From 4db3c5438fa3e2293be961652bfd3dce4fe6080a Mon Sep 17 00:00:00 2001 From: Jean-Christian Denis Date: Mon, 24 Apr 2023 23:21:54 +0200 Subject: [PATCH] use sql statement and code review and doc --- src/Utils.php | 219 ++++++++++++++++++++++++++++++++++---------------- 1 file changed, 148 insertions(+), 71 deletions(-) diff --git a/src/Utils.php b/src/Utils.php index f904425..6d06f48 100644 --- a/src/Utils.php +++ b/src/Utils.php @@ -17,10 +17,13 @@ namespace Dotclear\Plugin\postWidgetText; use dcCore; use Dotclear\Database\{ Cursor, - MetaRecord, - Structure + MetaRecord +}; +use Dotclear\Database\Statement\{ + DeleteStatement, + JoinStatement, + SelectStatement }; - use Exception; /** @@ -30,82 +33,116 @@ use Exception; */ class Utils { + /** + * Open cursor. + * + * @return Cursor The fresh cursor + */ public static function openCursor(): Cursor { return dcCore::app()->con->openCursor(dcCore::app()->prefix . My::TABLE_NAME); } + /** + * Get widgetTexts. + * + * @param array $params The query params + * @param bool $count_only Return count only + * + * @return MetaRecord The record (that mixes post and widgetText info) + */ public static function getWidgets(array $params, bool $count_only = false): MetaRecord { + // nullsafe if (is_null(dcCore::app()->blog)) { - throw new Exception('blog is not set'); + throw new Exception(__('Blog is not set')); } - if (!isset($params['columns'])) { - $params['columns'] = []; - } - $params['columns'][] = 'option_id'; - $params['columns'][] = 'option_creadt'; - $params['columns'][] = 'option_upddt'; - $params['columns'][] = 'option_type'; - $params['columns'][] = 'option_format'; - $params['columns'][] = 'option_lang'; - $params['columns'][] = 'option_title'; - $params['columns'][] = 'option_content'; - $params['columns'][] = 'option_content_xhtml'; + $sql = new SelectStatement(); + $sql->columns([ + 'option_id', + 'option_creadt', + 'option_upddt', + 'option_type', + 'option_format', + 'option_lang', + 'option_title', + 'option_content', + 'option_content_xhtml', + ]); - if (!isset($params['from'])) { - $params['from'] = ''; - } - $params['join'] = 'LEFT JOIN ' . dcCore::app()->prefix . My::TABLE_NAME . ' W ON P.post_id=W.post_id '; + $sql->join( + (new JoinStatement()) + ->left() + ->from($sql->as(dcCore::app()->prefix . My::TABLE_NAME, 'W')) + ->on('P.post_id = W.post_id') + ->statement() + ); - if (!isset($params['sql'])) { - $params['sql'] = ''; - } if (isset($params['option_type'])) { - $params['sql'] .= "AND W.option_type = '" . dcCore::app()->con->escapeStr((string) $params['option_type']) . "' "; + if (is_array($params['option_type']) || $params['option_type'] != '') { + $sql->and('option_type' . $sql->in($params['option_type'])); + } } else { - $params['sql'] .= "AND W.option_type = '" . dcCore::app()->con->escapeStr((string) My::id()) . "' "; + $sql->and('option_type = ' . $sql->quote(My::id())); } - unset($params['option_type']); + + // work on all post type by default if (!isset($params['post_type'])) { $params['post_type'] = ''; } - return dcCore::app()->blog->getPosts($params, $count_only); + return dcCore::app()->blog->getPosts($params, $count_only, $sql); } + /** + * Add a widgetText. + * + * @param Cursor $cur The widgetText Cursor + * + * @return int The new widgetText ID + */ public static function addWidget(Cursor $cur): int { + // nullsafe if (is_null(dcCore::app()->auth) || is_null(dcCore::app()->blog)) { - throw new Exception('blog is not set'); + throw new Exception(__('Blog is not