quote example


    public function sGetOpenOrderData($destinationPage = 1, $perPage = 10)
    {
        $shop = Shopware()->Shop();
        $mainShop = $shop->getMain() !== null ? $shop->getMain() : $shop;

        $destinationPage = !empty($destinationPage) ? $destinationPage : 1;
        $limitStart = Shopware()->Db()->quote(($destinationPage - 1) * $perPage);
        $limitEnd = Shopware()->Db()->quote($perPage);

        $sql = " SELECT SQL_CALC_FOUND_ROWS o.*, cu.templatechar as currency_html, cu.symbol_position as currency_position, DATE_FORMAT(ordertime, '%d.%m.%Y %H:%i') AS datum, state.name as stateName FROM s_order o LEFT JOIN s_core_currencies as cu ON o.currency = cu.currency LEFT JOIN s_core_states as state ON state.id = o.status WHERE userID = ? AND status != -1 AND subshopID = ? ORDER BY ordertime DESC LIMIT

        $query = $this->getConnection()->query('SELECT id, content, contentHTML FROM `s_core_config_mails` WHERE dirty = 0');
        $untouchedMails = $query->fetchAll();

        foreach ($untouchedMails as $mail) {
            $replacedContent = $this->replaceOldVarSyntax($mail['content']);
            $replacedContentHTML = $this->replaceOldVarSyntax($mail['contentHTML']);

            if ($replacedContent != $mail['content'] || $replacedContentHTML != $mail['contentHTML']) {
                $mailId = $mail['id'];

                $replacedContent = !empty($replacedContent) ? trim($this->getConnection()->quote($replacedContent), "'") : '';
                $replacedContentHTML = !empty($replacedContentHTML) ? trim($this->getConnection()->quote($replacedContentHTML), "'") : '';

                $sql = <<<EOL UPDATE `s_core_config_mails` SET content="$replacedContent", contentHTML="$replacedContentHTML" WHERE id = $mailId; EOL;

                
else {
          $sql .= ' NULL';
        }
      }

      if (!empty($spec['unsigned'])) {
        $sql .= ' CHECK (' . $name . '>= 0)';
      }

      if (isset($spec['default'])) {
        if (is_string($spec['default'])) {
          $spec['default'] = $this->connection->quote($spec['default']);
        }
        $sql .= ' DEFAULT ' . $spec['default'];
      }

      if (empty($spec['not null']) && !isset($spec['default'])) {
        $sql .= ' DEFAULT NULL';
      }
    }
    return $sql;
  }

  
$context = $context->getContext();

        $taxId = Uuid::randomHex();
        $taxRate = 15.0;

        $repo = $this->getRepository();
        $criteria = new Criteria();

        $connection = $this->getContainer()->get(Connection::class);
        $insertInjection = sprintf(
            'INSERT INTO `tax` (id, tax_rate, name, created_at) VALUES(UNHEX(%s), %s, "foo", %s)',
            (string) $connection->quote($taxId),
            (string) $taxRate// use php string conversion, to avoid locale based float to string conversion in sprintf             (new \DateTime())->format(Defaults::STORAGE_DATE_TIME_FORMAT)
        );
        $keyWithQuotes = sprintf(
            'data.%s\')) = "%s"); %s; SELECT 1 FROM ((("',
            $randomKey,
            'bar',
            $insertInjection
        );

        $criteria->addFilter(new EqualsFilter($keyWithQuotes, 'bar'));

        

    public function getLocalesAction()
    {
        $current = Shopware()->Container()->get('locale');
        $locales = $this->getPlugin()->getLocales();
        $locales = Shopware()->Db()->quote($locales);
        $sql = 'SELECT id, locale FROM s_core_locales WHERE id IN (' . $locales . ')';
        $locales = Shopware()->Db()->fetchPairs($sql);

        $data = [];
        foreach ($locales as $id => $locale) {
            list($l$t) = explode('_', $locale);
            $l = $current::getTranslation($l, 'language', $current);
            $t = $current::getTranslation($t, 'territory', $current);
            $data[] = [
                'id' => $id,
                'name' => "$l ($t)",
            ];
// Clone the query so the prepare and compile doesn't get repeated.     $clone = clone($this);

    $clone->prepare()
      ->compile()
      ->addSort()
      ->finish();

    // Quote arguments so query is able to be run.     $quoted = [];
    foreach ($clone->sqlQuery->getArguments() as $key => $value) {
      $quoted[$key] = is_null($value) ? 'NULL' : $this->connection->quote($value);
    }

    // Replace table name brackets.     $sql = $clone->connection->prefixTables((string) $clone->sqlQuery);
    $sql = $clone->connection->quoteIdentifiers($sql);

    return strtr($sql$quoted);
  }

}
if ($format === 'sql') {
            $this->Response()->headers->set('content-type: text/plain', '');
            $this->Response()->headers->set('content-disposition', 'attachment; filename="export.sql"');

            $sql = 'SELECT * FROM s_core_snippets ORDER BY namespace';
            $result = $this->database->query($sql);
            $rows = [];

            echo "REPLACE INTO `s_core_snippets` (`namespace`, `name`, `value`, `localeID`, `shopID`,`created`, `updated`, `dirty`) VALUES \r\n";
            foreach ($result->fetchAll() as $row) {
                $value = $this->database->quote($row['value']);
                $value = str_replace("\n", '\\n', $value);

