oqapi/webgui
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

adding guid stuff

Browse source
This commit is contained in:
JT Smith 2004-08-10 23:43:25 +00:00
parent 5a182e5971
commit 4bfab4378f
6 changed files with 92 additions and 60 deletions
Download patch file Download diff file Expand all files Collapse all files

2
lib/WebGUI/Form.pm
View file

@ -887,7 +887,7 @@ sub group {
tie %hash, 'Tie::IxHash';
my $exclude = $_[0]->{excludeGroups};
if ($$exclude[0] ne "") {
$where = "and groupId not in (".join(",",@$exclude).")";
$where = "and groupId not in (".quoteAndJoin($exclude).")";
}
%hash = WebGUI::SQL->buildHash("select groupId,groupName from groups where showInForms=1 $where order by groupName");
return selectList({

49
lib/WebGUI/Group.pm
View file

@ -17,6 +17,7 @@ package WebGUI::Group;
use strict;
use Tie::CPHash;
use WebGUI::DateTime;
use WebGUI::Id;
use WebGUI::Grouping;
use WebGUI::Session;
use WebGUI::SQL;
@ -67,9 +68,9 @@ These methods are available from this class:
#-------------------------------------------------------------------
sub _create {
my $groupId = getNextId("groupId");
my $groupId = WebGUI::Id::generate();
WebGUI::SQL->write("insert into groups (groupId,dateCreated,expireOffset,karmaThreshold) values
($groupId,".time().",314496000,1000000000)");
(".quote($groupId).",".time().",314496000,1000000000)");
WebGUI::Grouping::addGroupsToGroups([3],[$groupId]);
return $groupId;
}
@ -117,7 +118,7 @@ sub autoAdd {
if (defined $value) {
$class->{_group}{"autoAdd"} = $value;
WebGUI::SQL->write("update groups set autoAdd=".quote($value).",
lastUpdated=".time()." where groupId=$class->{_groupId}");
lastUpdated=".time()." where groupId=".quote($class->{_groupId}));
}
return $class->{_group}{"autoAdd"};
}
@ -146,7 +147,7 @@ sub autoDelete {
if (defined $value) {
$class->{_group}{"autoDelete"} = $value;
WebGUI::SQL->write("update groups set autoDelete=".quote($value).",
lastUpdated=".time()." where groupId=$class->{_groupId}");
lastUpdated=".time()." where groupId=".quote($class->{_groupId}));
}
return $class->{_group}{"autoDelete"};
}
@ -174,9 +175,9 @@ Deletes this group and all references to it.
=cut
sub delete {
WebGUI::SQL->write("delete from groups where groupId=".$_[0]->{_groupId});
WebGUI::SQL->write("delete from groupings where groupId=".$_[0]->{_groupId});
WebGUI::SQL->write("delete from groupGroupings where inGroup=".$_[0]->{_groupId}." or groupId=".$_[0]->{_groupId});
WebGUI::SQL->write("delete from groups where groupId=".quote($_[0]->{_groupId}));
WebGUI::SQL->write("delete from groupings where groupId=".quote($_[0]->{_groupId}));
WebGUI::SQL->write("delete from groupGroupings where inGroup=".quote($_[0]->{_groupId})." or groupId=".quote($_[0]->{_groupId}));
}
#-------------------------------------------------------------------
@ -223,7 +224,7 @@ sub deleteOffset {
if (defined $value) {
$class->{_group}{"deleteOffset"} = $value;
WebGUI::SQL->write("update groups set deleteOffset=$value,
lastUpdated=".time()." where groupId=$class->{_groupId}");
lastUpdated=".time()." where groupId=".quote($class->{_groupId}));
}
return $class->{_group}{"deleteOffset"};
}
@ -252,7 +253,7 @@ sub description {
if (defined $value) {
$class->{_group}{"description"} = $value;
WebGUI::SQL->write("update groups set description=".quote($value).",
lastUpdated=".time()." where groupId=$class->{_groupId}");
lastUpdated=".time()." where groupId=".quote($class->{_groupId}));
}
return $class->{_group}{"description"};
}
@ -281,7 +282,7 @@ sub expireNotify {
if (defined $value) {
$class->{_group}{"expireNotify"} = $value;
WebGUI::SQL->write("update groups set expireNotify=$value,
lastUpdated=".time()." where groupId=$class->{_groupId}");
lastUpdated=".time()." where groupId=".quote($class->{_groupId}));
}
return $class->{_group}{"expireNotify"};
}
@ -310,7 +311,7 @@ sub expireNotifyMessage {
if (defined $value) {
$class->{_group}{"expireNotifyMessage"} = $value;
WebGUI::SQL->write("update groups set expireNotifyMessage=".quote($value).",
lastUpdated=".time()." where groupId=$class->{_groupId}");
lastUpdated=".time()." where groupId=".quote($class->{_groupId}));
}
return $class->{_group}{"expireNotifyMessage"};
}
@ -340,7 +341,7 @@ sub expireNotifyOffset {
