@@ -64,10 +64,8 @@ $options["from"] = (array) $options["from"]; $options["select"] = (array) $options["select"]; - if (is_numeric($id)) { - $options["where"][] = "id = :id"; - $options["params"][":id"] = $id; - } + if (is_numeric($id)) + $options["where"]["id"] = $id; $trigger = Trigger::current(); $trigger->filter($options, $model_name."_grab"); includes/class/Model.php @@ -56,7 +56,7 @@ break; case "mysqli": foreach ($params as $name => $val) - $query = preg_replace("/{$name}([^a-zA-Z0-9_]|$)/", "'".$this->escape($val)."'\\1", $query); + $query = preg_replace("/{$name}([^a-zA-Z0-9_]|$)/", SQL::current()->escape($val)."\\1", $query); try { if (!$this->query = $this->db->query($query)) @@ -67,7 +67,7 @@ break; case "mysql": foreach ($params as $name => $val) - $query = preg_replace("/{$name}([^a-zA-Z0-9_]|$)/", "'".$this->escape($val)."'\\1", $query); + $query = preg_replace("/{$name}([^a-zA-Z0-9_]|$)/", SQL::current()->escape($val)."\\1", $query); try { if (!$this->query = @mysql_query($query)) @@ -156,30 +156,6 @@ } /** - * Function: escape - * Escapes a string, escaping things like $1 and C:\foo\bar so that they don't get borked by the preg_replace. - * This also handles calling the SQL connection method's "escape_string" functions. - */ - public function escape($string) { - switch(SQL::current()->method()) { - case "pdo": - $string = $this->db->quote($string); - break; - case "mysqli": - $string = $this->db->escape_string($string); - break; - case "mysql": - $string = mysql_real_escape_string($string); - break; - } - - $string = str_replace('\\', '\\\\', $string); - $string = str_replace('$', '\$', $string); - - return $string; - } - - /** * Function: handle * Handles exceptions thrown by failed queries. */ includes/class/Query.php @@ -68,11 +68,11 @@ * Function: build_update * Creates a full update query. */ - public static function build_update($table, $conds, $data) { + public static function build_update($table, $conds, $data, &$params = array()) { return " UPDATE __$table SET ".self::build_update_values($data)." - ".($conds ? "WHERE ".self::build_where($conds, $table) : "")." + ".($conds ? "WHERE ".self::build_where($conds, $table, $params) : "")." "; } @@ -80,10 +80,10 @@ * Function: build_delete * Creates a full delete query. */ - public static function build_delete($table, $conds) { + public static function build_delete($table, $conds, &$params = array()) { return " DELETE FROM __$table - ".($conds ? "WHERE ".self::build_where($conds, $table) : "")." + ".($conds ? "WHERE ".self::build_where($conds, $table, $params) : "")." "; } @@ -118,11 +118,11 @@ * Function: build_count * Creates a SELECT COUNT(1) query. */ - public static function build_count($tables, $conds) { + public static function build_count($tables, $conds, &$params = array()) { $query = " SELECT COUNT(1) AS count FROM ".self::build_from($tables); - $query.= "\n\t\t\t\t".($conds ? "WHERE ".self::build_where($conds, $tables) : ""); + $query.= "\n\t\t\t\t".($conds ? "WHERE ".self::build_where($conds, $tables, $params) : ""); return $query; } @@ -146,12 +146,11 @@ * Function: build_where * Creates a WHERE query. */ - public static function build_where($conds, $tables = null) { - $conditions = (array) $conds; + public static function build_where($conds, $tables = null, &$params = array()) { + $conds = (array) $conds; $tables = (array) $tables; - foreach ($conditions as &$condition) - self::tablefy($condition, $tables); + $conditions = self::build_conditions($conds, $params, $tables); return implode(" AND ", array_filter($conditions)); } @@ -186,19 +185,68 @@ return implode(", ", $order); } + public static function build_conditions($conds, &$params, $tables) { + foreach ($conds as $key => $val) { + if (is_numeric($key)) # Full expression + $cond = $val; + else { # Key => Val expression + if (substr($key, -4) == " not") { # Negation + $key = substr($key, 0, -4); + if (is_array($val)) + $cond = $key." NOT IN ".self::build_in($val); + elseif ($val === null) + $cond = $key." IS NOT NULL"; + else { + $cond = $key." != :".