From b4498138fbdeb8289d7f3e49741dc55717bd79bd Mon Sep 17 00:00:00 2001 From: JT Smith Date: Mon, 6 Sep 2004 21:28:55 +0000 Subject: [PATCH] lots of bug fixes --- docs/changelog/6.x.x.txt | 7 ++++++- lib/WebGUI/Forum/Post.pm | 16 +++++++------- lib/WebGUI/Forum/UI.pm | 10 ++++----- lib/WebGUI/Wobject/MessageBoard.pm | 6 +++--- lib/WebGUI/Wobject/SyndicatedContent.pm | 28 ++++++++++++++++++++----- lib/WebGUI/Wobject/USS.pm | 16 +++++++------- sbin/Hourly/ArchiveOldPosts.pm | 9 ++++---- sbin/Hourly/DeleteExpiredClipboard.pm | 4 ++-- sbin/Hourly/DeleteExpiredGroupings.pm | 6 +++--- sbin/Hourly/DeleteExpiredSessions.pm | 2 +- sbin/Hourly/DeleteExpiredTrash.pm | 6 +++--- sbin/Hourly/NotifyExpiredGroupings.pm | 2 +- 12 files changed, 67 insertions(+), 45 deletions(-) diff --git a/docs/changelog/6.x.x.txt b/docs/changelog/6.x.x.txt index 3ff587301..9dab2667b 100644 --- a/docs/changelog/6.x.x.txt +++ b/docs/changelog/6.x.x.txt @@ -1,6 +1,11 @@ 6.2.1 - Fixed a GUID quoting bug in WebGUI.pm setCollateral. - + - Fixed all sorts of GUID related bugs in the Forums. + - Fixed a bug in the Message Board wobject that caused users not to be able + to do anything useful on the message board. + - Fixed a version check problem in Syndicated Content wobject. + - Fixed some GUID problems in the scheduler plug-ins. + - Fixed some epoch bugs in the scheduler plug-ins. 6.2.0 diff --git a/lib/WebGUI/Forum/Post.pm b/lib/WebGUI/Forum/Post.pm index 5b4ff51c7..3591cb7c2 100644 --- a/lib/WebGUI/Forum/Post.pm +++ b/lib/WebGUI/Forum/Post.pm @@ -81,7 +81,7 @@ The unique identifier to check privileges against. Defaults to the current user. sub canEdit { my ($self, $userId) = @_; $userId = $session{user}{userId} unless ($userId); - return ($self->getThread->getForum->isModerator || ($self->get("userId") == $userId && $userId != 1 + return ($self->getThread->getForum->isModerator || ($self->get("userId") eq $userId && $userId != 1 && $self->getThread->getForum->get("editTimeout") > (WebGUI::DateTime::time() - $self->get("dateOfPost")))); } @@ -108,7 +108,7 @@ sub canView { return 1; } elsif ($self->get("status") eq "deleted") { return 0; - } elsif ($self->get("status") eq "denied" && $userId == $self->get("userId")) { + } elsif ($self->get("status") eq "denied" && $userId eq $self->get("userId")) { return 1; } elsif ($self->getThread->getForum->isModerator) { return 1; @@ -231,7 +231,7 @@ If the user ID equals 1 (visitor) then an IP address is used to distinguish the sub hasRated { my ($self, $userId, $ipAddress) = @_; $userId = $session{user}{userId} unless ($userId); - return 1 if ($userId != 1 && $userId == $self->get("userId")); # is poster + return 1 if ($userId != 1 && $userId eq $self->get("userId")); # is poster $ipAddress = $session{env}{REMOTE_ADDR} unless ($ipAddress); my ($flag) = WebGUI::SQL->quickArray("select count(*) from forumPostRating where forumPostId=" .quote($self->get("forumPostId"))." and ((userId=".quote($userId)." and userId<>1) or (userId=1 and @@ -434,7 +434,7 @@ Sets the status of this post to approved. sub setStatusApproved { my ($self) = @_; $self->set({status=>'approved'}); - $self->getThread->setStatusApproved if ($self->getThread->get("rootPostId") == $self->get("forumPostId")); + $self->getThread->setStatusApproved