mirror of
https://github.com/moodle/moodle.git
synced 2025-03-14 04:30:15 +01:00
MDL-29515 remove deprecated $DB->sql_ilike() and fix debug messages
This commit is contained in:
parent
a2b30aa852
commit
de640a2d3f
@ -1851,23 +1851,6 @@ abstract class moodle_database {
|
||||
return $text;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the proper SQL to do LIKE in a case-insensitive way.
|
||||
*
|
||||
* Note the LIKE are case sensitive for Oracle. Oracle 10g is required to use
|
||||
* the case insensitive search using regexp_like() or NLS_COMP=LINGUISTIC :-(
|
||||
* See http://docs.moodle.org/en/XMLDB_Problems#Case-insensitive_searches
|
||||
*
|
||||
* @deprecated since Moodle 2.0 MDL-23925 - please do not use this function any more.
|
||||
* @todo MDL-31280 to remove deprecated functions prior to 2.3 release.
|
||||
* @return string Do not use this function!
|
||||
* @see sql_like()
|
||||
*/
|
||||
public function sql_ilike() {
|
||||
debugging('sql_ilike() is deprecated, please use sql_like() instead');
|
||||
return 'LIKE';
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the proper SQL to do CONCAT between the elements(fieldnames) passed.
|
||||
*
|
||||
|
@ -1137,7 +1137,7 @@ class mssql_native_moodle_database extends moodle_database {
|
||||
*/
|
||||
public function sql_like($fieldname, $param, $casesensitive = true, $accentsensitive = true, $notlike = false, $escapechar = '\\') {
|
||||
if (strpos($param, '%') !== false) {
|
||||
debugging('Potential SQL injection detected, sql_ilike() expects bound parameters (? or :named)');
|
||||
debugging('Potential SQL injection detected, sql_like() expects bound parameters (? or :named)');
|
||||
}
|
||||
|
||||
$collation = $this->get_collation();
|
||||
|
@ -1176,7 +1176,7 @@ class mysqli_native_moodle_database extends moodle_database {
|
||||
*/
|
||||
public function sql_like($fieldname, $param, $casesensitive = true, $accentsensitive = true, $notlike = false, $escapechar = '\\') {
|
||||
if (strpos($param, '%') !== false) {
|
||||
debugging('Potential SQL injection detected, sql_ilike() expects bound parameters (? or :named)');
|
||||
debugging('Potential SQL injection detected, sql_like() expects bound parameters (? or :named)');
|
||||
}
|
||||
$escapechar = $this->mysqli->real_escape_string($escapechar); // prevents problems with C-style escapes of enclosing '\'
|
||||
|
||||
|
@ -1541,7 +1541,7 @@ class oci_native_moodle_database extends moodle_database {
|
||||
*/
|
||||
public function sql_like($fieldname, $param, $casesensitive = true, $accentsensitive = true, $notlike = false, $escapechar = '\\') {
|
||||
if (strpos($param, '%') !== false) {
|
||||
debugging('Potential SQL injection detected, sql_ilike() expects bound parameters (? or :named)');
|
||||
debugging('Potential SQL injection detected, sql_like() expects bound parameters (? or :named)');
|
||||
}
|
||||
|
||||
$LIKE = $notlike ? 'NOT LIKE' : 'LIKE';
|
||||
|
@ -1097,7 +1097,7 @@ class pgsql_native_moodle_database extends moodle_database {
|
||||
*/
|
||||
public function sql_like($fieldname, $param, $casesensitive = true, $accentsensitive = true, $notlike = false, $escapechar = '\\') {
|
||||
if (strpos($param, '%') !== false) {
|
||||
debugging('Potential SQL injection detected, sql_ilike() expects bound parameters (? or :named)');
|
||||
debugging('Potential SQL injection detected, sql_like() expects bound parameters (? or :named)');
|
||||
}
|
||||
$escapechar = pg_escape_string($this->pgsql, $escapechar); // prevents problems with C-style escapes of enclosing '\'
|
||||
|
||||
@ -1110,11 +1110,6 @@ class pgsql_native_moodle_database extends moodle_database {
|
||||
return "$fieldname $LIKE $param ESCAPE '$escapechar'";
|
||||
}
|
||||
|
||||
public function sql_ilike() {
|
||||
debugging('sql_ilike() is deprecated, please use sql_like() instead');
|
||||
return 'ILIKE';
|
||||
}
|
||||
|
||||
public function sql_bitxor($int1, $int2) {
|
||||
return '((' . $int1 . ') # (' . $int2 . '))';
|
||||
}
|
||||
|
@ -3426,33 +3426,6 @@ class dml_test extends UnitTestCase {
|
||||
//$this->assertEqual(count($records), 3, 'Accent insensitive LIKE searches may not be supported in all databases, this is not a problem.');
|
||||
}
|
||||
|
||||
function test_sql_ilike() {
|
||||
// note: this is deprecated, just make sure it does not throw error
|
||||
$DB = $this->tdb;
|
||||
$dbman = $DB->get_manager();
|
||||
|
||||
$table = $this->get_test_table();
|
||||
$tablename = $table->getName();
|
||||
|
||||
$table->add_field('id', XMLDB_TYPE_INTEGER, '10', XMLDB_UNSIGNED, XMLDB_NOTNULL, XMLDB_SEQUENCE, null);
|
||||
$table->add_field('name', XMLDB_TYPE_CHAR, '255', null, null, null, null);
|
||||
$table->add_key('primary', XMLDB_KEY_PRIMARY, array('id'));
|
||||
$dbman->create_table($table);
|
||||
|
||||
$DB->insert_record($tablename, array('name'=>'SuperDuperRecord'));
|
||||
$DB->insert_record($tablename, array('name'=>'NoDupor'));
|
||||
$DB->insert_record($tablename, array('name'=>'ouch'));
|
||||
|
||||
// make sure it prints debug message
|
||||
$this->enable_debugging();
|
||||
$sql = "SELECT * FROM {{$tablename}} WHERE name ".$DB->sql_ilike()." ?";
|
||||
$params = array("%dup_r%");
|
||||
$this->assertFalse($this->get_debugging() === '');
|
||||
|
||||
// following must not throw exception, we ignore result
|
||||
$DB->get_records_sql($sql, $params);
|
||||
}
|
||||
|
||||
function test_coalesce() {
|
||||
$DB = $this->tdb;
|
||||
|
||||
|
@ -1193,7 +1193,7 @@ class sqlsrv_native_moodle_database extends moodle_database {
|
||||
*/
|
||||
public function sql_like($fieldname, $param, $casesensitive = true, $accentsensitive = true, $notlike = false, $escapechar = '\\') {
|
||||
if (strpos($param, '%') !== false) {
|
||||
debugging('Potential SQL injection detected, sql_ilike() expects bound parameters (? or :named)');
|
||||
debugging('Potential SQL injection detected, sql_like() expects bound parameters (? or :named)');
|
||||
}
|
||||
|
||||
$collation = $this->get_collation();
|
||||
|
Loading…
x
Reference in New Issue
Block a user