                $rows[] = sprintf(
                    "(%s, %s, %s, '%s', '%s', '%s', NOW(), %d)",
                    $this->database->quote($row['namespace']),
                    $this->database->quote($row['name']),
                    $value,
                    (int) $row['localeID'],
                    (int) $row['shopID'],
                    $row['created'],
                    $row['dirty']
                );
$expected->condition("entity_test_mulrev__$figures.{$figures}_color", ["blue"], "IN");
    $expected->condition("entity_test_mulrev__{$figures}_2.{$figures}_color", ["red"], "IN");
    $expected->isNull("entity_test_mulrev__{$figures}_3.{$figures}_color");
    $expected->orderBy("base_table.id");

    // Apply table prefixes and quote identifiers for the expected SQL.     $expected_string = $connection->prefixTables((string) $expected);
    $expected_string = $connection->quoteIdentifiers($expected_string);
    // Resolve placeholders in the expected SQL to their values.     $quoted = [];
    foreach ($expected->getArguments() as $key => $value) {
      $quoted[$key] = $connection->quote($value);
    }
    $expected_string = strtr($expected_string$quoted);

    $this->assertSame($expected_string(string) $query);
  }

  /** * Test the accessCheck method is called. */
  public function testAccessCheckSpecified() {
    $this->expectException(QueryException::class);
    

    protected function dumpTable($table$name$ids$newBackup)
    {
        $quotedIds = '(' . $this->getDqlHelper()->getDb()->quote($ids, PDO::PARAM_INT) . ')';
        $path = $this->getOutputPath($name);

        $hash = uniqid();

        $outFileData = $path . $table . '.' . $hash . '.datasql';
        $outFileHeader = $path . $table . '.headersql';
        $outFileFooter = $path . $table . '.footersql';

        $fileHandle = fopen($outFileData, 'w');
        if (!\is_resource($fileHandle)) {
            throw new RuntimeException(sprintf('Could not open stream at "%s"', $outFileData));
        }
$this->connection->query('ALTER TABLE {' . $table . '} DROP [' . $field . ']');
    return TRUE;
  }

  /** * {@inheritdoc} */
  public function indexExists($table$name) {
    // Returns one row for each column in the index. Result is string or FALSE.     // Details at http://dev.mysql.com/doc/refman/5.0/en/show-index.html     $row = $this->connection->query('SHOW INDEX FROM {' . $table . '} WHERE key_name = ' . $this->connection->quote($name))->fetchAssoc();
    return isset($row['Key_name']);
  }

  /** * {@inheritdoc} */
  public function addPrimaryKey($table$fields) {
    if (!$this->tableExists($table)) {
      throw new SchemaObjectDoesNotExistException("Cannot add primary key to table '$table': table doesn't exist.");
    }
    if ($this->indexExists($table, 'PRIMARY')) {
      


    /** * @return string */
    public function getDefaultLocale()
    {
        $backendLocales = $this->getLocales();
        $browserLocales = array_keys(Zend_Locale::getBrowser());

        if (!empty($browserLocales)) {
            $quotedBackendLocale = Shopware()->Db()->quote($backendLocales);
            $orderIndex = 1;
            $orderCriteria = '';
            foreach ($browserLocales as $browserLocale) {
                $orderCriteria .= 'WHEN ' . Shopware()->Db()->quote($browserLocale) . ' THEN ' . $orderIndex . ' ';
                ++$orderIndex;
            }
            $orderCriteria .= 'ELSE ' . $orderIndex . ' END ';

            // For each browser locale, get exact or similar             // filtered by allowed backend locales             // ordered by exact match from browser

  public function quote($string$parameter_type = \PDO::PARAM_STR) {
    return $this->connection->quote($string$parameter_type);
  }

  /** * Extracts the SQLSTATE error from a PDOException. * * @param \Exception $e * The exception * * @return string * The five character error code. */
  
if (str_contains($jsonPathPart, '-')) {
                    $jsonPathParts[$index] = sprintf('"%s"', $jsonPathPart);
                }
            }
            $jsonPath = implode('.', $jsonPathParts);
        }

        $jsonValueExpr = sprintf(
            'JSON_EXTRACT(`%s`.`%s`, %s)',
            $root,
            $field->getStorageName(),
            (string) $this->connection->quote('$' . $jsonPath)
        );

        $embeddedField = $this->getField($jsonPath$field->getPropertyMapping());
        $accessor = $this->getFieldAccessor($jsonValueExpr$embeddedField);

        /* * Values extracted from json have distinct json types, that are different from normal value types. * We need to convert json nulls into sql nulls. * * For example: `JSON_EXTRACT('{"foo":null}', '$.foo') IS NOT NULL` */
        
static $currencyCache = [];

        if (empty($currency)) {
            $currency = $this->shopData['currency_id'];
        }
        if (isset($currencyCache[$currency])) {
            return $currencyCache[$currency];
        }
        if (is_numeric($currency)) {
            $sql = 'id=' . $currency;
        } elseif (\is_string($currency)) {
            $sql = 'currency=' . $this->db->quote(trim($currency));
        } else {
            return false;
        }

        $currencyCache[$currency] = $this->db->fetchRow(" SELECT * FROM s_core_currencies WHERE $sql ");

        return $currencyCache[$currency];
    }

    protected function _stripQuoted($sql)
    {

        // get the character for value quoting         // this should be '         $q = $this->_adapter->quote('a');
        $q = $q[0];        
        // get the value used as an escaped quote,         // e.g. \' or ''         $qe = $this->_adapter->quote($q);
        $qe = substr($qe, 1, 2);
        $qe = preg_quote($qe);
        $escapeChar = substr($qe,0,1);
        // remove 'foo\'bar'         if (!empty($q)) {
            $escapeChar = preg_quote($escapeChar);
            // this segfaults only after 65,000 characters instead of 9,000
Home | Imprint | This part of the site doesn't use cookies.