diff --git a/docs/upgrades/upgrade_6.8.5-6.9.0.pl b/docs/upgrades/upgrade_6.8.5-6.9.0.pl index c45b7ab3f..8265adfb9 100644 --- a/docs/upgrades/upgrade_6.8.5-6.9.0.pl +++ b/docs/upgrades/upgrade_6.8.5-6.9.0.pl @@ -47,10 +47,10 @@ sub addWorkflow { dayOfMonth varchar(25) not null default '*', monthOfYear varchar(25) not null default '*', dayOfWeek varchar(25) not null default '*', - workflowId varchar(22) binary not null + workflowId varchar(22) binary not null, className varchar(255), methodName varchar(255), - parameters text, + parameters text )"); $session->db->write("create table WorkflowInstance ( instanceId varchar(22) binary not null primary key, @@ -339,8 +339,8 @@ sub addSearchEngine { #------------------------------------------------- sub templateParsers { print "\tAdding support for multiple template parsers.\n" unless ($quiet); - $session->conf->set("templateParsers",["WebGUI::Asset::Template::HTMLTemplate"]); - $session->conf->set("defaultTemplateParser","WebGUI::Asset::Template::HTMLTemplate"); + $session->config->set("templateParsers",["WebGUI::Asset::Template::HTMLTemplate"]); + $session->config->set("defaultTemplateParser","WebGUI::Asset::Template::HTMLTemplate"); $session->db->write("alter table template add column parser varchar(255) not null default 'WebGUI::Asset::Template::HTMLTemplate'"); } diff --git a/lib/WebGUI/SQL.pm b/lib/WebGUI/SQL.pm index 4a784d18e..e0235951a 100644 --- a/lib/WebGUI/SQL.pm +++ b/lib/WebGUI/SQL.pm @@ -82,7 +82,7 @@ sub beginTransaction { #------------------------------------------------------------------- -=head2 buildArray ( sql ) +=head2 buildArray ( sql, params ) Builds an array of data from a series of rows. @@ -90,13 +90,19 @@ Builds an array of data from a series of rows. An SQL query. The query must select only one column of data. +=head3 params + +An array reference containing values for any placeholder params used in the SQL query. + =cut sub buildArray { my $self = shift; my $sql = shift; + my $params = shift; my ($sth, $data, @array, $i); - $sth = $self->read($sql); + $sth = $self->prepare($sql); + $sth->execute($params); $i=0; while (($data) = $sth->array) { $array[$i] = $data; @@ -109,7 +115,7 @@ sub buildArray { #------------------------------------------------------------------- -=head2 buildArrayRef ( sql ) +=head2 buildArrayRef ( sql, params ) Builds an array reference of data from a series of rows. @@ -117,19 +123,24 @@ Builds an array reference of data from a series of rows. An SQL query. The query must select only one column of data. +=head3 params + +An array reference containing values for any placeholder params used in the SQL query. + =cut sub buildArrayRef { my $self = shift; my $sql = shift; - my @array = $self->buildArray($sql); + my $params = shift; + my @array = $self->buildArray($sql,$params); return \@array; } #------------------------------------------------------------------- -=head2 buildHash ( sql ) +=head2 buildHash ( sql, params ) Builds a hash of data from a series of rows. @@ -137,14 +148,20 @@ Builds a hash of data from a series of rows. An SQL query. The query must select at least two columns of data, the first being the key for the hash, the second being the value. If the query selects more than two columns, then the last column will be the value and the remaining columns will be joined together by a colon ":" to form a complex key. If the query selects only one column, then the key and value will be the same. +=head3 params + +An array reference containing values for any placeholder params used in the SQL query. + =cut sub buildHash { my $self = shift; my $sql = shift; + my $params = shift; my ($sth, %hash, @data); tie %hash, "Tie::IxHash"; - $sth = $self->read($sql); + $sth = $self->prepare($sql); + $sth->execute($params); while (@data = $sth->array) { my $value = pop @data; my $key = join(":",@data); # if more than two columns is selected, join them together with : @@ -166,14 +183,19 @@ Builds a hash reference of data from a series of rows. An SQL query. The query must select at least two columns of data, the first being the key for the hash, the second being the value. If the query selects more than two columns, then the last column will be the value and the remaining columns will be joined together by a colon ":" to form a complex key. If the query selects only one column, then the key and the value will be the same. +=head3 params + +An array reference containing values for any placeholder params used in the SQL query. + =cut sub buildHashRef { my $self = shift; my $sql = shift; + my $params = shift; my ($sth, %hash); tie %hash, "Tie::IxHash"; - %hash = $self->buildHash($sql); + %hash = $self->buildHash($sql, $params); return \%hash; } @@ -266,7 +288,7 @@ The value to search for in the key column. sub deleteRow { my ($self, $table, $key, $keyValue) = @_; - $self->write("delete from $table where ".