[Fusionforge-commits] r7646 - trunk/gforge/common/tracker

Roland Mas lolando at libremir.placard.fr.eu.org
Thu May 14 18:58:02 CEST 2009


Author: lolando
Date: 2009-05-14 18:58:01 +0200 (Thu, 14 May 2009)
New Revision: 7646

Modified:
   trunk/gforge/common/tracker/Artifact.class.php
   trunk/gforge/common/tracker/ArtifactExtraFieldElement.class.php
   trunk/gforge/common/tracker/ArtifactFactory.class.php
Log:
db_query_params transition: common/tracker is now finished.


Modified: trunk/gforge/common/tracker/Artifact.class.php
===================================================================
--- trunk/gforge/common/tracker/Artifact.class.php	2009-05-14 16:57:49 UTC (rev 7645)
+++ trunk/gforge/common/tracker/Artifact.class.php	2009-05-14 16:58:01 UTC (rev 7646)
@@ -866,42 +866,35 @@
 			$extra_fields=array();
 		}
 		
-		
-
-		$sqlu='';
-
 		//
-		//	handle audit trail & build SQL statement
+		//	handle audit trail
 		//
+		$close_date = $this->getCloseDate();
 		if ($this->getStatusID() != $status_id) {
 			$this->addHistory('status_id',$this->getStatusID());
-			$sqlu .= " status_id='$status_id', ";
 			$changes['status'] = 1;
 			$update = true;
 
 			// Reset the close_date if bug is re-opened 
 			// (otherwise stat reports will be wrong).
 			if ($status_id == 1) {
-				$sqlu .= " close_date='0', ";
+				$close_date = 0 ;
 				$this->addHistory('close_date',0);
-			}
+			}			
 		}
 		if ($this->getPriority() != $priority) {
 			$this->addHistory('priority',$this->getPriority());
-			$sqlu .= " priority='$priority', ";
 			$changes['priority'] = 1;
 			$update = true;
 		}
 
 		if ($this->getAssignedTo() != $assigned_to) {
 			$this->addHistory('assigned_to',$this->getAssignedTo());
-			$sqlu .= " assigned_to='$assigned_to', ";
 			$changes['assigned_to'] = 1;
 			$update = true;
 		}
 		if ($summary && (addslashes($this->getSummary()) != htmlspecialchars($summary))) {
 			$this->addHistory('summary', addslashes($this->getSummary()));
-			$sqlu .= " summary='". htmlspecialchars($summary) ."', ";
 			$changes['summary'] = 1;
 			$update = true;
 		}
@@ -916,8 +909,8 @@
 		//	Enter the timestamp if we are changing to closed
 		//
 		if ($status_id != 1) {
-			$now=time();
-			$sqlu .= " close_date='$now', ";
+			$now = time();
+			$close_date = $now ;
 			$this->addHistory('close_date',$now);
 			$update = true;
 		}
@@ -926,14 +919,24 @@
 			Finally, update the artifact itself
 		*/
 		if ($update){
-			$sql = "UPDATE artifact 
+			$result = db_query_params ('UPDATE artifact 
 				SET 
-				$sqlu
-				group_artifact_id='$new_artifact_type_id'
+				status_id=$1,
+				priority=$2,
+				assigned_to=$3,
+				summary=$4,
+				close_date=$5,
+				group_artifact_id=$6,
 				WHERE 
-				artifact_id='". $this->getID() ."'
-				AND group_artifact_id='$artifact_type_id'";
-			$result=db_query($sql);
+				artifact_id=$7 AND group_artifact_id=$8',
+						   array ($status_id,
+							  $priority,
+							  $assigned_to,
+							  htmlspecialchars ($summary),
+							  $close_date,
+							  $new_artifact_type_id,
+							  $this->getID(),
+							  $artifact_type_id)) ;
 
 			if (!$result || db_affected_rows($result) < 1) {
 				$this->setError('Error - update failed!'.db_error());

Modified: trunk/gforge/common/tracker/ArtifactExtraFieldElement.class.php
===================================================================
--- trunk/gforge/common/tracker/ArtifactExtraFieldElement.class.php	2009-05-14 16:57:49 UTC (rev 7645)
+++ trunk/gforge/common/tracker/ArtifactExtraFieldElement.class.php	2009-05-14 16:58:01 UTC (rev 7646)
@@ -221,8 +221,9 @@
 			$this->setMissingParamsError();
 			return false;
 		}
-		$sql = "SELECT element_name FROM artifact_extra_field_elements WHERE element_name='$name' AND extra_field_id=".$this->ArtifactExtraField->getID();
-		$res = db_query($sql);
+		$res = db_query_params ('SELECT element_name FROM artifact_extra_field_elements WHERE element_name=$1 AND extra_field_id=$2',
+					array ($name,
+					       $this->ArtifactExtraField->getID())) ;
 		if (db_numrows($res) > 0) {
 			$this->setError(_('Element name already exists'));
 			return false;