set')); } + // check permissions to add post if (!dcCore::app()->auth->check(dcCore::app()->auth->makePermissions([ dcCore::app()->auth::PERMISSION_USAGE, dcCore::app()->auth::PERMISSION_CONTENT_ADMIN, ]), dcCore::app()->blog->id)) { throw new Exception(__('You are not allowed to create an entry text widget')); } - if ($cur->post_id == '') { + + // check properties + if ($cur->getField('post_id') == '') { throw new Exception('No such entry ID'); } + // lock table dcCore::app()->con->writeLock(dcCore::app()->prefix . My::TABLE_NAME); try { - $rs = dcCore::app()->con->select( - 'SELECT MAX(option_id) ' . - 'FROM ' . dcCore::app()->prefix . My::TABLE_NAME - ); + $sql = new SelectStatement(); + $rs = $sql->from(dcCore::app()->prefix . My::TABLE_NAME)->column($sql->max('option_id'))->select(); + if (is_null($rs) || $rs->isEmtpy()) { + throw new Exception(__('Something went wrong)')); + } - $cur->option_id = (int) $rs->f(0) + 1; - $cur->option_creadt = date('Y-m-d H:i:s'); - $cur->option_upddt = date('Y-m-d H:i:s'); + // set default widgetText properties + $cur->setField('option_id', (int) $rs->f(0) + 1); + $cur->setField('option_creadt', date('Y-m-d H:i:s')); + $cur->setField('option_upddt', date('Y-m-d H:i:s')); - self::getWidgetContent($cur, (int) $cur->option_id); + // check and complete Cursor + self::getWidgetContent($cur, (int) $cur->getField('option_id')); + // add new widgetText $cur->insert(); + dcCore::app()->con->unlock(); } catch (Exception $e) { dcCore::app()->con->unlock(); @@ -113,17 +150,27 @@ class Utils throw $e; } + // update blog dcCore::app()->blog->triggerBlog(); - return (int) $cur->option_id; + // return new widgetText ID + return (int) $cur->getField('option_id'); } + /** + * Update a widgetText. + * + * @param int $id The widgetText ID + * @param Cursor $cur The widgetText Cursor + */ public static function updWidget(int $id, Cursor $cur): void { + // nullsafe if (is_null(dcCore::app()->auth) || is_null(dcCore::app()->blog)) { - throw new Exception('blog is not set'); + throw new Exception(__('Blog is not set')); } + // check permission to delete post if (!dcCore::app()->auth->check(dcCore::app()->auth->makePermissions([ dcCore::app()->auth::PERMISSION_USAGE, dcCore::app()->auth::PERMISSION_CONTENT_ADMIN, @@ -131,39 +178,50 @@ class Utils throw new Exception(__('You are not allowed to update entries text widget')); } - $id = (int) $id; - + // check properties if (empty($id)) { throw new Exception(__('No such ID')); } + // check and complete Cursor self::getWidgetContent($cur, $id); + $cur->setField('option_upddt', date('Y-m-d H:i:s')); - $cur->option_upddt = date('Y-m-d H:i:s'); - + // check if user is post owner if (!dcCore::app()->auth->check(dcCore::app()->auth->makePermissions([dcCore::app()->auth::PERMISSION_CONTENT_ADMIN]), dcCore::app()->blog->id)) { - $params['option_id'] = $id; - $params['user_id'] = dcCore::app()->con->escapeStr((string) dcCore::app()->auth->userID()); - $params['no_content'] = true; - $params['limit'] = 1; - - $rs = self::getWidgets($params); + $rs = self::getWidgets([ + 'option_id' => $id, + 'user_id' => dcCore::app()->con->escapeStr((string) dcCore::app()->auth->userID()), + 'no_content' => true, + 'limit' => 1, + ]); if ($rs->isEmpty()) { throw new Exception(__('You are not allowed to delete this entry text widget')); } } + // update widgetText $cur->update('WHERE option_id = ' . $id . ' '); + + // update blog dcCore::app()->blog->triggerBlog(); } + /** + * Delete a widgetText. + * + * @param int $id The