Skip to content
Permalink
Browse files

Escape instances of new MySQL reserved word rank

Fixes #13894

Merge remote-tracking branch 'origin/pr/14705' into 3.x

* origin/pr/14705:
  Escape usage of reserved name rank in sortby and groupby statements [#13894 / #14701]
  • Loading branch information...
opengeek committed Sep 4, 2019
2 parents fc2812b + 63911c4 commit 4ba7dee4e6891acede25bcfdee27bf4216bab002
@@ -4,6 +4,7 @@ development release, and is only shown to give an idea of what's currently in th

MODX Revolution 3.0.0-beta1 (TBD)
====================================
- Escape instances of new MySQL reserved word rank [#14705]
- Fix broken avatar when default media source is modified [#14544]
- Define IMG_WEBP constant in version of PHP without it [#14647]
- Setup redesign [#14507]
@@ -87,7 +87,7 @@ public function getRootNode()
$list = [];
$c = $this->modx->newQuery(modCategory::class);
$c->sortby('rank', 'ASC');
$c->sortby($this->modx->escape('rank'), 'ASC');
$c->sortby('category', 'ASC');
$categories = $this->modx->getIterator('modCategory', $c);
@@ -45,7 +45,7 @@ public function duplicateTemplateVariables()
$c->where([
'templateid' => $this->object->get('id'),
]);
$c->sortby('rank', 'ASC');
$c->sortby($this->modx->escape('rank'), 'ASC');
$templateVarTemplates = $this->modx->getCollection(modTemplateVarTemplate::class, $c);
/** @var modTemplateVarTemplate $templateVarTemplate */
foreach ($templateVarTemplates as $templateVarTemplate) {
@@ -399,7 +399,7 @@ public function moveAffectedContexts($lastRank)
'key:NOT IN' => ['mgr', $this->source->key, $this->target->key],
'rank:>=' => $lastRank,
]);
$c->sortby('rank', 'ASC');
$c->sortby($this->modx->escape('rank'), 'ASC');
$contextsToSort = $this->modx->getIterator(modContext::class, $c);
$lastRank = $lastRank + 2;
@@ -104,7 +104,7 @@ public function render(modManagerController $controller, $user = null)
// Get widgets
$c = $this->xpdo->newQuery(modDashboardWidgetPlacement::class, $where);
$c->sortby('rank', 'ASC');
$c->sortby($this->xpdo->escape('rank'), 'ASC');
if ($placements = $this->xpdo->getIterator(modDashboardWidgetPlacement::class, $c)) {
/** @var modDashboardWidgetPlacement $placement */
foreach ($placements as $placement) {
@@ -142,7 +142,7 @@ public function sortWidgets($user = 0, $force = false)
'dashboard' => $this->id,
'user' => $user,
]);
$c->groupby('rank');
$c->groupby($this->xpdo->escape('rank'));
$c->select('COUNT(rank) as idx');
$c->sortby('idx', 'DESC');
$c->limit(1);
@@ -168,7 +168,7 @@ public function getData()
'action' => $baseAction,
'type' => 'tab',
]);
$c->sortby('rank', 'ASC');
$c->sortby($this->xpdo->escape('rank'), 'ASC');
$tabs = $this->xpdo->getCollection('modActionField', $c);
/** @var modActionField $tab */
@@ -315,8 +315,8 @@ public function loadTVs($reloadData = [])
/* get categories */
$c = $this->modx->newQuery(modCategory::class);
$c->sortby('rank', 'ASC');
$c->sortby('category', 'ASC');
$c->sortby($this->modx->escape('rank'), 'ASC');
$c->sortby($this->modx->escape('category'), 'ASC');
$cats = $this->modx->getCollection(modCategory::class, $c);
$categories = [];
/** @var modCategory $cat */

0 comments on commit 4ba7dee

Please sign in to comment.
You can’t perform that action at this time.