[4.0][com_templates] convert to prepared statement

administrator/components/com_templates/Helper/TemplatesHelper.php

@@ -17,6 +17,7 @@
 use Joomla\CMS\Installer\Installer;
 use Joomla\CMS\Language\Text;
 use Joomla\CMS\Object\CMSObject;
+use Joomla\Database\ParameterType;
 
 /**
  * Templates component helper.
@@ -85,7 +86,9 @@ public static function getTemplateOptions($clientId = '*')
 
 		if ($clientId != '*')
 		{
-			$query->where($db->quoteName('client_id') . ' = ' . (int) $clientId);
+			$clientId = (int) $clientId;
+			$query->where($db->quoteName('client_id') . ' = :clientid')
+				->bind(':clientid', $clientId, ParameterType::INTEGER);
 		}
 
 		$db->setQuery($query);

administrator/components/com_templates/Model/StyleModel.php

@@ -22,6 +22,7 @@
 use Joomla\CMS\Object\CMSObject;
 use Joomla\CMS\Plugin\PluginHelper;
 use Joomla\CMS\Table\Table;
+use Joomla\Database\ParameterType;
 use Joomla\Registry\Registry;
 use Joomla\String\StringHelper;
 use Joomla\Utilities\ArrayHelper;
@@ -533,21 +534,25 @@ public function save($data)
 
 		if ($user->authorise('core.edit', 'com_menus') && $table->client_id == 0)
 		{
-			$n    = 0;
-			$db   = $this->getDbo();
-			$user = Factory::getUser();
+			$n       = 0;
+			$db      = $this->getDbo();
+			$user    = Factory::getUser();
+			$tableId = (int) $table->id;
+			$userId  = (int) $user->id;
 
 			if (!empty($data['assigned']) && is_array($data['assigned']))
 			{
 				$data['assigned'] = ArrayHelper::toInteger($data['assigned']);
 
 				// Update the mapping for menu items that this style IS assigned to.
 				$query = $db->getQuery(true)
-					->update('#__menu')
-					->set('template_style_id = ' . (int) $table->id)
-					->where('id IN (' . implode(',', $data['assigned']) . ')')
-					->where('template_style_id != ' . (int) $table->id)
-					->where('checked_out IN (0,' . (int) $user->id . ')');
+					->update($db->quoteName('#__menu'))
+					->set($db->quoteName('template_style_id') . ' = :newtsid')
+					->whereIn($db->quoteName('id'), $data['assigned'])
+					->where($db->quoteName('template_style_id') . ' != :tsid')
+					->whereIn($db->quoteName('checked_out'), [0, $userId])
+					->bind(':newtsid', $tableId, ParameterType::INTEGER)
+					->bind(':tsid', $tableId, ParameterType::INTEGER);
 				$db->setQuery($query);
 				$db->execute();
 				$n += $db->getAffectedRows();
@@ -556,16 +561,17 @@ public function save($data)
 			// Remove style mappings for menu items this style is NOT assigned to.
 			// If unassigned then all existing maps will be removed.
 			$query = $db->getQuery(true)
-				->update('#__menu')
-				->set('template_style_id = 0');
+				->update($db->quoteName('#__menu'))
+				->set($db->quoteName('template_style_id') . ' = 0');
 
 			if (!empty($data['assigned']))
 			{
-				$query->where('id NOT IN (' . implode(',', $data['assigned']) . ')');
+				$query->whereNotIn($db->quoteName('id'), $data['assigned']);
 			}
 
-			$query->where('template_style_id = ' . (int) $table->id)
-				->where('checked_out IN (0,' . (int) $user->id . ')');
+			$query->where($db->quoteName('template_style_id') . ' = :templatestyleid')
+				->whereIn($db->quoteName('checked_out'), [0, $userId])
+				->bind(':templatestyleid', $tableId, ParameterType::INTEGER);
 			$db->setQuery($query);
 			$db->execute();
 
@@ -623,20 +629,25 @@ public function setHome($id = 0)
 			throw new \Exception(Text::_('COM_TEMPLATES_ERROR_SAVE_DISABLED_TEMPLATE'));
 		}
 
+		$clientId = (int) $style->client_id;
+		$id       = (int) $id;
+
 		// Reset the home fields for the client_id.
 		$query = $db->getQuery(true)
-			->update('#__template_styles')
-			->set('home = ' .  $db->quote('0'))
-			->where('client_id = ' . (int) $style->client_id)
-			->where('home = ' . $db->quote('1'));
+			->update($db->quoteName('#__template_styles'))
+			->set($db->quoteName('home') . ' = ' . $db->quote('0'))
+			->where($db->quoteName('client_id') . ' = :clientid')
+			->where($db->quoteName('home') . ' = ' . $db->quote('1'))
+			->bind(':clientid', $clientId, ParameterType::INTEGER);
 		$db->setQuery($query);
 		$db->execute();
 
