mirror of
https://github.com/dg/dibi.git
synced 2025-08-05 05:37:39 +02:00
reflectors: table names are correctly escaped
This commit is contained in:
David Grudl
@@ -65,18 +65,16 @@ class DibiMsSqlReflector extends DibiObject implements IDibiReflector
|
||||
if (empty($table)) {
|
||||
return false;
|
||||
}
|
||||
$table = $this->driver->escape($table, dibi::TEXT);
|
||||
|
||||
$result = $this->driver->query("
|
||||
SELECT MAX(rowcnt)
|
||||
FROM sys.sysindexes
|
||||
WHERE id=OBJECT_ID({$table})
|
||||
WHERE id=OBJECT_ID({$this->driver->escape($table, dibi::IDENTIFIER)})
|
||||
");
|
||||
$row = $result->fetch(FALSE);
|
||||
|
||||
if (!is_array($row) || count($row) < 1) {
|
||||
if ($fallback) {
|
||||
$row = $this->driver->query("SELECT COUNT(*) FROM {$table}")->fetch(FALSE);
|
||||
$row = $this->driver->query("SELECT COUNT(*) FROM {$this->driver->escape($table, dibi::IDENTIFIER)}")->fetch(FALSE);
|
||||
$count = intval($row[0]);
|
||||
} else {
|
||||
$count = false;
|
||||
@@ -100,7 +98,7 @@ class DibiMsSqlReflector extends DibiObject implements IDibiReflector
|
||||
$res = $this->driver->query("
|
||||
SELECT * FROM
|
||||
INFORMATION_SCHEMA.COLUMNS
|
||||
WHERE TABLE_NAME = '{$table}'
|
||||
WHERE TABLE_NAME = {$this->driver->escape($table, dibi::TEXT)}
|
||||
ORDER BY TABLE_NAME, ORDINAL_POSITION
|
||||
");
|
||||
$columns = array();
|
||||
@@ -148,8 +146,6 @@ class DibiMsSqlReflector extends DibiObject implements IDibiReflector
|
||||
*/
|
||||
public function getIndexes($table)
|
||||
{
|
||||
$table = $this->driver->escape($table, dibi::TEXT);
|
||||
|
||||
$res = $this->driver->query(
|
||||
"SELECT ind.name index_name, ind.index_id, ic.index_column_id,
|
||||
col.name column_name, ind.is_unique, ind.is_primary_key
|
||||
@@ -160,7 +156,7 @@ class DibiMsSqlReflector extends DibiObject implements IDibiReflector
|
||||
(ic.object_id = col.object_id and ic.column_id = col.column_id)
|
||||
INNER JOIN sys.tables t ON
|
||||
(ind.object_id = t.object_id)
|
||||
WHERE t.name = {$table}
|
||||
WHERE t.name = {$this->driver->escape($table, dibi::TEXT)}
|
||||
AND t.is_ms_shipped = 0
|
||||
ORDER BY
|
||||
t.name, ind.name, ind.index_id, ic.index_column_id
|
||||
@@ -192,8 +188,6 @@ class DibiMsSqlReflector extends DibiObject implements IDibiReflector
|
||||
*/
|
||||
public function getForeignKeys($table)
|
||||
{
|
||||
$table = $this->driver->escape($table, dibi::TEXT);
|
||||
|
||||
$res = $this->driver->query("
|
||||
SELECT f.name AS foreign_key,
|
||||
OBJECT_NAME(f.parent_object_id) AS table_name,
|
||||
@@ -206,7 +200,7 @@ class DibiMsSqlReflector extends DibiObject implements IDibiReflector
|
||||
FROM sys.foreign_keys AS f
|
||||
INNER JOIN sys.foreign_key_columns AS fc
|
||||
ON f.OBJECT_ID = fc.constraint_object_id
|
||||
WHERE OBJECT_NAME(f.parent_object_id)={$table}
|
||||
WHERE OBJECT_NAME(f.parent_object_id) = {$this->driver->escape($table, dibi::TEXT)}
|
||||
");
|
||||
|
||||
$keys = array();
|
||||
|
||||
@@ -70,7 +70,7 @@ class DibiMssql2005Reflector extends DibiObject implements IDibiReflector
|
||||
And TC.CONSTRAINT_TYPE = 'PRIMARY KEY'
|
||||
And CCU.COLUMN_NAME = C.COLUMN_NAME
|
||||
) As Z
|
||||
WHERE C.TABLE_NAME = '$table'"
|
||||
WHERE C.TABLE_NAME = {$this->driver->escape($table, dibi::TEXT)}"
|
||||
);
|
||||
$columns = array();
|
||||
while ($row = $res->fetch(TRUE)) {
|
||||
@@ -98,13 +98,13 @@ class DibiMssql2005Reflector extends DibiObject implements IDibiReflector
|
||||
*/
|
||||
public function getIndexes($table)
|
||||
{
|
||||
$keyUsagesRes = $this->driver->query("SELECT * FROM INFORMATION_SCHEMA.KEY_COLUMN_USAGE WHERE TABLE_NAME = '$table'");
|
||||
$keyUsagesRes = $this->driver->query("SELECT * FROM INFORMATION_SCHEMA.KEY_COLUMN_USAGE WHERE TABLE_NAME = {$this->driver->escape($table, dibi::TEXT)}");
|
||||
$keyUsages = array();
|
||||
while( $row = $keyUsagesRes->fetch(TRUE) ) {
|
||||
$keyUsages[$row['CONSTRAINT_NAME']][(int) $row['ORDINAL_POSITION'] - 1] = $row['COLUMN_NAME'];
