@ -344,8 +344,8 @@ class OC_LDAP { $table = self::getMapTable($isUsers); $query = OCP\DB::prepare(' - SELECT ldap_dn, owncloud_name - FROM '. $table + SELECT `ldap_dn`, `owncloud_name` + FROM `'. $table .'`' ); return $query->execute()->fetchAll(); @@ -391,18 +391,18 @@ class OC_LDAP { $sqlAdjustment = ''; $dbtype = OCP\Config::getSystemValue('dbtype'); if($dbtype == 'mysql') { - $sqlAdjustment = 'FROM dual'; + $sqlAdjustment = 'FROM `dual`'; } $insert = OCP\DB::prepare(' - INSERT INTO '.$table.' (ldap_dn, owncloud_name) + INSERT INTO `'.$table.'` (`ldap_dn`, `owncloud_name`) SELECT ?,? '.$sqlAdjustment.' WHERE NOT EXISTS ( SELECT 1 - FROM '.$table.' - WHERE ldap_dn = ? - OR owncloud_name = ? ) + FROM `'.$table.'` + WHERE `ldap_dn` = ? + OR `owncloud_name` = ? ) '); $res = $insert->execute(array($dn, $ocname, $dn, $ocname)); diff --git a/apps/user_openid/user_openid.php b/apps/user_openid/user_openid.php index 3267db3fa0..8fb694f75c 100644 --- a/apps/user_openid/user_openid.php +++ b/apps/user_openid/user_openid.php @@ -54,7 +54,7 @@ class OC_USER_OPENID extends OC_User_Backend { * find the user that can be authenticated with an openid identity */ public static function findUserForIdentity($identity){ - $query=OCP\DB::prepare('SELECT userid FROM *PREFIX*preferences WHERE appid=? AND configkey=? AND configvalue=?'); + $query=OCP\DB::prepare('SELECT `userid` FROM `*PREFIX*preferences` WHERE `appid`=? AND `configkey`=? AND `configvalue`=?'); $result=$query->execute(array('user_openid','identity',$identity))->fetchAll(); if(count($result)>0){ return $result[0]['userid']; diff --git a/lib/app.php b/lib/app.php index e57e1e58a2..f9292b331b 100644 --- a/lib/app.php +++ b/lib/app.php @@ -139,7 +139,7 @@ class OC_App{ */ public static function getEnabledApps(){ $apps=array('files'); - $query = OC_DB::prepare( 'SELECT appid FROM *PREFIX*appconfig WHERE configkey = \'enabled\' AND configvalue=\'yes\'' ); + $query = OC_DB::prepare( 'SELECT `appid` FROM `*PREFIX*appconfig` WHERE `configkey` = \'enabled\' AND `configvalue`=\'yes\'' ); $result=$query->execute(); while($row=$result->fetchRow()){ if(array_search($row['appid'],$apps)===false){ @@ -548,7 +548,7 @@ class OC_App{ */ public static function getAppVersions(){ $versions=array(); - $query = OC_DB::prepare( 'SELECT appid, configvalue FROM *PREFIX*appconfig WHERE configkey = \'installed_version\'' ); + $query = OC_DB::prepare( 'SELECT `appid`, `configvalue` FROM `*PREFIX*appconfig` WHERE `configkey` = \'installed_version\'' ); $result = $query->execute(); while($row = $result->fetchRow()){ $versions[$row['appid']]=$row['configvalue']; diff --git a/lib/appconfig.php b/lib/appconfig.php index 5aaaadd9c4..2e356225e7 100644 --- a/lib/appconfig.php +++ b/lib/appconfig.php @@ -47,7 +47,7 @@ class OC_Appconfig{ */ public static function getApps(){ // No magic in here! - $query = OC_DB::prepare( 'SELECT DISTINCT appid FROM *PREFIX*appconfig' ); + $query = OC_DB::prepare( 'SELECT DISTINCT `appid` FROM `*PREFIX*appconfig`' ); $result = $query->execute(); $apps = array(); @@ -68,7 +68,7 @@ class OC_Appconfig{ */ public static function getKeys( $app ){ // No magic in here as well - $query = OC_DB::prepare( 'SELECT configkey FROM *PREFIX*appconfig WHERE appid = ?' ); + $query = OC_DB::prepare( 'SELECT `configkey` FROM `*PREFIX*appconfig` WHERE `appid` = ?' ); $result = $query->execute( array( $app )); $keys = array(); @@ -91,7 +91,7 @@ class OC_Appconfig{ */ public static function getValue( $app, $key, $default = null ){ // At least some magic in here :-) - $query = OC_DB::prepare( 'SELECT configvalue FROM *PREFIX*appconfig WHERE appid = ? AND configkey = ?' ); + $query = OC_DB::prepare( 'SELECT `configvalue` FROM `*PREFIX*appconfig` WHERE `appid` = ? AND `configkey` = ?' ); $result = $query->execute( array( $app, $key )); $row = $result->fetchRow(); if($row){ @@ -124,11 +124,11 @@ class OC_Appconfig{ public static function setValue( $app, $key, $value ){ // Does the key exist? yes: update. No: insert if(! self::hasKey($app,$key)){ - $query = OC_DB::prepare( 'INSERT INTO *PREFIX*appconfig ( appid, configkey, configvalue ) VALUES( ?, ?, ? )' ); + $query = OC_DB::prepare( 'INSERT INTO `*PREFIX*appconfig` ( `appid`, `configkey`, `configvalue` ) VALUES( ?, ?, ? )' ); $query->execute( array( $app, $key, $value )); } else{ - $query = OC_DB::prepare( 'UPDATE *PREFIX*appconfig SET configvalue = ? WHERE appid = ? AND configkey = ?' ); + $query = OC_DB::prepare( 'UPDATE `*PREFIX*appconfig` SET `configvalue` = :configvalue WHERE `appid` = ? AND `configkey` = ?' ); $query->execute( array( $value, $app, $key )); } } @@ -143,7 +143,7 @@ class OC_Appconfig{ */ public static function deleteKey( $app, $key ){ // Boring! - $query = OC_DB::prepare( 'DELETE FROM *PREFIX*appconfig WHERE appid = ? AND configkey = ?' ); + $query = OC_DB::prepare( 'DELETE FROM `*PREFIX*appconfig` WHERE `appid` = ? AND `configkey` = ?' ); $query->execute( array( $app, $key )); return true; @@ -158,7 +158,7 @@ class OC_Appconfig{ */ public static function deleteApp( $app ){ // Nothing special - $query = OC_DB::prepare( 'DELETE FROM *PREFIX*appconfig WHERE appid = ?' ); + $query = OC_DB::prepare( 'DELETE FROM `*PREFIX*appconfig` WHERE `appid` = ?' ); $query->execute( array( $app )); return true; @@ -175,20 +175,20 @@ class OC_Appconfig{ return false; } $where='WHERE'; - $fields='configvalue'; + $fields='`configvalue`'; $params=array(); if($app!==false){ - $where.=' appid = ?'; - $fields.=', configkey'; + $where.=' `appid` = ?'; + $fields.=', `configkey`'; $params[]=$app; $key='configkey'; }else{ - $fields.=', appid'; - $where.=' configkey = ?'; + $fields.=', `appid`'; + $where.=' `configkey` = ?'; $params[]=$key; $key='appid'; } - $queryString='SELECT '.$fields.' FROM *PREFIX*appconfig '.$where; + $queryString='SELECT '.$fields.' FROM `*PREFIX*appconfig` '.$where; $query=OC_DB::prepare($queryString); $result=$query->execute($params); $values=array(); diff --git a/lib/connector/sabre/locks.php b/lib/connector/sabre/locks.php index 94382e68a1..b4878fabc7 100644 --- a/lib/connector/sabre/locks.php +++ b/lib/connector/sabre/locks.php @@ -41,7 +41,7 @@ class OC_Connector_Sabre_Locks extends Sabre_DAV_Locks_Backend_Abstract { // NOTE: the following 10 lines or so could be easily replaced by // pure sql. MySQL's non-standard string concatination prevents us // from doing this though. - $query = 'SELECT * FROM *PREFIX*locks WHERE userid = ? AND (created + timeout) > ? AND ((uri = ?)'; + $query = 'SELECT * FROM `*PREFIX*locks` WHERE `userid` = ? AND (`created` + `timeout`) > ? AND ((`uri` = ?)'; $params = array(OC_User::getUser(),time(),$uri); // We need to check locks for every part in the uri. @@ -57,14 +57,14 @@ class OC_Connector_Sabre_Locks extends Sabre_DAV_Locks_Backend_Abstract { if ($currentPath) $currentPath.='/'; $currentPath.=$part; - $query.=' OR (depth!=0 AND uri = ?)'; + $query.=' OR (`depth` != 0 AND `uri` = ?)'; $params[] = $currentPath; } if ($returnChildLocks) { - $query.=' OR (uri LIKE ?)'; + $query.=' OR (`uri` LIKE ?)'; $params[] = $uri . '/%'; } @@ -113,10 +113,10 @@ class OC_Connector_Sabre_Locks extends Sabre_DAV_Locks_Backend_Abstract { } if ($exists) { - $query = OC_DB::prepare( 'UPDATE *PREFIX*locks SET owner = ?, timeout = ?, scope = ?, depth = ?, uri = ?, created = ? WHERE userid = ? AND token = ?' ); + $query = OC_DB::prepare( 'UPDATE `*PREFIX*locks` SET `owner` = ?, `timeout` = ?, `scope` = ?, `depth` = ?, `uri` = ?, `created` = ? WHERE `userid` = ? AND `token` = ?' ); $result = $query->execute( array($lockInfo->owner,$lockInfo->timeout,$lockInfo->scope,$lockInfo->depth,$uri,$lockInfo->created,OC_User::getUser(),$lockInfo->token)); } else { - $query = OC_DB::prepare( 'INSERT INTO *PREFIX*locks (userid,owner,timeout,scope,depth,uri,created,token) VALUES (?,?,?,?,?,?,?,?)' ); + $query = OC_DB::prepare( 'INSERT INTO `*PREFIX*locks` (`userid`,`owner`,`timeout`,`scope`,`depth`,`uri`,`created`,`token`) VALUES (?,?,?,?,?,?,?,?)' ); $result = $query->execute( array(OC_User::getUser(),$lockInfo->owner,$lockInfo->timeout,$lockInfo->scope,$lockInfo->depth,$uri,$lockInfo->created,$lockInfo->token)); } @@ -133,7 +133,7 @@ class OC_Connector_Sabre_Locks extends Sabre_DAV_Locks_Backend_Abstract { */ public function unlock($uri,Sabre_DAV_Locks_LockInfo $lockInfo) { - $query = OC_DB::prepare( 'DELETE FROM *PREFIX*locks WHERE userid = ? AND uri=? AND token=?' ); + $query = OC_DB::prepare( 'DELETE FROM `*PREFIX*locks` WHERE `userid` = ? AND `uri` = ? AND `token` = ?' ); $result = $query->execute( array(OC_User::getUser(),$uri,$lockInfo->token)); return $result->numRows() === 1; diff --git a/lib/connector/sabre/node.php b/lib/connector/sabre/node.php index 85d2160feb..ce5cc02208 100644 --- a/lib/connector/sabre/node.php +++ b/lib/connector/sabre/node.php @@ -77,7 +77,7 @@ abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IPr $this->path = $newPath; - $query = OC_DB::prepare( 'UPDATE *PREFIX*properties SET propertypath = ? WHERE userid = ? AND propertypath = ?' ); + $query = OC_DB::prepare( 'UPDATE `*PREFIX*properties` SET `propertypath` = ? WHERE `userid` = ? AND `propertypath` = ?' ); $query->execute( array( $newPath,OC_User::getUser(), $oldPath )); } @@ -125,7 +125,7 @@ abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IPr // If it was null, we need to delete the property if (is_null($propertyValue)) { if(array_key_exists( $propertyName, $existing )){ - $query = OC_DB::prepare( 'DELETE FROM *PREFIX*properties WHERE userid = ? AND propertypath = ? AND propertyname = ?' ); + $query = OC_DB::prepare( 'DELETE FROM `*PREFIX*properties` WHERE `userid` = ? AND `propertypath` = ? AND `propertyname` = ?' ); $query->execute( array( OC_User::getUser(), $this->path, $propertyName )); } } @@ -134,10 +134,10 @@ abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IPr $this->touch($propertyValue); } else { if(!array_key_exists( $propertyName, $existing )){ - $query = OC_DB::prepare( 'INSERT INTO *PREFIX*properties (userid,propertypath,propertyname,propertyvalue) VALUES(?,?,?,?)' ); + $query = OC_DB::prepare( 'INSERT INTO `*PREFIX*properties` (`userid`,`propertypath`,`propertyname`,`propertyvalue`) VALUES(?,?,?,?)' ); $query->execute( array( OC_User::getUser(), $this->path, $propertyName,$propertyValue )); } else { - $query = OC_DB::prepare( 'UPDATE *PREFIX*properties SET propertyvalue = ? WHERE userid = ? AND propertypath = ? AND propertyname = ?' ); + $query = OC_DB::prepare( 'UPDATE `*PREFIX*properties` SET `propertyvalue` = ? WHERE `userid` = ? AND `propertypath` = ? AND `propertyname` = ?' ); $query->execute( array( $propertyValue,OC_User::getUser(), $this->path, $propertyName )); } } @@ -158,7 +158,7 @@ abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IPr */ function getProperties($properties) { // At least some magic in here :-) - $query = OC_DB::prepare( 'SELECT * FROM *PREFIX*properties WHERE userid = ? AND propertypath = ?' ); + $query = OC_DB::prepare( 'SELECT * FROM `*PREFIX*properties` WHERE `userid` = ? AND `propertypath` = ?' ); $result = $query->execute( array( OC_User::getUser(), $this->path )); $existing = array(); diff --git a/lib/filecache.php b/lib/filecache.php index 8d0f3c84f9..e475581f14 100644 --- a/lib/filecache.php +++ b/lib/filecache.php @@ -59,7 +59,7 @@ class OC_FileCache{ $root=''; } $path=$root.$path; - $query=OC_DB::prepare('SELECT ctime,mtime,mimetype,size,encrypted,versioned,writable FROM *PREFIX*fscache WHERE path_hash=?'); + $query=OC_DB::prepare('SELECT `ctime`,`mtime`,`mimetype`,`size`,`encrypted`,`versioned`,`writable` FROM `*PREFIX*fscache` WHERE `path_hash`=?'); $result=$query->execute(array(md5($path)))->fetchRow(); if(is_array($result)){ return $result; @@ -112,7 +112,7 @@ class OC_FileCache{ $data['encrypted']=(int)$data['encrypted']; $data['versioned']=(int)$data['versioned']; $user=OC_User::getUser(); - $query=OC_DB::prepare('INSERT INTO *PREFIX*fscache(parent, name, path, path_hash, size, mtime, ctime, mimetype, mimepart,`user`,writable,encrypted,versioned) VALUES(?,?,?,?,?,?,?,?,?,?,?,?,?)'); + $query=OC_DB::prepare('INSERT INTO `*PREFIX*fscache`(`parent`, `name`, `path`, `path_hash`, `size`, `mtime`, `ctime`, `mimetype`, `mimepart`,`user`,`writable`,`encrypted`,`versioned`) VALUES(?,?,?,?,?,?,?,?,?,?,?,?,?)'); $result=$query->execute(array($parent,basename($path),$path,md5($path),$data['size'],$data['mtime'],$data['ctime'],$data['mimetype'],$mimePart,$user,$data['writable'],$data['encrypted'],$data['versioned'])); if(OC_DB::isError($result)){ OC_Log::write('files','error while writing file('.