 		// Set the new home style.
 		$query = $db->getQuery(true)
-			->update('#__template_styles')
-			->set('home = ' . $db->quote('1'))
-			->where('id = ' . (int) $id);
+			->update($db->quoteName('#__template_styles'))
+			->set($db->quoteName('home') . ' = ' . $db->quote('1'))
+			->where($db->quoteName('id') . ' = :id')
+			->bind(':id', $id, ParameterType::INTEGER);
 		$db->setQuery($query);
 		$db->execute();
 
@@ -665,12 +676,15 @@ public function unsetHome($id = 0)
 		{
 			throw new \Exception(Text::_('JLIB_APPLICATION_ERROR_EDITSTATE_NOT_PERMITTED'));
 		}
+
+		$id = (int) $id;
 
 		// Lookup the client_id.
 		$query = $db->getQuery(true)
 			->select('client_id, home')
-			->from('#__template_styles')
-			->where('id = ' . (int) $id);
+			->from($db->quoteName('#__template_styles'))
+			->where($db->quoteName('id') . ' = :id')
+			->bind(':id', $id, ParameterType::INTEGER);
 		$db->setQuery($query);
 		$style = $db->loadObject();
 
@@ -685,9 +699,10 @@ public function unsetHome($id = 0)
 
 		// Set the new home style.
 		$query = $db->getQuery(true)
-			->update('#__template_styles')
-			->set('home = ' . $db->quote('0'))
-			->where('id = ' . (int) $id);
+			->update($db->quoteName('#__template_styles'))
+			->set($db->quoteName('home') . ' = ' . $db->quote('0'))
+			->where($db->quoteName('id') . ' = :id')
+			->bind(':id', $id, ParameterType::INTEGER);
 		$db->setQuery($query);
 		$db->execute();
 

administrator/components/com_templates/Model/StylesModel.php

@@ -14,6 +14,7 @@
 use Joomla\CMS\Component\ComponentHelper;
 use Joomla\CMS\MVC\Factory\MVCFactoryInterface;
 use Joomla\CMS\MVC\Model\ListModel;
+use Joomla\Database\ParameterType;
 
 /**
  * Methods supporting a list of template style records.
@@ -122,15 +123,16 @@ protected function getListQuery()
 			)
 		);
 		$query->from($db->quoteName('#__template_styles', 'a'))
-			->where($db->quoteName('a.client_id') . ' = ' . $clientId);
+			->where($db->quoteName('a.client_id') . ' = :clientid')
+			->bind(':clientid', $clientId, ParameterType::INTEGER);
 
 		// Join on menus.
-		$query->select('COUNT(m.template_style_id) AS assigned')
-			->join('LEFT', $db->quoteName('#__menu', 'm') . ' ON ' . $db->quoteName('m.template_style_id') . ' = ' . $db->quoteName('a.id'))
-			->group($db->quoteName(array('a.id', 'a.template', 'a.title', 'a.home', 'a.client_id', 'l.title', 'l.image', 'l.sef', 'e.extension_id')));
+		$query->select('COUNT(' . $db->quoteName('m.template_style_id' . ') AS assigned')
+			->leftJoin($db->quoteName('#__menu', 'm'), $db->quoteName('m.template_style_id') . ' = ' . $db->quoteName('a.id'))
+			->group($db->quoteName(['a.id', 'a.template', 'a.title', 'a.home', 'a.client_id', 'l.title', 'l.image', 'l.sef', 'e.extension_id']));
 
 		// Join over the language.
-		$query->join('LEFT', $db->quoteName('#__languages', 'l') . ' ON ' . $db->quoteName('l.lang_code') . ' = ' . $db->quoteName('a.home'));
+		$query->leftJoin($db->quoteName('#__languages', 'l'), $db->quoteName('l.lang_code') . ' = ' . $db->quoteName('a.home'));
 
 		// Filter by extension enabled.
 		$query->select($db->quoteName('extension_id', 'e_id'))
@@ -141,7 +143,8 @@ protected function getListQuery()
 		// Filter by template.
 		if ($template = $this->getState('filter.template'))
 		{
-			$query->where($db->quoteName('a.template') . ' = ' . $db->quote($template));
+			$query->where($db->quoteName('a.template') . ' = :template')
+				->bind(':template', $template);
 		}
 