$key; + $params[":".$key] = $val; + } + } elseif (substr($key, -5) == " like") { # LIKE + $key = substr($key, 0, -5); + $cond = $key." LIKE :".$key; + $params[":".$key] = $val; + } elseif (substr($key, -9) == " not like") { # NOT LIKE + $key = substr($key, 0, -9); + $cond = $key." NOT LIKE :".$key; + $params[":".$key] = $val; + } else { # Equation + if (is_array($val)) + $cond = $key." IN ".self::build_in($val); + elseif ($val === null) + $cond = $key." IS NULL"; + else { + $cond = $key." = :".$key; + $params[":".$key] = $val; + } + } + } + + self::tablefy($cond, $tables); + $conditions[] = $cond; + } + + return $conditions; + } + + public static function build_in($vals) { + $return = array(); + foreach ($vals as $val) + $return[] = SQL::current()->escape($val); + return "(".join(",", $return).")"; + } + /** * Function: build_select * Creates a full SELECT query. */ - public static function build_select($tables, $fields, $conds, $order = null, $limit = null, $offset = null, $group = null, $left_join = null) { + public static function build_select($tables, $fields, $conds, $order = null, $limit = null, $offset = null, $group = null, $left_join = null, &$params = array()) { $query = " SELECT ".self::build_select_header($fields, $tables)." FROM ".self::build_from($tables); if (isset($left_join)) foreach ($left_join as $join) - $query.= "\n\t\t\t\tLEFT JOIN __".$join["table"]." ON ".self::build_where($join["where"], $join["table"]); + $query.= "\n\t\t\t\tLEFT JOIN __".$join["table"]." ON ".self::build_where($join["where"], $join["table"], $params); $query.= " - ".($conds ? "WHERE ".self::build_where($conds, $tables) : "")." + ".($conds ? "WHERE ".self::build_where($conds, $tables, $params) : "")." ".($group ? "GROUP BY ".self::build_group($group, $tables) : "")." ".($order ? "ORDER BY ".self::build_order($order, $tables) : "")." ".self::build_limits($offset, $limit)." includes/class/QueryBuilder.php @@ -194,7 +194,7 @@ * $params - An associative array of parameters used in the query. */ public function count($tables, $conds = null, $params = array(), $throw_exceptions = false) { - return $this->query(QueryBuilder::build_count($tables, $conds), $params, $throw_exceptions)->fetchColumn(); + return $this->query(QueryBuilder::build_count($tables, $conds, $params), $params, $throw_exceptions)->fetchColumn(); } /** @@ -213,7 +213,7 @@ * $left_join - An array of additional LEFT JOINs. */ public function select($tables, $fields = "*", $conds = null, $order = null, $params = array(), $limit = null, $offset = null, $group = null, $left_join = null, $throw_exceptions = false) { - return $this->query(QueryBuilder::build_select($tables, $fields, $conds, $order, $limit, $offset, $group, $left_join), $params, $throw_exceptions); + return $this->query(QueryBuilder::build_select($tables, $fields, $conds, $order, $limit, $offset, $group, $left_join, $params), $params, $throw_exceptions); } /** @@ -253,7 +253,7 @@ * $params - An associative array of parameters used in the query. */ public function update($table, $conds, $data, $params = array(), $throw_exceptions = false) { - return $this->query(QueryBuilder::build_update($table, $conds, $data), $params, $throw_exceptions); + return $this->query(QueryBuilder::build_update($table, $conds, $data, $params), $params, $throw_exceptions); } /** @@ -266,7 +266,7 @@ * $params - An associative array of parameters used in the query. */ public function delete($table, $conds, $params = array(), $throw_exceptions = false) { - return $this->query(QueryBuilder::build_delete($table, $conds), $params, $throw_exceptions); + return $this->query(QueryBuilder::build_delete($table, $conds, $params), $params, $throw_exceptions); } /** @@ -288,12 +288,27 @@ } /** - * Function: current - * Returns a singleton reference to the current connection. + * Function: escape + * Escapes a string, escaping things like $1 and C:\foo\bar so that they don't get borked by the preg_replace. + * This also handles calling the SQL connection method's "escape_string" functions. */ - public static function & current() { - static $instance = null; - return $instance = (empty($instance)) ? new self() : $instance ; + public function escape($string) { + switch(SQL::current()->method()) { + case "pdo": + $string = $this->db->quote($string); + break; + case "mysqli": + $string = "'".$this->db->escape_string($string)."'"; + break; + case "mysql": + $string = "'".mysql_real_escape_string($string)."'"; + break; + } + + $string = str_replace('\\', '\\\\', $string); + $string = str_replace('$', '\$', $string); + + return $string; } /** @@ -343,6 +358,15 @@ public function second_from_datetime($datetime) { return when("s", $datetime); } + + /** + * Function: current + * Returns a singleton reference to the current connection. + */ + public static function & current() { + static $instance = null; + return $instance = (empty($instance)) ? new self() : $instance ; + } } $sql = SQL::current(); includes/class/SQL.php @@ -183,16 +183,12 @@ fallback($_GET['query'], ""); list($where, $params) = keywords(urldecode($_GET['query']), "xml LIKE :query"); - if (!empty($_GET['month'])) { - $where[] = "created_at LIKE :when"; - $params[":when"] = $_GET['month']."-%"; - } + if (!empty($_GET['month'])) + $where["created_at like"] = $_GET['month']."-%"; $visitor = Visitor::current(); - if (!$visitor->group()->can("view_draft", "edit_draft", "edit_post", "delete_draft", "delete_post")) { - $where[] = "user_id = :visitor_id"; - $params[':visitor_id'] = $visitor->id; - } + if (!$visitor->group()->can("view_draft", "edit_draft", "edit_post", "delete_draft", "delete_post")) + $where["user_id"] = $visitor->id; $this->context["posts"] = new Paginator(Post::find(array("placeholders" => true, "drafts" => true, @@ -243,7 +239,7 @@ error(__("No ID Specified"), __("An ID is required to edit a page.")); $this->context["page"] = new Page($_GET['id'], array("filter" => false)); - $this->context["pages"] = Page::find(array("where" => "id != :id", "params" => array(":id" => $_GET['id']))); + $this->context["pages"] = Page::find(array("where" => array("id not" => $_GET['id']))); } /** @@ -335,7 +331,9 @@ fallback($_GET['query'], ""); list($where, $params) = keywords(urldecode($_GET['query']), "(title LIKE :query OR body LIKE :query)"); - $this->context["pages"] = new Paginator(Page::find(array("placeholders" => true, "where" => $where, "params" => $params)), 25); + $this->context["pages"] = new Paginator(Page::find(array("placeholders" => true, + "where" => $where, + "params" => $params)), 25); } /** @@ -349,8 +347,8 @@ $config = Config::current(); $this->context["default_group"] = new Group($config->default_group); - $this->context["groups"] = Group::find(array("where" => array("id != :guest_id", "id != :default_id"), - "params" => array(":guest_id" => $config->guest_group, ":default_id" => $config->default_group), + $this->context["groups"] = Group::find(array("where" => array("id not" => array($config->guest_group, + $config->default_group)), "order" => "id DESC")); } @@ -368,8 +366,7 @@ if (empty($_POST['login'])) error(__("Error"), __("Please enter a username for your account.")); - $check = new User(null, array("where" => "login = :login", - "params" => array(":login" => $_POST['login']))); + $check = new User(null, array("where" => array("login" => $_POST['login']))); if (!