$key."=".$self->quote($keyValue)); + my $sth = $self->write("delete from $table where ".$key."=?", [$keyValue]); } @@ -347,8 +369,8 @@ sub getNextId { my $name = shift; my ($id); $self->beginTransaction; - ($id) = $self->quickArray("select nextValue from incrementer where incrementerId='$name'"); - $self->write("update incrementer set nextValue=nextValue+1 where incrementerId='$name'"); + ($id) = $self->quickArray("select nextValue from incrementer where incrementerId=?", [$name]); + $self->write("update incrementer set nextValue=nextValue+1 where incrementerId=?",[$name]); $self->commit; return $id; } @@ -375,7 +397,7 @@ The value to search for in the key column. sub getRow { my ($self, $table, $key, $keyValue) = @_; - my $row = $self->quickHashRef("select * from $table where ".$key."=".$self->quote($keyValue)); + my $row = $self->quickHashRef("select * from $table where ".$key."=?",[$keyValue]); return $row; } @@ -429,7 +451,7 @@ sub quickArray { #------------------------------------------------------------------- -=head2 quickCSV ( sql ) +=head2 quickCSV ( sql, params ) Executes a query and returns a comma delimited text blob with column headers. @@ -437,13 +459,19 @@ Executes a query and returns a comma delimited text blob with column headers. An SQL query. +=head3 params + +An array reference containing values for any placeholder params used in the SQL query. + =cut sub quickCSV { my $self = shift; my $sql = shift; + my $params = shift; my ($sth, $output, @data); - $sth = $self->read($sql); + $sth = $self->prepare($sql); + $sth->execute($params); $output = join(",",$sth->getColumnNames)."\n"; while (@data = $sth->array) { makeArrayCommaSafe(\@data); @@ -456,7 +484,7 @@ sub quickCSV { #------------------------------------------------------------------- -=head2 quickHash ( sql ) +=head2 quickHash ( sql, params ) Executes a query and returns a single row of data as a hash. @@ -464,13 +492,19 @@ Executes a query and returns a single row of data as a hash. An SQL query. +=head3 params + +An array reference containing values for any placeholder params used in the SQL query. + =cut sub quickHash { my $self = shift; my $sql = shift; + my $params = shift; my ($sth, $data); - $sth = $self->read($sql); + $sth = $self->prepare($sql); + $sth->execute($params); $data = $sth->hashRef; $sth->finish; if (defined $data) { @@ -482,7 +516,7 @@ sub quickHash { #------------------------------------------------------------------- -=head2 quickHashRef ( sql ) +=head2 quickHashRef ( sql, params ) Executes a query and returns a single row of data as a hash reference. @@ -490,12 +524,18 @@ Executes a query and returns a single row of data as a hash reference. An SQL query. +=head3 params + +An array reference containing values for any placeholder params used in the SQL query. + =cut sub quickHashRef { my $self = shift; my $sql = shift; - my $sth = $self->read($sql); + my $params = shift; + my $sth = $self->prepare($sql); + $sth->execute($params); my $data = $sth->hashRef; $sth->finish; if (defined $data) { @@ -507,7 +547,7 @@ sub quickHashRef { #------------------------------------------------------------------- -=head2 quickTab ( sql ) +=head2 quickTab ( sql, params ) Executes a query and returns a tab delimited text blob with column headers. @@ -515,13 +555,19 @@ Executes a query and returns a tab delimited text blob with column headers. An SQL query. +=head3 params + +An array reference containing values for any placeholder params used in the SQL query. + =cut sub quickTab { my $self = shift; my $sql = shift; + my $params = shift; my ($sth, $output, @data); - $sth = $self->read($sql); + $sth = $self->prepare($sql); + $sth->execute($params); $output = join("\t",$sth->getColumnNames)."\n"; while (@data = $sth->array) { makeArrayTabSafe(\@data); @@ -537,7 +583,7 @@ sub quickTab { Returns a string quoted and ready for insert into the database. -B This is not a regular method, but is an exported subroutine. +B You should use this sparingly. It is much faster and safer to use prepare/execute style queries and passing in place holder parameters. Even the convenience methods like quickArray() support the use of place holder parameters. =head3 string @@ -660,16 +706,19 @@ sub setRow { my ($self, $table, $keyColumn, $data, $id) = @_; if ($data->{$keyColumn} eq "new" || $id) { $data->{$keyColumn} = $id || $self->session->id->generate(); - $self->write("replace into $table ($keyColumn) values (".$self->quote($data->{$keyColumn}).")"); + $self->write("replace into $table ($keyColumn) values (?)",[$data->{$keyColumn}]); } - my (@pairs); + my @fields = (); + my @data = (); foreach my $key (keys %{$data}) { unless ($key eq $keyColumn) { - push(@pairs, $key.'='.$self->quote($data->{$key})); + push(@fields, $key.'=?'); + push(@data,$data->{$key}); } } - if ($pairs[0] ne "") { - $self->write("update $table set ".join(", ", @pairs)." where ".