From de640a2d3f0ee39f13fb87ebff4f9d8cf839765b Mon Sep 17 00:00:00 2001 From: Petr Skoda Date: Sat, 17 Mar 2012 19:20:25 +0100 Subject: [PATCH] MDL-29515 remove deprecated $DB->sql_ilike() and fix debug messages --- lib/dml/moodle_database.php | 17 -------------- lib/dml/mssql_native_moodle_database.php | 2 +- lib/dml/mysqli_native_moodle_database.php | 2 +- lib/dml/oci_native_moodle_database.php | 2 +- lib/dml/pgsql_native_moodle_database.php | 7 +----- lib/dml/simpletest/testdml.php | 27 ----------------------- lib/dml/sqlsrv_native_moodle_database.php | 2 +- 7 files changed, 5 insertions(+), 54 deletions(-) diff --git a/lib/dml/moodle_database.php b/lib/dml/moodle_database.php index 2baf138f37d..af733f5ad75 100644 --- a/lib/dml/moodle_database.php +++ b/lib/dml/moodle_database.php @@ -1851,23 +1851,6 @@ abstract class moodle_database { return $text; } - /** - * Returns the proper SQL to do LIKE in a case-insensitive way. - * - * Note the LIKE are case sensitive for Oracle. Oracle 10g is required to use - * the case insensitive search using regexp_like() or NLS_COMP=LINGUISTIC :-( - * See http://docs.moodle.org/en/XMLDB_Problems#Case-insensitive_searches - * - * @deprecated since Moodle 2.0 MDL-23925 - please do not use this function any more. - * @todo MDL-31280 to remove deprecated functions prior to 2.3 release. - * @return string Do not use this function! - * @see sql_like() - */ - public function sql_ilike() { - debugging('sql_ilike() is deprecated, please use sql_like() instead'); - return 'LIKE'; - } - /** * Returns the proper SQL to do CONCAT between the elements(fieldnames) passed. * diff --git a/lib/dml/mssql_native_moodle_database.php b/lib/dml/mssql_native_moodle_database.php index d5998a7187a..b1e6573e9be 100644 --- a/lib/dml/mssql_native_moodle_database.php +++ b/lib/dml/mssql_native_moodle_database.php @@ -1137,7 +1137,7 @@ class mssql_native_moodle_database extends moodle_database { */ public function sql_like($fieldname, $param, $casesensitive = true, $accentsensitive = true, $notlike = false, $escapechar = '\\') { if (strpos($param, '%') !== false) { - debugging('Potential SQL injection detected, sql_ilike() expects bound parameters (? or :named)'); + debugging('Potential SQL injection detected, sql_like() expects bound parameters (? or :named)'); } $collation = $this->get_collation(); diff --git a/lib/dml/mysqli_native_moodle_database.php b/lib/dml/mysqli_native_moodle_database.php index 242c5c43b9e..8b5f22423db 100644 --- a/lib/dml/mysqli_native_moodle_database.php +++ b/lib/dml/mysqli_native_moodle_database.php @@ -1176,7 +1176,7 @@ class mysqli_native_moodle_database extends moodle_database { */ public function sql_like($fieldname, $param, $casesensitive = true, $accentsensitive = true, $notlike = false, $escapechar = '\\') { if (strpos($param, '%') !== false) { - debugging('Potential SQL injection detected, sql_ilike() expects bound parameters (? or :named)'); + debugging('Potential SQL injection detected, sql_like() expects bound parameters (? or :named)'); } $escapechar = $this->mysqli->real_escape_string($escapechar); // prevents problems with C-style escapes of enclosing '\' diff --git a/lib/dml/oci_native_moodle_database.php b/lib/dml/oci_native_moodle_database.php index b780bd42946..8258c023dd1 100644 --- a/lib/dml/oci_native_moodle_database.php +++ b/lib/dml/oci_native_moodle_database.php @@ -1541,7 +1541,7 @@ class oci_native_moodle_database extends moodle_database { */ public function sql_like($fieldname, $param, $casesensitive = true, $accentsensitive = true, $notlike = false, $escapechar = '\\') { if (strpos($param, '%') !