diff --git a/core/trunk/core/admin_tools.php b/core/trunk/core/admin_tools.php
index 8c93961179aba2b369f5dc266ecde070fa060f47..6f7392e7b57555e09330922aea4bcb801e28243b 100644
--- a/core/trunk/core/admin_tools.php
+++ b/core/trunk/core/admin_tools.php
@@ -77,10 +77,10 @@ function At_putInSession($type, $hashable)
* @param object $db database request object
* @param string $whatRequest request string
*/
-function At_showAjaxList($db, $whatRequest)
+function At_showAjaxList($stmt, $whatRequest)
{
$listArray = array();
- while ($line = $db->fetch_object()) {
+ while ($line = $stmt->fetchObject()) {
array_push($listArray, $line->tag);
}
echo "<ul>\n";
diff --git a/core/trunk/core/class/ActionControler.php b/core/trunk/core/class/ActionControler.php
index 1537d39cd65e1bf0dacdbfef2f9305a05c6cbbc6..6762230f2b31d9cd70c1b02998a9e07e903cfd32 100644
--- a/core/trunk/core/class/ActionControler.php
+++ b/core/trunk/core/class/ActionControler.php
@@ -55,7 +55,7 @@ try {
class ActionControler
{
/**
- * Dbquery object used to connnect to the database
+ * Database object used to connnect to the database
*/
private static $db;
diff --git a/core/trunk/core/class/SecurityControler.php b/core/trunk/core/class/SecurityControler.php
index 86ad1e48855aacfef9da653c3c4ebcf5e3cb16e3..d0f636c70e1be52e1eade3dde46f00d849b9f6a1 100644
--- a/core/trunk/core/class/SecurityControler.php
+++ b/core/trunk/core/class/SecurityControler.php
@@ -638,14 +638,14 @@ class SecurityControler
) {
$query = "select res_id from "
. $_SESSION['collections'][$ind]['view'] . " where ("
- . $where . ') and res_id = ' . $objectId;
+ . $where . ') and res_id = ?';
}
$db = new Database();
if (! empty($query)) {
- $db->query($query);
+ $stmt = $db->query($query, array($objectId));
}
- if ($db->nb_result() > 0) {
+ if ($stmt->rowCount() > 0) {
if ($bitmask > 0) {
$fullBitmask = set_right($fullBitmask, $bitmask);
}
@@ -664,11 +664,11 @@ class SecurityControler
$sessionSecurity = new session_security();
$sessionSecurity->setArray(
array(
- 'user_id' => $func->protect_string_db($userId),
+ 'user_id' => $userId,
'session_begin_date' => date("Y-m-d H:i"),
- 'full_where_clause' => $func->protect_string_db($fullWhere),
+ 'full_where_clause' => $fullWhere,
'last_available_bitmask' => $fullBitmask,
- 'last_object_id' => $func->protect_string_db($objectId)
+ 'last_object_id' => $objectId
)
); // TO DO : calculate the session_end_date
$ctrl = new session_security_controler();
diff --git a/core/trunk/core/class/ServiceControler.php b/core/trunk/core/class/ServiceControler.php
index 5ef3daf72c9211ed0a4c03ed1151a9476adc3187..982d1d05b0a2b10a35f98210222ecdf2bc4e8fbb 100644
--- a/core/trunk/core/class/ServiceControler.php
+++ b/core/trunk/core/class/ServiceControler.php
@@ -55,7 +55,7 @@ try {
class ServiceControler
{
/**
- * Dbquery object used to connnect to the database
+ * Database object used to connnect to the database
*/
private static $db;
diff --git a/core/trunk/core/class/StatusControler.php b/core/trunk/core/class/StatusControler.php
index 21d42f360c5c7053aad8d1958c00546bb7758a93..5aebd6309bb6728fadc1016dc36235754e58217d 100644
--- a/core/trunk/core/class/StatusControler.php
+++ b/core/trunk/core/class/StatusControler.php
@@ -388,28 +388,23 @@ class Maarch_Core_Class_StatusControler
* @return array of stauts
