Skip to content
Browse files

Fix cot_import to support multidimensional arrays. Use PDO query para…

…ms in page.list.
  • Loading branch information...
1 parent c9be12a commit efe10895f2d835b6bfdfacadda3ca9174cb5758a @ghengeveld ghengeveld committed Nov 12, 2011
Showing with 19 additions and 11 deletions.
  1. +17 −9 modules/page/inc/page.list.php
  2. +2 −2 system/functions.php
View
26 modules/page/inc/page.list.php
@@ -68,9 +68,15 @@
$sys['sublocation'] = $cat['title'];
-$cfg['page']['maxrowsperpage'] = ($c == 'all' || $c == 'system' || $c == 'unvalidated') ? $cfg['page']['__default']['maxrowsperpage'] : $cfg['page'][$c]['maxrowsperpage'];
+$cfg['page']['maxrowsperpage'] = ($c == 'all' || $c == 'system' || $c == 'unvalidated') ?
+ $cfg['page']['__default']['maxrowsperpage'] :
+ $cfg['page'][$c]['maxrowsperpage'];
+$cfg['page']['truncatetext'] = ($c == 'all' || $c == 'system' || $c == 'unvalidated') ?
+ $cfg['page']['__default']['truncatetext'] :
+ $cfg['page'][$c]['truncatetext'];
-$cfg['page']['truncatetext'] = ($c == 'all' || $c == 'system' || $c == 'unvalidated') ? $cfg['page']['__default']['truncatetext'] : $cfg['page'][$c]['truncatetext'];
+$where = array();
+$params = array();
$where['state'] = '(page_state=0 OR page_state=2)';
if ($c == 'unvalidated')
@@ -102,7 +108,8 @@
$val = cot_import($val, 'D', 'TXT', 16);
if ($key && $val && $db->fieldExists($db_pages, "page_$key"))
{
- $where['filter'][] = "page_$key = " . $db->quote($val);
+ $params[$key] = $val;
+ $where['filter'][] = "page_$key = :$key";
}
}
empty($where['filter']) || $where['filter'] = implode(' AND ', $where['filter']);
@@ -122,7 +129,7 @@
}
$list_url = cot_url('page', $list_url_path);
-$catpath = ($c == 'all' || $c == 'system' || $c == 'unvalidated') ? $cat['title'] :cot_breadcrumbs(cot_structure_buildpath('page', $c), $cfg['homebreadcrumb'], true);
+$catpath = ($c == 'all' || $c == 'system' || $c == 'unvalidated') ? $cat['title'] : cot_breadcrumbs(cot_structure_buildpath('page', $c), $cfg['homebreadcrumb'], true);
/* === Hook === */
foreach (cot_getextplugins('page.list.query') as $pl)
@@ -133,16 +140,17 @@
if(empty($sql_page_string))
{
- $where = array_diff($where,array(''));
- $sql_page_count = "SELECT COUNT(*) FROM $db_pages as p $join_condition WHERE ".implode(' AND ', $where);
+ $where = array_filter($where);
+ $where = ($where) ? 'WHERE ' . implode(' AND ', $where) : '';
+ $sql_page_count = "SELECT COUNT(*) FROM $db_pages as p $join_condition $where";
$sql_page_string = "SELECT p.*, u.* $join_columns
FROM $db_pages as p $join_condition
LEFT JOIN $db_users AS u ON u.user_id=p.page_ownerid
- WHERE ".implode(' AND ', $where)."
+ $where
ORDER BY page_$s $w LIMIT $d, ".$cfg['page']['maxrowsperpage'];
}
-$totallines = $db->query($sql_page_count)->fetchColumn();
-$sqllist = $db->query($sql_page_string);
+$totallines = $db->query($sql_page_count, $params)->fetchColumn();
+$sqllist = $db->query($sql_page_string, $params);
$pagenav = cot_pagenav('page', $list_url_path + array('dc' => $dcurl), $d, $totallines, $cfg['page']['maxrowsperpage']);
View
4 system/functions.php
@@ -260,7 +260,7 @@ function cot_import($name, $source, $filter, $maxlen = 0, $dieonerror = false, $
break;
}
- if (MQGPC && ($source=='G' || $source=='P' || $source=='C') && $v != NULL)
+ if (MQGPC && ($source=='G' || $source=='P' || $source=='C') && $v != NULL && $filter != 'ARR')
{
$v = stripslashes($v);
}
@@ -385,7 +385,7 @@ function cot_import($name, $source, $filter, $maxlen = 0, $dieonerror = false, $
break;
}
- if (!$pass || !($filter == 'INT' || $filter == 'NUM' || $filter == 'BOL'))
+ if (!$pass || !in_array($filter, array('INT', 'NUM', 'BOL', 'ARR')))
{
$v = preg_replace('/(&#\d+)(?![\d;])/', '$1;', $v);
}

0 comments on commit efe1089

Please sign in to comment.
Something went wrong with that request. Please try again.