if ($self->getThread->get("rootPostId") eq $self->get("forumPostId")); if ($self->isReply) { $self->getThread->incrementReplies($self->get("dateOfPost"),$self->get("forumPostId")); } @@ -452,7 +452,7 @@ Sets the status of this post to archived. sub setStatusArchived { my ($self) = @_; $self->set({status=>'archived'}); - $self->getThread->setStatusArchived if ($self->getThread->get("rootPostId") == $self->get("forumPostId")); + $self->getThread->setStatusArchived if ($self->getThread->get("rootPostId") eq $self->get("forumPostId")); if ($self->isReply) { $self->getThread->incrementReplies($self->get("dateOfPost"),$self->get("forumPostId")); } @@ -470,7 +470,7 @@ sub setStatusDeleted { my ($self) = @_; $self->set({status=>'deleted'}); $self->getThread->decrementReplies; - $self->getThread->setStatusDeleted if ($self->getThread->get("rootPostId") == $self->get("forumPostId")); + $self->getThread->setStatusDeleted if ($self->getThread->get("rootPostId") eq $self->get("forumPostId")); my ($id, $date) = WebGUI::SQL->quickArray("select forumPostId,dateOfPost from forumPost where forumThreadId=" .quote($self->get("forumThreadId"))." and status='approved'"); $self->getThread->setLastPost($date,$id); @@ -487,7 +487,7 @@ Sets the status of this post to denied. sub setStatusDenied { my ($self) = @_; $self->set({status=>'denied'}); - $self->getThread->setStatusDenied if ($self->getThread->get("rootPostId") == $self->get("forumPostId")); + $self->getThread->setStatusDenied if ($self->getThread->get("rootPostId") eq $self->get("forumPostId")); } #------------------------------------------------------------------- @@ -501,7 +501,7 @@ Sets the status of this post to pending. sub setStatusPending { my ($self) = @_; $self->set({status=>'pending'}); - $self->getThread->setStatusPending if ($self->getThread->get("rootPostId") == $self->get("forumPostId")); + $self->getThread->setStatusPending if ($self->getThread->get("rootPostId") eq $self->get("forumPostId")); } diff --git a/lib/WebGUI/Forum/UI.pm b/lib/WebGUI/Forum/UI.pm index 5d5c65a48..6315b04b5 100644 --- a/lib/WebGUI/Forum/UI.pm +++ b/lib/WebGUI/Forum/UI.pm @@ -1162,7 +1162,7 @@ sub getForumTemplateVars { foreach my $thread (@$threads) { my $root = WebGUI::Forum::Post->new($thread->{rootPostId}); my $last; - if ($thread->{rootPostId} == $thread->{lastPostId}) { #saves the lookup if it's the same id + if ($thread->{rootPostId} eq $thread->{lastPostId}) { #saves the lookup if it's the same id $last = $root; } else { $last = WebGUI::Forum::Post->new($thread->{lastPostId}); @@ -1418,12 +1418,12 @@ sub notifySubscribers { my %subscribers; my $sth = WebGUI::SQL->read("select userId from forumThreadSubscription where forumThreadId=".quote($thread->get("forumThreadId"))); while (my ($userId) = $sth->array) { - $subscribers{$userId} = $userId unless ($userId == $post->get("userId")); # make sure we don't send unnecessary messages + $subscribers{$userId} = $userId unless ($userId eq $post->get("userId")); # make sure we don't send unnecessary messages } $sth->finish; $sth = WebGUI::SQL->read("select userId from forumSubscription where forumId=".quote($forum->get("forumId"))); while (my ($userId) = $sth->array) { - $subscribers{$userId} = $userId