adding guid stuff

2004-08-12 02:51:15 +00:00 · 2004-08-12 02:51:15 +00:00 · b035ff63f5
commit b035ff63f5
parent 3fae4dbaa1
6 changed files with 73 additions and 73 deletions
--- a/lib/WebGUI/Forum/Post.pm
+++ b/lib/WebGUI/Forum/Post.pm
@ -177,13 +177,13 @@ Returns an array reference containing a list of post objects that are direct dec
 sub getReplies {
 	my ($self) = @_;
 	my @replies = ();
- 	my $query = "select forumPostId from forumPost where parentId=".$self->get("forumPostId")." and ";
+ 	my $query = "select forumPostId from forumPost where parentId=".quote($self->get("forumPostId"))." and ";
        if ($self->getThread->getForum->isModerator) {
                $query .= "(status='approved' or status='pending' or status='denied'";
        } else {
                $query .= "(status='approved'";
        }
-        $query .= " or userId=$session{user}{userId})  order by forumPostId";
+        $query .= " or userId=".quote($session{user}{userId}).")  order by forumPostId";
 	my $sth = WebGUI::SQL->read($query,WebGUI::SQL->getSlave);
 	while (my @data = $sth->array) {
 		push(@replies,WebGUI::Forum::Post->new($data[0]));
@ -234,8 +234,8 @@ sub hasRated {
 	return 1 if ($userId != 1 && $userId == $self->get("userId")); # is poster
 	$ipAddress = $session{env}{REMOTE_ADDR} unless ($ipAddress);
 	my ($flag) = WebGUI::SQL->quickArray("select count(*) from forumPostRating where forumPostId="
-		.$self->get("forumPostId")." and ((userId=$userId and userId<>1) or (userId=1 and 
-		ipAddress='$ipAddress'))");
+		.quote($self->get("forumPostId"))." and ((userId=".quote($userId)." and userId<>1) or (userId=1 and 
+		ipAddress=".quote($ipAddress)."))");
 	return $flag;
 }

@ -249,7 +249,7 @@ Increments the views counter for this post.

 sub incrementViews {
 	my ($self) = @_;
-	WebGUI::SQL->write("update forumPost set views=views+1 where forumPostId=".$self->get("forumPostId"));
+	WebGUI::SQL->write("update forumPost set views=views+1 where forumPostId=".quote($self->get("forumPostId")));
 	$self->getThread->incrementViews;
 }

@ -272,7 +272,7 @@ A unique id for a user that you want to check. Defaults to the current user.
 sub isMarkedRead {
 	my ($self, $userId) = @_;
 	$userId = $session{user}{userId} unless ($userId);
-	my ($isRead) = WebGUI::SQL->quickArray("select count(*) from forumRead where userId=$userId and forumPostId=".$self->get("forumPostId"));
+	my ($isRead) = WebGUI::SQL->quickArray("select count(*) from forumRead where userId=".quote($userId)." and forumPostId=".quote($self->get("forumPostId")));
 	return $isRead;
 }

@ -313,8 +313,8 @@ sub markRead {
 	my ($self, $userId) = @_;
 	$userId = $session{user}{userId} unless ($userId);
 	unless ($self->isMarkedRead($userId)) {
-		WebGUI::SQL->write("insert into forumRead (userId, forumPostId, forumThreadId, lastRead) values ($userId,
-			".$self->get("forumPostId").", ".$self->get("forumThreadId").", ".WebGUI::DateTime::time().")");
+		WebGUI::SQL->write("insert into forumRead (userId, forumPostId, forumThreadId, lastRead) values (".quote($userId).",
+			".quote($self->get("forumPostId")).", ".quote($self->get("forumThreadId")).", ".WebGUI::DateTime::time().")");
 	}
 	$self->incrementViews;
 }
@ -374,7 +374,7 @@ sub rate {
 	$userId = $session{user}{userId} unless ($userId);
 	$ipAddress = $session{env}{REMOTE_ADDR} unless ($ipAddress);
 	WebGUI::SQL->write("insert into forumPostRating (forumPostId,userId,ipAddress,dateOfRating,rating) values ("
-		.$self->get("forumPostId").", $userId, ".quote($ipAddress).", ".WebGUI::DateTime::time().", $rating)");
+		.quote($self->get("forumPostId")).", ".quote($userId).", ".quote($ipAddress).", ".WebGUI::DateTime::time().", $rating)");
 	$self->recalculateRating;
 }