$check->no_results) error(__("Error"), __("That username is already in use.")); @@ -400,8 +397,7 @@ $this->context["user"] = new User($_GET['id']); $this->context["groups"] = Group::find(array("order" => "id ASC", - "where" => "id != :guest_id", - "params" => array(":guest_id" => Config::current()->guest_group))); + "where" => array("id not" => Config::current()->guest_group))); } /** @@ -446,8 +442,7 @@ show_403(__("Access Denied"), __("You do not have sufficient privileges to delete users.")); $this->context["user"] = new User($_GET['id']); - $this->context["users"] = User::find(array("where" => "id != :deleting_id", - "params" => array(":deleting_id" => $_GET['id']))); + $this->context["users"] = User::find(array("where" => array("id not" => $_GET['id']))); } /** @@ -585,9 +580,8 @@ show_403(__("Access Denied"), __("You do not have sufficient privileges to delete groups.")); $this->context["group"] = new Group($_GET['id']); - $this->context["groups"] = Group::find(array("where" => "id != :group_id", - "order" => "id ASC", - "params" => array(":group_id" => $_GET['id']))); + $this->context["groups"] = Group::find(array("where" => array("id not" => $_GET['id']), + "order" => "id ASC")); } /** @@ -632,7 +626,7 @@ show_403(__("Access Denied"), __("You do not have sufficient privileges to manage groups.")); if (!empty($_GET['search'])) { - $user = new User(null, array("where" => "login = :search", "params" => array(":search" => $_GET['search']))); + $user = new User(null, array("where" => array("login" => $_GET['search']))); $this->context["groups"] = array($user->group()); } else $this->context["groups"] = new Paginator(Group::find(array("placeholders" => true, "order" => "id ASC")), 10); includes/controller/Admin.php @@ -25,13 +25,11 @@ if (isset($_GET['day'])) $posts = new Paginator(Post::find(array("placeholders" => true, - "where" => "created_at LIKE :date", - "params" => array(":date" => $_GET['year']."-".$_GET['month']."-".$_GET['day']."%"))), + "where" => array("created_at like" => $_GET['year']."-".$_GET['month']."-".$_GET['day']."%"))), Config::current()->posts_per_page); else $posts = new Paginator(Post::find(array("placeholders" => true, - "where" => "created_at LIKE :date", - "params" => array(":date" => $_GET['year']."-".$_GET['month']."%"))), + "where" => array("created_at like" => $_GET['year']."-".$_GET['month']."%"))), Config::current()->posts_per_page); } @@ -70,9 +68,8 @@ global $posts; $posts = new Paginator(Post::find(array("placeholders" => true, - "where" => array("status = 'draft'", - "user_id = :current_user"), - "params" => array(":current_user" => $visitor->id))), + "where" => array("status" => "draft", + "user_id" => $visitor->id))), Config::current()->posts_per_page); } @@ -84,7 +81,7 @@ global $page; if (!isset($page)) - $page = new Page(null, array("where" => "url = :url", "params" => array(":url" => $_GET['url']))); + $page = new Page(null, array("where" => array("url" => $_GET['url']))); } /** @@ -118,8 +115,7 @@ $get = array_map("urldecode", $_GET); if (!$config->clean_urls) - $post = new Post(null, array("where" => "url = :url", - "params" => array(":url" => fallback($get['url'])))); + $post = new Post(null, array("where" => array("url" => fallback($get['url'])))); else $post = Post::from_url($route->post_url_attrs, array("drafts" => true)); @@ -187,8 +183,7 @@ if (empty($_POST['login'])) return Flash::warning(__("Please enter a username for your account.")); - if (count(User::find(array("where" => "login = :login", - "params" => array(":login" => $_POST['login']))))) + if (count(User::find(array("where" => array("login" => $_POST['login']))))) Flash::warning(__("That username is already in use.")); if (empty($_POST['password1']) and empty($_POST['password2'])) @@ -227,8 +222,7 @@ fallback($_POST['password']); if (!User::authenticate($_POST['login'], md5($_POST['password']))) - if (!count(User::find(array("where" => "login = :login", - "params" => array(":login" => $_POST['login']))))) + if (!count(User::find(array("where" => array("login" => $_POST['login']))))) Flash::warning(__("There is no user with that login name.")); else Flash::warning(__("Password incorrect.")); @@ -294,7 +288,7 @@ if (empty($_POST)) return; - $user = new User(null, array("where" => "login = :login", "params" => array(":login" => $_POST['login']))); + $user = new User(null, array("where" => array("login" => $_POST['login']))); if ($user->no_results) return Flash::warning(__("Invalid user specified.")); includes/controller/Main.php @@ -1551,17 +1551,14 @@ $where[] = strtoupper($test)."(created_at) = :created_".$test; $params[":created_".$test] = $equals; } elseif ($test == "author") { - $user = new User(null, array("where" => "login = :login", "params" => array(":login" => $equals))); - $where[] = "user_id = :user_id"; - $params[":user_id"] = $user->id; + $user = new User(null, array("where" => array("login" => $equals))); + $where["user_id"] = $user->id; } elseif ($test == "group") { - $group = new Group(null, array("where" => "name = :name", "params" => array(":name" => $equals))); + $group = new Group(null, array("where" => array("name" => $equals))); $test = "group_id"; $equals = ($group->no_results) ? 0 : $group->id ; - } else { - $where[] = $test." = :".$test; - $params[":".$test] = $equals; - } + } else + $where[$test] = $equals; } if (!empty($search)) { includes/helpers.php @@ -175,8 +175,7 @@ if ($this->no_results) return false; - return User::find(array("where" => "group_id = :group_id", - "params" => array(":group_id" => $this->id))); + return User::find(array("where" => array("group_id" => $this->id))); } /** includes/model/Group.php @@ -231,7 +231,7 @@ if ($this->no_results) return false; - return self::find(array("where" => "parent_id = :id", "params" => array(":id" => $this->id))); + return self::find(array("where" => array("parent_id" => $this->id))); } /** includes/model/Page.php @@ -68,8 +68,8 @@ $options["where"] = array(); $has_status = false; - foreach ($options["where"] as $where) - if (substr_count($where, "status")) + foreach ($options["where"] as $key => $val) + if (is_int($key) and substr_count($val, "status") or $key == "status") $has_status = true; if (!XML_RPC) { @@ -351,12 +351,12 @@ # Can they edit their own posts, and do they have any? if ($visitor->group()->can("edit_own_post") and - Post::find(array("where" => "user_id = :visitor_id", "params" => array(":visitor_id" => $visitor->id)))) + Post::find(array("where" => array("user_id" => $visitor->id)))) return true; # Can they edit their own drafts, and do they have any? if ($visitor->group()->can("edit_own_draft") and - Post::find(array("where" => "status = 'draft' and user_id = :visitor_id", "params" => array(":visitor_id" => $visitor->id)))) + Post::find(array("where" => array("status" => "draft", "user_id" => $visitor->id)))) return true; return false; @@ -380,12 +380,12 @@ # Can they delete their own posts, and do they have any? if ($visitor->group()->can("delete_own_post") and - Post::find(array("where" => "user_id = :visitor_id", "params" => array(":visitor_id" => $visitor->id)))) + Post::find(array("where" => array("user_id" => $visitor->id)))) return true; # Can they delete their own drafts, and do they have any? if ($visitor->group()->can("delete_own_draft") and - Post::find(array("where" => "status = 'draft' and user_id = :visitor_id", "params" => array(":visitor_id" => $visitor->id)))) + Post::find(array("where" => array("status" => "draft", "user_id" => $visitor->id)))) return true; return false; @@ -770,19 +770,17 @@ if (in_array($attr, $times)) { $where[] = strtoupper($attr)."