Modified: trunk/gforge/common/tracker/ArtifactFactory.class.php
===================================================================
--- trunk/gforge/common/tracker/ArtifactFactory.class.php	2009-05-14 16:57:49 UTC (rev 7645)
+++ trunk/gforge/common/tracker/ArtifactFactory.class.php	2009-05-14 16:58:01 UTC (rev 7646)
@@ -161,19 +161,16 @@
 		//  validate the column names and sort order passed in from user
 		//  before saving it to prefs
 		//
-		if ($order_col=='artifact_id' || $order_col=='summary' || $order_col=='open_date' ||
-			$order_col=='close_date' || $order_col=='assigned_to' || $order_col=='submitted_by' || $order_col=='priority') {
-			$_order_col=$order_col;
-			if (($sort == 'ASC') || ($sort == 'DESC')) {
-				$_sort_ord=$sort;
-			} else {
-				$_sort_ord='ASC';
-			}
-		} else {
-			$_order_col='artifact_id';
-			$_sort_ord='ASC';
-		}
-
+		$_order_col = util_ensure_value_in_set ($order_col,
+							array ('artifact_id',
+							       'summary',
+							       'open_date',
+							       'close_date',
+							       'assigned_to',
+							       'submitted_by',
+							       'priority'));
+		$_sort_ord = util_ensure_value_in_set ($sort,
+						       array ('ASC', 'DESC')) ;
 		if ($set=='custom') {
 			if (session_loggedin()) {
 				/*
@@ -263,51 +260,52 @@
 			return $this->artifacts;
 		}
 
-		//if status selected, and more to where clause
-		if ($this->status && ($this->status != 100)) {
-			//for open tasks, add status=100 to make sure we show all
-			$status_str="AND status_id='".$this->status."'";
-		} else {
-			//no status was chosen, so don't add it to where clause
-			$status_str='';
-		}
+		$params = array() ;
+		$paramcount = 1 ;
+		
+		$selectsql = 'SELECT DISTINCT ON (group_artifact_id, artifact_id) artifact_vw.* FROM artifact_vw';
 
-		//if assigned to selected, and more to where clause
-		if ($this->assigned_to) {
-			if (is_array($this->assigned_to)) {
-				$assigned_str="AND assigned_to IN (".implode(',',$this->assigned_to).")";
-			} else {
-				$assigned_str="AND assigned_to='".$this->assigned_to."'";
-			}
-		} else {
-			//no assigned to was chosen, so don't add it to where clause
-			$assigned_str='';
-		}
+		$wheresql = 'WHERE group_artifact_id=$'.$paramcount++ ;
+		$params[] = $this->ArtifactType->getID() ;
 
 		if (is_array($this->extra_fields) && !empty($this->extra_fields)) {
 			$keys=array_keys($this->extra_fields);
 			$vals=array_values($this->extra_fields);
-			$ef_where_str='';
-			$ef_table_str='';
 			for ($i=0; $i<count($keys); $i++) {
 				if (empty($vals[$i])) {
 					continue;
 				}
-				if (is_array($vals[$i]) && !empty($vals[$i])) {
-					$vals[$i]=implode("','",$vals[$i]);
-				}
-				$ef_table_str.=", artifact_extra_field_data aefd$i ";
-				$ef_where_str.=" AND aefd$i.extra_field_id='".$keys[$i]."' AND aefd$i.field_data IN ('".$vals[$i]."') AND aefd$i.artifact_id=artifact_vw.artifact_id ";
+				$selectsql .= ', artifact_extra_field_data aefd'.$i;
+				$wheresql .= ' AND aefd'.$i.'.extra_field_id=$'.$paramcount++ ;
+				$params[] = $keys[$i] ;
+				$wheresql .= ' AND aefd'.$i.'.field_data = ANY ($'.$paramcount++ ;
+				$params[] = db_string_array_to_any_clause ($vals[$i]) ;
+				$wheresql .= ') AND aefd'.$i.'.artifact_id=artifact_vw.artifact_id' ;
 			}
-		} else {
-			$ef_table_str='';
-			$ef_where_str='';
 		}
 