 		// Filter by menuitem.
@@ -160,10 +163,12 @@ protected function getListQuery()
 			else
 			{
 				// Subquery to get the language of the selected menu item.
+				$menuItemId = (int) $menuItemId;
 				$menuItemLanguageSubQuery = $db->getQuery(true);
 				$menuItemLanguageSubQuery->select($db->quoteName('language'))
 					->from($db->quoteName('#__menu'))
-					->where($db->quoteName('id') . ' = ' . $menuItemId);
+					->where($db->quoteName('id') . ' = :menuitemid')
+					->bind(':menuiteid', $menuItemId, ParameterType::INTEGER);
 
 				// Subquery to get the language of the selected menu item.
 				$templateStylesMenuItemsSubQuery = $db->getQuery(true);
@@ -189,12 +194,16 @@ protected function getListQuery()
 		{
 			if (stripos($search, 'id:') === 0)
 			{
-				$query->where($db->quoteName('a.id') . ' = ' . (int) substr($search, 3));
+				$ids = (int) substr($search, 3);
+				$query->where($db->quoteName('a.id') . ' = :id');
+				$query->bind(':id', $ids, ParameterType::INTEGER);
 			}
 			else
 			{
-				$search = $db->quote('%' . strtolower($search) . '%');
-				$query->where('(' . ' LOWER(a.template) LIKE ' . $search . ' OR LOWER(a.title) LIKE ' . $search . ')');
+				$search = '%' . strtolower($search) . '%';
+				$query->where('(' . ' LOWER(a.template) LIKE :template OR LOWER(a.title) LIKE :title)')
+					->bind(':template', $search)
+					->bind(':title', $search);
 			}
 		}
 

administrator/components/com_templates/Model/TemplateModel.php

@@ -23,6 +23,7 @@
 use Joomla\CMS\Plugin\PluginHelper;
 use Joomla\CMS\Uri\Uri;
 use Joomla\Component\Templates\Administrator\Helper\TemplateHelper;
+use Joomla\Database\ParameterType;
 use Joomla\Image\Image;
 
 /**
@@ -171,12 +172,14 @@ public function getUpdatedList($state = false, $all = false, $cleanup = false)
 
 		if (!$all)
 		{
-			$query->where('extension_id = ' . $db->quote($template->extension_id));
+			$teid = (int) $template->extension_id;
+			$query->where($db->quoteName('extension_id') . ' = :teid')
+				->bind(':teid', $teid, ParameterType::INTEGER);
 		}
 
 		if ($state)
 		{
-			$query->where('state = 0');
+			$query->where($db->quoteName('state') . ' = 0');
 		}
 
 		$query->order($db->quoteName('a.modified_date') . ' DESC');
@@ -330,8 +333,10 @@ public function publish($ids, $value, $exid)
 			{
 				$deleteQuery = $db->getQuery(true)
 					->delete($db->quoteName('#__template_overrides'))
-					->where($db->quoteName('hash_id') . ' = ' . $db->quote($id))
-					->where($db->quoteName('extension_id') . ' = ' . $db->quote($exid));
+					->where($db->quoteName('hash_id') . ' = :hashid')
+					->where($db->quoteName('extension_id') . ' = :exid')
+						->bind(':hashid', $id)
+						->bind(':exid', $exid, ParameterType::INTEGER);
 
 				try
 				{
@@ -348,9 +353,12 @@ public function publish($ids, $value, $exid)
 			{
 				$updateQuery = $db->getQuery(true)
 					->update($db->quoteName('#__template_overrides'))
-					->set($db->quoteName('state') . ' = ' . $db->quote($value))
-					->where($db->quoteName('hash_id') . ' = ' . $db->quote($id))
-					->where($db->quoteName('extension_id') . ' = ' . $db->quote($exid));
+					->set($db->quoteName('state') . ' = :state')
+					->where($db->quoteName('hash_id') . ' = :hashid')
+					->where($db->quoteName('extension_id') . ' = :exid')
+						->bind(':state', $value, ParameterType::INTEGER)
+						->bind(':hashid', $id)
+						->bind(':exid', $exid, ParameterType::INTEGER);
 
 				try
 				{
@@ -631,16 +639,17 @@ public function &getTemplate()
 	{
 		if (empty($this->template))
 		{
-			$pk  = $this->getState('extension.id');
+			$pk  = (int) $this->getState('extension.id');
 			$db  = $this->getDbo();
 			$app = Factory::getApplication();
 
