/** * eZContentObjectTreeNode::createAttributeFilterSQLStrings() returns * invalid 'in'/'not in' SQL statements * * @link http://issues.ez.no/23528 * @dataProvider providerForTestIssue23528 */ public function testIssue23528($name, $expected) { $params = array(1, '3', 'foo', '1foo', 'foo_1'); $attributeFilterParams = array(array($name, 'in', $params)); $attributeFilter = eZContentObjectTreeNode::createAttributeFilterSQLStrings($attributeFilterParams); $this->assertEquals($expected, $attributeFilter['where']); }
static function trashList($params = false, $asCount = false) { if ($params === false) { $params = array('Offset' => false, 'Limit' => false, 'SortBy' => false, 'AttributeFilter' => false); } $offset = isset($params['Offset']) && is_numeric($params['Offset']) ? $params['Offset'] : false; $limit = isset($params['Limit']) && is_numeric($params['Limit']) ? $params['Limit'] : false; $asObject = isset($params['AsObject']) ? $params['AsObject'] : true; $objectNameFilter = isset($params['ObjectNameFilter']) ? $params['ObjectNameFilter'] : false; $sortBy = isset($params['SortBy']) && is_array($params['SortBy']) ? $params['SortBy'] : array(array('name')); if ($asCount) { $sortingInfo = eZContentObjectTreeNode::createSortingSQLStrings(false); } else { $sortingInfo = eZContentObjectTreeNode::createSortingSQLStrings($sortBy, 'ezcot'); } $attributeFilter = eZContentObjectTreeNode::createAttributeFilterSQLStrings($params['AttributeFilter'], $sortingInfo); if ($attributeFilter === false) { return null; } $useVersionName = true; $versionNameTables = eZContentObjectTreeNode::createVersionNameTablesSQLString($useVersionName); $versionNameTargets = eZContentObjectTreeNode::createVersionNameTargetsSQLString($useVersionName); $versionNameJoins = eZContentObjectTreeNode::createVersionNameJoinsSQLString($useVersionName, false, false, false, 'ezcot'); $languageFilter = ' AND ' . eZContentLanguage::languagesSQLFilter('ezcontentobject'); $objectNameFilterSQL = eZContentObjectTreeNode::createObjectNameFilterConditionSQLString($objectNameFilter); $limitation = isset($params['Limitation']) && is_array($params['Limitation']) ? $params['Limitation'] : false; $limitationList = eZContentObjectTreeNode::getLimitationList($limitation); $sqlPermissionChecking = eZContentObjectTreeNode::createPermissionCheckingSQL($limitationList, 'ezcontentobject_trash', 'ezcot'); if ($asCount) { $query = "SELECT count(*) as count "; } else { $query = "SELECT\n ezcontentobject.*,\n ezcot.*,\n ezcontentclass.serialized_name_list as class_serialized_name_list,\n ezcontentclass.identifier as class_identifier\n {$versionNameTargets}\n {$sortingInfo['attributeTargetSQL']} "; } $query .= "FROM\n ezcontentobject_trash ezcot,\n ezcontentobject,\n ezcontentclass\n {$versionNameTables}\n {$sortingInfo['attributeFromSQL']}\n {$attributeFilter['from']}\n {$sqlPermissionChecking['from']}\n WHERE\n ezcontentclass.version=0 AND\n ezcot.contentobject_id = ezcontentobject.id AND\n ezcontentclass.id = ezcontentobject.contentclass_id AND\n {$sortingInfo['attributeWhereSQL']}\n {$attributeFilter['where']}\n {$versionNameJoins}\n {$sqlPermissionChecking['where']}\n {$objectNameFilterSQL}\n {$languageFilter}\n "; if (!$asCount && $sortingInfo['sortingFields'] && strlen($sortingInfo['sortingFields']) > 5) { $query .= " ORDER BY {$sortingInfo['sortingFields']}"; } $db = eZDB::instance(); if (!$offset && !$limit) { $trashRowsArray = $db->arrayQuery($query); } else { $trashRowsArray = $db->arrayQuery($query, array('offset' => $offset, 'limit' => $limit)); } // cleanup temp tables $db->dropTempTableList($sqlPermissionChecking['temp_tables']); if ($asCount) { return $trashRowsArray[0]['count']; } else { if ($asObject) { $retTrashNodes = array(); foreach (array_keys($trashRowsArray) as $key) { $trashRow =& $trashRowsArray[$key]; $retTrashNodes[] = new eZContentObjectTrashNode($trashRow); } return $retTrashNodes; } else { return $trashRowsArray; } } }