@ -388,9 +388,9 @@ Recalculates the average rating of the post from all the ratings and stores the

 sub recalculateRating {
 	my ($self) = @_;
-	my ($count) = WebGUI::SQL->quickArray("select count(*) from forumPostRating where forumPostId=".$self->get("forumPostId"));
+	my ($count) = WebGUI::SQL->quickArray("select count(*) from forumPostRating where forumPostId=".quote($self->get("forumPostId")));
        $count = $count || 1;
-        my ($sum) = WebGUI::SQL->quickArray("select sum(rating) from forumPostRating where forumPostId=".$self->get("forumPostId"));
+        my ($sum) = WebGUI::SQL->quickArray("select sum(rating) from forumPostRating where forumPostId=".quote($self->get("forumPostId")));
        my $average = round($sum/$count);
        $self->set({rating=>$average});
 	$self->getThread->recalculateRating;
@ -472,7 +472,7 @@ sub setStatusDeleted {
 	$self->getThread->decrementReplies;
 	$self->getThread->setStatusDeleted if ($self->getThread->get("rootPostId") == $self->get("forumPostId"));
 	my ($id, $date) = WebGUI::SQL->quickArray("select forumPostId,dateOfPost from forumPost where forumThreadId="
-		.$self->get("forumThreadId")." and status='approved'");
+		.quote($self->get("forumThreadId"))." and status='approved'");
 	$self->getThread->setLastPost($date,$id);
 }

@ -524,7 +524,7 @@ The unique id of the user marking unread. Defaults to the current user.
 sub unmarkRead {
 	my ($self, $userId) = @_;
 	$userId = $session{user}{userId} unless ($userId);
-	WebGUI::SQL->write("delete from forumRead where userId=$userId and forumPostId=".$self->get("forumPostId"));
+	WebGUI::SQL->write("delete from forumRead where userId=".quote($userId)." and forumPostId=".quote($self->get("forumPostId")));
 }

 1;
--- a/lib/WebGUI/Forum/Thread.pm
+++ b/lib/WebGUI/Forum/Thread.pm
@ -116,7 +116,7 @@ Decrements the replies counter for this thread.

 sub decrementReplies {
        my ($self) = @_;
-        WebGUI::SQL->write("update forumThread set replies=replies-1 where forumThreadId=".$self->get("forumThreadId"));
+        WebGUI::SQL->write("update forumThread set replies=replies-1 where forumThreadId=".quote($self->get("forumThreadId")));
 	$self->getForum->decrementReplies;
 }

@ -171,8 +171,8 @@ Returns a thread object for the next (newer) thread in the same forum.
 sub getNextThread {
 	my ($self) = @_;
 	unless (exists $self->{_next}) {
-		my ($nextId) = WebGUI::SQL->quickArray("select min(forumThreadId) from forumThread where forumId=".$self->get("forumId")." 
-			and forumThreadId>".$self->get("forumThreadId"),WebGUI::SQL->getSlave);
+		my ($nextId) = WebGUI::SQL->quickArray("select min(lastPostDate) from forumThread where forumId=".quote($self->get("forumId"))." 
+			and lastPostDate>".quote($self->get("lastPostDate")),WebGUI::SQL->getSlave);
 		$self->{_next} = WebGUI::Forum::Thread->new($nextId);
 	}
 	return $self->{_next};
@ -213,8 +213,8 @@ Returns a thread object for the previous (older) thread in the same forum.
 sub getPreviousThread {
 	my ($self) = @_;
 	unless (exists $self->{_previous}) {
-		my ($nextId) = WebGUI::SQL->quickArray("select max(forumThreadId) from forumThread where forumId=".$self->get("forumId")." 
-			and forumThreadId<".$self->get("forumThreadId"),WebGUI::SQL->getSlave);
+		my ($nextId) = WebGUI::SQL->quickArray("select max(lastPostDate) from forumThread where forumId=".quote($self->get("forumId"))." 
+			and lastPostDate<".quote($self->get("lastPostDate")),WebGUI::SQL->getSlave);
 		$self->{_previous} = WebGUI::Forum::Thread->new($nextId);
 	}
 	return $self->{_previous};
@ -255,8 +255,8 @@ The id of the reply that caused the replies counter to be incremented.

 sub incrementReplies {
        my ($self, $dateOfReply, $replyId) = @_;
-        WebGUI::SQL->write("update forumThread set replies=replies+1, lastPostId=$replyId, lastPostDate=$dateOfReply 
-		where forumThreadId=".$self->get("forumThreadId"));
+        WebGUI::SQL->write("update forumThread set replies=replies+1, lastPostId=".quote($replyId).", lastPostDate=$dateOfReply 
+		where forumThreadId=".quote($self->get("forumThreadId")));
 	$self->getForum->incrementReplies($dateOfReply,$replyId);
 }