(created_at) = :created_".$attr; $params[':created_'.$attr] = $get[$attr]; - } elseif ($attr == "author") { - $where[] = "user_id = :attrauthor"; - $params[':attrauthor'] = SQL::current()->select("users", + } elseif ($attr == "author") + $where["user_id"] = SQL::current()->select("users", "id", "login = :login", "id", array( ":login" => $get['author'] ), 1)->fetchColumn(); - } elseif ($attr == "feathers") { - $where[] = "feather = :feather"; - $params[':feather'] = depluralize($get['feathers']); - } else { + elseif ($attr == "feathers") + $where["feather"] = depluralize($get['feathers']); + else { $tokens = array($where, $params, $attr); Trigger::current()->filter($tokens, "post_url_token"); list($where, $params, $attr) = $tokens; includes/model/Post.php @@ -42,8 +42,7 @@ * true - if a match is found. */ static function authenticate($login, $password) { - $check = new self(null, array("where" => array("login = :login", "password = :password"), - "params" => array(":login" => $login, ":password" => $password))); + $check = new self(null, array("where" => array("login" => $login, "password" => $password))); return !$check->no_results; } @@ -167,8 +166,7 @@ if ($this->no_results) return false; - return Post::find(array("where" => "user_id = :user_id", - "params" => array(":user_id" => $this->id))); + return Post::find(array("where" => array("user_id" => $this->id))); } /** @@ -179,8 +177,7 @@ if ($this->no_results) return false; - return Page::find(array("where" => "user_id = :user_id", - "params" => array(":user_id" => $this->id))); + return Page::find(array("where" => array("user_id" => $this->id))); } /** includes/model/User.php @@ -16,10 +16,8 @@ */ public function __construct() { if (isset($_SESSION['login']) and isset($_SESSION['password'])) - parent::__construct(null, array("where" => array("login = :login", - "password = :password"), - "params" => array(":login" => $_SESSION['login'], - ":password" => $_SESSION['password']))); + parent::__construct(null, array("where" => array("login" => $_SESSION['login'], + "password" => $_SESSION['password']))); } /** includes/model/Visitor.php @@ -86,8 +86,7 @@ "timestamp" => $timestamp, "url" => url("archive/".when("Y/m/", $time->created_at))); - $archives[$timestamp]["posts"] = Post::find(array("where" => "created_at LIKE :created_at", - "params" => array(":created_at" => when("Y-m", $time->created_at)."%"))); + $archives[$timestamp]["posts"] = Post::find(array("where" => array("created_at like" => when("Y-m", $time->created_at)."%"))); } $theme->load("pages/archive", array("archives" => $archives)); index.php @@ -697,8 +697,7 @@ } public function posts_export($atom, $post) { - $comments = Comment::find(array("where" => "post_id = :post_id", - "params" => array(":post_id" => $post->id)), + $comments = Comment::find(array("where" => array("post_id" => $post->id)), array("filter" => false)); foreach ($comments as $comment) { modules/comments/comments.php @@ -248,7 +248,7 @@ # Can they edit their own comments, and do they have any? if ($visitor->group()->can("edit_own_comment") and - self::find(array("where" => "user_id = :visitor_id", "params" => array(":visitor_id" => $visitor->id)))) + self::find(array("where" => array("user_id" => $visitor->id)))) return true; return false; @@ -267,7 +267,7 @@ # Can they delete their own comments, and do they have any? if ($visitor->group()->can("delete_own_comment") and - self::find(array("where" => "user_id = :visitor_id", "params" => array(":visitor_id" => $visitor->id)))) + self::find(array("where" => array("user_id" => $visitor->id)))) return true; return false; modules/comments/model.Comment.php @@ -179,7 +179,7 @@ $clean[] = $tag["clean"]; } - list($tags, $clean, $tag2clean) = $this->parseTags($tags, $clean); + list($tags, $clean, $tag2clean,) = self::parseTags($tags, $clean); $max_qty = max(array_values($tags)); $min_qty = min(array_values($tags)); @@ -208,15 +208,13 @@ list($where, $params) = keywords(urldecode($_GET['query']), "xml LIKE :query"); $visitor = Visitor::current(); - if (!