$path.') to cache',OC_Log::ERROR); @@ -135,7 +135,7 @@ class OC_FileCache{ }else{ $arguments[] = $data[$attribute]; } - $queryParts[]=$attribute.'=?'; + $queryParts[]='`'.$attribute.'`=?'; } } if(isset($data['mimetype'])){ @@ -144,7 +144,7 @@ class OC_FileCache{ } $arguments[]=$id; - $sql = 'UPDATE *PREFIX*fscache SET '.implode(' , ',$queryParts).' WHERE id=?'; + $sql = 'UPDATE `*PREFIX*fscache` SET '.implode(' , ',$queryParts).' WHERE `id`=?'; $query=OC_DB::prepare($sql); $result=$query->execute($arguments); if(OC_DB::isError($result)){ @@ -168,12 +168,12 @@ class OC_FileCache{ $oldPath=$root.$oldPath; $newPath=$root.$newPath; $newParent=self::getParentId($newPath); - $query=OC_DB::prepare('UPDATE *PREFIX*fscache SET parent=? ,name=?, path=?, path_hash=? WHERE path_hash=?'); + $query=OC_DB::prepare('UPDATE `*PREFIX*fscache` SET `parent`=? ,`name`=?, `path`=?, `path_hash`=? WHERE `path_hash`=?'); $query->execute(array($newParent,basename($newPath),$newPath,md5($newPath),md5($oldPath))); - $query=OC_DB::prepare('SELECT path FROM *PREFIX*fscache WHERE path LIKE ?'); + $query=OC_DB::prepare('SELECT `path` FROM `*PREFIX*fscache` WHERE `path` LIKE ?'); $oldLength=strlen($oldPath); - $updateQuery=OC_DB::prepare('UPDATE *PREFIX*fscache SET path=?, path_hash=? WHERE path_hash=?'); + $updateQuery=OC_DB::prepare('UPDATE `*PREFIX*fscache` SET `path`=?, `path_hash`=? WHERE `path_hash`=?'); while($row= $query->execute(array($oldPath.'/%'))->fetchRow()){ $old=$row['path']; $new=$newPath.substr($old,$oldLength); @@ -197,12 +197,12 @@ class OC_FileCache{ $path=$root.$file; self::delete(self::getFileId($path)); }elseif($file!=-1){ - $query=OC_DB::prepare('SELECT id FROM *PREFIX*fscache WHERE parent=?'); + $query=OC_DB::prepare('SELECT `id` FROM `*PREFIX*fscache` WHERE `parent`=?'); $result=$query->execute(array($file)); while($child=$result->fetchRow()){ self::delete(intval($child['id'])); } - $query=OC_DB::prepare('DELETE FROM *PREFIX*fscache WHERE id=?'); + $query=OC_DB::prepare('DELETE FROM `*PREFIX*fscache` WHERE `id`=?'); $query->execute(array($file)); } } @@ -223,9 +223,9 @@ class OC_FileCache{ } $rootLen=strlen($root); if(!$returnData){ - $query=OC_DB::prepare('SELECT path FROM *PREFIX*fscache WHERE name LIKE ? AND `user`=?'); + $query=OC_DB::prepare('SELECT `path` FROM `*PREFIX*fscache` WHERE `name` LIKE ? AND `user`=?'); }else{ - $query=OC_DB::prepare('SELECT * FROM *PREFIX*fscache WHERE name LIKE ? AND `user`=?'); + $query=OC_DB::prepare('SELECT * FROM `*PREFIX*fscache` WHERE `name` LIKE ? AND `user`=?'); } $result=$query->execute(array("%$search%",OC_User::getUser())); $names=array(); @@ -270,7 +270,7 @@ class OC_FileCache{ if($parent==-1){ return array(); } - $query=OC_DB::prepare('SELECT name,ctime,mtime,mimetype,size,encrypted,versioned,writable FROM *PREFIX*fscache WHERE parent=? AND (mimetype LIKE ? OR mimetype = ?)'); + $query=OC_DB::prepare('SELECT `name`,`ctime`,`mtime`,`mimetype`,`size`,`encrypted`,`versioned`,`writable` FROM `*PREFIX*fscache` WHERE `parent`=? AND (`mimetype` LIKE ? OR `mimetype` = ?)'); $result=$query->execute(array($parent, $mimetype_filter.'%', 'httpd/unix-directory'))->fetchAll(); if(is_array($result)){ return $result; @@ -304,7 +304,7 @@ class OC_FileCache{ * @return int */ private static function getFileId($path){ - $query=OC_DB::prepare('SELECT id FROM *PREFIX*fscache WHERE path_hash=?'); + $query=OC_DB::prepare('SELECT `id` FROM `*PREFIX*fscache` WHERE `path_hash`=?'); if(OC_DB::isError($query)){ OC_Log::write('files','error while getting file id of '.