unless ($userId == $post->get("userId")); # make sure we don't send unnecessary messages + $subscribers{$userId} = $userId unless ($userId eq $post->get("userId")); # make sure we don't send unnecessary messages } $sth->finish; my %lang; @@ -1569,7 +1569,7 @@ A post object. sub setPostApproved { my ($caller, $post) = @_; $post->setStatusApproved; - unless ($session{user}{userId} == $post->get("userId")) { + unless ($session{user}{userId} eq $post->get("userId")) { WebGUI::MessageLog::addInternationalizedEntry($post->get("userId"),'',formatThreadURL($caller->{callback},$post->get("forumPostId")),579); } notifySubscribers($post,$post->getThread,$post->getThread->getForum,$caller); @@ -2504,7 +2504,7 @@ sub www_viewThread { my $post = WebGUI::Forum::Post->new($postId); return WebGUI::Privilege::insufficient() unless ($post->getThread->getForum->canView); my $var = getThreadTemplateVars($caller, $post); - if ($post->get("forumPostId") == $post->getThread->get("rootPostId") && !$post->canView) { + if ($post->get("forumPostId") eq $post->getThread->get("rootPostId") && !$post->canView) { return www_viewForum($caller, $post->getThread->getForum->get("forumId")); } else { return WebGUI::Template::process($post->getThread->getForum->get("threadTemplateId"),"Forum/Thread", $var); diff --git a/lib/WebGUI/Wobject/MessageBoard.pm b/lib/WebGUI/Wobject/MessageBoard.pm index 9dabdeaaa..d8750b717 100644 --- a/lib/WebGUI/Wobject/MessageBoard.pm +++ b/lib/WebGUI/Wobject/MessageBoard.pm @@ -261,9 +261,9 @@ sub www_view { my $caller; my $sth = WebGUI::SQL->read("select * from MessageBoard_forums where wobjectId=".quote($_[0]->get("wobjectId"))." order by sequenceNumber"); while (my $forumMeta = $sth->hashRef) { - my $callback = WebGUI::URL::page("func=view&wid=".$_[0]->get("wobjectId")); + my $callback = WebGUI::URL::page("func=view&wid=".$_[0]->get("wobjectId")."&forumId=".$forumMeta->{forumId}); if ($session{form}{forumOp}) { - if ($session{form}{forumId} == $forumMeta->{forumId}) { + if ($session{form}{forumId} eq $forumMeta->{forumId}) { $caller = { callback=>$callback, title=>$forumMeta->{title}, @@ -305,7 +305,7 @@ sub www_view { 'forum.lastPost.user.name' => $lastPost->get("username"), 'forum.lastPost.user.alias' => WebGUI::User->new($lastPost->get("userId"))->profileField("alias"), 'forum.lastPost.user.profile' => WebGUI::Forum::UI::formatUserProfileURL($lastPost->get("userId")), - 'forum.lastPost.user.isVisitor' => ($lastPost->get("userId") == 1), + 'forum.lastPost.user.isVisitor' => ($lastPost->get("userId") eq 1), 'forum.user.canView' => $forum->canView, 'forum.user.canPost' => $forum->canPost }); diff --git a/lib/WebGUI/Wobject/SyndicatedContent.pm b/lib/WebGUI/Wobject/SyndicatedContent.pm index a78de2e1a..b9fde4789 100644 --- a/lib/WebGUI/Wobject/SyndicatedContent.pm +++ b/lib/WebGUI/Wobject/SyndicatedContent.pm @@ -25,6 +25,9 @@ use WebGUI::Session; use WebGUI::Wobject; use XML::RSSLite; use LWP::UserAgent; +use WebGUI::ErrorHandler; +my $hasEncode=1; +eval " use Encode qw(from_to); "; $hasEncode=0 if $@; our @ISA = qw(WebGUI::Wobject); @@ -44,7 +47,8 @@ sub new { rssUrl=>{}, maxHeadlines=>{}, }, - -useTemplate=>1 + -useTemplate=>1, + -useMetaData=>1 ); bless $self, $class; } @@ -181,11 +185,24 @@ sub _get_rss_data { my $ua = LWP::UserAgent->new(timeout => 5); my $response = $ua->get($url); if (!