From dd3de2020083a79ef47b432be6585e7fdd4a49a8 Mon Sep 17 00:00:00 2001 From: phpnut Date: Thu, 12 Jan 2006 16:55:46 +0000 Subject: [PATCH] Merging fixes to trunk Revision: [1773] adding fixes to PHP 5 model class Revision: [1772] Fixed errors in PHP model. Fixed parse error in CakeSession Class. Added stripslashes_deep function to basics.php Fixed errors in Dispatcher class. Revision: [1771] reverting changes in last commit Revision: [1770] Fixing save() in model Revision: [1769] correcting more errors that we are finding git-svn-id: https://svn.cakephp.org/repo/trunk/cake@1774 3807eeeb-6ff5-0310-8944-8be069107fe0 --- cake/basics.php | 7 ++++ cake/dispatcher.php | 18 ++-------- cake/libs/controller/scaffold.php | 12 +++++++ cake/libs/model/datasources/dbo_source.php | 7 +++- cake/libs/model/dbo/dbo.php | 4 +-- cake/libs/model/dbo/dbo_mysql.php | 4 +-- cake/libs/model/model_php4.php | 28 ++++++--------- cake/libs/model/model_php5.php | 30 ++++++---------- cake/libs/session.php | 2 +- cake/libs/view/helpers/ajax.php | 2 +- cake/libs/view/helpers/javascript.php | 41 +++++++++++++++++----- 11 files changed, 86 insertions(+), 69 deletions(-) diff --git a/cake/basics.php b/cake/basics.php index 14104879d..b83170de2 100644 --- a/cake/basics.php +++ b/cake/basics.php @@ -753,6 +753,13 @@ function cache($path, $data = null, $expires = '+1 day', $target = 'cache') return $data; } +function stripslashes_deep($value) +{ + $value = is_array($value) ? + array_map('stripslashes_deep', $value) : + stripslashes($value); + return $value; +} /** * Returns a translated string if one is found, * or the submitted message if not found. diff --git a/cake/dispatcher.php b/cake/dispatcher.php index ca41ee664..4d637d8a2 100644 --- a/cake/dispatcher.php +++ b/cake/dispatcher.php @@ -248,14 +248,7 @@ class Dispatcher extends Object { if(!empty($_POST)) { - if(is_array($_POST)) - { - $params['form'] = array_map('stripslashes', $_POST); - } - else - { - $params['form'] = stripcslashes($_POST); - } + $params['form'] = stripslashes_deep($_POST); } } else @@ -272,14 +265,7 @@ class Dispatcher extends Object { if (ini_get('magic_quotes_gpc') == 1) { - if(is_array($_GET)) - { - $params['url'] = array_map('stripslashes', $_GET); - } - else - { - $params['url'] = stripcslashes($_GET); - } + $params['url'] = stripslashes_deep($_GET); } else { diff --git a/cake/libs/controller/scaffold.php b/cake/libs/controller/scaffold.php index ed7c0ff6f..6d865df0f 100644 --- a/cake/libs/controller/scaffold.php +++ b/cake/libs/controller/scaffold.php @@ -431,6 +431,12 @@ class Scaffold extends Object { $newDate = $this->controllerClass->params['data'][$this->modelKey][$field['name'].'_year'].'-'; $newDate .= $this->controllerClass->params['data'][$this->modelKey][$field['name'].'_month'].'-'; $newDate .= $this->controllerClass->params['data'][$this->modelKey][$field['name'].'_day'].' '; + unset($this->controllerClass->params['data'][$this->modelKey][$field['name'].'_year']); + unset($this->controllerClass->params['data'][$this->modelKey][$field['name'].'_month']); + unset($this->controllerClass->params['data'][$this->modelKey][$field['name'].'_day']); + unset($this->controllerClass->params['data'][$this->modelKey][$field['name'].'_hour']); + unset($this->controllerClass->params['data'][$this->modelKey][$field['name'].'_min']); + unset($this->controllerClass->params['data'][$this->modelKey][$field['name'].'_meridian']); $this->controllerClass->params['data'][$this->modelKey][$field['name']] = $newDate; } else if( 'datetime' == $field['type'] && isset($this->controllerClass->params['data'][$this->modelKey][$field['name'].'_year'] ) ) @@ -444,6 +450,12 @@ class Scaffold extends Object { $newDate .