if (defined $value) {
$class->{_group}{"expireNotifyOffset"} = $value;
WebGUI::SQL->write("update groups set expireNotifyOffset=$value,
lastUpdated=".time()." where groupId=$class->{_groupId}");
lastUpdated=".time()." where groupId=".quote($class->{_groupId}));
}
return $class->{_group}{"expireNotifyOffset"};
}
@ -369,7 +370,7 @@ sub expireOffset {
if (defined $value) {
$class->{_group}{"expireOffset"} = $value;
WebGUI::SQL->write("update groups set expireOffset=".quote($value).",
lastUpdated=".time()." where groupId=$class->{_groupId}");
lastUpdated=".time()." where groupId=".quote($class->{_groupId}));
}
return $class->{_group}{"expireOffset"};
}
@ -433,7 +434,7 @@ sub karmaThreshold {
if (defined $value) {
$class->{_group}{"karmaThreshold"} = $value;
WebGUI::SQL->write("update groups set karmaThreshold=".quote($value).",
lastUpdated=".time()." where groupId=$class->{_groupId}");
lastUpdated=".time()." where groupId=".quote($class->{_groupId}));
}
return $class->{_group}{"karmaThreshold"};
}
@ -462,7 +463,7 @@ sub ipFilter {
if (defined $value) {
$class->{_group}{"ipFilter"} = $value;
WebGUI::SQL->write("update groups set ipFilter=".quote($value).",
lastUpdated=".time()." where groupId=$class->{_groupId}");
lastUpdated=".time()." where groupId=".quote($class->{_groupId}));
}
return $class->{_group}{"ipFilter"};
}
@ -491,7 +492,7 @@ sub isEditable {
if (defined $value) {
$class->{_group}{"isEditable"} = $value;
WebGUI::SQL->write("update groups set isEditable=".quote($value).",
lastUpdated=".time()." where groupId=$class->{_groupId}");
lastUpdated=".time()." where groupId=".quote($class->{_groupId}));
}
return $class->{_group}{"isEditable"};
}
@ -533,7 +534,7 @@ sub name {
if (defined $value) {
$class->{_group}{"groupName"} = $value;
WebGUI::SQL->write("update groups set groupName=".quote($value).",
lastUpdated=".time()." where groupId=$class->{_groupId}");
lastUpdated=".time()." where groupId=".quote($class->{_groupId}));
}
return $class->{_group}{"groupName"};
}
@ -571,7 +572,7 @@ sub new {
$group{databaseLinkId} = 0;
$group{dbCacheTimeout} = 3600;
} else {
%group = WebGUI::SQL->quickHash("select * from groups where groupId='$groupId'");
%group = WebGUI::SQL->quickHash("select * from groups where groupId=".quote($groupId));
}
bless {_groupId => $groupId, _group => \%group }, $class;
}
@ -599,7 +600,7 @@ sub scratchFilter {
if (defined $value) {
$class->{_group}{"scratchFilter"} = $value;
WebGUI::SQL->write("update groups set scratchFilter=".quote($value).",
lastUpdated=".time()." where groupId=$class->{_groupId}");
lastUpdated=".time()." where groupId=".quote($class->{_groupId}));
}
return $class->{_group}{"scratchFilter"};
}
@ -627,7 +628,7 @@ sub showInForms {
if (defined $value) {
$class->{_group}{"showInForms"} = $value;
WebGUI::SQL->write("update groups set showInForms=".quote($value).",
lastUpdated=".time()." where groupId=$class->{_groupId}");
lastUpdated=".time()." where groupId=".quote($class->{_groupId}));
}
return $class->{_group}{"showInForms"};
}
@ -635,7 +636,7 @@ sub showInForms {
#-------------------------------------------------------------------
=head2 lastUpdated ( )
=head2 dbQuery ( )
=head2 dbQuery ( [ value ] )
@ -658,7 +659,7 @@ sub dbQuery {
if (defined $value) {
$class->{_group}{"dbQuery"} = $value;
WebGUI::SQL->write("update groups set dbQuery=".quote($value).",
lastUpdated=".time()." where groupId=$class->{_groupId}");
lastUpdated=".time()." where groupId=".quote($class->{_groupId}));
}
return $class->{_group}{"dbQuery"};
}
@ -686,7 +687,7 @@ sub databaseLinkId {
if (defined $value) {
$class->{_group}{"databaseLinkId"} = $value;
WebGUI::SQL->write("update groups set databaseLinkId=".quote($value).",
lastUpdated=".time()." where groupId=$class->{_groupId}");
lastUpdated=".time()." where groupId=".quote($class->{_groupId}));
}
return $class->{_group}{"databaseLinkId"};
}
@ -714,7 +715,7 @@ sub dbCacheTimeout {
if (defined $value) {
$class->{_group}{"dbCacheTimeout"} = $value;
WebGUI::SQL->write("update groups set dbCacheTimeout=".quote($value).",
lastUpdated=".time()." where groupId=$class->{_groupId}");
lastUpdated=".time()." where groupId=".quote($class->{_groupId}));
}
return $class->{_group}{"dbCacheTimeout"};
}

