/** * Gets matched models. Currently only supports if the attribute is 'name' * @param $value * @param null|int $pageSize * @return array */ protected function getMatchedModels($value, $pageSize) { $matchedModels = array(); $penultimateModelClassName = $this->penultimateModelClassName; $classToEvaluate = new ReflectionClass($penultimateModelClassName); if ($penultimateModelClassName != null && $classToEvaluate->isSubclassOf('Item') && $penultimateModelClassName::isAnAttribute('name')) { $matchedModels = $penultimateModelClassName::getSubset(null, null, $pageSize, 'name' . " = '" . DatabaseCompatibilityUtil::escape($value) . "'"); } return $matchedModels; }
/** * Given a related model type, a related model id, and a page size, return a list of comment models. * @param string $type * @param integer $relatedId * @param integer $pageSize */ public static function getCommentsByRelatedModelTypeIdAndPageSize($type, $relatedId, $pageSize) { assert('is_string($type)'); assert('is_int($relatedId)'); assert('is_int($pageSize) || $pageSize = null'); $joinTablesAdapter = new RedBeanModelJoinTablesQueryAdapter('Comment'); $orderByColumnName = RedBeanModelDataProvider::resolveSortAttributeColumnName('Comment', $joinTablesAdapter, 'createdDateTime'); $where = "relatedmodel_type = '" . DatabaseCompatibilityUtil::escape(strtolower($type)) . "' AND relatedmodel_id = '" . DatabaseCompatibilityUtil::escape($relatedId) . "'"; $orderBy = $orderByColumnName . ' desc'; return self::getSubset($joinTablesAdapter, null, $pageSize, $where, $orderBy); }
public static function getByUrl($url) { return static::getSubset(null, null, null, "url = '" . DatabaseCompatibilityUtil::escape($url) . "'"); }
/** * @param string $attributeName * @param string $value * @return An */ protected static function getByNameOrEquivalent($attributeName, $value) { assert('is_string($attributeName)'); assert('is_string($value) && $value != ""'); return static::getSubset(null, null, null, $attributeName . " = '" . DatabaseCompatibilityUtil::escape($value) . "'"); }
public static function resolveOperatorAndValueForOneOf($operatorType, $values, $ignoreStringToLower = false) { assert('$operatorType == "oneOf"'); assert('is_array($values) && count($values) > 0'); $inPart = null; foreach ($values as $theValue) { if ($inPart != null) { $inPart .= ','; // Not Coding Standard } if (is_string($theValue)) { if ($ignoreStringToLower) { $inPart .= "'" . DatabaseCompatibilityUtil::escape($theValue) . "'"; } else { $inPart .= "'" . DatabaseCompatibilityUtil::escape($theValue) . "'"; } } elseif (is_numeric($theValue)) { $inPart .= $theValue; } elseif (is_bool($theValue)) { if (!$theValue) { $theValue = 0; } $inPart .= $theValue; } else { throw new NotSupportedException(); } } return 'IN(' . $inPart . ')'; }
/** * Check if the portlet is already added to the detail view. This would * take care of the case where user click on the link in select portlet * list more than one time * @param string $viewType * @param string $uniqueLayoutId * @param int $userId * @return boolean */ public static function doesPortletExistByViewTypeLayoutIdAndUser($viewType, $uniqueLayoutId, $userId) { assert('is_integer($userId) && $userId >= 1'); $sql = "select count(*) as count " . 'from portlet ' . "where layoutid = '" . DatabaseCompatibilityUtil::escape($uniqueLayoutId) . "' and viewtype = '" . DatabaseCompatibilityUtil::escape($viewType) . "' and _user_id = " . DatabaseCompatibilityUtil::escape($userId); $row = ZurmoRedBean::getRow($sql); if ($row['count'] > 0) { return true; } else { return false; } }
public static function getByName($name) { return static::getSubset(null, null, null, "name = '" . DatabaseCompatibilityUtil::escape($name) . "'"); }
protected static function escapeValues(array &$values) { // We do use array_map as that would also escape null values //$values = array_map(array(ZurmoRedBean::$adapter, 'escape'), $values); foreach ($values as $key => &$value) { if (isset($value)) { $value = DatabaseCompatibilityUtil::escape($value); } } }
/** * Sanitize term to prevent sql injection * @param $term */ protected static function sanitizeSearchTerm(&$term) { $term = DatabaseCompatibilityUtil::escape($term); }
/** * Given an operator type and value, SQL is constructed. Example * return would be '>= 5'. * @return string */ public static function getOperatorAndValueWherePart($operatorType, $value) { assert('is_string($operatorType)'); if (!SQLOperatorUtil::isValidOperatorTypeByValue($operatorType, $value)) { throw new NotSupportedException(); } if (is_string($value)) { return self::resolveToLowerForStringComparison($operatorType, self::escape($value)); } elseif (is_array($value) && count($value) > 0) { return SQLOperatorUtil::resolveOperatorAndValueForOneOf($operatorType, $value); } elseif ($value !== null) { return SQLOperatorUtil::getOperatorByType($operatorType) . " " . DatabaseCompatibilityUtil::escape($value); } elseif ($value === null) { return SQLOperatorUtil::resolveOperatorAndValueForNullOrEmpty($operatorType); } }