@ -270,7 +270,7 @@ Increments the views counter for this thread.

 sub incrementViews {
        my ($self) = @_;
-        WebGUI::SQL->write("update forumThread set views=views+1 where forumThreadId=".$self->get("forumThreadId"));
+        WebGUI::SQL->write("update forumThread set views=views+1 where forumThreadId=".quote($self->get("forumThreadId")));
 	$self->getForum->incrementViews;
 }
                                                                                                                                                             
@ -306,8 +306,8 @@ The unique id of the user to check. Defaults to the current user.
 sub isSubscribed {
 	my ($self, $userId) = @_;
 	$userId = $session{user}{userId} unless ($userId);
-	my ($isSubscribed) = WebGUI::SQL->quickArray("select count(*) from forumThreadSubscription where forumThreadId=".$self->get("forumThreadId")
-		." and userId=$userId");
+	my ($isSubscribed) = WebGUI::SQL->quickArray("select count(*) from forumThreadSubscription where forumThreadId=".quote($self->get("forumThreadId"))
+		." and userId=".quote($userId));
 	return $isSubscribed;
 }

@ -360,9 +360,9 @@ Recalculates the average rating of this thread based upon all of the posts in th

 sub recalculateRating {
 	my ($self) = @_;
-        my ($count) = WebGUI::SQL->quickArray("select count(*) from forumPost where forumThreadId=".$self->get("forumThreadId")." and rating>0");
+        my ($count) = WebGUI::SQL->quickArray("select count(*) from forumPost where forumThreadId=".quote($self->get("forumThreadId"))." and rating>0");
        $count = $count || 1;
-        my ($sum) = WebGUI::SQL->quickArray("select sum(rating) from forumPost where forumThreadId=".$self->get("forumThreadId")." and rating>0");
+        my ($sum) = WebGUI::SQL->quickArray("select sum(rating) from forumPost where forumThreadId=".quote($self->get("forumThreadId"))." and rating>0");
        my $average = round($sum/$count);
        $self->set({rating=>$average});
 	$self->getForum->recalculateRating;
@ -521,7 +521,7 @@ sub subscribe {
 	my ($self, $userId) = @_;
 	$userId = $session{user}{userId} unless ($userId);
 	unless ($self->isSubscribed($userId)) {
-		WebGUI::SQL->write("insert into forumThreadSubscription (forumThreadId, userId) values (".$self->get("forumThreadId").",$userId)");
+		WebGUI::SQL->write("insert into forumThreadSubscription (forumThreadId, userId) values (".quote($self->get("forumThreadId")).",".quote($userId).")");
 	}
 }

@ -571,7 +571,7 @@ sub unsubscribe {
 	my ($self, $userId) = @_;
 	$userId = $session{user}{userId} unless ($userId);
 	if ($self->isSubscribed($userId)) {
-		WebGUI::SQL->write("delete from forumThreadSubscription where forumThreadId=".$self->get("forumThreadId")." and userId=$userId");
+		WebGUI::SQL->write("delete from forumThreadSubscription where forumThreadId=".quote($self->get("forumThreadId"))." and userId=".quote($userId));
 	}
 }

--- a/lib/WebGUI/Forum/UI.pm
+++ b/lib/WebGUI/Forum/UI.pm
@ -26,6 +26,7 @@ use WebGUI::HTTP;
 use WebGUI::MessageLog;
 use WebGUI::Search;
 use WebGUI::Session;
+use WebGUI::SQL;
 use WebGUI::Template;
 use WebGUI::User;

@ -1363,12 +1364,12 @@ A hash reference containing information passed from the calling object.
 sub notifySubscribers {
        my ($post, $thread, $forum, $caller) = @_;
 	my %subscribers;
-        my $sth = WebGUI::SQL->read("select userId from forumThreadSubscription where forumThreadId=".$thread->get("forumThreadId"));
+        my $sth = WebGUI::SQL->read("select userId from forumThreadSubscription where forumThreadId=".quote($thread->get("forumThreadId")));
 	while (my ($userId) = $sth->array) { 
 		$subscribers{$userId} = $userId unless ($userId == $post->get("userId"));	# make sure we don't send unnecessary messages 
 	}
        $sth->finish;
-        $sth = WebGUI::SQL->read("select userId from forumSubscription where forumId=".$forum->get("forumId"));
+        $sth = WebGUI::SQL->read("select userId from forumSubscription where forumId=".quote($forum->get("forumId")));
 	while (my ($userId) = $sth->array) { 
 		$subscribers{$userId} = $userId unless ($userId == $post->get("userId"));	# make sure we don't send unnecessary messages 
 	}