/** * Test for regression #15211 * * The issue was reported as happening when a fetch_alias was called without * a second parameter. It turns out that this was just wrong, but led to the * following: if eZContentObjectTreeNode::createAttributeFilterSQLStrings * is called with the first parameter ($attributeFilter) is a string, a fatal * error "Cannot unset string offsets" is thrown. * * Test: Call this function with a string as the first parameter. Without the * fix, a fatal error occurs, while an empty filter is returned once fixed. */ public function testIssue15211() { $attributeFilter = "somestring"; // Without the fix, this is a fatal error $filterSQL = eZContentObjectTreeNode::createAttributeFilterSQLStrings($attributeFilter); $this->assertInternalType('array', $filterSQL); $this->assertArrayHasKey('from', $filterSQL); $this->assertArrayHasKey('where', $filterSQL); }
static function calendar($params = false, $nodeID = 0) { if (!is_numeric($nodeID) and !is_array($nodeID)) { return array(); } if ($params === false) { $params = array('Depth' => false, 'Offset' => false, 'Limit' => false, 'AttributeFilter' => false, 'ExtendedAttributeFilter' => false, 'ClassFilterType' => false, 'ClassFilterArray' => false, 'GroupBy' => false); } $offset = isset($params['Offset']) && is_numeric($params['Offset']) ? $params['Offset'] : false; $limit = isset($params['Limit']) && is_numeric($params['Limit']) ? $params['Limit'] : false; $depth = isset($params['Depth']) && is_numeric($params['Depth']) ? $params['Depth'] : false; $depthOperator = isset($params['DepthOperator']) ? $params['DepthOperator'] : false; $groupBy = isset($params['GroupBy']) ? $params['GroupBy'] : false; $mainNodeOnly = isset($params['MainNodeOnly']) ? $params['MainNodeOnly'] : false; $ignoreVisibility = isset($params['IgnoreVisibility']) ? $params['IgnoreVisibility'] : false; if (!isset($params['ClassFilterType'])) { $params['ClassFilterType'] = false; } $classCondition = eZContentObjectTreeNode::createClassFilteringSQLString($params['ClassFilterType'], $params['ClassFilterArray']); $attributeFilter = eZContentObjectTreeNode::createAttributeFilterSQLStrings($params['AttributeFilter'], $sortingInfo); $extendedAttributeFilter = eZContentObjectTreeNode::createExtendedAttributeFilterSQLStrings($params['ExtendedAttributeFilter']); $mainNodeOnlyCond = eZContentObjectTreeNode::createMainNodeConditionSQLString($mainNodeOnly); $pathStringCond = ''; $notEqParentString = ''; eZContentObjectTreeNode::createPathConditionAndNotEqParentSQLStrings($pathStringCond, $notEqParentString, $nodeID, $depth, $depthOperator); $groupBySelectText = ''; $groupBySQL = $extendedAttributeFilter['group_by']; if (!$groupBySQL) { eZContentObjectTreeNode::createGroupBySQLStrings($groupBySelectText, $groupBySQL, $groupBy); } else { if ($groupBy) { eZDebug::writeError("Cannot use group_by parameter together with extended attribute filter which sets group_by!", __METHOD__); } } $limitation = isset($params['Limitation']) && is_array($params['Limitation']) ? $params['Limitation'] : false; $limitationList = eZContentObjectTreeNode::getLimitationList($limitation); $sqlPermissionChecking = eZContentObjectTreeNode::createPermissionCheckingSQL($limitationList); // Determine whether we should show invisible nodes. $showInvisibleNodesCond = eZContentObjectTreeNode::createShowInvisibleSQLString(!$ignoreVisibility); $query = "SELECT DISTINCT\n ezcontentobject.published as published\n {$groupBySelectText}\n FROM\n ezcontentobject_tree\n INNER JOIN ezcontentobject ON (ezcontentobject.id = ezcontentobject_tree.contentobject_id)\n INNER JOIN ezcontentclass ON (ezcontentclass.id = ezcontentobject.contentclass_id)\n INNER JOIN ezcontentobject_name ON (\n ezcontentobject_name.contentobject_id = ezcontentobject_tree.contentobject_id AND\n ezcontentobject_name.content_version = ezcontentobject_tree.contentobject_version\n )\n\n {$attributeFilter['from']}\n {$extendedAttributeFilter['tables']}\n {$sqlPermissionChecking['from']}\n WHERE\n {$pathStringCond}\n {$extendedAttributeFilter['joins']}\n {$attributeFilter['where']}\n ezcontentclass.version = 0 AND\n {$notEqParentString}\n {$mainNodeOnlyCond}\n {$classCondition}\n " . eZContentLanguage::sqlFilter('ezcontentobject_name', 'ezcontentobject') . "\n {$showInvisibleNodesCond}\n {$sqlPermissionChecking['where']}\n {$groupBySQL}"; $db = eZDB::instance(); $server = count($sqlPermissionChecking['temp_tables']) > 0 ? eZDBInterface::SERVER_SLAVE : false; if (!$offset && !$limit) { $nodeListArray = $db->arrayQuery($query, array(), $server); } else { $nodeListArray = $db->arrayQuery($query, array('offset' => $offset, 'limit' => $limit), $server); } // cleanup temp tables $db->dropTempTableList($sqlPermissionChecking['temp_tables']); return $nodeListArray; }