$path,OC_Log::ERROR); return -1; @@ -350,7 +350,7 @@ class OC_FileCache{ if(!$user){ $user=OC_User::getUser(); } - $query=OC_DB::prepare('SELECT path FROM *PREFIX*fscache WHERE id=? AND `user`=?'); + $query=OC_DB::prepare('SELECT `path` FROM `*PREFIX*fscache` WHERE `id`=? AND `user`=?'); $result=$query->execute(array($id,$user)); $row=$result->fetchRow(); $path=$row['path']; @@ -396,7 +396,7 @@ class OC_FileCache{ if($dir){ if(self::inCache($path,$root) && $path != '/Shared'){ $parent=self::getFileId($fullPath); - $query=OC_DB::prepare('SELECT size FROM *PREFIX*fscache WHERE parent=?'); + $query=OC_DB::prepare('SELECT `size` FROM `*PREFIX*fscache` WHERE `parent`=?'); $result=$query->execute(array($parent)); while($row=$result->fetchRow()){ $size+=$row['size']; @@ -424,7 +424,7 @@ class OC_FileCache{ } } $path=$root.$path; - $query=OC_DB::prepare('SELECT ctime,mtime,mimetype,size,encrypted,versioned,writable FROM *PREFIX*fscache WHERE path_hash=?'); + $query=OC_DB::prepare('SELECT `ctime`,`mtime`,`mimetype`,`size`,`encrypted`,`versioned`,`writable` FROM `*PREFIX*fscache` WHERE `path_hash`=?'); $result=$query->execute(array(md5($path)))->fetchRow(); if(is_array($result)){ if(isset(self::$savedData[$path])){ @@ -450,7 +450,7 @@ class OC_FileCache{ } } $path=$root.$path; - $query=OC_DB::prepare('SELECT size FROM *PREFIX*fscache WHERE path_hash=?'); + $query=OC_DB::prepare('SELECT `size` FROM `*PREFIX*fscache` WHERE `path_hash`=?'); $result=$query->execute(array(md5($path))); if($row=$result->fetchRow()){ return $row['size']; @@ -516,7 +516,7 @@ class OC_FileCache{ private static function increaseSize($path,$sizeDiff){ if($sizeDiff==0) return; while(($id=self::getFileId($path))!=-1){//walk up the filetree increasing the size of all parent folders - $query=OC_DB::prepare('UPDATE *PREFIX*fscache SET size=size+? WHERE id=?'); + $query=OC_DB::prepare('UPDATE `*PREFIX*fscache` SET `size`=`size`+? WHERE `id`=?'); $query->execute(array($sizeDiff,$id)); $path=dirname($path); } @@ -616,10 +616,10 @@ class OC_FileCache{ $root .= '%'; $user=OC_User::getUser(); if(!$part2){ - $query=OC_DB::prepare('SELECT path FROM *PREFIX*fscache WHERE mimepart=? AND `user`=? AND path LIKE ?'); + $query=OC_DB::prepare('SELECT `path` FROM `*PREFIX*fscache` WHERE `mimepart`=? AND `user`=? AND `path` LIKE ?'); $result=$query->execute(array($part1,$user, $root)); }else{ - $query=OC_DB::prepare('SELECT path FROM *PREFIX*fscache WHERE mimetype=? AND `user`=? AND path LIKE ? '); + $query=OC_DB::prepare('SELECT `path` FROM `*PREFIX*fscache` WHERE `mimetype`=? AND `user`=? AND `path` LIKE ? '); $result=$query->execute(array($part1.'/'.$part2,$user, $root)); } $names=array(); @@ -652,7 +652,7 @@ class OC_FileCache{ $mtime=$view->filemtime($path.(($folder)?'/':'')); $isDir=$view->is_dir($path); $fullPath=$root.$path; - $query=OC_DB::prepare('SELECT mtime FROM *PREFIX*fscache WHERE path_hash=?'); + $query=OC_DB::prepare('SELECT `mtime` FROM `*PREFIX*fscache` WHERE `path_hash`=?'); $result=$query->execute(array(md5($fullPath))); if($row=$result->fetchRow()){ $cachedMTime=$row['mtime']; @@ -713,7 +713,7 @@ class OC_FileCache{ } //check for removed files, not using getFolderContent to prevent loops $parent=self::getFileId($view->getRoot().$path); - $query=OC_DB::prepare('SELECT name FROM *PREFIX*fscache WHERE parent=?'); + $query=OC_DB::prepare('SELECT `name` FROM `*PREFIX*fscache` WHERE `parent`=?'); $result=$query->execute(array($parent)); while($row=$result->fetchRow()){ $file=$path.'/'.