From 429ef27031efd6558d78cd872a70d6efaad9c63b Mon Sep 17 00:00:00 2001 From: Christian Boltz Date: Sat, 22 Oct 2011 11:12:03 +0000 Subject: [PATCH] functions.inc.php: - new function db_where_clause($condition, $struct) to create a WHERE clause. bool values are converted with db_get_boolean() based on $struct model/DomainHandler.php - view(): - build WHERE clause with db_where_clause() - new array $colformat for columns which need special handling in the field list (that's more readable than tons of elseif on the long term, and allows easier customization (hook/$CONF value?)) git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1228 a1433add-5e2c-0410-b055-b7f2511e0802 --- functions.inc.php | 24 ++++++++++++++++++++++++ model/DomainHandler.php | 23 ++++++++++++++--------- 2 files changed, 38 insertions(+), 9 deletions(-) diff --git a/functions.inc.php b/functions.inc.php index a080f8bb..8e5c3cf7 100644 --- a/functions.inc.php +++ b/functions.inc.php @@ -1878,6 +1878,30 @@ function db_in_clause($field, $values) { . "') "; } +/** + * db_where_clause + * Action: builds and returns a WHERE clause for database queries. All given conditions will be AND'ed. + * Call: db_where_clause (array $conditions, array $struct) + * param array $conditios: array('field' => 'value', 'field2' => 'value2, ...) + * param array $struct - field structure, used for automatic bool conversion + */ +function db_where_clause($condition, $struct) { + if (!is_array($condition)) { + die('db_where_cond: parameter $cond is not an array!'); + } elseif (count($condition) == 0) { + die("db_where_cond: parameter is an empty array!"); # die() might sound harsh, but can prevent information leaks + } elseif(!is_array($struct)) { + die('db_where_cond: parameter $struct is not an array!'); + } + + foreach($condition as $field => $value) { + if (isset($struct[$field]) && $struct[$field]['type'] == 'bool') $value = db_get_boolean($value); + $parts[] = "$field='" . escape_string($value) . "'"; + } + $query = " WHERE " . join(" AND ", $parts) . " "; + return $query; +} + // // table_by_key // Action: Return table name for given key diff --git a/model/DomainHandler.php b/model/DomainHandler.php index 3d34e347..63a7e965 100644 --- a/model/DomainHandler.php +++ b/model/DomainHandler.php @@ -248,27 +248,32 @@ class DomainHandler extends PFAHandler { $select_cols = array(); $bool_fields = array(); + $colformat = array( + # TODO: replace hardcoded %Y-%m-%d with a country-specific date format via *.lang? + 'ts' => "DATE_FORMAT(###KEY###, '%Y-%m-%d') AS ###KEY###, ###KEY### AS _###KEY###", + ); + # get list of fields to display foreach($this->struct as $key=>$row) { if ( $row['display_in_list'] != 0 && $row['not_in_db'] == 0 ) { - if ($row['type'] == 'ts') { - # TODO: replace hardcoded %Y-%m-%d with a country-specific date format via *.lang? - $select_cols[] = "DATE_FORMAT($key, '%Y-%m-%d') AS $key, $key AS _$key"; # timestamps formatted as date, raw data in _fieldname - } elseif ($row['type'] == 'bool') { - $bool_fields[] = $key; # remember boolean fields (will be converted to integer 0/1 later) - TODO: do this in the sql query with CASE? - $select_cols[] = $key; + if (isset($colformat[$row['type']])) { + $select_cols[] = str_replace('###KEY###', $key, $colformat[$row['type']] ); } else { $select_cols[] = $key; } + + if ($row['type'] == 'bool') { + $bool_fields[] = $key; # remember boolean fields (will be converted to integer 0/1 later) - TODO: do this in the sql query/$colformat with CASE? + } } } $cols = join(',', $select_cols); $table = table_by_key($this->db_table); - $id_field = $this->id_field; - $E_username = escape_string($this->username); - $result = db_query("SELECT $cols FROM $table WHERE $id_field='$E_username'"); + $where = db_where_clause( array($this->id_field => $this->username), $this->struct); + $result = db_query("SELECT $cols FROM $table $where"); + if ($result['rows'] != 0) { $this->return = db_array($result['result']); foreach ($bool_fields as $field) {