[4.0] [com_modules] convert to prepared statement

[alikon]

Summary of Changes

use prepared statement for SQL

Testing Instructions

test com_modules

Expected result

should work as before

Actual result

N/A

[HLeithner]

' ON ' => ,

I would not use leftJoin any longer because it's an unneeded function call and should be removed in my opinion see joomla-framework/database#174

[alikon]

i cannot see any leftJoin

[HLeithner]

Starts two line above

[Quy]

Error 500
Go to Content > Site Modules > Filter Options > Select Menu Item > Create a Post

PHP Warning: mysqli_stmt::bind_param(): Number of variables doesn't match number of parameters in prepared statement in \libraries\vendor\joomla\database\src\Mysqli\MysqliStatement.php on line 430

[HLeithner]

You could rewrite this query to one execute call and add only ->values() in the loop something like:

$query->insert($db->quoteName('#__modules_menu'))
  ->columns($db->quoteName(['moduleid', 'menuid']))
foreach ($menus as $i => $menu)
{
        $query->values(implode(', ', [':newid' . $i, ':menu' . $i]))
	->bind(':newid' . $i, $newId, ParameterType::INTEGER)
	->bind(':menu' . $i, $menu, ParameterType::INTEGER);
}
$db->setQuery($query);
$db->execute();

[HLeithner]

Implode is unneeded, I would only concatenate a string.

[HLeithner]

Starts two line above

[alikon]

@Quy

Error 500
Go to Content > Site Modules > Filter Options > Select Menu Item > Create a Post

fixed now, can you confirm ?
there was an issue with bind and subqueries

[chmst]

I have tested this item ✅ successfully on fd9f342

---

_{This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/25386.}

[waader]

I have tested this item ✅ successfully on fd9f342

---

_{This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/25386.}

[alikon]

RTC

---

_{This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/25386.}

[wilsonge]

Thanks!