$row['name']; @@ -731,7 +731,7 @@ class OC_FileCache{ * clean old pre-path_hash entries */ public static function clean(){ - $query=OC_DB::prepare('DELETE FROM *PREFIX*fscache WHERE LENGTH(path_hash)<30'); + $query=OC_DB::prepare('DELETE FROM `*PREFIX*fscache` WHERE LENGTH(`path_hash`)<30'); $query->execute(); } } diff --git a/lib/group/database.php b/lib/group/database.php index d401acf43b..5e52432c49 100644 --- a/lib/group/database.php +++ b/lib/group/database.php @@ -53,7 +53,7 @@ class OC_Group_Database extends OC_Group_Backend { */ public static function createGroup( $gid ){ // Check for existence - $query = OC_DB::prepare( "SELECT gid FROM `*PREFIX*groups` WHERE gid = ?" ); + $query = OC_DB::prepare( 'SELECT `gid` FROM `*PREFIX*groups` WHERE `gid` = ?' ); $result = $query->execute( array( $gid )); if( $result->fetchRow() ){ @@ -62,7 +62,7 @@ class OC_Group_Database extends OC_Group_Backend { } else{ // Add group and exit - $query = OC_DB::prepare( "INSERT INTO `*PREFIX*groups` ( `gid` ) VALUES( ? )" ); + $query = OC_DB::prepare( 'INSERT INTO `*PREFIX*groups` ( `gid` ) VALUES( ? )' ); $result = $query->execute( array( $gid )); return $result ? true : false; @@ -78,11 +78,11 @@ class OC_Group_Database extends OC_Group_Backend { */ public static function deleteGroup( $gid ){ // Delete the group - $query = OC_DB::prepare( "DELETE FROM `*PREFIX*groups` WHERE gid = ?" ); + $query = OC_DB::prepare( 'DELETE FROM `*PREFIX*groups` WHERE `gid` = ?' ); $result = $query->execute( array( $gid )); // Delete the group-user relation - $query = OC_DB::prepare( "DELETE FROM `*PREFIX*group_user` WHERE gid = ?" ); + $query = OC_DB::prepare( 'DELETE FROM `*PREFIX*group_user` WHERE `gid` = ?' ); $result = $query->execute( array( $gid )); return true; @@ -98,7 +98,7 @@ class OC_Group_Database extends OC_Group_Backend { */ public static function inGroup( $uid, $gid ){ // check - $query = OC_DB::prepare( "SELECT uid FROM `*PREFIX*group_user` WHERE gid = ? AND uid = ?" ); + $query = OC_DB::prepare( 'SELECT `uid` FROM `*PREFIX*group_user` WHERE `gid` = ? AND `uid` = ?' ); $result = $query->execute( array( $gid, $uid )); return $result->fetchRow() ? true : false; @@ -115,7 +115,7 @@ class OC_Group_Database extends OC_Group_Backend { public static function addToGroup( $uid, $gid ){ // No duplicate entries! if( !self::inGroup( $uid, $gid )){ - $query = OC_DB::prepare( "INSERT INTO `*PREFIX*group_user` ( `uid`, `gid` ) VALUES( ?, ? )" ); + $query = OC_DB::prepare( 'INSERT INTO `*PREFIX*group_user` ( `uid`, `gid` ) VALUES( ?, ? )' ); $result = $query->execute( array( $uid, $gid )); return true; }else{ @@ -132,7 +132,7 @@ class OC_Group_Database extends OC_Group_Backend { * removes the user from a group. */ public static function removeFromGroup( $uid, $gid ){ - $query = OC_DB::prepare( "DELETE FROM *PREFIX*group_user WHERE uid = ? AND gid = ?" ); + $query = OC_DB::prepare( 'DELETE FROM `*PREFIX*group_user` WHERE `uid` = ? AND `gid` = ?' ); $result = $query->execute( array( $uid, $gid )); return true; @@ -148,7 +148,7 @@ class OC_Group_Database extends OC_Group_Backend { */ public static function getUserGroups( $uid ){ // No magic! - $query = OC_DB::prepare( "SELECT gid FROM `*PREFIX*group_user` WHERE uid = ?" ); + $query = OC_DB::prepare( 'SELECT `gid` FROM `*PREFIX*group_user` WHERE `uid` = ?' ); $result = $query->execute( array( $uid )); $groups = array(); @@ -166,7 +166,7 @@ class OC_Group_Database extends OC_Group_Backend { * Returns a list with all groups */ public static function getGroups(){ - $query = OC_DB::prepare( "SELECT gid FROM `*PREFIX*groups`" ); + $query = OC_DB::prepare( 'SELECT `gid` FROM `*PREFIX*groups`' ); $result = $query->execute(); $groups = array(); @@ -182,7 +182,7 @@ class OC_Group_Database extends OC_Group_Backend { * @returns array with user ids */ public static function usersInGroup($gid){ - $query=OC_DB::prepare('SELECT uid FROM *PREFIX*group_user WHERE gid=?'); + $query=OC_DB::prepare('SELECT `uid` FROM `*PREFIX*group_user` WHERE `gid`=?'); $users=array(); $result=$query->execute(array($gid)); while($row=$result->fetchRow()){ diff --git a/lib/migrate.php b/lib/migrate.php index 5939ba32e5..5e1922e10e 100644 --- a/lib/migrate.php +++ b/lib/migrate.php @@ -447,7 +447,7 @@ class OC_Migrate{ ); // Add hash if user export if( self::$exporttype == 'user' ){ - $query = OC_DB::prepare( "SELECT password FROM *PREFIX*users WHERE uid = ?" ); + $query = OC_DB::prepare( "SELECT `password` FROM `*PREFIX*users` WHERE `uid` = ?" ); $result = $query->execute( array( self::$uid ) ); $row = $result->fetchRow(); $hash = $row ? $row['password'] : false; diff --git a/lib/migration/content.php b/lib/migration/content.php index 7ef88f36e4..5c89e6bacd 100644 --- a/lib/migration/content.php +++ b/lib/migration/content.php @@ -109,7 +109,7 @@ class OC_Migration_Content{ foreach( $options['matchval'] as $matchval ){ // Run the query for this match value (where x = y value) - $sql = "SELECT * FROM *PREFIX*" . $options['table'] . " WHERE " . $options['matchcol'] . " LIKE ?"; + $sql = 'SELECT * FROM `*PREFIX*' . $options['table'] . '` WHERE `' . $options['matchcol'] . '` LIKE ?'; $query = OC_DB::prepare( $sql ); $results = $query->execute( array( $matchval ) ); $newreturns = $this->insertData( $results, $options ); @@ -118,7 +118,7 @@ class OC_Migration_Content{ } else { // Just get everything - $sql = "SELECT * FROM *PREFIX*" . $options['table']; + $sql = 'SELECT * FROM `*PREFIX*' . $options['table'] . '`'; $query = OC_DB::prepare( $sql ); $results = $query->execute(); $return = $this->insertData( $results, $options ); diff --git a/lib/preferences.php b/lib/preferences.php index 75201f455b..18627d7d2e 100644 --- a/lib/preferences.php +++ b/lib/preferences.php @@ -47,7 +47,7 @@ class OC_Preferences{ */ public static function getUsers(){ // No need for more comments - $query = OC_DB::prepare( 'SELECT DISTINCT( userid ) FROM *PREFIX*preferences' ); + $query = OC_DB::prepare( 'SELECT DISTINCT( `userid` ) FROM `*PREFIX*preferences`' ); $result = $query->execute(); $users = array(); @@ -68,7 +68,7 @@ class OC_Preferences{ */ public static function getApps( $user ){ // No need for more comments - $query = OC_DB::prepare( 'SELECT DISTINCT( appid ) FROM *PREFIX*preferences WHERE userid = ?' ); + $query = OC_DB::prepare( 'SELECT DISTINCT( `appid` ) FROM `*PREFIX*preferences` WHERE `userid` = ?' ); $result = $query->execute( array( $user )); $apps = array(); @@ -90,7 +90,7 @@ class OC_Preferences{ */ public static function getKeys( $user, $app ){ // No need for more comments - $query = OC_DB::prepare( 'SELECT configkey FROM *PREFIX*preferences WHERE userid = ? AND appid = ?' ); + $query = OC_DB::prepare( 'SELECT `configkey` FROM `*PREFIX*preferences` WHERE `userid` = ? AND `appid` = ?' ); $result = $query->execute( array( $user, $app )); $keys = array(); @@ -114,7 +114,7 @@ class OC_Preferences{ */ public static function getValue( $user, $app, $key, $default = null ){ // Try to fetch the value, return default if not exists. - $query = OC_DB::prepare( 'SELECT configvalue FROM *PREFIX*preferences WHERE userid = ? AND appid = ? AND configkey = ?' ); + $query = OC_DB::prepare( 'SELECT `configvalue` FROM `*PREFIX*preferences` WHERE `userid` = ? AND `appid` = ? AND `configkey` = ?' ); $result = $query->execute( array( $user, $app, $key )); $row = $result->fetchRow(); @@ -138,16 +138,16 @@ class OC_Preferences{ */ public static function setValue( $user, $app, $key, $value ){ // Check if the key does exist - $query = OC_DB::prepare( 'SELECT configvalue FROM *PREFIX*preferences WHERE userid = ? AND appid = ? AND configkey = ?' ); + $query = OC_DB::prepare( 'SELECT `configvalue` FROM `*PREFIX*preferences` WHERE `userid` = ? AND `appid` = ? AND `configkey` = ?' ); $values=$query->execute(array($user,$app,$key))->fetchAll(); $exists=(count($values)>0); if( !$exists ){ - $query = OC_DB::prepare( 'INSERT INTO *PREFIX*preferences ( userid, appid, configkey, configvalue ) VALUES( ?, ?, ?, ? )' ); + $query = OC_DB::prepare( 'INSERT INTO `*PREFIX*preferences` ( `userid`, `appid`, `configkey`, `configvalue` ) VALUES( ?, ?, ?, ? )' ); $query->execute( array( $user, $app, $key, $value )); } else{ - $query = OC_DB::prepare( 'UPDATE *PREFIX*preferences SET configvalue = ? WHERE userid = ? AND appid = ? AND configkey = ?' ); + $query = OC_DB::prepare( 'UPDATE `*PREFIX*preferences` SET `configvalue` = ? WHERE `userid` = ? AND `appid` = ? AND `configkey` = ?' ); $query->execute( array( $value, $user, $app, $key )); } } @@ -163,7 +163,7 @@ class OC_Preferences{ */ public static function deleteKey( $user, $app, $key ){ // No need for more comments - $query = OC_DB::prepare( 'DELETE FROM *PREFIX*preferences WHERE userid = ? AND appid = ? AND configkey = ?' ); + $query = OC_DB::prepare( 'DELETE FROM `*PREFIX*preferences` WHERE `userid` = ? AND `appid` = ? AND `configkey` = ?' ); $result = $query->execute( array( $user, $app, $key )); return true; @@ -179,7 +179,7 @@ class OC_Preferences{ */ public static function deleteApp( $user, $app ){ // No need for more comments - $query = OC_DB::prepare( 'DELETE FROM *PREFIX*preferences WHERE userid = ? AND appid = ?' ); + $query = OC_DB::prepare( 'DELETE FROM `*PREFIX*preferences` WHERE `userid` = ? AND `appid` = ?' ); $result = $query->execute( array( $user, $app )); return true; @@ -194,7 +194,7 @@ class OC_Preferences{ */ public static function deleteUser( $user ){ // No need for more comments - $query = OC_DB::prepare( 'DELETE FROM *PREFIX*preferences WHERE userid = ?' ); + $query = OC_DB::prepare( 'DELETE FROM `*PREFIX*preferences` WHERE `userid` = ?' ); $result = $query->execute( array( $user )); return true; @@ -209,7 +209,7 @@ class OC_Preferences{ */ public static function deleteAppFromAllUsers( $app ){ // No need for more comments - $query = OC_DB::prepare( 'DELETE FROM *PREFIX*preferences WHERE appid = ?' ); + $query = OC_DB::prepare( 'DELETE FROM `*PREFIX*preferences` WHERE `appid` = ?' ); $result = $query->execute( array( $app )); return true; diff --git a/lib/user/database.php b/lib/user/database.php index a69fe49a0b..5464a4abfa 100644 --- a/lib/user/database.php +++ b/lib/user/database.php @@ -86,7 +86,7 @@ class OC_User_Database extends OC_User_Backend { */ public function deleteUser( $uid ){ // Delete user-group-relation - $query = OC_DB::prepare( "DELETE FROM `*PREFIX*users` WHERE uid = ?" ); + $query = OC_DB::prepare( "DELETE FROM `*PREFIX*users` WHERE `uid` = ?" ); $result = $query->execute( array( $uid )); return true; } @@ -103,7 +103,7 @@ class OC_User_Database extends OC_User_Backend { if( $this->userExists($uid) ){ $hasher=$this->getHasher(); $hash = $hasher->HashPassword($password.OC_Config::getValue('passwordsalt', '')); - $query = OC_DB::prepare( "UPDATE *PREFIX*users SET password = ? WHERE uid = ?" ); + $query = OC_DB::prepare( "UPDATE `*PREFIX*users` SET `password` = ? WHERE `uid` = ?" ); $result = $query->execute( array( $hash, $uid )); return true; @@ -123,7 +123,7 @@ class OC_User_Database extends OC_User_Backend { * returns the user id or false */ public function checkPassword( $uid, $password ){ - $query = OC_DB::prepare( "SELECT uid, password FROM *PREFIX*users WHERE uid = ?" ); + $query = OC_DB::prepare( "SELECT `uid`, `password` FROM `*PREFIX*users` WHERE `uid` = ?" ); $result = $query->execute( array( $uid)); $row=$result->fetchRow(); @@ -157,7 +157,7 @@ class OC_User_Database extends OC_User_Backend { * Get a list of all users. */ public function getUsers(){ - $query = OC_DB::prepare( "SELECT uid FROM *PREFIX*users" ); + $query = OC_DB::prepare( "SELECT `uid` FROM `*PREFIX*users`" ); $result = $query->execute(); $users=array(); @@ -173,7 +173,7 @@ class OC_User_Database extends OC_User_Backend { * @return boolean */ public function userExists($uid){ - $query = OC_DB::prepare( "SELECT * FROM `*PREFIX*users` WHERE uid = ?" ); + $query = OC_DB::prepare( "SELECT * FROM `*PREFIX*users` WHERE `uid` = ?" ); $result = $query->execute( array( $uid )); return $result->numRows() > 0; diff --git a/lib/vcategories.php b/lib/vcategories.php index ee7a1d2883..724965d0e9 100644 --- a/lib/vcategories.php +++ b/lib/vcategories.php @@ -118,7 +118,7 @@ class OC_VCategories { * To get the object array, do something like: * // For Addressbook: * $categories = new OC_VCategories('contacts'); - * $stmt = OC_DB::prepare( 'SELECT carddata FROM *PREFIX*contacts_cards' ); + * $stmt = OC_DB::prepare( 'SELECT `carddata` FROM `*PREFIX*contacts_cards`' ); * $result = $stmt->execute(); * $objects = array(); * if(!is_null($result)) {