37
lib/WebGUI/Grouping.pm
View file

@ -76,10 +76,10 @@ sub addGroupsToGroups {
foreach my $gid (@{$_[0]}) {
foreach my $toGid (@{$_[1]}) {
my ($isIn) = WebGUI::SQL->quickArray("select count(*) from groupGroupings
where groupId=$gid and inGroup=$toGid");
where groupId=".quote($gid)." and inGroup=".quote($toGid));
my $recursive = isIn($toGid, @{getGroupsInGroup($gid,1)});
unless ($isIn || $recursive) {
WebGUI::SQL->write("insert into groupGroupings (groupId,inGroup) values ($gid,$toGid)");
WebGUI::SQL->write("insert into groupGroupings (groupId,inGroup) values (".quote($gid).",".quote($toGid).")");
}
}
}
@ -116,13 +116,13 @@ sub addUsersToGroups {
if ($_[2]) {
$expireOffset = $_[2];
} else {
($expireOffset) = WebGUI::SQL->quickArray("select expireOffset from groups where groupId=$gid");
($expireOffset) = WebGUI::SQL->quickArray("select expireOffset from groups where groupId=".quote($gid));
}
foreach my $uid (@{$_[0]}) {
my ($isIn) = WebGUI::SQL->quickArray("select count(*) from groupings where groupId=$gid and userId=$uid");
my ($isIn) = WebGUI::SQL->quickArray("select count(*) from groupings where groupId=".quote($gid)." and userId=".quote($uid));
unless ($isIn) {
WebGUI::SQL->write("insert into groupings (groupId,userId,expireDate)
values ($gid, $uid, ".(WebGUI::DateTime::time()+$expireOffset).")");
values (".quote($gid).", ".quote($uid).", ".(WebGUI::DateTime::time()+$expireOffset).")");
}
}
}
@ -151,7 +151,7 @@ An array reference containing the list of group ids to delete from.
sub deleteGroupsFromGroups {
foreach my $gid (@{$_[0]}) {
foreach my $fromGid (@{$_[1]}) {
WebGUI::SQL->write("delete from groupGroupings where groupId=$gid and inGroup=".$fromGid);
WebGUI::SQL->write("delete from groupGroupings where groupId=".quote($gid)." and inGroup=".quote($fromGid));
}
}
}
@ -180,7 +180,7 @@ An array reference containing a list of groups.
sub deleteUsersFromGroups {
foreach my $gid (@{$_[1]}) {
foreach my $uid (@{$_[0]}) {
WebGUI::SQL->write("delete from groupings where groupId=$gid and userId=$uid");
WebGUI::SQL->write("delete from groupings where groupId=".quote($gid)." and userId=".quote($uid));
}
}
}
@ -203,7 +203,7 @@ A unique identifier for the group.
=cut
sub getGroupsForGroup {
return WebGUI::SQL->buildArrayRef("select inGroup from groupGroupings where groupId=$_[0]");
return WebGUI::SQL->buildArrayRef("select inGroup from groupGroupings where groupId=".quote($_[0]));
}
@ -236,7 +236,7 @@ sub getGroupsForUser {
} elsif (exists $session{gotGroupsForUser}{$userId}) {
return $session{gotGroupsForUser}{$userId};
} else {
my @groups = WebGUI::SQL->buildArray("select groupId from groupings where userId=$userId $clause");
my @groups = WebGUI::SQL->buildArray("select groupId from groupings where userId=".quote($userId)." $clause");
foreach my $gid (@groups) {
$session{isInGroup}{$userId}{$gid} = 1;
}
@ -276,7 +276,7 @@ sub getGroupsInGroup {
} elsif (exists $session{gotGroupsInGroup}{recursive}{$groupId}) {
return $session{gotGroupsInGroup}{direct}{$groupId};
}
my $groups = WebGUI::SQL->buildArrayRef("select groupId from groupGroupings where inGroup=$groupId");
my $groups = WebGUI::SQL->buildArrayRef("select groupId from groupGroupings where inGroup=".quote($groupId));
if ($isRecursive) {
$loopCount++;
if ($loopCount > 99) {
@ -317,11 +317,11 @@ A boolean value to determine whether the method should return the users directly
=cut
sub getUsersInGroup {
my $clause = "groupId=$_[0]";
my $clause = "groupId=".quote($_[0]);
if ($_[1]) {
my $groups = getGroupsInGroup($_[0],1);
if ($#$groups >= 0) {
$clause .= " or groupId in (".join(",",@$groups).")";
$clause .= " or groupId in (".quoteAndJoin($groups).")";
}
}
return WebGUI::SQL->buildArrayRef("select userId from groupings where $clause");
@ -376,7 +376,7 @@ sub isInGroup {
}
### Get data for auxillary checks.
tie %group, 'Tie::CPHash';
%group = WebGUI::SQL->quickHash("select karmaThreshold,ipFilter,scratchFilter,databaseLinkId,dbQuery,dbCacheTimeout from groups where groupId='$gid'");
%group = WebGUI::SQL->quickHash("select karmaThreshold,ipFilter,scratchFilter,databaseLinkId,dbQuery,dbCacheTimeout from groups where groupId=".quote($gid));
### Check IP Address
if ($group{ipFilter} ne "") {
$group{ipFilter} =~ s/\t//g;
@ -413,7 +413,7 @@ sub isInGroup {
if ($uid == $session{user}{userId}) {
$karma = $session{user}{karma};
} else {
($karma) = WebGUI::SQL->quickHash("select karma from users where userId='$uid'");
($karma) = WebGUI::SQL->quickHash("select karma from users where userId=".quote($uid));
}
if ($karma >= $group{karmaThreshold}) {
$session{isInGroup}{$uid}{$gid} = 1;
@ -497,10 +497,10 @@ If specified the admin flag will be set to this value.
sub userGroupAdmin {
if ($_[2] ne "") {
WebGUI::SQL->write("update groupings set groupAdmin=$_[2] where groupId=$_[1] and userId=$_[0]");
WebGUI::SQL->write("update groupings set groupAdmin=".quote($_[2])." where groupId=".quote($_[1])." and userId=".quote($_[0]));
return $_[2];
} else {
my ($admin) = WebGUI::SQL->quickArray("select groupAdmin from groupings where groupId=$_[1] and userId=$_[0]");
my ($admin) = WebGUI::SQL->quickArray("select groupAdmin from groupings where groupId=".quote($_[1])." and userId=".quote($_[0]));
return $admin;
}
}
@ -531,11 +531,10 @@ If specified the expire date will be set to this value.
sub userGroupExpireDate {
if ($_[2]) {
WebGUI::SQL->write("update groupings set expireDate=$_[2] where groupId=$_[1] and userId=$_[0]");
WebGUI::SQL->write("update groupings set expireDate=".quote($_[2])." where groupId=".quote($_[1])." and userId=".quote($_[0]));
return $_[2];
} else {
my ($expireDate) = WebGUI::SQL->quickArray("select expireDate from groupings
where groupId=$_[1] and userId=$_[0]");
my ($expireDate) = WebGUI::SQL->quickArray("select expireDate from groupings where groupId=".quote($_[1])." and userId=".quote($_[0]));
return $expireDate;
}
}