static function calendar( $params = false, $nodeID = 0 ) { if ( !is_numeric( $nodeID ) and !is_array( $nodeID ) ) { return array(); } if ( $params === false ) { $params = array( 'Depth' => false, 'Offset' => false, 'Limit' => false, 'AttributeFilter' => false, 'ExtendedAttributeFilter' => false, 'ClassFilterType' => false, 'ClassFilterArray' => false, 'GroupBy' => false ); } $offset = ( isset( $params['Offset'] ) && is_numeric( $params['Offset'] ) ) ? $params['Offset'] : false; $limit = ( isset( $params['Limit'] ) && is_numeric( $params['Limit'] ) ) ? $params['Limit'] : false; $depth = ( isset( $params['Depth'] ) && is_numeric( $params['Depth'] ) ) ? $params['Depth'] : false; $depthOperator = ( isset( $params['DepthOperator'] ) ) ? $params['DepthOperator'] : false; $groupBy = ( isset( $params['GroupBy'] ) ) ? $params['GroupBy'] : false; $mainNodeOnly = ( isset( $params['MainNodeOnly'] ) ) ? $params['MainNodeOnly'] : false; $ignoreVisibility = ( isset( $params['IgnoreVisibility'] ) ) ? $params['IgnoreVisibility'] : false; if ( !isset( $params['ClassFilterType'] ) ) $params['ClassFilterType'] = false; $classCondition = eZContentObjectTreeNode::createClassFilteringSQLString( $params['ClassFilterType'], $params['ClassFilterArray'] ); $attributeFilter = eZContentObjectTreeNode::createAttributeFilterSQLStrings( $params['AttributeFilter'], $sortingInfo ); $extendedAttributeFilter = eZContentObjectTreeNode::createExtendedAttributeFilterSQLStrings( $params['ExtendedAttributeFilter'] ); $mainNodeOnlyCond = eZContentObjectTreeNode::createMainNodeConditionSQLString( $mainNodeOnly ); $pathStringCond = ''; $notEqParentString = ''; eZContentObjectTreeNode::createPathConditionAndNotEqParentSQLStrings( $pathStringCond, $notEqParentString, $nodeID, $depth, $depthOperator ); $groupBySelectText = ''; $groupBySQL = $extendedAttributeFilter['group_by']; if ( !$groupBySQL ) { eZContentObjectTreeNode::createGroupBySQLStrings( $groupBySelectText, $groupBySQL, $groupBy ); } else if ( $groupBy ) { eZDebug::writeError( "Cannot use group_by parameter together with extended attribute filter which sets group_by!", __METHOD__ ); } $useVersionName = true; $versionNameTables = eZContentObjectTreeNode::createVersionNameTablesSQLString( $useVersionName ); $versionNameJoins = eZContentObjectTreeNode::createVersionNameJoinsSQLString( $useVersionName, false ); $limitation = ( isset( $params['Limitation'] ) && is_array( $params['Limitation'] ) ) ? $params['Limitation']: false; $limitationList = eZContentObjectTreeNode::getLimitationList( $limitation ); $sqlPermissionChecking = eZContentObjectTreeNode::createPermissionCheckingSQL( $limitationList ); // Determine whether we should show invisible nodes. $showInvisibleNodesCond = eZContentObjectTreeNode::createShowInvisibleSQLString( !$ignoreVisibility ); $query = "SELECT DISTINCT ezcontentobject.published as published $groupBySelectText FROM ezcontentobject_tree, ezcontentobject,ezcontentclass $versionNameTables $attributeFilter[from] $extendedAttributeFilter[tables] $sqlPermissionChecking[from] WHERE $pathStringCond $extendedAttributeFilter[joins] $attributeFilter[where] ezcontentclass.version=0 AND $notEqParentString $mainNodeOnlyCond ezcontentobject_tree.contentobject_id = ezcontentobject.id AND ezcontentclass.id = ezcontentobject.contentclass_id AND $classCondition $versionNameJoins $showInvisibleNodesCond $sqlPermissionChecking[where] $groupBySQL"; $db = eZDB::instance(); $server = count( $sqlPermissionChecking['temp_tables'] ) > 0 ? eZDBInterface::SERVER_SLAVE : false; if ( !$offset && !$limit ) { $nodeListArray = $db->arrayQuery( $query, array(), $server ); } else { $nodeListArray = $db->arrayQuery( $query, array( 'offset' => $offset, 'limit' => $limit ), $server ); } // cleanup temp tables $db->dropTempTableList( $sqlPermissionChecking['temp_tables'] ); return $nodeListArray; }