$response->is_success()) { - warn("Error retrieving url '$url': " . + WebGUI::ErrorHandler::warn("Error retrieving url '$url': " . $response->status_line()); return undef; } my $xml = $response->content(); + + # Convert encoding if needed / Perl 5.8.0 or up required. + if ($] >= 5.008 && $hasEncode) { + $xml =~ /<\?xml.*?encoding=['"](\S+)['"]/i; + my $xmlEncoding = $1; + my $encoding = WebGUI::International::getLanguage($session{page}{languageId},"charset"); + if (lc($xmlEncoding) ne lc($encoding)) { + eval { from_to($xml, $xmlEncoding, $encoding) }; + WebGUI::ErrorHandler::warn($@) if ($@); + } + + } + # there is no encode_entities_numeric that I can find, so I am # commenting this out. -hal @@ -197,7 +214,7 @@ sub _get_rss_data { XML::RSSLite::parseXML($rss_lite, \$xml); }; if ($@) { - warn("error parsing rss for url $url"); + WebGUI::ErrorHandler::warn("error parsing rss for url $url"); } # make sure that the {channel} points to the channel @@ -208,10 +225,10 @@ sub _get_rss_data { $rss_lite = {channel => $rss_lite}; if (!($rss->{channel} = _find_record($rss_lite, qr/^channel$/))) { - warn("unable to find channel info for url $url"); + WebGUI::ErrorHandler::warn("unable to find channel info for url $url"); } if (!($rss->{items} = _find_record($rss_lite, qr/^items?$/))) { - warn("unable to find item info for url $url"); + WebGUI::ErrorHandler::warn("unable to find item info for url $url"); $rss->{items} = []; } @@ -329,6 +346,7 @@ sub _view_single_feed { } sub www_view { + $_[0]->logView() if ($session{setting}{passiveProfilingEnabled}); my $maxHeadlines = $_[0]->get("maxHeadlines") || 1000000; my @urls = split(/\s+/,$_[0]->get("rssUrl")); diff --git a/lib/WebGUI/Wobject/USS.pm b/lib/WebGUI/Wobject/USS.pm index 61f53217f..928baf35d 100644 --- a/lib/WebGUI/Wobject/USS.pm +++ b/lib/WebGUI/Wobject/USS.pm @@ -270,7 +270,7 @@ sub www_copy { #------------------------------------------------------------------- sub www_deleteFile { my ($owner) = WebGUI::SQL->quickArray("select userId from USS_submission where USS_submissionId=".quote($session{form}{sid})); - if ($owner == $session{user}{userId} || WebGUI::Grouping::isInGroup($_[0]->get("groupToApprove"))) { + if ($owner eq $session{user}{userId} || WebGUI::Grouping::isInGroup($_[0]->get("groupToApprove"))) { $_[0]->setCollateral("USS_submission","USS_submissionId",{ $session{form}{file}=>'', USS_submissionId=>$session{form}{sid} @@ -284,7 +284,7 @@ sub www_deleteFile { #------------------------------------------------------------------- sub www_deleteSubmission { my ($owner) = WebGUI::SQL->quickArray("select userId from USS_submission where USS_submissionId=".quote($session{form}{sid})); - if ($owner == $session{user}{userId} || WebGUI::Grouping::isInGroup($_[0]->get("groupToApprove"))) { + if ($owner eq $session{user}{userId} || WebGUI::Grouping::isInGroup($_[0]->get("groupToApprove"))) { return $_[0]->confirm(WebGUI::International::get(17,$_[0]->get("namespace")), WebGUI::URL::page('func=deleteSubmissionConfirm&wid='.$session{form}{wid}.'&sid='.