26
lib/WebGUI/Operation/Group.pm
View file

@ -86,7 +86,7 @@ sub doGroupSearch {
}
$keyword = quote($keyword);
my $sql = "select groupId,groupName,description from groups where isEditable=1 and (groupName like $keyword or description like $keyword)
and groupId not in (".join(",",@{$groupFilter}).") order by groupName";
and groupId not in (".quoteAndJoin($groupFilter).") order by groupName";
if ($returnPaginator) {
my $p = WebGUI::Paginator->new(WebGUI::URL::page($op));
$p->setDataByQuery($sql);
@ -186,7 +186,7 @@ sub www_autoDeleteFromGroup {
sub www_deleteGroup {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($output);
return WebGUI::Privilege::vitalComponent() if ($session{form}{gid} < 26);
return WebGUI::Privilege::vitalComponent() if ($session{form}{gid} < 26 && $session{form}{gid} > 0);
$output .= helpIcon("group delete");
$output .= '<h1>'.WebGUI::International::get(42).'</h1>';
$output .= WebGUI::International::get(86).'<p>';
@ -200,7 +200,7 @@ sub www_deleteGroup {
#-------------------------------------------------------------------
sub www_deleteGroupConfirm {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
return WebGUI::Privilege::vitalComponent() if ($session{form}{gid} < 26);
return WebGUI::Privilege::vitalComponent() if ($session{form}{gid} < 26 && $session{form}{gid} > 0);
my $g = WebGUI::Group->new($session{form}{gid});
$g->delete;
return www_listGroups();
@ -356,7 +356,7 @@ sub www_emailGroupSend {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
my ($sth, $email);
$sth = WebGUI::SQL->read("select b.fieldData from groupings a left join userProfileData b
on a.userId=b.userId and b.fieldName='email' where a.groupId=$session{form}{gid}");
on a.userId=b.userId and b.fieldName='email' where a.groupId=".quote($session{form}{gid}));
while (($email) = $sth->array) {
if ($email ne "") {
WebGUI::Mail::send($email,$session{form}{subject},$session{form}{message},'',$session{form}{from});
@ -380,7 +380,7 @@ sub www_listGroups {
.WebGUI::International::get(748).'</td></tr>';
my $p = doGroupSearch("op=listGroups",1);
foreach my $row (@{$p->getPageData}) {
my ($userCount) = WebGUI::SQL->quickArray("select count(*) from groupings where groupId=".$row->{groupId});
my ($userCount) = WebGUI::SQL->quickArray("select count(*) from groupings where groupId=".quote($row->{groupId}));
$output .= '
<tr>
<td valign="top" class="tableData"><a href="'.WebGUI::URL::page("op=editGroup&gid=".$row->{groupId}).'">'.$row->{groupName}.'</a></td>
@ -408,7 +408,7 @@ sub www_listGroups2 {
$row[$i] .= '<td valign="top" class="tableData"><a href="'
.WebGUI::URL::page('op=editGroup&gid='.$data[0]).'">'.$data[1].'</td>';
$row[$i] .= '<td valign="top" class="tableData">'.$data[2].'</td>';
($userCount) = WebGUI::SQL->quickArray("select count(*) from groupings where groupId=$data[0]");
($userCount) = WebGUI::SQL->quickArray("select count(*) from groupings where groupId=".quote($data[0]));
$row[$i] .= '<td valign="top" class="tableData">'.$userCount.'</td></tr>';
$row[$i] .= '</tr>';
$i++;
@ -431,16 +431,16 @@ sub www_listGroupsSecondary {
return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(11));
my ($output, $p, $sth, @data, @row, $i, $userCount);
$output .= '<h1>'.WebGUI::International::get(89).'</h1>';
