diff --git a/docs/upgrades/upgrade_6.1.1-6.2.0.sql b/docs/upgrades/upgrade_6.1.1-6.2.0.sql index 86458fdfb..87f7c006f 100644 --- a/docs/upgrades/upgrade_6.1.1-6.2.0.sql +++ b/docs/upgrades/upgrade_6.1.1-6.2.0.sql @@ -253,5 +253,8 @@ alter table userSession change sessionId sessionId char(22) not null; alter table userSessionScratch change sessionId sessionId char(22) not null; alter table users change referringAffiliate referringAffiliate char(22) not null; +delete from incrementer where incrementerId in ("databaseLinkId", "DataForm_entryId", "DataForm_fieldId", "DataForm_tabId", "EventsCalendar_eventId", "EventsCalendar_recurringId", "FileManager_fileId", "forumId", "forumPostId", "forumThreadId", "groupId", "languageId", "Product_benefitId", "Product_featureId", "Product_specificationId", "replacementId", "Survey_answerId", "Survey_id", "Survey_questionId", "Survey_responseId", "USS_id", "USS_submissionId", "wobjectId"); + + diff --git a/lib/WebGUI/DatabaseLink.pm b/lib/WebGUI/DatabaseLink.pm index 07cb75b02..187193942 100644 --- a/lib/WebGUI/DatabaseLink.pm +++ b/lib/WebGUI/DatabaseLink.pm @@ -76,7 +76,7 @@ A valid databaseLinkId =cut sub get { - return WebGUI::SQL->quickHash("select * from databaseLink where databaseLinkId=".$_[0]); + return WebGUI::SQL->quickHash("select * from databaseLink where databaseLinkId=".quote($_[0])); } #------------------------------------------------------------------- @@ -98,7 +98,7 @@ A valid databaseLinkId sub whatIsUsing { # get list of SQLReports my $sql = 'select wobject.wobjectId, wobject.title, page.menuTitle, page.urlizedTitle from wobject, SQLReport, page '. - 'where SQLReport.databaseLinkId = '.$_[0].' and SQLReport.wobjectId = wobject.wobjectId '. + 'where SQLReport.databaseLinkId = '.quote($_[0]). 'and SQLReport.wobjectId = wobject.wobjectId '. 'and wobject.pageId = page.pageId'; my $sth = WebGUI::SQL->read($sql); my @using; @@ -108,7 +108,7 @@ sub whatIsUsing { $sth->finish; # get list of groups - $sql = 'select groupId, groupName from groups where databaseLinkId = '.$_[0]; + $sql = 'select groupId, groupName from groups where databaseLinkId = '.quote($_[0]); $sth = WebGUI::SQL->read($sql); while (my $data = $sth->hashRef()) { push @using, $data; @@ -203,7 +203,7 @@ sub new { title=>"WebGUI Database" ); } else { - %databaseLink = WebGUI::SQL->quickHash("select * from databaseLink where databaseLinkId='$databaseLinkId'"); + %databaseLink = WebGUI::SQL->quickHash("select * from databaseLink where databaseLinkId=".quote($databaseLinkId)); } } bless {_databaseLinkId => $databaseLinkId, _databaseLink => \%databaseLink }, $class; diff --git a/lib/WebGUI/Operation/DatabaseLink.pm b/lib/WebGUI/Operation/DatabaseLink.pm index 557a5506b..304691b28 100644 --- a/lib/WebGUI/Operation/DatabaseLink.pm +++ b/lib/WebGUI/Operation/DatabaseLink.pm @@ -16,6 +16,7 @@ use Tie::CPHash; use WebGUI::DatabaseLink; use WebGUI::Grouping; use WebGUI::Icon; +use WebGUI::Id; use WebGUI::International; use WebGUI::Operation::Shared; use WebGUI::Paginator; @@ -47,9 +48,9 @@ sub www_copyDatabaseLink { return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(3)); my (%db); tie %db, 'Tie::CPHash'; - %db = WebGUI::SQL->quickHash("select * from databaseLink where databaseLinkId=$session{form}{dlid}"); - WebGUI::SQL->write("insert into databaseLink (databaseLinkId,title,DSN,username,identifier) values (".getNextId("databaseLinkId").", - ".quote('Copy of '.$db{title}).", ".quote($db{DSN}).", ".quote($db{username}).", ".quote($db{identifier}).")"); + %db = WebGUI::SQL->quickHash("select * from databaseLink where databaseLinkId=".quote($session{form}{dlid})); + WebGUI::SQL->write("insert into databaseLink (databaseLinkId,title,DSN,username,identifier) values (".quote(WebGUI::Id::generate()).", + ".quote($db{title}." (copy)").", ".quote($db{DSN}).", ".quote($db{username}).", ".quote($db{identifier}).")"); return www_listDatabaseLinks(); } @@ -79,7 +80,7 @@ sub www_deleteDatabaseLink { #------------------------------------------------------------------- sub www_deleteDatabaseLinkConfirm { return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(3)); - WebGUI::SQL->write("delete from databaseLink where databaseLinkId=".$session{form}{dlid}); + WebGUI::SQL->write("delete from databaseLink where databaseLinkId=".quote($session{form}{dlid})); return www_listDatabaseLinks(); } @@ -91,7 +92,7 @@ sub www_editDatabaseLink { if ($session{form}{dlid} eq "new") { } else { - %db = WebGUI::SQL->quickHash("select * from databaseLink where databaseLinkId=$session{form}{dlid}"); + %db = WebGUI::SQL->quickHash("select * from databaseLink where databaseLinkId=".quote($session{form}{dlid})); } $output .= helpIcon("database link add/edit"); $output .= '

'.WebGUI::International::get(990).'

'; @@ -102,7 +103,7 @@ sub www_editDatabaseLink { $f->text("title",WebGUI::International::get(992),$db{title}); $f->text("DSN",WebGUI::International::get(993),$db{DSN}); $f->text("username",WebGUI::International::get(994),$db{username}); - $f->text("identifier",WebGUI::International::get(995),$db{identifier}); + $f->password("identifier",WebGUI::International::get(995),$db{identifier}); $f->submit; $output .= $f->print; return _submenu($output); @@ -112,11 +113,11 @@ sub www_editDatabaseLink { sub www_editDatabaseLinkSave { return WebGUI::Privilege::insufficient unless (WebGUI::Grouping::isInGroup(3)); if ($session{form}{dlid} eq "new") { - $session{form}{dlid} = getNextId("databaseLinkId"); - WebGUI::SQL->write("insert into databaseLink (databaseLinkId) values ($session{form}{dlid})"); + $session{form}{dlid} = WebGUI::Id::generate(); + WebGUI::SQL->write("insert into databaseLink (databaseLinkId) values (".quote($session{form}{dlid}).")"); } WebGUI::SQL->write("update databaseLink set title=".quote($session{form}{title}).", DSN=".quote($session{form}{DSN}).", - username=".quote($session{form}{username}).", identifier=".quote($session{form}{identifier})." where databaseLinkId=".$session{form}{dlid}); + username=".quote($session{form}{username}).", identifier=".quote($session{form}{identifier})." where databaseLinkId=".quote($session{form}{dlid})); return www_listDatabaseLinks(); }