1
0
mirror of https://github.com/phpbb/phpbb.git synced 2025-08-05 00:07:44 +02:00

sql_in_set changes

git-svn-id: file:///svn/phpbb/trunk@6271 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen
2006-08-12 13:14:39 +00:00
parent 0c6bfcf4c7
commit 8405f0d324
49 changed files with 551 additions and 632 deletions

View File

@@ -34,7 +34,7 @@ function user_get_id_name(&$user_id_ary, &$username_ary)
$$which_ary = array($$which_ary);
}
$sql_in = ($which_ary == 'user_id_ary') ? array_map('intval', $$which_ary) : preg_replace('#^\s*(.*)\s*$#e', "\"'\" . \$db->sql_escape('\\1') . \"'\"", $$which_ary);
$sql_in = ($which_ary == 'user_id_ary') ? array_map('intval', $$which_ary) : $$which_ary;
unset($$which_ary);
$user_id_ary = $username_ary = array();
@@ -42,8 +42,8 @@ function user_get_id_name(&$user_id_ary, &$username_ary)
// Grab the user id/username records
$sql_where = ($which_ary == 'user_id_ary') ? 'user_id' : 'username';
$sql = 'SELECT user_id, username
FROM ' . USERS_TABLE . "
WHERE $sql_where IN (" . implode(', ', $sql_in) . ')';
FROM ' . USERS_TABLE . '
WHERE ' . $db->sql_in_set($sql_where, $sql_in);
$result = $db->sql_query($sql);
if (!($row = $db->sql_fetchrow($result)))
@@ -307,7 +307,7 @@ function user_delete($mode, $user_id, $post_username = false)
{
$sql = 'SELECT topic_id, topic_replies, topic_replies_real
FROM ' . TOPICS_TABLE . '
WHERE topic_id IN (' . implode(', ', array_keys($topic_id_ary)) . ')';
WHERE ' . $db->sql_in_set('topic_id', array_keys($topic_id_ary));
$result = $db->sql_query($sql);
$del_topic_ary = array();
@@ -323,7 +323,7 @@ function user_delete($mode, $user_id, $post_username = false)
if (sizeof($del_topic_ary))
{
$sql = 'DELETE FROM ' . TOPICS_TABLE . '
WHERE topic_id IN (' . implode(', ', $del_topic_ary) . ')';
WHERE ' . $db->sql_in_set('topic_id', $del_topic_ary);
$db->sql_query($sql);
}
}
@@ -528,24 +528,23 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas
$username = trim($username);
if ($username != '')
{
$sql_usernames[] = "'" . $db->sql_escape($username) . "'";
$sql_usernames[] = strtolower($username);
}
}
$sql_usernames = implode(', ', $sql_usernames);
// Make sure we have been given someone to ban
if (empty($sql_usernames))
if (!sizeof($sql_usernames))
{
trigger_error($user->lang['NO_USER_SPECIFIED']);
}
$sql = 'SELECT user_id
FROM ' . USERS_TABLE . '
WHERE username IN (' . $sql_usernames . ')';
WHERE ' . $db->sql_in_set('LOWER(username)', $sql_usernames);
if (sizeof($founder))
{
$sql .= ' AND user_id NOT IN (' . implode(', ', array_keys($founder)) . ')';
$sql .= ' AND ' . $db->sql_in_set('user_id', array_keys($founder), true);
}
$result = $db->sql_query($sql);
@@ -762,17 +761,11 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas
switch ($mode)
{
case 'user':
$sql_where = (in_array('*', $banlist_ary)) ? '' : 'WHERE session_user_id IN (' . implode(', ', $banlist_ary) . ')';
$sql_where = (in_array('*', $banlist_ary)) ? '' : 'WHERE ' . $db->sql_in_set('session_user_id', $banlist_ary);
break;
case 'ip':
$banlist_ary_sql = array();
foreach ($banlist_ary as $ban_entry)
{
