From a6916e7e4bafacfebf37d003cc999a8d96ef1b50 Mon Sep 17 00:00:00 2001 From: JBthePenguin Date: Sun, 3 Oct 2021 16:33:10 +0200 Subject: [PATCH] remove {} in all db requests strings, replace them with '?, ' --- src/lib/Category.php | 2 +- src/lib/Equipment.php | 14 +++++++------- src/lib/Movement.php | 14 +++++++------- .../categories/materiels_par_categorie.tpl | 1 - 4 files changed, 15 insertions(+), 16 deletions(-) diff --git a/src/lib/Category.php b/src/lib/Category.php index 37d4d85..7f3d99c 100644 --- a/src/lib/Category.php +++ b/src/lib/Category.php @@ -22,7 +22,7 @@ class Category public function delete($id) // delete a specific category { - DB::getInstance()->delete('plugin_materiels_category', 'id = ' . $id); + DB::getInstance()->delete('plugin_materiels_category', 'id = ?', $id); } public function get($id) diff --git a/src/lib/Equipment.php b/src/lib/Equipment.php index 6c39027..bda2a2d 100644 --- a/src/lib/Equipment.php +++ b/src/lib/Equipment.php @@ -31,7 +31,7 @@ class Equipment public function delete($id) // delete a specific equipment { - DB::getInstance()->delete('plugin_materiels_equipment', 'id = ' . $id); + DB::getInstance()->delete('plugin_materiels_equipment', 'id = ?', $id); } public function listAllByCategory() @@ -184,11 +184,11 @@ class Equipment $entries = DB::getInstance()->firstColumn( "SELECT sum(equipment_number) FROM plugin_materiels_movement WHERE side = '0' AND kind IN ( 'Achat', 'Don', 'Récupération', - 'Retour de location / prêt') AND equipment_id = '{$id}' AND mvt_date <= '{$date}';"); + 'Retour de location / prêt') AND equipment_id = ? AND mvt_date <= ?;", $id, $date); $outputs = DB::getInstance()->firstColumn( "SELECT sum(equipment_number) FROM plugin_materiels_movement WHERE side = '1' AND kind IN ( 'Vente', 'Don', 'Besoin', 'Autre (perte, vol, ...)', - 'Location / Prêt') AND equipment_id = '{$id}' AND mvt_date <= '{$date}';"); + 'Location / Prêt') AND equipment_id = ? AND mvt_date <= ?;", $id, $date); return $entries - $outputs; } @@ -222,9 +222,9 @@ class Equipment // return number of a specific equipment is out at a specific date { $entries = DB::getInstance()->firstColumn( - "SELECT sum(equipment_number) FROM plugin_materiels_movement WHERE side = '0' AND kind = 'Retour de location / prêt' AND equipment_id = '{$id}' AND mvt_date <= '{$date}';"); + "SELECT sum(equipment_number) FROM plugin_materiels_movement WHERE side = '0' AND kind = 'Retour de location / prêt' AND equipment_id = ? AND mvt_date <= ?;", $id, $date); $outputs = DB::getInstance()->firstColumn( - "SELECT sum(equipment_number) FROM plugin_materiels_movement WHERE side = '1' AND kind = 'Location / Prêt' AND equipment_id = '{$id}' AND mvt_date <= '{$date}';"); + "SELECT sum(equipment_number) FROM plugin_materiels_movement WHERE side = '1' AND kind = 'Location / Prêt' AND equipment_id = ? AND mvt_date <= ?;", $id, $date); return $outputs - $entries; } @@ -258,9 +258,9 @@ class Equipment // return the number of equipments no owned at a specific date { $entries = DB::getInstance()->firstColumn( - "SELECT sum(equipment_number) FROM plugin_materiels_movement WHERE side = '0' AND kind = 'Location / Prêt' AND equipment_id = '{$id}' AND mvt_date <= '{$date}';"); + "SELECT sum(equipment_number) FROM plugin_materiels_movement WHERE side = '0' AND kind = 'Location / Prêt' AND equipment_id = ? AND mvt_date <= ?;", $id, $date); $outputs = DB::getInstance()->firstColumn( - "SELECT sum(equipment_number) FROM plugin_materiels_movement WHERE side = '1' AND kind = 'Retour de location / prêt' AND equipment_id = '{$id}' AND mvt_date <= '{$date}';"); + "SELECT sum(equipment_number) FROM plugin_materiels_movement WHERE side = '1' AND kind = 'Retour de location / prêt' AND