= $this->controllerClass->params['data'][$this->modelKey][$field['name'].'_month'].'-'; $newDate .= $this->controllerClass->params['data'][$this->modelKey][$field['name'].'_day'].' '; $newDate .= $hour.':'.$this->controllerClass->params['data'][$this->modelKey][$field['name'].'_min'].':00'; + unset($this->controllerClass->params['data'][$this->modelKey][$field['name'].'_year']); + unset($this->controllerClass->params['data'][$this->modelKey][$field['name'].'_month']); + unset($this->controllerClass->params['data'][$this->modelKey][$field['name'].'_day']); + unset($this->controllerClass->params['data'][$this->modelKey][$field['name'].'_hour']); + unset($this->controllerClass->params['data'][$this->modelKey][$field['name'].'_min']); + unset($this->controllerClass->params['data'][$this->modelKey][$field['name'].'_meridian']); $this->controllerClass->params['data'][$this->modelKey][$field['name']] = $newDate; } else if( 'tinyint(1)' == $field['type'] ) diff --git a/cake/libs/model/datasources/dbo_source.php b/cake/libs/model/datasources/dbo_source.php index a90a958a9..448f340b8 100644 --- a/cake/libs/model/datasources/dbo_source.php +++ b/cake/libs/model/datasources/dbo_source.php @@ -309,7 +309,12 @@ class DboSource extends DataSource $values = array_values($model->data); } - if($this->execute('INSERT INTO '.$model->table.' ('.join(',', $fields).') VALUES ('.join(',', $values).')')) + foreach ($values as $value) + { + $valueInsert[] = $this->value($value); + } + + if($this->execute('INSERT INTO '.$model->table.' ('.join(',', $fields).') VALUES ('.join(',', $valueInsert).')')) { return true; } diff --git a/cake/libs/model/dbo/dbo.php b/cake/libs/model/dbo/dbo.php index fdeb40ce5..d23b55026 100644 --- a/cake/libs/model/dbo/dbo.php +++ b/cake/libs/model/dbo/dbo.php @@ -256,13 +256,13 @@ class DBO extends Object $out = null; foreach ($data as $key=>$item) { - $out[$key] = $this->prepareValue($item); + $out[$key] = $this->value($item); } return $out; } else { - return $this->prepareValue($data); + return $this->value($data); } } diff --git a/cake/libs/model/dbo/dbo_mysql.php b/cake/libs/model/dbo/dbo_mysql.php index 07eb5ad4b..2c38a315e 100644 --- a/cake/libs/model/dbo/dbo_mysql.php +++ b/cake/libs/model/dbo/dbo_mysql.php @@ -148,13 +148,13 @@ class DboMysql extends DboSource elseif (count($args) > 1 && strpos($args[0], 'findBy') === 0) { $field = Inflector::underscore(str_replace('findBy', '', $args[0])); - $query = '`' . $args[2]->name . '`.`' . $field . '` = ' . $this->value($args[1][0]); + $query = '`' . $args[2]->name . '.' . $field . '` = ' . $this->value($args[1][0]); return $args[2]->find($query); } elseif (count($args) > 1 && strpos($args[0], 'findAllBy') === 0) { $field = Inflector::underscore(str_replace('findAllBy', '', $args[0])); - $query = '`' . $args[2]->name . '`.`' . $field . '` = ' . $this->value($args[1][0]); + $query = '`' . $args[2]->name . '.' . $field . '` = ' . $this->value($args[1][0]); return $args[2]->findAll($query); } } diff --git a/cake/libs/model/model_php4.php b/cake/libs/model/model_php4.php index 95476d4b6..519726215 100644 --- a/cake/libs/model/model_php4.php +++ b/cake/libs/model/model_php4.php @@ -702,7 +702,7 @@ class Model extends Object * @param boolean $validate * @param array $fields * @return boolean success - *@todo Implement $fields param as a whitelist of allowable fields + * @todo Implement $fields param as a whitelist of allowable fields */ function save ($data = null, $validate = true, $fields = null) { @@ -848,7 +848,7 @@ class Model extends Object $values[] = $this->db->value($id); $values[] = $this->db->value($update); $values = join(',', $values); - $newValues[] = '('.