$banlist_ary_sql[] = "'" . $db->sql_escape($ban_entry) . "'";
}
$sql_where = 'WHERE session_ip IN (' . implode(', ', $banlist_ary_sql) . ')';
$sql_where = 'WHERE ' . $db->sql_in_set('session_ip', $banlist_ary);
break;
case 'email':
@@ -780,12 +773,12 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas
foreach ($banlist_ary as $ban_entry)
{
$banlist_ary_sql[] = "'" . $db->sql_escape(str_replace('*', '%', $ban_entry)) . "'";
$banlist_ary_sql[] = (string) str_replace('*', '%', $ban_entry);
}
$sql = 'SELECT user_id
FROM ' . USERS_TABLE . '
WHERE user_email IN (' . implode(', ', $banlist_ary_sql) . ')';
WHERE ' . $db->sql_in_set('user_email', $banlist_ary_sql);
$result = $db->sql_query($sql);
$sql_in = array();
@@ -798,7 +791,7 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas
}
while ($row = $db->sql_fetchrow($result));
$sql_where = 'WHERE session_user_id IN (' . implode(', ', $sql_in) . ")";
$sql_where = 'WHERE ' . $db->sql_in_set('session_user_id', $sql_in);
}
$db->sql_freeresult($result);
break;
@@ -812,7 +805,7 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas
if ($mode == 'user')
{
$sql = 'DELETE FROM ' . SESSIONS_KEYS_TABLE . ' ' . ((in_array('*', $banlist_ary)) ? '' : 'WHERE user_id IN (' . implode(', ', $banlist_ary) . ')');
$sql = 'DELETE FROM ' . SESSIONS_KEYS_TABLE . ' ' . ((in_array('*', $banlist_ary)) ? '' : 'WHERE ' . $db->sql_in_set('user_id', $banlist_ary));
$db->sql_query($sql);
}
}
@@ -847,30 +840,30 @@ function user_unban($mode, $ban)
$ban = array($ban);
}
$unban_sql = implode(', ', array_map('intval', $ban));
$unban_sql = array_map('intval', $ban);
if ($unban_sql)
if (sizeof($unban_sql))
{
// Grab details of bans for logging information later
switch ($mode)
{
case 'user':
$sql = 'SELECT u.username AS unban_info
FROM ' . USERS_TABLE . ' u, ' . BANLIST_TABLE . " b
WHERE b.ban_id IN ($unban_sql)
AND u.user_id = b.ban_userid";
FROM ' . USERS_TABLE . ' u, ' . BANLIST_TABLE . ' b
WHERE ' . $db->sql_in_set('b.ban_id', $unban_sql) . '
AND u.user_id = b.ban_userid';
break;
case 'email':
$sql = 'SELECT ban_email AS unban_info
FROM ' . BANLIST_TABLE . "
WHERE ban_id IN ($unban_sql)";
FROM ' . BANLIST_TABLE . '
WHERE ' . $db->sql_in_set('ban_id', $unban_sql);
break;
case 'ip':
$sql = 'SELECT ban_ip AS unban_info
FROM ' . BANLIST_TABLE . "
WHERE ban_id IN ($unban_sql)";
FROM ' . BANLIST_TABLE . '
WHERE ' . $db->sql_in_set('ban_id', $unban_sql);
break;
}
$result = $db->sql_query($sql);
@@ -882,8 +875,8 @@ function user_unban($mode, $ban)
}
$db->sql_freeresult($result);
$sql = 'DELETE FROM ' . BANLIST_TABLE . "
WHERE ban_id IN ($unban_sql)";
$sql = 'DELETE FROM ' . BANLIST_TABLE . '
WHERE ' . $db->sql_in_set('ban_id', $unban_sql);
$db->sql_query($sql);
add_log('admin', 'LOG_UNBAN_' . strtoupper($mode), $l_unban_list);
@@ -1580,7 +1573,7 @@ function group_user_add($group_id, $user_id_ary = false, $username_ary = false,
// Remove users who are already members of this group
$sql = 'SELECT user_id, group_leader
FROM ' . USER_GROUP_TABLE . '
WHERE user_id IN (' . implode(', ', $user_id_ary) . ")
