Skip to content

[4.0] Add prepared statements for mod_related_items #25042

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 13 commits into from
Sep 2, 2019
Merged

[4.0] Add prepared statements for mod_related_items #25042

Changes from 8 commits
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
2bd76b6
Add prepared statements for mod_related_items
HLeithner May 5, 2019
ada4a97
Fix j3 merge problems
HLeithner May 29, 2019
dd9326f
Fix typo
HLeithner May 30, 2019
29acfd9
More quoteName
HLeithner May 31, 2019
28f58bb
Merge branch '4.0-dev' into prepared-mod-related-items
HLeithner Jul 2, 2019
56959f7
Merge remote-tracking branch 'github/4.0-dev' into prepared-mod-relat…
HLeithner Jul 3, 2019
d956e6d
cs
HLeithner Jul 3, 2019
b85b142
Merge remote-tracking branch 'github/prepared-mod-related-items' into…
HLeithner Jul 3, 2019
890d722
Change leftJoin to join
HLeithner Jul 17, 2019
533ead7
Merge branch '4.0-dev' into prepared-mod-related-items
HLeithner Jul 17, 2019
8403383
Convert to extendWhere
HLeithner Aug 26, 2019
f79b149
Merge remote-tracking branch 'upstream/4.0-dev' into prepared-mod-rel…
HLeithner Aug 26, 2019
3e51459
Merge branch '4.0-dev' into prepared-mod-related-items
Sep 1, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
69 changes: 45 additions & 24 deletions modules/mod_related_items/Helper/RelatedItemsHelper.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@
use Joomla\CMS\Language\Text;
use Joomla\CMS\Router\Route;
use Joomla\Component\Content\Administrator\Extension\ContentComponent;
use Joomla\Database\ParameterType;

/**
* Helper for mod_related_items
Expand All @@ -33,12 +34,13 @@ abstract class RelatedItemsHelper
*/
public static function getList(&$params)
{
$db = Factory::getDbo();
$app = Factory::getApplication();
$input = $app->input;
$groups = implode(',', Factory::getUser()->getAuthorisedViewLevels());
$maximum = (int) $params->get('maximum', 5);
$factory = $app->bootComponent('com_content')->getMVCFactory();
$db = Factory::getDbo();
$app = Factory::getApplication();
$input = $app->input;
$groups = Factory::getUser()->getAuthorisedViewLevels();
$maximum = (int) $params->get('maximum', 5);
$factory = $app->bootComponent('com_content')->getMVCFactory();
$condition = ContentComponent::CONDITION_PUBLISHED;

// Get an instance of the generic articles model
/** @var \Joomla\Component\Content\Site\Model\ArticlesModel $articles */
Expand All @@ -52,12 +54,12 @@ public static function getList(&$params)

if (!($option === 'com_content' && $view === 'article'))
{
return array();
return [];
}

$temp = $input->getString('id');
$temp = explode(':', $temp);
$id = $temp[0];
$id = (int) $temp[0];

$nullDate = $db->getNullDate();
$now = Factory::getDate()->toSql();
Expand All @@ -67,9 +69,10 @@ public static function getList(&$params)
if ($id)
{
// Select the meta keywords from the item
$query->select('metakey')
->from('#__content')
->where('id = ' . (int) $id);
$query->select($db->quoteName('metakey'))
->from($db->quoteName('#__content'))
->where($db->quoteName('id') . ' = :id')
->bind(':id', $id, ParameterType::INTEGER);
$db->setQuery($query);

try
Expand Down Expand Up @@ -102,30 +105,48 @@ public static function getList(&$params)
{
// Select other items based on the metakey field 'like' the keys found
$query->clear()
->select('a.id')
->from('#__content AS a')
->where('a.id != ' . (int) $id)
->where('ws.condition = ' . ContentComponent::CONDITION_PUBLISHED)
->where('a.access IN (' . $groups . ')');

$wheres = array();
->select($db->quoteName('a.id'))
->from($db->quoteName('#__content', 'a'))
->leftJoin($db->quoteName('#__workflow_associations', 'wa'), $db->quoteName('wa.item_id') . ' = ' . $db->quoteName('a.id'))
->leftJoin($db->quoteName('#__workflow_stages', 'ws'), $db->quoteName('ws.id') . ' = ' . $db->quoteName('wa.stage_id'))
->where($db->quoteName('a.id') . ' != :id')
->where($db->quoteName('ws.condition') . ' = :condition')
->whereIn($db->quoteName('a.access'), $groups)
->bind(':id', $id, ParameterType::INTEGER)
->bind(':condition', $condition, ParameterType::INTEGER);

$binds = [];
$wheres = [];

foreach ($likes as $keyword)
{
$wheres[] = 'a.metakey LIKE ' . $db->quote('%' . $keyword . '%');
$binds[] = '%' . $keyword . '%';
}

$bindNames = $query->bindArray($binds, ParameterType::STRING);

foreach ($bindNames as $keyword)
{
$wheres[] = 'a.metakey LIKE ' . $keyword;
}

$query->where('(' . implode(' OR ', $wheres) . ')')
->where('(a.publish_up = ' . $db->quote($nullDate) . ' OR a.publish_up <= ' . $db->quote($now) . ')')
->where('(a.publish_down = ' . $db->quote($nullDate) . ' OR a.publish_down >= ' . $db->quote($now) . ')');
->where('(' . $db->quoteName('a.publish_up') . ' = :nullDate1 OR ' . $db->quoteName('a.publish_up') . ' <= :nowDate1)')
Copy link
Contributor

@alikon alikon Jul 22, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we can use orWhere but this can be matter for another pr

Copy link
Member Author

@HLeithner HLeithner Jul 22, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we don't use orWhere instead we don't use the non alias function extendWhere correct?

should it be
->extendWhere('OR', [$db->quoteName('a.publish_up') . ' = :nullDate1', $db->quoteName('a.publish_up') . ' <= :nowDate1'])
?

Copy link
Contributor

@alikon alikon Jul 23, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

personal taste, i would prefer orWhere cause is more readable imo, but...

Copy link
Member Author

@HLeithner HLeithner Jul 23, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

joomla-framework/database#174 (comment)

In this issue comment you would remove the orWhere function. now I'm confused.

Copy link
Contributor

@alikon alikon Jul 23, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

never mentioned orWhere there , but as it is a personal taste go with extendWhere

Copy link
Contributor

@Quy Quy Aug 24, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do it like this: https://github.com/joomla/joomla-cms/pull/25977/files#diff-759da5f761521231cbefc3bd96b7846cR135

Copy link
Member Author

@HLeithner HLeithner Aug 26, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Updated

->where('(' . $db->quoteName('a.publish_down') . ' = :nullDate2 OR ' . $db->quoteName('a.publish_down') . ' >= :nowDate2)')
->bind(':nullDate1', $nullDate)
->bind(':nullDate2', $nullDate)
->bind(':nowDate1', $now)
->bind(':nowDate2', $now);

// Filter by language
if (Multilanguage::isEnabled())
{
$query->where('a.language in (' . $db->quote(Factory::getLanguage()->getTag()) . ',' . $db->quote('*') . ')');
$query->whereIn($db->quoteName('a.language'), [Factory::getLanguage()->getTag(), '*'], ParameterType::STRING);
}

$db->setQuery($query, 0, $maximum);
$query->setLimit($maximum);

$db->setQuery($query);

try
{
Expand All @@ -135,7 +156,7 @@ public static function getList(&$params)
{
$app->enqueueMessage(Text::_('JERROR_AN_ERROR_HAS_OCCURRED'), 'error');

return array();
return [];
}

if (count($articleIds))
Expand Down