*/
public function getAllInfos() {
- $db = new dbquery();
- $db->connect();
+ $db = new Database();
$query = "select * from " . STATUS_TABLE . " order by label_status";
try {
- if ($_ENV['DEBUG'])
- functions::xecho($query) . ' // ';
- $db->query($query);
+ $stmt = $db->query($query);
} catch (Exception $e) {
echo _NO_STATUS . ' // ';
}
- if ($db->nb_result() > 0) {
+ if ($stmt->rowCount() > 0) {
$result = array ();
$cptId = 0;
- while ($queryResult = $db->fetch_object()) {
+ while ($queryResult = $stmt->fetchObject()) {
$result[$cptId]['id'] = $queryResult->id;
$result[$cptId]['label'] = $queryResult->label_status;
$cptId++;
}
- $db->disconnect();
return $result;
} else {
- $db->disconnect();
return null;
}
}
diff --git a/core/trunk/core/class/class_resource.php b/core/trunk/core/class/class_resource.php
index 9050a5ab11ba531061b875b4b8b3264bf4d90c5c..e2a6d27e106d76565fbc5e8f5e683b4b8570c6ae 100644
--- a/core/trunk/core/class/class_resource.php
+++ b/core/trunk/core/class/class_resource.php
@@ -167,9 +167,17 @@
}
else
{
- $this->connect();
- $this->query("select res_id from ".$table_res." where docserver_id = '".$docserver_id."' and path = '".$path."' and filename= '".$filename."' order by res_id desc ");
- $res = $this->fetch_object();
+ $db2 = new Database();
+ $stmt = $db2->query(
+ "select res_id from " . $table_res
+ . " where docserver_id = ? and path = ? and filename= ? order by res_id desc ",
+ array(
+ $docserver_id,
+ $path,
+ $filename
+ )
+ );
+ $res = $stmt->fetchObject();
return $res->res_id;
}
}
@@ -191,14 +199,14 @@
*/
public function get_filename($id,$coll_id)
{
- require_once("core".DIRECTORY_SEPARATOR."class".DIRECTORY_SEPARATOR."class_security.php");
+ require_once("core/class/class_security.php");
$sec = new security();
$resource_table = $sec->retrieve_table_from_coll($coll_id);
if ($resource_table == '')
echo "error with coll_id";
- $this->connect();
- $this->query("select filename from ".$resource_table." where res_id='".$id."'");
- $result = $this->fetch_object();
+ $db = new Database();
+ $stmt = $db->query("select filename from ".$resource_table." where res_id=?", array($id));
+ $result = $stmt->fetchObject();
return $result->filename;
}
@@ -209,14 +217,14 @@
*/
public function get_path($id,$coll_id)
{
- require_once("core".DIRECTORY_SEPARATOR."class".DIRECTORY_SEPARATOR."class_security.php");
+ require_once("core/class/class_security.php");
$sec = new security();
$resource_table = $sec->retrieve_table_from_coll($coll_id);
if ($resource_table == '')
echo "error with coll_id";
- $this->connect();
- $this->query("select path from ".$resource_table." where res_id='".$id."'");
- $result = $this->fetch_object();
+ $db = new Database();
+ $stmt = $db->query("select path from ".$resource_table." where res_id=?", array($id));
+ $result = $stmt->fetchObject();
return str_replace('#', DIRECTORY_SEPARATOR, $result->path);
}
@@ -239,7 +247,7 @@
private function check_basic_fields($data)
{
$error = '';
- $this->connect();
+ $db = new Database();
$find_format = false;
$find_typist = false;
$find_creation_date = false;
@@ -261,17 +269,11 @@
elseif($data[$i]['column'] == 'typist' )
{
$find_typist = true;
-/*
- if( $data[$i]['value'] <> $_SESSION['user']['UserId'])
- {
- $error .= _TYPIST_ERROR.'<br/>';
- }
-*/
}
elseif($data[$i]['column'] == 'creation_date')