+		//if status selected, and more to where clause
+		if ($this->status && ($this->status != 100)) {
+			//for open tasks, add status=100 to make sure we show all
+			$wheresql .= ' AND status_id=$'.$paramcount++ ;
+			$params[] = $this->status;
+		}
+
+		//if assigned to selected, and more to where clause
+		if ($this->assigned_to) {
+			if (is_array($this->assigned_to)) {
+				$wheresql .= 'AND assigned_to = ANY ($'.$paramcount++ ;
+				$params[] = db_int_array_to_any_clause ($this->assigned_to) ;
+				$wheresql .= ')' ;
+			} else {
+				$wheresql .= 'AND assigned_to = $'.$paramcount++ ;
+				$params[] = $this->assigned_to ;
+			}
+		}
+
 		if ($this->last_changed > 0) {
-			$last_changed_str=" AND last_modified_date > '" . $this->last_changed . "' ";
-		} else {
-			$last_changed_str='';
+			$wheresql .= ' AND last_modified_date > $'.$paramcount++ ;
+			$params[] = $this->last_changed ;
 		}
 
 		//add constraint of range of modified dates
@@ -315,50 +313,50 @@
 			$range_arr=explode(' ',$this->moddaterange);
 			$begin_int = strtotime($range_arr[0]);
 			$end_int=strtotime($range_arr[1])+(24*60*60);
-			$moddatesql= " AND last_modified_date BETWEEN '$begin_int' AND '$end_int' ";
-		} else {
-			$moddatesql= '';
+			$wheresql .= ' AND (last_modified_date BETWEEN $'.$paramcount++ ;
+			$params[] = $begin_int ;
+			$wheresql .= ' AND $'.$paramcount++ ;
+			$params[] = $end_int ;
+			$wheresql .= ')' ;
 		}
 		//add constraint of range of open dates
 		if ($this->opendaterange) {
 			$range_arr=explode(' ',$this->opendaterange);
 			$begin_int = strtotime($range_arr[0]);
 			$end_int=strtotime($range_arr[1])+(24*60*60);
-			$opendatesql= " AND open_date BETWEEN '$begin_int' AND '$end_int' ";
-		} else {
-			$opendatesql= '';
+			$wheresql .= ' AND (open_date BETWEEN $'.$paramcount++ ;
+			$params[] = $begin_int ;
+			$wheresql .= ' AND $'.$paramcount++ ;
+			$params[] = $end_int ;
+			$wheresql .= ')' ;
 		}
 		//add constraint of range of close dates
 		if ($this->closedaterange) {
 			$range_arr=explode(' ',$this->closedaterange);
 			$begin_int = strtotime($range_arr[0]);
 			$end_int=strtotime($range_arr[1])+(24*60*60);
-			$closedatesql= " AND close_date BETWEEN '$begin_int' AND '$end_int' ";
-		} else {
-			$closedatesql= '';
+			$wheresql .= ' AND (close_date BETWEEN $'.$paramcount++ ;
+			$params[] = $begin_int ;
+			$wheresql .= ' AND $'.$paramcount++ ;
+			$params[] = $end_int ;
+			$wheresql .= ')' ;
 		}
+
+		$sortorder = util_ensure_value_in_set ($this->sort,
+						       array ('ASC', 'DESC')) ;
 		
-		// these are currently not being used
-		$submitted_by_str = '';
-		
-		//
-		//  now run the query using the criteria chosen above
-		//
-		if ($sys_database_type == "mysql") {
-			$sql="SELECT * FROM (SELECT DISTINCT artifact_vw.* FROM artifact_vw $ef_table_str ";
-		} else {
-			$sql="SELECT * FROM (SELECT DISTINCT ON (group_artifact_id, artifact_id) artifact_vw.* FROM artifact_vw $ef_table_str ";
-		}
-		$sql.="
-			WHERE 
-			group_artifact_id='". $this->ArtifactType->getID() ."'
-			$opendatesql $moddatesql $closedatesql $submitted_by_str
-			 $status_str $assigned_str $last_changed_str $ef_where_str ) AS Artifacts
-			ORDER BY Artifacts.group_artifact_id ".$this->sort.", Artifacts.". $this->order_col ." ".$this->sort;
-//echo "$sql";
-//exit;
+		$sortcol = util_ensure_value_in_set ($this->order_col,
+						     array ('artifact_id',
+							    'summary',
+							    'open_date',
+							    'close_date',
+							    'assigned_to',
+							    'submitted_by',
+							    'priority'));
+		$ordersql = " ORDER BY Artifacts.group_artifact_id.$sortorder, Artifacts.$sortcol $sortorder" ;
 
-		$result=db_query($sql);//,($this->max_rows),$this->offset);
+		$result = db_query_params ('SELECT * FROM (' . $selectsql . $wheresql . ') AS Artifacts' . $ordersql,
+					   $params) ;
 		$rows = db_numrows($result);
 		$this->fetched_rows=$rows;
 		if (db_error()) {




More information about the Fusionforge-commits mailing list