== false) { - debugging('Potential SQL injection detected, sql_ilike() expects bound parameters (? or :named)'); + debugging('Potential SQL injection detected, sql_like() expects bound parameters (? or :named)'); } $LIKE = $notlike ? 'NOT LIKE' : 'LIKE'; diff --git a/lib/dml/pgsql_native_moodle_database.php b/lib/dml/pgsql_native_moodle_database.php index d49803b0e8f..0156605d6e2 100644 --- a/lib/dml/pgsql_native_moodle_database.php +++ b/lib/dml/pgsql_native_moodle_database.php @@ -1097,7 +1097,7 @@ class pgsql_native_moodle_database extends moodle_database { */ public function sql_like($fieldname, $param, $casesensitive = true, $accentsensitive = true, $notlike = false, $escapechar = '\\') { if (strpos($param, '%') !== false) { - debugging('Potential SQL injection detected, sql_ilike() expects bound parameters (? or :named)'); + debugging('Potential SQL injection detected, sql_like() expects bound parameters (? or :named)'); } $escapechar = pg_escape_string($this->pgsql, $escapechar); // prevents problems with C-style escapes of enclosing '\' @@ -1110,11 +1110,6 @@ class pgsql_native_moodle_database extends moodle_database { return "$fieldname $LIKE $param ESCAPE '$escapechar'"; } - public function sql_ilike() { - debugging('sql_ilike() is deprecated, please use sql_like() instead'); - return 'ILIKE'; - } - public function sql_bitxor($int1, $int2) { return '((' . $int1 . ') # (' . $int2 . '))'; } diff --git a/lib/dml/simpletest/testdml.php b/lib/dml/simpletest/testdml.php index f7c2152b603..91b36e2f31b 100644 --- a/lib/dml/simpletest/testdml.php +++ b/lib/dml/simpletest/testdml.php @@ -3426,33 +3426,6 @@ class dml_test extends UnitTestCase { //$this->assertEqual(count($records), 3, 'Accent insensitive LIKE searches may not be supported in all databases, this is not a problem.'); } - function test_sql_ilike() { - // note: this is deprecated, just make sure it does not throw error - $DB = $this->tdb; - $dbman = $DB->get_manager(); - - $table = $this->get_test_table(); - $tablename = $table->getName(); - - $table->add_field('id', XMLDB_TYPE_INTEGER, '10', XMLDB_UNSIGNED, XMLDB_NOTNULL, XMLDB_SEQUENCE, null); - $table->add_field('name', XMLDB_TYPE_CHAR, '255', null, null, null, null); - $table->add_key('primary', XMLDB_KEY_PRIMARY, array('id')); - $dbman->create_table($table); - - $DB->insert_record($tablename, array('name'=>'SuperDuperRecord')); - $DB->insert_record($tablename, array('name'=>'NoDupor')); - $DB->insert_record($tablename, array('name'=>'ouch')); - - // make sure it prints debug message - $this->enable_debugging(); - $sql = "SELECT * FROM {{$tablename}} WHERE name ".$DB->sql_ilike()." ?"; - $params = array("%dup_r%"); - $this->assertFalse($this->get_debugging() === ''); - - // following must not throw exception, we ignore result - $DB->get_records_sql($sql, $params); - } - function test_coalesce() { $DB = $this->tdb; diff --git a/lib/dml/sqlsrv_native_moodle_database.php b/lib/dml/sqlsrv_native_moodle_database.php index f8c799f4985..65fc5a41226 100644 --- a/lib/dml/sqlsrv_native_moodle_database.php +++ b/lib/dml/sqlsrv_native_moodle_database.php @@ -1193,7 +1193,7 @@ class sqlsrv_native_moodle_database extends moodle_database { */ public function sql_like($fieldname, $param, $casesensitive = true, $accentsensitive = true, $notlike = false, $escapechar = '\\') { if (strpos($param, '%') !== false) { - debugging('Potential SQL injection detected, sql_ilike() expects bound parameters (? or :named)'); + debugging('Potential SQL injection detected, sql_like() expects bound parameters (? or :named)'); } $collation = $this->get_collation();