widgetText ID + * @param null|string $type The widgetText optionnal type + */ public static function delWidget(int $id, ?string $type = null): void { + // nullsafe if (is_null(dcCore::app()->auth) || is_null(dcCore::app()->blog)) { - throw new Exception('blog is not set'); + throw new Exception(__('Blog is not set')); } + // check permission to delete post if (!dcCore::app()->auth->check(dcCore::app()->auth->makePermissions([ dcCore::app()->auth::PERMISSION_DELETE, dcCore::app()->auth::PERMISSION_CONTENT_ADMIN, @@ -171,35 +229,48 @@ class Utils throw new Exception(__('You are not allowed to delete entries text widget')); } - $id = (int) $id; - $type ??= My::id(); - + // check properties if (empty($id)) { throw new Exception(__('No such ID')); } + if (empty($type)) { + $type = My::id(); + } + // check if user is post owner if (!dcCore::app()->auth->check(dcCore::app()->auth->makePermissions([dcCore::app()->auth::PERMISSION_CONTENT_ADMIN]), dcCore::app()->blog->id)) { - $params['option_id'] = $id; - $params['user_id'] = dcCore::app()->con->escapeStr((string) dcCore::app()->auth->userID()); - $params['no_content'] = true; - $params['limit'] = 1; - - $rs = self::getWidgets($params); + $rs = self::getWidgets([ + 'option_id' => $id, + 'user_id' => dcCore::app()->con->escapeStr((string) dcCore::app()->auth->userID()), + 'no_content' => true, + 'limit' => 1, + ]); if ($rs->isEmpty()) { throw new Exception(__('You are not allowed to delete this entry text widget')); } } - dcCore::app()->con->execute( - 'DELETE FROM ' . dcCore::app()->prefix . My::TABLE_NAME . ' ' . - 'WHERE option_id = ' . $id . ' ' . - "AND option_type = '" . dcCore::app()->con->escapeStr((string) $type) . "' " - ); + // delete widgetText + $sql = new DeleteStatement(); + $sql->from(dcCore::app()->prefix . My::TABLE_NAME) + ->where('option_id = ' . $id) + ->and('option_type = ' . $sql->quote($type)) + ->delete(); + // update blog dcCore::app()->blog->triggerBlog(); } + /** + * Parse widgetText content. + * + * @param int $option_id The widgetText ID + * @param string $format The format + * @param string $lang The lang + * @param null|string $content The content + * @param null|string $content_xhtml The xhtml content + */ public static function setWidgetContent(int $option_id, string $format, string $lang, ?string &$content, ?string &$content_xhtml): void { if ($format == 'wiki') { @@ -219,7 +290,7 @@ class Utils $excerpt = $excerpt_xhtml = ''; - # --BEHAVIOR-- coreAfterPostContentFormat + # --BEHAVIOR-- coreAfterPostContentFormat -- array dcCore::app()->callBehavior('coreAfterPostContentFormat', [ 'excerpt' => &$excerpt, 'content' => &$content, @@ -228,20 +299,26 @@ class Utils ]); } + /** + * Extract content. + * + * @param Cursor $cur The widgetText Cursor + * @param int $option_id The widgetText ID + */ private static function getWidgetContent(Cursor $cur, int $option_id): void { - $option_content = $cur->option_content; - $option_content_xhtml = $cur->option_content_xhtml; + $option_content = $cur->getfield('option_content'); + $option_content_xhtml = $cur->getField('option_content_xhtml'); self::setWidgetContent( $option_id, - $cur->option_format, - $cur->option_lang, + $cur->getField('option_format'), + $cur->getField('option_lang'), $option_content, $option_content_xhtml ); - $cur->option_content = $option_content; - $cur->option_content_xhtml = $option_content_xhtml; + $cur->setField('option_content', $option_content); + $cur->setField('option_content_xhtml', $option_content_xhtml); } }