WHERE ' . $db->sql_in_set('user_id', $user_id_ary) . "
AND group_id = $group_id";
$result = $db->sql_query($sql);
@@ -1636,7 +1629,7 @@ function group_user_add($group_id, $user_id_ary = false, $username_ary = false,
{
$sql = 'UPDATE ' . USER_GROUP_TABLE . '
SET group_leader = 1
WHERE user_id IN (' . implode(', ', $update_id_ary) . ")
WHERE ' . $db->sql_in_set('user_id', $update_id_ary) . "
AND group_id = $group_id";
$db->sql_query($sql);
}
@@ -1682,7 +1675,7 @@ function group_user_del($group_id, $user_id_ary = false, $username_ary = false,
$sql = 'SELECT *
FROM ' . GROUPS_TABLE . '
WHERE group_name IN (' . implode(', ', preg_replace('#^(.*)$#', "'\\1'", $group_order)) . ')';
WHERE ' . $db->sql_in_set('group_name', $group_order);
$result = $db->sql_query($sql);
$group_order_id = $special_group_data = array();
@@ -1711,7 +1704,7 @@ function group_user_del($group_id, $user_id_ary = false, $username_ary = false,
// Get users default groups - we only need to reset default group membership if the group from which the user gets removed is set as default
$sql = 'SELECT user_id, group_id
FROM ' . USERS_TABLE . '
WHERE user_id IN (' . implode(', ', $user_id_ary) . ")";
WHERE ' . $db->sql_in_set('user_id', $user_id_ary);
$result = $db->sql_query($sql);
$default_groups = array();
@@ -1724,7 +1717,7 @@ function group_user_del($group_id, $user_id_ary = false, $username_ary = false,
// What special group memberships exist for these users?
$sql = 'SELECT g.group_id, g.group_name, ug.user_id
FROM ' . USER_GROUP_TABLE . ' ug, ' . GROUPS_TABLE . ' g
WHERE ug.user_id IN (' . implode(', ', $user_id_ary) . ")
WHERE ' . $db->sql_in_set('ug.user_id', $user_id_ary) . "
AND g.group_id = ug.group_id
AND g.group_id <> $group_id
AND g.group_type = " . GROUP_SPECIAL . '
@@ -1760,7 +1753,7 @@ function group_user_del($group_id, $user_id_ary = false, $username_ary = false,
// Ok, get the original avatar data from users having an uploaded one (we need to remove these from the filesystem)
$sql = 'SELECT user_id, user_avatar
FROM ' . USERS_TABLE . '
WHERE user_id IN (' . implode(', ', $sql_where_ary[$gid]) . ')
WHERE ' . $db->sql_in_set('user_id', $sql_where_ary[$gid]) . '
AND user_avatar_type = ' . AVATAR_UPLOAD;
$result = $db->sql_query($sql);
@@ -1772,7 +1765,7 @@ function group_user_del($group_id, $user_id_ary = false, $username_ary = false,
}
$sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $special_group_data[$gid]) . '
WHERE user_id IN (' . implode(', ', $sql_where_ary[$gid]) . ')';
WHERE ' . $db->sql_in_set('user_id', $sql_where_ary[$gid]);
$db->sql_query($sql);
}
}
@@ -1780,7 +1773,7 @@ function group_user_del($group_id, $user_id_ary = false, $username_ary = false,
$sql = 'DELETE FROM ' . USER_GROUP_TABLE . "
WHERE group_id = $group_id
AND user_id IN (" . implode(', ', $user_id_ary) . ')';
AND " . $db->sql_in_set('user_id', $user_id_ary);
$db->sql_query($sql);
// Clear permissions cache of relevant users
@@ -1825,7 +1818,7 @@ function group_user_attributes($action, $group_id, $user_id_ary = false, $userna
$sql = 'UPDATE ' . USER_GROUP_TABLE . '