my @editableGroups = WebGUI::SQL->buildArray("select groupId from groupings where userId=$session{user}{userId} and groupAdmin=1");
my @editableGroups = WebGUI::SQL->buildArray("select groupId from groupings where userId=".quote($session{user}{userId})." and groupAdmin=1");
push (@editableGroups,0);
$sth = WebGUI::SQL->read("select groupId,groupName,description from groups
where groupId in (".join(",",@editableGroups).") order by groupName");
where groupId in (".quoteAndJoin(\@editableGroups).") order by groupName");
while (@data = $sth->array) {
$row[$i] = '<tr>';
$row[$i] .= '<td valign="top" class="tableData"><a href="'
.WebGUI::URL::page('op=manageUsersInGroupSecondary&gid='.$data[0]).'">'.$data[1].'</td>';
$row[$i] .= '<td valign="top" class="tableData">'.$data[2].'</td>';
($userCount) = WebGUI::SQL->quickArray("select count(*) from groupings where groupId=$data[0]");
($userCount) = WebGUI::SQL->quickArray("select count(*) from groupings where groupId=".quote($data[0]));
$row[$i] .= '<td valign="top" class="tableData">'.$userCount.'</td></tr>';
$row[$i] .= '</tr>';
$i++;
@ -482,7 +482,7 @@ sub www_manageGroupsInGroup {
$p = WebGUI::Paginator->new(WebGUI::URL::page('op=manageGroupsInGroup&gid='.$session{form}{gid}));
$p->setDataByQuery("select a.groupName as name,a.groupId as id from groups a
left join groupGroupings b on a.groupId=b.groupId
where b.inGroup=$session{form}{gid} order by a.groupName");
where b.inGroup=".quote($session{form}{gid})." order by a.groupName");
$groups = $p->getPageData;
foreach $group (@$groups) {
$output .= '<tr><td>'
@ -518,7 +518,7 @@ sub www_manageUsersInGroup {
<td class="tableHeader">'.WebGUI::International::get(369).'</td></tr>';
my $p = WebGUI::Paginator->new("op=manageUsersInGroup&gid=".$session{form}{gid});
$p->setDataByQuery("select users.username,users.userId,groupings.expireDate
from groupings,users where groupings.groupId=$session{form}{gid} and groupings.userId=users.userId
from groupings,users where groupings.groupId=".quote($session{form}{gid})." and groupings.userId=users.userId
order by users.username");
foreach my $row (@{$p->getPageData}) {
$output .= '<tr><td>'
@ -575,7 +575,7 @@ sub www_manageUsersInGroupSecondary {
my $existingUsers = WebGUI::Grouping::getUsersInGroup($session{form}{gid});
push(@{$existingUsers},"1");
push(@{$existingUsers},"3");
my $users = WebGUI::SQL->buildHashRef("select userId,username from users where status='Active' and userId not in (".join(",",@{$existingUsers}).") order by username");
my $users = WebGUI::SQL->buildHashRef("select userId,username from users where status='Active' and userId not in (".quoteAndJoin($existingUsers).") order by username");
$f->selectList(
-name=>"users",
-label=>WebGUI::International::get(976),
@ -589,7 +589,7 @@ sub www_manageUsersInGroupSecondary {
<td class="tableHeader">'.WebGUI::International::get(50).'</td>
<td class="tableHeader">'.WebGUI::International::get(369).'</td></tr>';
$sth = WebGUI::SQL->read("select users.username,users.userId,groupings.expireDate
from groupings,users where groupings.groupId=$session{form}{gid} and groupings.userId=users.userId
from groupings,users where groupings.groupId=".quote($session{form}{gid})." and groupings.userId=users.userId
order by users.username");
while (%hash = $sth->hash) {
$output .= '<tr><td>'