{
$find_creation_date = true;
- if($data[$i]['value'] <> $this->current_datetime())
+ if($data[$i]['value'] <> $db->current_datetime())
{
$error .= _CREATION_DATE_ERROR.'<br/>';
}
@@ -279,7 +281,7 @@
elseif($data[$i]['column'] == 'docserver_id')
{
$find_docserver_id = true;
- if(!$this->query("select docserver_id from ".$_SESSION['tablename']['docservers']." where docserver_id = '".$data[$i]['value']."'", true))
+ if(!$this->query("select docserver_id from ".$_SESSION['tablename']['docservers']." where docserver_id = ?", array($data[$i]['value'])))
{
$error .= _DOCSERVER_ID_ERROR.'<br/>';
}
@@ -405,21 +407,22 @@
return $control;
}
$docserverAdr = array();
- $this->connect();
- $query = "select res_id, docserver_id, path, filename, format, fingerprint, offset_doc, is_multi_docservers from " . $view . " where res_id = " . $resId . " ". $whereClause;
- $this->query($query);
- if ($this->nb_result() > 0) {
- $line = $this->fetch_object();
+ $db = new Database();
+ $query = "select res_id, docserver_id, path, filename, format, fingerprint, offset_doc, is_multi_docservers from " . $view
+ . " where res_id = ? ". $whereClause;
+ $stmt = $db->query($query, array($resId));
+ if ($stmt->rowCount() > 0) {
+ $line = $stmt->fetchObject();
$format = $line->format;
if($line->is_multi_docservers == "Y") {
- $query = "select res_id, docserver_id, path, filename, offset_doc, fingerprint, adr_priority from " . $adrTable . " where res_id = " . $resId . " order by adr_priority";
- $this->query($query);
- if ($this->nb_result() > 0) {
- while($line = $this->fetch_object()) {
+ $query = "select res_id, docserver_id, path, filename, offset_doc, fingerprint, adr_priority from "
+ . $adrTable . " where res_id = ? order by adr_priority";
+ $stmt = $db->query($query, array($resId));
+ if ($stmt->rowCount() > 0) {
+ while($line = $stmt->fetchObject()) {
array_push($docserverAdr, array("docserver_id" => $line->docserver_id, "path" => $line->path, "filename" => $line->filename, "format" => $format, "fingerprint" => $line->fingerprint, "offset_doc" => $line->offset_doc, "adr_priority" => $line->adr_priority));
}
} else {
- $this->disconnect();
$control = array("status" => "ko", "error" => _RESOURCE_NOT_FOUND);
return $control;
}
@@ -427,13 +430,10 @@
array_push($docserverAdr, array("docserver_id" => $line->docserver_id, "path" => $line->path, "filename" => $line->filename, "format" => $format, "fingerprint" => $line->fingerprint, "offset_doc" => $line->offset_doc, "adr_priority" => ""));
}
$control = array("status" => "ok", $docserverAdr, "error" => "");
- $this->disconnect();
return $control;
} else {
- $this->disconnect();
$control = array("status" => "ko", "error" => _RESOURCE_NOT_FOUND);
return $control;
}
}
}
-?>
diff --git a/core/trunk/core/class/resources_controler.php b/core/trunk/core/class/resources_controler.php
index 318d2013989778a5e14106c3151248e0402daf31..3d82baf465b721579c0b58d6fc9d3d9162f561e0 100755
--- a/core/trunk/core/class/resources_controler.php
+++ b/core/trunk/core/class/resources_controler.php
@@ -568,7 +568,6 @@ class resources_controler
$listResult = array();
try {
$db = new Database();
- $db->connect();
$cpt = 0;
$stmt = $db->query("select * from res_x where " . $whereClause . " ORDER BY res_id ASC");
if ($stmt->rowCount() > 0) {