$session{form}{sid})); } else { @@ -295,7 +295,7 @@ sub www_deleteSubmission { #------------------------------------------------------------------- sub www_deleteSubmissionConfirm { my ($owner, $forumId, $pageId) = WebGUI::SQL->quickArray("select userId,forumId,pageId from USS_submission where USS_submissionId=".quote($session{form}{sid})); - if ($owner == $session{user}{userId} || WebGUI::Grouping::isInGroup($_[0]->get("groupToApprove"))) { + if ($owner eq $session{user}{userId} || WebGUI::Grouping::isInGroup($_[0]->get("groupToApprove"))) { my ($inUseElsewhere) = WebGUI::SQL->quickArray("select count(*) from USS_submission where forumId=".quote($forumId)); unless ($inUseElsewhere > 1) { my $forum = WebGUI::Forum->new($forumId); @@ -425,7 +425,7 @@ sub www_editSubmission { $var{'submission.isNew'} = 1; } return WebGUI::Privilege::insufficient() unless (WebGUI::Grouping::isInGroup($_[0]->get("groupToContribute")) - || $submission->{userId} == $session{user}{userId} + || $submission->{userId} eq $session{user}{userId} || WebGUI::Grouping::isInGroup($_[0]->get("groupToApprove"))); $var{'link.header.label'} = WebGUI::International::get(90,$_[0]->get("namespace")); $var{'question.header.label'} = WebGUI::International::get(84,$_[0]->get("namespace")); @@ -600,7 +600,7 @@ sub www_editSubmission { sub www_editSubmissionSave { my ($submission, %hash, $file, $u); $submission = $_[0]->getCollateral("USS_submission","USS_submissionId",$session{form}{sid}); - if ($submission->{userId} == $session{user}{userId} + if ($submission->{userId} eq $session{user}{userId} || ($submission->{USS_submissionId} eq "new" && WebGUI::Grouping::isInGroup($_[0]->get("groupToContribute"))) || WebGUI::Grouping::isInGroup($_[0]->get("groupToApprove"))) { @@ -794,7 +794,7 @@ sub www_view { "submission.image"=>$imageURL, "submission.date"=>epochToHuman($page->[$i]->{dateSubmitted}), "submission.date.updated"=>epochToHuman($page->[$i]->{dateUpdated}), - "submission.currentUser"=>($session{user}{userId} == $page->[$i]->{userId} && $session{user}{userId} != 1), + "submission.currentUser"=>($session{user}{userId} eq $page->[$i]->{userId} && $session{user}{userId} != 1), "submission.userProfile"=>WebGUI::URL::page('op=viewProfile&uid='.$page->[$i]->{userId}), "submission.edit.url"=>WebGUI::URL::page($quickurl.'editSubmission'), "submission.secondColumn"=>(($i+1)%2==0), @@ -877,7 +877,7 @@ sub www_viewSubmission { my $submission = $self->getCollateral("USS_submission","USS_submissionId",$submissionId); return "" unless ($submission->{USS_submissionId}); return "" unless ($submission->{status} eq 'Approved' || - ($submission->{userId} == $session{user}{userId} && $session{user}{userId} != 1) || + ($submission->{userId} eq $session{user}{userId} && $session{user}{userId} != 1) || WebGUI::Grouping::isInGroup($self->getValue("groupToApprove"))); my $parentsPage = WebGUI::Page->new($self->get("pageId")); my $callback = WebGUI::URL::gateway($parentsPage->get("urlizedTitle"),"func=viewSubmission&wid=".$self->wid."&sid=".