$values.')'; + $newValues[] = "({$values})"; unset($values); } } @@ -863,10 +863,10 @@ class Model extends Object $total = count($joinTable); for ($count = 0; $count < $total; $count++) { - $this->db->query("DELETE FROM {$joinTable[$count]} WHERE $mainKey = '{$id}'"); + $this->db->execute("DELETE FROM {$joinTable[$count]} WHERE $mainKey = '{$id}'"); if(!empty($newValue[$count])) { - $this->db->query("INSERT INTO {$joinTable[$count]} ({$fields[$count]}) VALUES {$newValue[$count]}"); + $this->db->execute("INSERT INTO {$joinTable[$count]} ({$fields[$count]}) VALUES {$newValue[$count]}"); } } } @@ -1135,24 +1135,16 @@ class Model extends Object */ function findNeighbours ($conditions, $field, $value) { - @list($prev) = Model::findAll($conditions . ' AND ' . $this->db->name($field) . ' < ' . $this->db->value($value), $field, $this->db->name($field) . ' DESC', 1); - @list($next) = Model::findAll($conditions . ' AND ' . $this->db->name($field) . ' > ' . $this->db->value($value), $field, $this->db->name($field) . ' ASC', 1); + @list($prev) = Model::findAll($conditions . ' AND ' . $field . ' < ' . $this->db->value($value), $field, $field . ' DESC', 1); + @list($next) = Model::findAll($conditions . ' AND ' . $field . ' > ' . $this->db->value($value), $field, $field . ' ASC', 1); - if (isset($prev)) + if (!isset($prev)) { - $prev = $prev; + $prev = null; } - else + if (!isset($next)) { - $prev = false; - } - if (isset($next)) - { - $next = $next; - } - else - { - $next = false; + $next = null; } return array('prev' => $prev, 'next' => $next); } diff --git a/cake/libs/model/model_php5.php b/cake/libs/model/model_php5.php index cf5a60e61..8cd32e2bc 100644 --- a/cake/libs/model/model_php5.php +++ b/cake/libs/model/model_php5.php @@ -699,7 +699,7 @@ class Model extends Object * @param boolean $validate * @param array $fields * @return boolean success - *@todo Implement $fields param as a whitelist of allowable fields + * @todo Implement $fields param as a whitelist of allowable fields */ function save ($data = null, $validate = true, $fields = null) { @@ -845,7 +845,7 @@ class Model extends Object $values[] = $this->db->value($id); $values[] = $this->db->value($update); $values = join(',', $values); - $newValues[] = '('.$values.')'; + $newValues[] = "({$values})"; unset($values); } } @@ -860,10 +860,10 @@ class Model extends Object $total = count($joinTable); for ($count = 0; $count < $total; $count++) { - $this->db->query("DELETE FROM {$joinTable[$count]} WHERE $mainKey = '{$id}'"); + $this->db->execute("DELETE FROM {$joinTable[$count]} WHERE $mainKey = '{$id}'"); if(!empty($newValue[$count])) { - $this->db->query("INSERT INTO {$joinTable[$count]} ({$fields[$count]}) VALUES {$newValue[$count]}"); + $this->db->execute("INSERT INTO {$joinTable[$count]} ({$fields[$count]}) VALUES {$newValue[$count]}"); } } } @@ -1132,24 +1132,16 @@ class Model extends Object */ function findNeighbours ($conditions, $field, $value) { - @list($prev) = Model::findAll($conditions . ' AND ' . $this->db->name($field) . ' < ' . $this->db->value($value), $field, $this->db->name($field) . ' DESC', 1); - @list($next) = Model::findAll($conditions . ' AND ' . $this->db->name($field) . ' > ' . $this->db->value($value), $field, $this->db->name($field) . ' ASC', 1); + @list($prev) = Model::findAll($conditions . ' AND ' . $field . ' < ' . $this->db->value($value), $field, $field . ' DESC', 1); + @list($next) = Model::findAll($conditions . ' AND ' . $field . ' > ' . $this->db->value($value), $field, $field . ' ASC', 1); - if (isset($prev)) + if (!isset($prev)) { - $prev = $prev; + $prev = null; } - else + if (!isset($next)) { - $prev = false; - } - if (isset($next)) - { - $next = $next; - } - else - { - $next = false; + $next = null; } return array('prev' => $prev, 'next' => $next); } @@ -1297,8 +1289,6 @@ class Model extends Object { return $this->db->name($this->name).'