$keyColumn."=".$self->quote($data->{$keyColumn})); + if ($fields[0] ne "") { + push(@data,$data->{$keyColumn}); + $self->write("update $table set ".join(", ", @fields)." where ".$keyColumn."=?",\@data); } return $data->{$keyColumn}; } @@ -701,7 +750,7 @@ sub unconditionalRead { #------------------------------------------------------------------- -=head2 write ( sql ) +=head2 write ( sql, params ) A method specifically designed for writing to the database in an efficient manner. @@ -709,13 +758,18 @@ A method specifically designed for writing to the database in an efficient manne An SQL insert or update. +=head3 params + +An array reference containing values for any placeholder params used in the SQL query. + =cut sub write { my $self = shift; my $sql = shift; - $self->session->errorHandler->query($sql); - $self->dbh->do($sql) or $self->session->errorHandler->fatal("Couldn't write to the database: ".$sql." : ". $self->dbh->errstr); + my $params = shift; + my $sth = $self->prepare($sql); + $sth->execute($params); } diff --git a/lib/WebGUI/Session/Http.pm b/lib/WebGUI/Session/Http.pm index eeedc132f..561c43a85 100644 --- a/lib/WebGUI/Session/Http.pm +++ b/lib/WebGUI/Session/Http.pm @@ -103,7 +103,7 @@ sub getHeader { $self->session->request->headers_out->set(Location => $self->{_http}{location}); $self->session->request->status(301); } else { - $self->session->request->content_type($self->{_http}{mimetype} || "text/html"); + $self->session->request->content_type($self->{_http}{mimetype} || "text/html") if ($self->session->request); if ($self->session->setting->get("preventProxyCache")) { $params{"-expires"} = "-1d"; } diff --git a/sbin/generateContent.pl b/sbin/generateContent.pl index af304b846..7946cc2ad 100644 --- a/sbin/generateContent.pl +++ b/sbin/generateContent.pl @@ -25,8 +25,8 @@ use WebGUI::Session; $|=1; my ($configFile, $assetId, $userId, $styleId, $toFile, $stripHtml, $help, $relativeUrls); - $userId = 1; +my $url = ""; GetOptions( 'configFile:s'=>\$configFile, @@ -36,60 +36,74 @@ GetOptions( 'stripHtml'=>\$stripHtml, 'help'=>\$help, 'relativeUrls'=>\$relativeUrls, + 'url=s'=>\$url ); -if ($help || $configFile eq '' ) { +if ($help || $configFile eq '' || !($assetId||$url)) { print < - - --configFile WebGUI config file (with no path info). +Usage: perl $0 --configFile= --url=home Options: - --assetId Set the page to be generated. + --configFile WebGUI config file (with no path info). + + + --assetId Set the asset to be generated. --help Displays this message. - --userId Set the user that should view the page. - Defaults to "1" (Visitor). - - --styleId Set an alternate style for the page. - Defaults to asset's default style. - - --toFile Set the path and filename to write the - content to instead of standard out. - --stripHtml A flag indicating that WebGUI should strip all the HTML from the document and output only text. NOTE: The resulting text may have formatting problems as a result. + --styleId Set an alternate style for the page. + Defaults to asset's default style. + + --toFile Set the path and filename to write the + content to instead of standard out. + + --url The URL of the asset to be generated. + + --userId Set the user that should view the page. + Defaults to "1" (Visitor). + STOP exit; } # Open WebGUI session -WebGUI::Session::open($webguiRoot,$configFile); +my $session = WebGUI::Session->open($webguiRoot,$configFile); -my $asset = WebGUI::Asset->newByDynamicClass($assetId); -die "Asset not defined" unless $asset; -$asset->{_properties}{styleTemplateId} = $styleId if ($styleId); -my $content = $asset->exportAsHtml({stripHtml => $stripHtml}); +my $asset = ""; -if ($toFile) { - open (TOFILE, ">$toFile") or die "Can't open file $toFile for writing. $!"; - print TOFILE $content; - close (TOFILE); +if ($url) { + $asset = WebGUI::Asset->newByUrl($session,$url); } else { - print $content; + $asset = WebGUI::Asset->newByDynamicClass($session,$assetId); +} + +if (defined $asset) { + #$asset->{_properties}{styleTemplateId} = $styleId if ($styleId); + #my $content = $asset->exportAsHtml({stripHtml => $stripHtml}); + my $content = $asset->www_view; + if ($toFile) { + open (TOFILE, ">$toFile") or die "Can't open file $toFile for writing. $!"; + print TOFILE $content; + close (TOFILE); + } else { + print $content; + } +} else { + print "Asset not defined!!\n"; } # Clean-up WebGUI Session -WebGUI::Session::end($session{var}{sessionId}); -WebGUI::Session::close(); +$session->var->end; +$session->close; exit; diff --git a/sbin/upgrade.pl b/sbin/upgrade.pl index 320b6f5a4..81a28d43c 100644 --- a/sbin/upgrade.pl +++ b/sbin/upgrade.pl @@ -323,8 +323,8 @@ STOP sub checkVersion { $_[0] =~ /(\d+)\.(\d+)\.(\d+)/; my $goal = 6; - my $feature = 9; - my $fix = 0; + my $feature = 8; + my $fix = 5; if ($1 > $goal) { return 1; } elsif ($1 == $goal) {