$submission->{USS_submissionId}); @@ -930,7 +930,7 @@ sub www_viewSubmission { $var{"next.url"} = WebGUI::URL::gateway($nextPage->get("urlizedTitle")); } $var{"next.label"} = WebGUI::International::get(59,$self->get("namespace")); - $var{canEdit} = (($submission->{userId} == $session{user}{userId} || WebGUI::Grouping::isInGroup($self->get("groupToApprove"))) && $session{user}{userId} != 1); + $var{canEdit} = (($submission->{userId} eq $session{user}{userId} || WebGUI::Grouping::isInGroup($self->get("groupToApprove"))) && $session{user}{userId} != 1); $var{"delete.url"} = WebGUI::URL::gateway($parentsPage->get("urlizedTitle"),'func=deleteSubmission&wid='.$self->wid.'&sid='.$submissionId); $var{"delete.label"} = WebGUI::International::get(37,$self->get("namespace")); $var{"edit.url"} = WebGUI::URL::gateway($parentsPage->get("urlizedTitle"),'func=editSubmission&wid='.$self->wid.'&sid='.$submissionId); diff --git a/sbin/Hourly/ArchiveOldPosts.pm b/sbin/Hourly/ArchiveOldPosts.pm index e00c9fe6a..e9bfca1a5 100644 --- a/sbin/Hourly/ArchiveOldPosts.pm +++ b/sbin/Hourly/ArchiveOldPosts.pm @@ -22,14 +22,13 @@ sub process { my $a = WebGUI::SQL->read("select forumId,archiveAfter,masterForumId from forum"); while (my $forum = $a->hashRef) { if ($forum->{masterForumId}) { - ($forum->{archiveAfter}) = WebGUI::SQL->quickArray("select archiveAfter from forum where masterForumId=$forum->{masterForumId}"); + ($forum->{archiveAfter}) = WebGUI::SQL->quickArray("select archiveAfter from forum where masterForumId=".quote($forum->{masterForumId})); } my $archiveDate = $epoch - $forum->{archiveAfter}; - my $b = WebGUI::SQL->read("select forumThreadId from forumThread where forumId=".$forum->{forumId} - ." and lastPostDate<$archiveDate"); + my $b = WebGUI::SQL->read("select forumThreadId from forumThread where forumId=".quote($forum->{forumId})." and lastPostDate<$archiveDate"); while (my ($threadId) = $b->array) { - WebGUI::SQL->write("update forumPost set status='archived' where status='approved' and forumThreadId=$threadId"); - WebGUI::SQL->write("update forumThread set status='archived' where status='approved' and forumThreadId=$threadId"); + WebGUI::SQL->write("update forumPost set status='archived' where status='approved' and forumThreadId=".quote($threadId)); + WebGUI::SQL->write("update forumThread set status='archived' where status='approved' and forumThreadId=".quote($threadId)); } $b->finish; } diff --git a/sbin/Hourly/DeleteExpiredClipboard.pm b/sbin/Hourly/DeleteExpiredClipboard.pm index 503a5f2db..14b100d72 100644 --- a/sbin/Hourly/DeleteExpiredClipboard.pm +++ b/sbin/Hourly/DeleteExpiredClipboard.pm @@ -23,10 +23,10 @@ sub process { WebGUI::ErrorHandler::audit("moving expired clipboard items to trash"); - WebGUI::SQL->write("update page set parentId=3, bufferPrevId=2, bufferDate=" .time() + WebGUI::SQL->write("update page set parentId=3, bufferPrevId=2, bufferDate=" .WebGUI::DateTime::time() ." where parentId=2 and bufferDate < ". $expireDate ); - WebGUI::SQL->write("update wobject set pageId=3, bufferPrevId=2, bufferDate=" .time() + WebGUI::SQL->write("update wobject set pageId=3, bufferPrevId=2, bufferDate=" .WebGUI::DateTime::time() ." where pageId=2 and bufferDate < ". $expireDate ); } } diff --git a/sbin/Hourly/DeleteExpiredGroupings.pm b/sbin/Hourly/DeleteExpiredGroupings.pm index 8452ed2c6..7f5d71678 100644 --- a/sbin/Hourly/DeleteExpiredGroupings.pm +++ b/sbin/Hourly/DeleteExpiredGroupings.pm @@ -23,10 +23,10 @@ sub process { while (my $data = $sth->hashRef) { if ($data->{dbCacheTimeout} > 0) { # there is no need to wait deleteOffset days for expired external group cache data - WebGUI::SQL->write("delete from groupings where groupId=$data->{groupId} and expireDate < ".time()); + WebGUI::SQL->write("delete from groupings where groupId=".quote($data->{groupId})." and expireDate < ".WebGUI::DateTime::time()); } else { - WebGUI::SQL->write("delete from groupings where groupId=$data->{groupId} and expireDate < " - .