Congegni
/
libretime
mirror of https://github.com/libretime/libretime.git
7
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

CC-4348: Prepared statements - part 4 

-User.php
This commit is contained in:
Martin Konecny 2012-09-05 17:43:45 -04:00
parent b6b4e25a37
commit 43f5258219
1 changed files with 16 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
airtime_mvc/application/models/User.php
View File

@ -284,45 +284,38 @@ class Application_Model_User
$sql_gen = "SELECT login AS value, login AS label, id as index FROM cc_subjs "; $sql_gen = "SELECT login AS value, login AS label, id as index FROM cc_subjs ";
$sql = $sql_gen; $sql = $sql_gen;
$type = array_map( function($t) { $types = array();
return "type = '{$t}'"; $params = array();
}, $type); for ($i=0; $i<count($type); $i++) {
$p = ":type{$i}";
$types[] = "type = $p";
$params[$p] = $type[$i];
}
$sql_type = join(" OR ", $type); $sql_type = join(" OR ", $types);
$sql = $sql_gen ." WHERE (". $sql_type.") "; $sql = $sql_gen ." WHERE (". $sql_type.") ";
if (!is_null($search)) { if (!is_null($search)) {
//need to use addslashes for 'LIKE' values
$search = addslashes($search);
$like = "login ILIKE '%{$search}%'"; $like = "login ILIKE '%{$search}%'";
$sql = $sql . " AND ".$like; $sql = $sql . " AND ".$like;
} }
echo $sql.PHP_EOL;
print_r($params);
$sql = $sql ." ORDER BY login"; $sql = $sql ." ORDER BY login";
return $con->query($sql)->fetchAll();; return Application_Common_Database::prepareAndExecute($sql, $params, "all");
} }
public static function getUserCount($type=null) public static function getUserCount($type=null)
{ {
$con = Propel::getConnection(); $con = Propel::getConnection();
$sql = ''; $sql = '';
$sql_gen = "SELECT count(*) AS cnt FROM cc_subjs "; $sql_gen = "SELECT count(*) AS cnt FROM cc_subjs";
if (!isset($type)) {
$sql = $sql_gen;
} else {
if (is_array($type)) {
for ($i=0; $i<count($type); $i++) {
$type[$i] = "type = '{$type[$i]}'";
}
$sql_type = join(" OR ", $type);
} else {
$sql_type = "type = {$type}";
}
$sql = $sql_gen ." WHERE (". $sql_type.") ";
}
$query = $con->query($sql)->fetchColumn(0); $query = $con->query($sql)->fetchColumn(0);
@ -366,13 +359,11 @@ class Application_Model_User
public static function getUserData($id) public static function getUserData($id)
{ {
$con = Propel::getConnection();
$sql = "SELECT login, first_name, last_name, type, id, email, cell_phone, skype_contact, jabber_contact" $sql = "SELECT login, first_name, last_name, type, id, email, cell_phone, skype_contact, jabber_contact"
." FROM cc_subjs" ." FROM cc_subjs"
." WHERE id = $id"; ." WHERE id = :id";
return $con->query($sql)->fetch(); return Application_Common_Database::prepareAndExecute($sql, array(":id" => $id), 'single');
} }
public static function getCurrentUser() public static function getCurrentUser()