 			// Get the template information.
 			$query = $db->getQuery(true)
-				->select('extension_id, client_id, element, name, manifest_cache')
-				->from('#__extensions')
-				->where($db->quoteName('extension_id') . ' = ' . (int) $pk)
-				->where($db->quoteName('type') . ' = ' . $db->quote('template'));
+				->select($db->quoteName(['extension_id', 'client_id', 'element', 'name', 'manifest_cache']))
+				->from($db->quoteName('#__extensions'))
+				->where($db->quoteName('extension_id') . ' = :pk')
+				->where($db->quoteName('type') . ' = ' . $db->quote('template'))
+				->bind(':pk', $pk, ParameterType::INTEGER);
 			$db->setQuery($query);
 
 			try
@@ -678,11 +687,13 @@ public function &getTemplate()
 	 */
 	public function checkNewName()
 	{
-		$db = $this->getDbo();
+		$db    = $this->getDbo();
+		$name  = $this->getState('new_name');
 		$query = $db->getQuery(true)
 			->select('COUNT(*)')
-			->from('#__extensions')
-			->where('name = ' . $db->quote($this->getState('new_name')));
+			->from($db->quoteName('#__extensions'))
+			->where($db->quoteName('name') . ' = :name')
+				->bind(':name', $name);
 		$db->setQuery($query);
 
 		return ($db->loadResult() == 0);
@@ -1652,9 +1663,10 @@ public function getPreview()
 		$db = $this->getDbo();
 		$query = $db->getQuery(true);
 
-		$query->select('id, client_id');
-		$query->from('#__template_styles');
-		$query->where($db->quoteName('template') . ' = ' . $db->quote($this->template->element));
+		$query->select($db->quoteName(['id', 'client_id']));
+		$query->from($db->quoteName('#__template_styles'));
+		$query->where($db->quoteName('template') . ' = :template')
+			->bind(':template', $this->template->element);
 
 		$db->setQuery($query);
 

administrator/components/com_templates/Model/TemplatesModel.php

@@ -17,6 +17,7 @@
 use Joomla\CMS\MVC\Factory\MVCFactoryInterface;
 use Joomla\CMS\MVC\Model\ListModel;
 use Joomla\Component\Templates\Administrator\Helper\TemplatesHelper;
+use Joomla\Database\ParameterType;
 
 /**
  * Methods supporting a list of template extension records.
@@ -95,10 +96,11 @@ public function updated($exid)
 
 		// Select the required fields from the table
 		$query = $db->getQuery(true)
-			->select('a.template')
-			->from($db->quoteName('#__template_overrides', 'a'))
-			->where('extension_id = ' . $db->quote($exid))
-			->where('state = 0');
+			->select($db->quoteName('template'))
+			->from($db->quoteName('#__template_overrides'))
+			->where($db->quoteName('extension_id') . ' = :extensionid')
+			->where($db->quoteName('state') . ' = 0')
+			->bind(':extensionid', $exid, ParameterType::INTEGER);
 
 		// Reset the query.
 		$db->setQuery($query);
@@ -134,22 +136,29 @@ protected function getListQuery()
 				'a.extension_id, a.name, a.element, a.client_id'
 			)
 		);
+		$clientId = (int) $this->getState('client_id');
 		$query->from($db->quoteName('#__extensions', 'a'))
-			->where($db->quoteName('a.client_id') . ' = ' . (int) $this->getState('client_id'))
+			->where($db->quoteName('a.client_id') . ' = :clientid')
 			->where($db->quoteName('a.enabled') . ' = 1')
-			->where($db->quoteName('a.type') . ' = ' . $db->quote('template'));
+			->where($db->quoteName('a.type') . ' = ' . $db->quote('template'))
+			->bind(':clientid', $clientId, ParameterType::INTEGER);
 
 		// Filter by search in title.
 		if ($search = $this->getState('filter.search'))
 		{
 			if (stripos($search, 'id:') === 0)
 			{
-				$query->where($db->quoteName('a.id') . ' = ' . (int) substr($search, 3));
+				$ids = (int) substr($search, 3);
+				$query->where($db->quoteName('a.id') . ' = :id');
+				$query->bind(':id', $ids, ParameterType::INTEGER);
 			}
 			else
 			{
-				$search = $db->quote('%' . strtolower($search) . '%');
-				$query->where('(' . ' LOWER(a.element) LIKE ' . $search . ' OR LOWER(a.name) LIKE ' . $search . ')');
+				$search = '%' . strtolower($search) . '%';
+				$query->where('LOWER(' . $db->quoteName('a.element') . ') LIKE :element')
+					->orWhere('LOWER(' .  $db->quoteName('a.name') . ') LIKE :name')
+					->bind(':element', $search)
+					->bind(':name', $search);
 			}
 		}