36
lib/WebGUI/SQL.pm
View file

@ -23,7 +23,7 @@ use WebGUI::Session;
use WebGUI::Utility;
our @ISA = qw(Exporter);
our @EXPORT = qw(&quote &getNextId);
our @EXPORT = qw(&quote &getNextId &quoteAndJoin);
=head1 NAME
@ -670,11 +670,43 @@ The database handler. Defaults to the WebGUI database handler.
=cut
sub quote {
my $value = shift; #had to add this here cuz Tie::CPHash variables cause problems otherwise.
my $value = shift;
my $dbh = shift || _getDefaultDb();
return $dbh->quote($value);
}
#-------------------------------------------------------------------
=head2 quoteAndJoin ( arrayRef [ , dbh ] )
Returns a comma seperated string quoted and ready for insert/select into/from the database. This is typically used for a statement like "select * from someTable where field in (".quoteAndJoin(\@strings).")".
NOTE: This is not a regular method, but is an exported subroutine.
=over
=item arrayRef
An array reference containing strings to be quoted.
=item dbh
The database handler. Defaults to the WebGUI database handler.
=back
=cut
sub quoteAndJoin {
my $arrayRef = shift;
my $dbh = shift || _getDefaultDb();
my @newArray;
foreach my $value (@$arrayRef) {
push(@newArray,$dbh->quote($value));
}
return join(",",@newArray);
}
#-------------------------------------------------------------------

2
lib/WebGUI/Wobject.pm
View file

@ -1426,7 +1426,7 @@ sub www_edit {
if (WebGUI::Grouping::isInGroup(3)) {
my $contentManagers = WebGUI::Grouping::getUsersInGroup(4,1);
push (@$contentManagers, $session{user}{userId});
$clause = "userId in (".join(",",@$contentManagers).")";
$clause = "userId in (".quoteAndJoin($contentManagers).")";
} else {
$clause = "userId=".quote($self->getValue("ownerId"));
}