.'.$this->db->name($field); } - - /** * Returns the current record's ID * diff --git a/cake/libs/session.php b/cake/libs/session.php index c6c0c9baa..fb1f770a9 100644 --- a/cake/libs/session.php +++ b/cake/libs/session.php @@ -240,7 +240,7 @@ class CakeSession extends Object { if(!empty($_SESSION)) { - $result = eval("return ".$_SESSION.";"); + $result = eval("return \$_SESSION;"); return $result; } $this->_setError(2, "No Session vars set"); diff --git a/cake/libs/view/helpers/ajax.php b/cake/libs/view/helpers/ajax.php index c2d839446..3c1ba9f86 100644 --- a/cake/libs/view/helpers/ajax.php +++ b/cake/libs/view/helpers/ajax.php @@ -180,7 +180,7 @@ class AjaxHelper extends Helper function linkToRemote ($title, $options = array(), $html_options = array()) { - trigger_error('Deprecated function: use AjaxHelper::link', E_USER_WARNING); + //trigger_error('Deprecated function: use AjaxHelper::link', E_USER_WARNING); $href = '#'; if (!empty($options['fallback']) && isset($options['fallback'])) { diff --git a/cake/libs/view/helpers/javascript.php b/cake/libs/view/helpers/javascript.php index 12ce81c47..63731aaa5 100644 --- a/cake/libs/view/helpers/javascript.php +++ b/cake/libs/view/helpers/javascript.php @@ -7,14 +7,14 @@ * PHP versions 4 and 5 * * CakePHP : Rapid Development Framework - * Copyright (c) 2005, Cake Software Foundation, Inc. + * Copyright (c) 2005, Cake Software Foundation, Inc. * 1785 E. Sahara Avenue, Suite 490-204 * Las Vegas, Nevada 89104 * * Licensed under The MIT License * Redistributions of files must retain the above copyright notice. * - * @filesource + * @filesource * @copyright Copyright (c) 2005, Cake Software Foundation, Inc. * @link http://www.cakefoundation.org/projects/info/cakephp CakePHP Project * @package cake @@ -79,8 +79,8 @@ class JavascriptHelper extends Helper } /** - * Escape carriage returns and single and double quotes for JavaScript segments. - * + * Escape carriage returns and single and double quotes for JavaScript segments. + * * @param string $script string that might have javascript elements * @return string escaped string */ @@ -91,9 +91,34 @@ class JavascriptHelper extends Helper return $script; } +/** + * Escape a string to be JavaScript friendly. + * + * List of escaped ellements: + * + "\r\n" => '\n' + * + "\r" => '\n' + * + "\n" => '\n' + * + '"' => '\"' + * + "'" => "\\'" + * + * @param string $script String that needs to get escaped. + * @return string Escaped string. + */ + function escapeString($string) + { + $escape = array( + "\r\n" => '\n', + "\r" => '\n', + "\n" => '\n', + '"' => '\"', + "'" => "\\'" + ); + + return str_replace(array_keys($escape), array_values($escape), $string); + } /** * Attach an event to an element. Used with the Prototype library. - * + * * @param string $object Object to be observed * @param string $event event to observe * @param string $observer function to call @@ -125,7 +150,7 @@ class JavascriptHelper extends Helper /** * Cache JavaScript events created with event() - * + * * @return null */ function cacheEvents () @@ -136,7 +161,7 @@ class JavascriptHelper extends Helper /** * Write cached JavaScript events - * + * * @return string A single code block of all cached JavaScript events created with event() */ function writeEvents () @@ -148,7 +173,7 @@ class JavascriptHelper extends Helper /** * Includes the Prototype Javascript library (and anything else) inside a single script tag. - * + * * Note: The recommended approach is to copy the contents of * javascripts into your application's * public/javascripts/ directory, and use @see javascriptIncludeTag() to