(time()-(86400*$data->{deleteOffset}))); + WebGUI::SQL->write("delete from groupings where groupId=".quote($data->{groupId})." and expireDate < " + .(WebGUI::DateTime::time()-(86400*$data->{deleteOffset}))); } } $sth->finish; diff --git a/sbin/Hourly/DeleteExpiredSessions.pm b/sbin/Hourly/DeleteExpiredSessions.pm index b32b853fd..5139a877e 100644 --- a/sbin/Hourly/DeleteExpiredSessions.pm +++ b/sbin/Hourly/DeleteExpiredSessions.pm @@ -17,7 +17,7 @@ use WebGUI::SQL; #------------------------------------------------------------------- sub process { - my $epoch = time(); + my $epoch = WebGUI::DateTime::time(); my $sth = WebGUI::SQL->read("select sessionId from userSession where expires<".$epoch); while (my ($sessionId) = $sth->array) { WebGUI::Session::end($sessionId); diff --git a/sbin/Hourly/DeleteExpiredTrash.pm b/sbin/Hourly/DeleteExpiredTrash.pm index b38341174..0377b6830 100644 --- a/sbin/Hourly/DeleteExpiredTrash.pm +++ b/sbin/Hourly/DeleteExpiredTrash.pm @@ -22,13 +22,13 @@ sub process { my (%properties, $base, $extended, $b, $w, $cmd, $purgeDate, $a, $pageId); tie %properties, 'Tie::CPHash'; - $purgeDate = (time()-(86400*$session{config}{DeleteExpiredTrash_offset})); + $purgeDate = (WebGUI::DateTime::time()-(86400*$session{config}{DeleteExpiredTrash_offset})); # Delete wobjects $b = WebGUI::SQL->read("select * from wobject where pageId=3 and bufferDate<" . $purgeDate); while ($base = $b->hashRef) { $extended = WebGUI::SQL->quickHashRef("select * from ".$base->{namespace}." - where wobjectId=".$base->{wobjectId}); + where wobjectId=".quote($base->{wobjectId})); %properties = (%{$base}, %{$extended}); $cmd = "WebGUI::Wobject::".$properties{namespace}; $w = $cmd->new(\%properties); @@ -44,7 +44,7 @@ sub process { WebGUI::ErrorHandler::audit("purging expired page ". $pageId ." from trash"); WebGUI::Operation::Trash::_recursePageTree($pageId); WebGUI::Operation::Trash::_purgeWobjects($pageId); - WebGUI::SQL->write("delete from page where pageId=$pageId"); + WebGUI::SQL->write("delete from page where pageId=".quote($pageId)); } $a->finish; } diff --git a/sbin/Hourly/NotifyExpiredGroupings.pm b/sbin/Hourly/NotifyExpiredGroupings.pm index 31f3e4b13..e8eb4d33f 100644 --- a/sbin/Hourly/NotifyExpiredGroupings.pm +++ b/sbin/Hourly/NotifyExpiredGroupings.pm @@ -27,7 +27,7 @@ sub process { while (my $group = $a->hashRef) { my $start = $now + (86400 * $group->{expireNotifyOffset}); my $end = $start + 86400; - my $b = WebGUI::SQL->read("select userId from groupings where groupId=".$group->{groupId}." and + my $b = WebGUI::SQL->read("select userId from groupings where groupId=".quote($group->{groupId})." and expireDate>=".$start." and expireDate<=".$end); while (my ($userId) = $b->array) { WebGUI::MessageLog::addEntry($userId,"",WebGUI::International::get(867),$group->{expireNotifyMessage});