$visitor->group()->can("view_draft", "edit_draft", "edit_post", "delete_draft", "delete_post")) { - $where[] = "user_id = :visitor_id"; - $params[':visitor_id'] = $visitor->id; - } + if (!$visitor->group()->can("view_draft", "edit_draft", "edit_post", "delete_draft", "delete_post")) + $where["user_id"] = $visitor->id; $admin->context["posts"] = new Paginator(Post::find(array("placeholders" => true, - "drafts" => true, - "where" => $where, - "params" => $params)), 25); + "drafts" => true, + "where" => $where, + "params" => $params)), 25); } public function admin_rename_tag($admin) { @@ -239,7 +237,7 @@ $clean[] = $tag["clean"]; } - list($tags, $clean, $tag2clean) = $this->parseTags($tags, $clean); + list($tags, $clean, $tag2clean,) = self::parseTags($tags, $clean); foreach ($tags as $tag => $count) if ($tag2clean[$tag] == $_GET['name']) @@ -348,8 +346,7 @@ global $posts; $posts = new Paginator(Post::find(array("placeholders" => true, - "where" => "tags.clean LIKE :tag", - "params" => array(":tag" => "%{{".$_GET['name']."}}%"))), + "where" => array("tags.clean like" => "%{{".$_GET['name']."}}%"))), Config::current()->posts_per_page); return !empty($posts->paginated); @@ -505,7 +502,7 @@ return; } - list($tags, $clean, $tag2clean) = $this->parseTags(array($post->unclean_tags), array($post->clean_tags)); + list($tags, $clean, $tag2clean,) = self::parseTags(array($post->unclean_tags), array($post->clean_tags)); $post->tags = array(); @@ -557,7 +554,7 @@ if (!count($unclean)) return array(); - list($unclean, $clean, $tag2clean) = $this->parseTags($unclean, $clean); + list($unclean, $clean, $tag2clean,) = self::parseTags($unclean, $clean); foreach ($unclean as $name => $popularity) $unclean[$name] = array("name" => $name, "popularity" => $popularity, "url" => $tag2clean[$name]); @@ -581,7 +578,7 @@ $clean[] = $tag["clean"]; } - list($tags, $clean, $tag2clean) = $this->parseTags($tags, $clean); + list($tags, $clean, $tag2clean, $clean2tag) = self::parseTags($tags, $clean); return $clean2tag[$clean_tag]; } @@ -594,7 +591,7 @@ $clean[] = $tag["clean"]; } - list($tags, $clean, $tag2clean) = $this->parseTags($tags, $clean); + list($tags, $clean, $tag2clean) = self::parseTags($tags, $clean); return $tag2clean[$unclean_tag]; } @@ -658,10 +655,11 @@ # array("foo", "bar", "foo") # to # array("foo" => 2, "bar" => 1) - public function parseTags($tags, $clean) { + static function parseTags($tags, $clean) { $tags = array_count_values(explode(",", preg_replace("/\{\{([^\}]+)\}\}/", "\\1", implode(",", $tags)))); $clean = array_count_values(explode(",", preg_replace("/\{\{([^\}]+)\}\}/", "\\1", implode(",", $clean)))); $tag2clean = array_combine(array_keys($tags), array_keys($clean)); - return array($tags, $clean, $tag2clean); + $clean2tag = array_combine(array_keys($clean), array_keys($tags)); + return array($tags, $clean, $tag2clean, $clean2tag); } } modules/tags/tags.php 836e49726831a263f49b0cab82ad1a9ba2ca42e9 Alex Suraci i.am@toogeneric.com http://github.com/vito/chyrp/commit/a7f35ec512c10340723dacfb6f141c0f42a42749 a7f35ec512c10340723dacfb6f141c0f42a42749 2008-09-01T08:38:00-07:00 2008-09-01T08:38:00-07:00 * Vastly improved SQL interfacing. [#200 state:resolved] * Moved `escape` function from Query class to SQL class. Also, it now auto-quotes the value like PDO does. 6d188879ca0b09c16c21c986427bc96ed1e4acd1 Alex Suraci i.am@toogeneric.com