CodeExplorer
You are a developer and looking for Shopware projects?
Apply Now!
quoteIdentifier example
protected function _getWhereQuery($useDirty = true)
{
$where = array();
$db = $this->_getTable()->getAdapter();
$primaryKey = $this->_getPrimaryKey($useDirty);
$info = $this->_getTable()->info();
$metadata = $info[Zend_Db_Table_Abstract::METADATA];
// retrieve recently updated row using primary keys $where = array();
foreach ($primaryKey as $column => $value) {
$tableName = $db->quoteIdentifier($info[Zend_Db_Table_Abstract::NAME], true);
$type = $metadata[$column]['DATA_TYPE'];
$columnName = $db->quoteIdentifier($column, true);
$where[] = $db->quoteInto("{$tableName}.{$columnName} = ?", $value, $type);
}
return $where;
}
/** * Refreshes properties from the database. * * @return void */
{
$where = array();
$db = $this->_getTable()->getAdapter();
$primaryKey = $this->_getPrimaryKey($useDirty);
$info = $this->_getTable()->info();
$metadata = $info[Zend_Db_Table_Abstract::METADATA];
// retrieve recently updated row using primary keys $where = array();
foreach ($primaryKey as $column => $value) {
$tableName = $db->quoteIdentifier($info[Zend_Db_Table_Abstract::NAME], true);
$type = $metadata[$column]['DATA_TYPE'];
$columnName = $db->quoteIdentifier($column, true);
$where[] = $db->quoteInto("{$tableName}.{$columnName} = ?", $value, $type);
}
return $where;
}
/** * Refreshes properties from the database. * * @return void */
public function getSelect()
{
if (null === $this->_select) {
$db = $this->getAdapter();
/** * Build select object */
$select = new Zend_Db_Select($db);
$select->from($this->_table, array($this->_field), $this->_schema);
if ($db->supportsParameters('named')) {
$select->where($db->quoteIdentifier($this->_field, true).' = :value'); // named } else {
$select->where($db->quoteIdentifier($this->_field, true).' = ?'); // positional }
if ($this->_exclude !== null) {
if (is_array($this->_exclude)) {
$select->where(
$db->quoteIdentifier($this->_exclude['field'], true) .
' != ?', $this->_exclude['value']
);
} else {
$select->where($this->_exclude);
}
$sqlBindings['filter'] = '%' . $filter . '%';
}
// Sorting data $sortData = $this->Request()->getParam('sort');
$sortField = $sortData[0]['property'] ?? null;
$dir = $sortData[0]['direction'] ?? null;
$sort = '';
if ((!empty($sortField) && $dir === 'ASC') || $dir === 'DESC') {
// To prevent sql-injections $sortField = Shopware()->Db()->quoteIdentifier($sortField);
$sort = 'ORDER BY ' . $sortField . ' ' . $dir;
}
$sql = " SELECT SQL_CALC_FOUND_ROWS v.id, v.description, v.vouchercode as voucherCode, v.numberofunits as numberOfUnits, v.valid_from as validFrom, v.valid_to as validTo, v.value, v.modus, v.percental, IF( modus = '0', (SELECT count(*) FROM s_order_details as d WHERE articleordernumber =v.ordercode AND d.ordernumber!='0'), (SELECT count(*) FROM s_emarketing_voucher_codes WHERE voucherID =v.id AND cashed=1)) AS checkedIn FROM s_emarketing_vouchers as v WHERE (modus = 1 OR modus = 0)
public function describeTable($tableName, $schemaName = null)
{
$sql = 'PRAGMA ';
if ($schemaName) {
$sql .= $this->quoteIdentifier($schemaName) . '.';
}
$sql .= 'table_info('.$this->quoteIdentifier($tableName).')';
$stmt = $this->query($sql);
/** * Use FETCH_NUM so we are not dependent on the CASE attribute of the PDO connection */
$result = $stmt->fetchAll(Zend_Db::FETCH_NUM);
public function insert($table, array $bind): int
{
// extract and quote col names from the array keys $cols = [];
$vals = [];
$i = 0;
foreach ($bind as $col => $val) {
$cols[] = $this->quoteIdentifier($col, true);
if ($val instanceof Zend_Db_Expr) {
$vals[] = $val->__toString();
unset($bind[$col]);
} else {
if ($this->supportsParameters('positional')) {
$vals[] = '?';
} else {
if ($this->supportsParameters('named')) {
unset($bind[$col]);
$bind[':col' . $i] = $val;
$vals[] = ':col' . $i;
public function authenticate()
{
$result = parent::authenticate();
$select = $this->_zendDb->select();
$select->from($this->_tableName);
$select->where($this->_zendDb->quoteIdentifier($this->_identityColumn, true) . ' = ?', $this->_identity);
$user = $this->_zendDb->fetchRow($select, [], Zend_Db::FETCH_OBJ);
if ($result->isValid()) {
// Check if user role is active $sql = 'SELECT enabled FROM s_core_auth_roles WHERE id = ?';
if ($this->_zendDb->fetchOne($sql, [$user->roleID]) == false) {
return new Zend_Auth_Result(
Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND,