SET group_leader = ' . (($action == 'promote') ? 1 : 0) . "
WHERE group_id = $group_id
AND user_id IN (" . implode(', ', $user_id_ary) . ')';
AND " . $db->sql_in_set('user_id', $user_id_ary);
$db->sql_query($sql);
$log = ($action == 'promote') ? 'LOG_GROUP_PROMOTED' : 'LOG_GROUP_DEMOTED';
@@ -1838,7 +1831,7 @@ function group_user_attributes($action, $group_id, $user_id_ary = false, $userna
WHERE ug.group_id = ' . $group_id . '
AND ug.user_pending = 1
AND ug.user_id = u.user_id
AND ug.user_id IN (' . implode(', ', $user_id_ary) . ')';
AND ' . $db->sql_in_set('ug.user_id', $user_id_ary);
$result = $db->sql_query($sql);
$user_id_ary = $email_users = array();
@@ -1857,7 +1850,7 @@ function group_user_attributes($action, $group_id, $user_id_ary = false, $userna
$sql = 'UPDATE ' . USER_GROUP_TABLE . "
SET user_pending = 0
WHERE group_id = $group_id
AND user_id IN (" . implode(', ', $user_id_ary) . ')';
AND " . $db->sql_in_set('user_id', $user_id_ary);
$db->sql_query($sql);
// Send approved email to users...
@@ -1963,7 +1956,7 @@ function group_set_user_default($group_id, $user_id_ary, $group_attributes = fal
// Ok, get the original avatar data from users having an uploaded one (we need to remove these from the filesystem)
$sql = 'SELECT user_id, user_avatar
FROM ' . USERS_TABLE . '
WHERE user_id IN (' . implode(', ', $user_id_ary) . ')
WHERE ' . $db->sql_in_set('user_id', $user_id_ary) . '
AND user_avatar_type = ' . AVATAR_UPLOAD;
$result = $db->sql_query($sql);
@@ -1975,7 +1968,7 @@ function group_set_user_default($group_id, $user_id_ary, $group_attributes = fal
}
$sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
WHERE user_id IN (' . implode(', ', $user_id_ary) . ')';
WHERE ' . $db->sql_in_set('user_id', $user_id_ary);
$db->sql_query($sql);
}
@@ -2016,22 +2009,29 @@ function group_memberships($group_id_ary = false, $user_id_ary = false, $return_
return true;
}
if ($user_id_ary)
{
$user_id_ary = (!is_array($user_id_ary)) ? array($user_id_ary) : $user_id_ary;
}
if ($group_id_ary)
{
$group_id_ary = (!is_array($group_id_ary)) ? array($group_id_ary) : $group_id_ary;
}
$sql = 'SELECT ug.*, u.username, u.user_email
FROM ' . USER_GROUP_TABLE . ' ug, ' . USERS_TABLE . ' u
WHERE ug.user_id = u.user_id AND ';
if ($group_id_ary && $user_id_ary)
if ($group_id_ary)
{
$sql .= " ug.group_id " . ((is_array($group_id_ary)) ? ' IN (' . implode(', ', $group_id_ary) . ')' : " = $group_id_ary") . "
AND ug.user_id " . ((is_array($user_id_ary)) ? ' IN (' . implode(', ', $user_id_ary) . ')' : " = $user_id_ary");
$sql .= ' ' . $db->sql_in_set('ug.group_id', $group_id_ary);
}
else if ($group_id_ary)
if ($user_id_ary)
{
$sql .= " ug.group_id " . ((is_array($group_id_ary)) ? ' IN (' . implode(', ', $group_id_ary) . ')' : " = $group_id_ary");
}
else if ($user_id_ary)
{
$sql .= " ug.user_id " . ((is_array($user_id_ary)) ? ' IN (' . implode(', ', $user_id_ary) . ')' : " = $user_id_ary");
$sql .= ($group_id_ary) ? ' AND ' : ' ';
$sql .= $db->sql_in_set('ug.user_id', $user_id_ary);
}
$result = ($return_bool) ? $db->sql_query_limit($sql, 1) : $db->sql_query($sql);