equipment_id = ? AND mvt_date <= ?;", $id, $date); return $entries - $outputs; } } diff --git a/src/lib/Movement.php b/src/lib/Movement.php index 083b467..3cfdcc2 100644 --- a/src/lib/Movement.php +++ b/src/lib/Movement.php @@ -22,7 +22,7 @@ class Movement public function delete($id) // delete specific movement { - DB::getInstance()->delete('plugin_materiels_movement', 'id = ' . $id); + DB::getInstance()->delete('plugin_materiels_movement', 'id = ?', $id); } public function listEntryKinds() @@ -51,7 +51,7 @@ class Movement public function listAllOneSide($side) // return all entries if side is 0 or all outputs if side is 1 ordered by date { - $mvts = DB::getInstance()->get("SELECT * FROM plugin_materiels_movement WHERE side = '{$side}' ORDER BY mvt_date DESC;"); + $mvts = DB::getInstance()->get("SELECT * FROM plugin_materiels_movement WHERE side = ? ORDER BY mvt_date DESC;", $side); // for each movements get the equipment's designation $eqmt = new Equipment; foreach ($mvts as $key => $value) { @@ -68,7 +68,7 @@ class Movement { // get all entry dates after the specific date and make a list with its $after_entry_dates = DB::getInstance()->get( - "SELECT mvt_date FROM plugin_materiels_movement WHERE side = '0' AND kind = 'Retour de location / prêt' AND equipment_id = '{$id}' AND mvt_date > '{$date}';"); + "SELECT mvt_date FROM plugin_materiels_movement WHERE side = '0' AND kind = 'Retour de location / prêt' AND equipment_id = ? AND mvt_date > ?;", $id, $date); $entry_dates = array($date); foreach ($after_entry_dates as $row) { @@ -97,7 +97,7 @@ class Movement $after_output_dates = DB::getInstance()->get( "SELECT mvt_date FROM plugin_materiels_movement WHERE side = '1' AND kind IN ( 'Vente', 'Don', 'Besoin', 'Autre (perte, vol, ...)', - 'Location / Prêt') AND equipment_id = '{$id}' AND mvt_date > '{$date}';"); + 'Location / Prêt') AND equipment_id = ? AND mvt_date > ?;", $id, $date); $output_dates = array($date); foreach ($after_output_dates as $row) { @@ -124,7 +124,7 @@ class Movement { // get all output dates after the specific date and make a list with its $after_output_dates = DB::getInstance()->get( - "SELECT mvt_date FROM plugin_materiels_movement WHERE side = '1' AND kind = 'Retour de location / prêt' AND equipment_id = '{$id}' AND mvt_date > '{$date}';"); + "SELECT mvt_date FROM plugin_materiels_movement WHERE side = '1' AND kind = 'Retour de location / prêt' AND equipment_id = ? AND mvt_date > ?;", $id, $date); $output_dates = array($date); foreach ($after_output_dates as $row) { @@ -170,11 +170,11 @@ class Movement } public function AllEqmtMovements($eqmt_id) - // return list of all movements for a specific equipments + // return list of all movements for a specific equipment // ordered by date and side // if same date order by rent output and after put entry for return { return DB::getInstance()->get( - "SELECT * FROM plugin_materiels_movement WHERE equipment_id = '{$eqmt_id}' ORDER BY mvt_date DESC, CASE WHEN (side = '1' AND kind = 'Location / Prêt') THEN 1 WHEN (side = '0' AND kind != 'Retour de location / prêt') THEN 2 ELSE 0 END, side DESC;"); + "SELECT * FROM plugin_materiels_movement WHERE equipment_id = ? ORDER BY mvt_date DESC, CASE WHEN (side = '1' AND kind = 'Location / Prêt') THEN 1 WHEN (side = '0' AND kind != 'Retour de location / prêt') THEN 2 ELSE 0 END, side DESC;", $eqmt_id); } } diff --git a/src/templates/categories/materiels_par_categorie.tpl b/src/templates/categories/materiels_par_categorie.tpl index d8fe5cf..aa5f897 100644 --- a/src/templates/categories/materiels_par_categorie.tpl +++ b/src/templates/categories/materiels_par_categorie.tpl @@ -70,7 +70,6 @@ {foreach from=$eqmts_just_listed item="eqmt"} {$eqmt.designation} - {/foreach}