$this->_identity,
[]
);
}
/**
* {@inheritdoc}
*/
protected function write(array $record): void
{
if ($this->columnMap === null) {
$dataToInsert = $record;
} else {
$dataToInsert = [];
foreach ($this->columnMap as $columnName => $fieldKey) {
if (isset($record[$fieldKey])) {
$dataToInsert[$this->conn->quoteIdentifier($columnName)] = $record[$fieldKey];
}
}
}
array_walk_recursive($dataToInsert, function D&$value) {
// Convert DateTime instances to ISO-8601 Strings if ($value instanceof DateTime) {
$value = $value->format(DateTime::ISO8601);
}
});
protected function write(array $record): void
{
if ($this->columnMap === null) {
$dataToInsert = $record;
} else {
$dataToInsert = [];
foreach ($this->columnMap as $columnName => $fieldKey) {
if (isset($record[$fieldKey])) {
$dataToInsert[$this->conn->quoteIdentifier($columnName)] = $record[$fieldKey];
}
}
}
array_walk_recursive($dataToInsert, function D&$value) {
// Convert DateTime instances to ISO-8601 Strings if ($value instanceof DateTime) {
$value = $value->format(DateTime::ISO8601);
}
});
case self::CASCADE:
$newRefs = array();
$where = array();
for ($i = 0; $i < count($map[self::COLUMNS]); ++$i) {
$col = $this->_db->foldCase($map[self::COLUMNS][$i]);
$refCol = $this->_db->foldCase($map[self::REF_COLUMNS][$i]);
if (array_key_exists($refCol, $newPrimaryKey)) {
$newRefs[$col] = $newPrimaryKey[$refCol];
}
$type = $this->_metadata[$col]['DATA_TYPE'];
$where[] = $this->_db->quoteInto(
$this->_db->quoteIdentifier($col, true) . ' = ?',
$oldPrimaryKey[$refCol], $type);
}
$rowsAffected += $this->update($newRefs, $where);
break;
default:
// no action break;
}
}
}
return $rowsAffected;
}
$newRefs = array();
$where = array();
for ($i = 0; $i < count($map[self::COLUMNS]); ++$i) {
$col = $this->_db->foldCase($map[self::COLUMNS][$i]);
$refCol = $this->_db->foldCase($map[self::REF_COLUMNS][$i]);
if (array_key_exists($refCol, $newPrimaryKey)) {
$newRefs[$col] = $newPrimaryKey[$refCol];
}
$type = $this->_metadata[$col]['DATA_TYPE'];
$where[] = $this->_db->quoteInto(
$this->_db->quoteIdentifier($col, true) . ' = ?',
$oldPrimaryKey[$refCol], $type);
}
$rowsAffected += $this->update($newRefs, $where);
break;
default:
// no action break;
}
}
}
return $rowsAffected;
}
protected function _authenticateCreateSelect()
{
// build credential expression if (empty($this->_credentialTreatment) || (strpos($this->_credentialTreatment, '?') === false)) {
$this->_credentialTreatment = '?';
}
$credentialExpression = new Zend_Db_Expr(
'(CASE WHEN ' .
$this->_zendDb->quoteInto(
$this->_zendDb->quoteIdentifier($this->_credentialColumn, true)
. ' = ' . $this->_credentialTreatment, $this->_credential
)
. ' THEN 1 ELSE 0 END) AS '
. $this->_zendDb->quoteIdentifier(
$this->_zendDb->foldCase('zend_auth_credential_match')
)
);
// get select $dbSelect = clone $this->getDbSelect();
$dbSelect->from($this->_tableName, ['*', $credentialExpression])
// this segfaults only after 65,000 characters instead of 9,000
$sql = preg_replace("/$q([^$q{$escapeChar}]*|($qe)*)*$q/s", '', $sql);
}
// get a version of the SQL statement with all quoted // values and delimited identifiers stripped out // remove "foo\"bar" $sql = preg_replace("/\"(\\\\\"|[^\"])*\"/Us", '', $sql);
// get the character for delimited id quotes, // this is usually " but in MySQL is ` $d = $this->_adapter->quoteIdentifier('a');
$d = $d[0];
// get the value used as an escaped delimited id quote, // e.g. \" or "" or \` $de = $this->_adapter->quoteIdentifier($d);
$de = substr($de, 1, 2);
$de = preg_quote($de);
// Note: $de and $d where never used..., now they are: $sql = preg_replace("/$d($de|\\\\{2}|[^$d])*$d/Us", '', $sql);
return $sql;
}
}
// get a version of the SQL statement with all quoted // values and delimited identifiers stripped out // remove "foo\"bar" $sql = preg_replace("/\"(\\\\\"|[^\"])*\"/Us", '', $sql);
// get the character for delimited id quotes, // this is usually " but in MySQL is ` $d = $this->_adapter->quoteIdentifier('a');
$d = $d[0];
// get the value used as an escaped delimited id quote, // e.g. \" or "" or \` $de = $this->_adapter->quoteIdentifier($d);
$de = substr($de, 1, 2);
$de = preg_quote($de);
// Note: $de and $d where never used..., now they are: $sql = preg_replace("/$d($de|\\\\{2}|[^$d])*$d/Us", '', $sql);
return $sql;
}
/**
* Gets the quoted representation of this asset but only if it was defined with one. Otherwise
* return the plain unquoted value as inserted.
