FEAT #2681

b001a66d · Giovannoni Laurent · 5d0afa9a · b001a66d · b001a66d
Commit b001a66d authored 9 years ago by Giovannoni Laurent
--- a/core/trunk/core/class/class_manage_status.php
+++ b/core/trunk/core/class/class_manage_status.php
@@ -12,7 +12,7 @@
 *
 */
-class manage_status extends dbquery
+class manage_status extends Database
 {
 	public $statusArr;
@@ -26,9 +26,10 @@ class manage_status extends dbquery
 	public function get_searchable_status()
 	{
 		$status = array();
-		$this->connect();
+		$stmt = $this->query("select id, label_status from "
-		$this->query("select id, label_status from ".$_SESSION['tablename']['status']." where can_be_searched = 'Y'");
+			. $_SESSION['tablename']['status'] 
-		while($res = $this->fetch_object())
+			. " where can_be_searched = 'Y'");
+		while($res = $stmt->fetchObject())
 		{
 			array_push($status, array('ID' => $res->id, 'LABEL' => $res->label_status));
 		}
@@ -38,9 +39,10 @@ class manage_status extends dbquery
 	public function get_not_searchable_status()
 	{
 		$status = array();
-		$this->connect();
+		$stmt = $this->query("select id, label_status from " 
-		$this->query("select id, label_status from ".$_SESSION['tablename']['status']." where can_be_searched = 'N'");
+			. $_SESSION['tablename']['status'] 
-		while($res = $this->fetch_object())
+			. " where can_be_searched = 'N'");
+		while($res = $stmt->fetchObject())
 		{
 			array_push($status, array('ID' => $res->id, 'LABEL' => $res->label_status));
 		}
@@ -49,9 +51,8 @@ class manage_status extends dbquery
 	public function get_status_data_array()
 	{
-		$this->connect();
+		$stmt = $this->query("select * from ".$_SESSION['tablename']['status']."");
-		$this->query("select * from ".$_SESSION['tablename']['status']."");
+		while($res = $stmt->fetchObject())
-		while($res = $this->fetch_object())
 		{
 			$id_status = $res->id;
 			$status_txt = $this->show_string($res->label_status);
@@ -59,11 +60,6 @@ class manage_status extends dbquery
 			$img_name = $res->img_filename;
 			if(!empty($img_name))
 			{
-				//For standard
-				//$temp_explode = explode( ".", $img_name);
-				//$temp_explode[0] = $temp_explode[0].$extension;
-				//$img_name = implode(".", $temp_explode);
 				//For big
 				$big_temp_explode = explode( ".", $img_name);
 				$big_temp_explode[0] = $big_temp_explode[0]."_big";
@@ -112,13 +108,14 @@ class manage_status extends dbquery
 	public function can_be_modified($id_status)
 	{
-		$this->connect();
+		$stmt = $this->query("select can_be_modified from " 
-		$this->query("select can_be_modified from ".$_SESSION['tablename']['status']." where id = '".$id_status."'");
+			. $_SESSION['tablename']['status'] 
-		if($this->nb_result() == 0)
+			. " where id = ?", array($id_status));
+		if($stmt->rowCount() == 0)
 		{
 			return false;
 		}
-		$res = $this->fetch_object();
+		$res = $stmt->fetchObject();
 		if($res->can_be_modified == 'N')
 		{
 			return false;

--- a/core/trunk/core/class/class_request.php
+++ b/core/trunk/core/class/class_request.php
@@ -29,6 +29,8 @@
 * @ingroup core
 */
+require_once 'core/class/class_db_pdo.php';
 /**
 * @brief   Contains all the function to build a SQL query (select, insert and update)
 *
@@ -333,20 +335,21 @@ class request extends dbquery
    */
    public function insert($table, $data, $database_type)
    {
+        $db = new Database();
        $field_string = "( ";
        $value_string = "( ";
+        $parameters = array();
-        for($i=0; $i < count($data);$i++)
+        for ($i=0;$i<count($data);$i++) {
-        {
+            if(
-            $field_string .= $data[$i]['column'].",";
+                trim(strtoupper($data[$i]['value'])) == "SYSDATE"
-            if($data[$i]['type'] == "string" || $data[$i]['type'] == "date")
+                || trim(strtoupper($data[$i]['value'])) == "CURRENT_TIMESTAMP"
-            {
+            ) {
-                $value_string .= "'".$data[$i]['value']."',";
+                $value_string .= $data[$i]['value'] . ',';
-            }
+            } else {
-            else
+                $value_string .= "?,";
-            {
+                $parameters[] = $data[$i]['value'];
-                $value_string .= $data[$i]['value'].",";
            }
+            $field_string .= $data[$i]['column'].",";
        }
        $value_string = substr($value_string, 0, -1);
        $field_string = substr($field_string, 0, -1);
@@ -355,11 +358,12 @@ class request extends dbquery
        $field_string .= ")";
        //Time to create the SQL Query
-        $query = "";
+        $query = "INSERT INTO " . $table . " " . $field_string . " VALUES " . $value_string;
-        $query = "INSERT INTO ".$table." ".$field_string." VALUES ".$value_string ;
+        /*echo $query . PHP_EOL;
+        var_dump($parameters);exit;*/
+        $stmt = $db->query($query, $parameters);
-        $this->connect();
+        return true;
-        return ($this->query($query, true));
    }
    /**
@@ -432,42 +436,27 @@ class request extends dbquery
    {
        $db = new Database();
        $update_string = "";
-        for($i=0; $i < count($data);$i++)
+        for ($i=0; $i < count($data);$i++) {
-        {
+            if ($data[$i]['type'] == "string" || $data[$i]['type'] == "date") {
-            if($data[$i]['type'] == "string" || $data[$i]['type'] == "date")
+                if ($databasetype == "POSTGRESQL" && $data[$i]['type'] == "date" && ($data[$i]['value'] == '' || $data[$i]['value'] == ' ')) {
-            {
-                if($databasetype == "POSTGRESQL" && $data[$i]['type'] == "date" && ($data[$i]['value'] == '' || $data[$i]['value'] == ' '))
-                {
                    $update_string .= $data[$i]['column']."=NULL,";
-                }
+                } else {
-                else
+                    if (trim(strtoupper($data[$i]['value'])) == "SYSDATE") {
-                {
-                    if(trim(strtoupper($data[$i]['value'])) == "SYSDATE")
-                    {
                        $update_string .= $data[$i]['column']."=sysdate,";
-                    }
+                    } elseif(trim(strtoupper($data[$i]['value'])) == "CURRENT_TIMESTAMP") {
-                    elseif(trim(strtoupper($data[$i]['value'])) == "CURRENT_TIMESTAMP")
-                    {
                        $update_string .= $data[$i]['column']."=CURRENT_TIMESTAMP,";
-                    }
+                    } else {
-                    else
-                    {
                        $update_string .= $data[$i]['column']."='".$data[$i]['value']."',";
                    }
                }
-            }
+            } else {
-            else
-            {
                $update_string .= $data[$i]['column']."=".$data[$i]['value'].",";
            }
        }
        $update_string = substr($update_string, 0, -1);
-        if ($where <> "")
+        if ($where <> "") {
-        {
            $where_string = " WHERE ".$where;
-        }
+        } else {
-        else
-        {
            $where_string = "";
        }
        //Time to create the SQL Query
@@ -475,5 +464,4 @@ class request extends dbquery
        $query = "UPDATE ".$table." SET ".$update_string.$where_string;
        return $db->query($query, $parameters, true);
    }
 }