|
||||
}
|
||||
|
||||
$res = $this->driver->query("SELECT * FROM INFORMATION_SCHEMA.TABLE_CONSTRAINTS WHERE TABLE_NAME = '$table'");
|
||||
$res = $this->driver->query("SELECT * FROM INFORMATION_SCHEMA.TABLE_CONSTRAINTS WHERE TABLE_NAME = {$this->driver->escape($table, dibi::TEXT)}");
|
||||
$indexes = array();
|
||||
while ($row = $res->fetch(TRUE)) {
|
||||
$indexes[$row['CONSTRAINT_NAME']]['name'] = $row['CONSTRAINT_NAME'];
|
||||
|
||||
@@ -68,7 +68,7 @@ class DibiMySqlReflector extends DibiObject implements IDibiReflector
|
||||
FROM INFORMATION_SCHEMA.COLUMNS
|
||||
WHERE TABLE_NAME = $table AND TABLE_SCHEMA = DATABASE()
|
||||
");*/
|
||||
$res = $this->driver->query("SHOW FULL COLUMNS FROM `$table`");
|
||||
$res = $this->driver->query("SHOW FULL COLUMNS FROM {$this->driver->escape($table, dibi::IDENTIFIER)}");
|
||||
$columns = array();
|
||||
while ($row = $res->fetch(TRUE)) {
|
||||
$type = explode('(', $row['Type']);
|
||||
@@ -103,7 +103,7 @@ class DibiMySqlReflector extends DibiObject implements IDibiReflector
|
||||
WHERE TABLE_NAME = $table AND TABLE_SCHEMA = DATABASE()
|
||||
AND REFERENCED_COLUMN_NAME IS NULL
|
||||
");*/
|
||||
$res = $this->driver->query("SHOW INDEX FROM `$table`");
|
||||
$res = $this->driver->query("SHOW INDEX FROM {$this->driver->escape($table, dibi::IDENTIFIER)}");
|
||||
$indexes = array();
|
||||
while ($row = $res->fetch(TRUE)) {
|
||||
$indexes[$row['Key_name']]['name'] = $row['Key_name'];
|
||||
|
||||
@@ -60,12 +60,12 @@ class DibiSqliteReflector extends DibiObject implements IDibiReflector
|
||||
public function getColumns($table)
|
||||
{
|
||||
$meta = $this->driver->query("
|
||||
SELECT sql FROM sqlite_master WHERE type = 'table' AND name = '$table'
|
||||
SELECT sql FROM sqlite_master WHERE type = 'table' AND name = {$this->driver->escape($table, dibi::TEXT)}
|
||||
UNION ALL
|
||||
SELECT sql FROM sqlite_temp_master WHERE type = 'table' AND name = '$table'"
|
||||
)->fetch(TRUE);
|
||||
SELECT sql FROM sqlite_temp_master WHERE type = 'table' AND name = {$this->driver->escape($table, dibi::TEXT)}
|
||||
")->fetch(TRUE);
|
||||
|
||||
$res = $this->driver->query("PRAGMA table_info([$table])");
|
||||
$res = $this->driver->query("PRAGMA table_info({$this->driver->escape($table, dibi::IDENTIFIER)})");
|
||||
$columns = array();
|
||||
while ($row = $res->fetch(TRUE)) {
|
||||
$column = $row['name'];
|
||||
@@ -95,7 +95,7 @@ class DibiSqliteReflector extends DibiObject implements IDibiReflector
|
||||
*/
|
||||
public function getIndexes($table)
|
||||
{
|
||||
$res = $this->driver->query("PRAGMA index_list([$table])");
|
||||
$res = $this->driver->query("PRAGMA index_list({$this->driver->escape($table, dibi::IDENTIFIER)})");
|
||||
$indexes = array();
|
||||
while ($row = $res->fetch(TRUE)) {
|
||||
$indexes[$row['name']]['name'] = $row['name'];
|
||||
@@ -103,7 +103,7 @@ class DibiSqliteReflector extends DibiObject implements IDibiReflector
|
||||
}
|
||||
|
||||
foreach ($indexes as $index => $values) {
|
||||
$res = $this->driver->query("PRAGMA index_info([$index])");
|
||||
$res = $this->driver->query("PRAGMA index_info({$this->driver->escape($index, dibi::IDENTIFIER)})");
|
||||
while ($row = $res->fetch(TRUE)) {
|
||||
$indexes[$index]['columns'][$row['seqno']] = $row['name'];
|
||||
}
|
||||
@@ -150,7 +150,7 @@ class DibiSqliteReflector extends DibiObject implements IDibiReflector
|
||||
if (!($this->driver instanceof DibiSqlite3Driver)) {
|
||||
// throw new DibiNotSupportedException; // @see http://www.sqlite.org/foreignkeys.html
|
||||
}
|
||||
$res = $this->driver->query("PRAGMA foreign_key_list([$table])");
|
||||
$res = $this->driver->query("PRAGMA foreign_key_list({$this->driver->escape($table, dibi::IDENTIFIER)})");
|
||||
$keys = array();
|
||||
while ($row = $res->fetch(TRUE)) {
|
||||
$keys[$row['id']]['name'] = $row['id']; // foreign key name
|
||||
|
||||
Reference in New Issue
Block a user