*
* @return string
*/
public function getQuotedName(AbstractPlatform $platform)
{
$keywords = $platform->getReservedKeywordsList();
$parts = \explode('.', $this->getName());
foreach ($parts as $k => $v) {
$parts[$k] = $this->_quoted || $keywords->isKeyword($v) ? $platform->quoteIdentifier($v) : $v;
}
return \implode('.', $parts);
}
/** * Sets the name of this asset. * * @param string $name */
protected function _setName($name): void
{
public function getQuotedName(AbstractPlatform $platform)
{
$keywords = $platform->getReservedKeywordsList();
$parts = \explode('.', $this->getName());
foreach ($parts as $k => $v) {
$parts[$k] = $this->_quoted || $keywords->isKeyword($v) ? $platform->quoteIdentifier($v) : $v;
}
return \implode('.', $parts);
}
/** * Sets the name of this asset. * * @param string $name */
protected function _setName($name): void
{
$this->connection = $connection;
}
/** * {@inheritdoc} */
public function updateJob(Enlight_Components_Cron_Job $job)
{
$data = [];
$data['action'] = $job->getAction();
$data[$this->connection->quoteIdentifier('interval')] = $job->getInterval();
$data['data'] = serialize($job->getData());
$data['active'] = $job->getActive() ? '1' : '0';
$data['next'] = $job->getNext() ? $job->getNext()->toString('YYYY-MM-dd HH:mm:ss') : null;
$data['start'] = $job->getStart() ? $job->getStart()->toString('YYYY-MM-dd HH:mm:ss') : null;
$data['end'] = $job->getEnd() ? $job->getEnd()->toString('YYYY-MM-dd HH:mm:ss') : null;
$data['disable_on_error'] = $job->getDisableOnError() ? '1' : '0';
$data['name'] = $job->getName();
if ($job->getId() === null) {
$this->connection->insert($this->tableName, $data);
} else {
public function describeTable($tableName, $schemaName = null)
{
// @todo use INFORMATION_SCHEMA someday when MySQL's // implementation has reasonably good performance and // the version with this improvement is in wide use.
if ($schemaName) {
$sql = 'DESCRIBE ' . $this->quoteIdentifier("$schemaName.$tableName", true);
} else {
$sql = 'DESCRIBE ' . $this->quoteIdentifier($tableName, true);
}
$stmt = $this->query($sql);
// Use FETCH_NUM so we are not dependent on the CASE attribute of the PDO connection $result = $stmt->fetchAll(Zend_Db::FETCH_NUM);
$field = 0;
$type = 1;
$null = 2;
/**
* Disables an account until a given date.
* $date has to be an Zend_Date object
*
* @return Enlight_Components_Auth_Adapter_DbTable
*/
public function setLockedUntil(Zend_Date $date)
{
$this->lockedUntil = $date;
$this->updateLockUntilDate($date);
$this->addCondition($this->_zendDb->quoteInto(
$this->_zendDb->quoteIdentifier($this->lockedUntilColumn, true) . ' <= ?', Zend_Date::now()
));
return $this;
}
/** * Gets the date until an account has been disabled. Returns a Zend_Date * * @return Zend_Date */
public function getLockedUntil()
{
public function setLockedUntil(Zend_Date $date)
{
$this->lockedUntil = $date;
$this->updateLockUntilDate($date);
$this->addCondition($this->_zendDb->quoteInto(
$this->_zendDb->quoteIdentifier($this->lockedUntilColumn, true) . ' <= ?', Zend_Date::now()
));
return $this;
}
/** * Gets the date until an account has been disabled. Returns a Zend_Date * * @return Zend_Date */
public function getLockedUntil()
{
public function _joinUsing($type, $name, $cond, $cols = '*', $schema = null)
{
if (empty($this->_parts[self::FROM])) {
throw new Zend_Db_Select_Exception('You can only perform a joinUsing after specifying a FROM table');
}
$join = $this->_adapter->quoteIdentifier(key($this->_parts[self::FROM]), true);
$from = $this->_adapter->quoteIdentifier($this->_uniqueCorrelation($name), true);
$joinCond = [];
foreach ((array) $cond as $fieldName) {
$cond1 = $from . '.' . $fieldName;
$cond2 = $join . '.' . $fieldName;
$joinCond[] = $cond1 . ' = ' . $cond2;
}
$cond = implode(' ' . self::SQL_AND . ' ', $joinCond);
return $this->_join($type, $name, $cond, $cols, $schema);
}