From c3df0901991b4627e08c0a08747d73117b760f26 Mon Sep 17 00:00:00 2001 From: skodak Date: Fri, 30 May 2008 16:47:21 +0000 Subject: [PATCH] MDL-14679 datalib conversion completed --- course/edit.php | 10 +- course/edit_form.php | 31 ++- course/import/activities/index.php | 2 + course/importstudents.html | 2 +- course/importstudents.php | 2 + course/lib.php | 59 +++-- course/search.php | 2 + lib/datalib.php | 377 ++++++++++++++++------------- mod/forum/lib.php | 8 +- mod/forum/subscriber.html | 4 +- mod/forum/subscribers.php | 8 +- 11 files changed, 281 insertions(+), 224 deletions(-) diff --git a/course/edit.php b/course/edit.php index e0f66d77b3..cf51ce2838 100644 --- a/course/edit.php +++ b/course/edit.php @@ -19,17 +19,17 @@ print_error('cannoteditsiteform'); } - if (!$course = get_record('course', 'id', $id)) { + if (!$course = $DB->get_record('course', array('id'=>$id))) { print_error('invalidcourseid'); } require_login($course->id); - $category = get_record('course_categories', 'id', $course->category); + $category = $DB->get_record('course_categories', array('id'=>$course->category)); require_capability('moodle/course:update', get_context_instance(CONTEXT_COURSE, $course->id)); } else if ($categoryid) { // creating new course in this category $course = null; require_login(); - if (!$category = get_record('course_categories', 'id', $categoryid)) { + if (!$category = $DB->get_record('course_categories', array('id'=>$categoryid))) { print_error('unknowcategory'); } require_capability('moodle/course:create', get_context_instance(CONTEXT_COURSECAT, $category->id)); @@ -42,7 +42,7 @@ if (!empty($course)) { $allowedmods = array(); if (!empty($course)) { - if ($am = get_records('course_allowed_modules','course',$course->id)) { + if ($am = $DB->get_records('course_allowed_modules', array('course'=>$course->id))) { foreach ($am as $m) { $allowedmods[] = $m->module; } @@ -78,7 +78,7 @@ redirect($CFG->wwwroot.'/course/view.php?id='.$course->id); } - } else if ($data = $editform->get_data()) { + } else if ($data = $editform->get_data(false)) { $data->password = $data->enrolpassword; // we need some other name for password field MDL-9929 /// process data if submitted diff --git a/course/edit_form.php b/course/edit_form.php index 9a3bc53737..934f16bd91 100644 --- a/course/edit_form.php +++ b/course/edit_form.php @@ -25,7 +25,7 @@ class course_edit_form extends moodleform { $disable_meta = get_string('metaalreadyinmeta'); } else if ($course->metacourse) { - if (count_records('course_meta', 'parent_course', $course->id) > 0) { + if ($DB->count_records('course_meta', array('parent_course'=>$course->id)) > 0) { $disable_meta = get_string('metaalreadyhascourses'); } @@ -76,16 +76,25 @@ class course_edit_form extends moodleform { $mform->addElement('text','fullname', get_string('fullnamecourse'),'maxlength="254" size="50"'); $mform->setHelpButton('fullname', array('coursefullname', get_string('fullnamecourse')), true); - $mform->setDefault('fullname', get_string('defaultcoursefullname')); $mform->addRule('fullname', get_string('missingfullname'), 'required', null, 'client'); $mform->setType('fullname', PARAM_MULTILANG); $mform->addElement('text','shortname', get_string('shortnamecourse'),'maxlength="100" size="20"'); $mform->setHelpButton('shortname', array('courseshortname', get_string('shortnamecourse')), true); - $mform->setDefault('shortname', get_string('defaultcourseshortname')); $mform->addRule('shortname', get_string('missingshortname'), 'required', null, 'client'); $mform->setType('shortname', PARAM_MULTILANG); + $fullname = get_string('defaultcoursefullname'); + $shortname = get_string('defaultcourseshortname'); + while ($DB->record_exists('course', array('fullname'=>$fullname)) + or $DB->record_exists('course', array('fullname'=>$fullname))) { + $fullname++; + $shortname++; + } + $mform->setDefault('fullname', $fullname); + $mform->setDefault('shortname', $shortname); + + $mform->addElement('text','idnumber', get_string('idnumbercourse'),'maxlength="100" size="10"'); $mform->setHelpButton('idnumber', array('courseidnumber', get_string('idnumbercourse')), true); $mform->setType('idnumber', PARAM_RAW); @@ -183,12 +192,12 @@ class course_edit_form extends moodleform { $roles = get_assignable_roles($context); if (!empty($course)) { // add current default role, so that it is selectable even when user can not assign it - if ($current_role = get_record('role', 'id', $course->defaultrole)) { + if ($current_role = $DB->get_record('role', array('id'=>$course->defaultrole))) { $roles[$current_role->id] = strip_tags(format_string($current_role->name, true)); } } $choices = array(); - if ($sitedefaultrole = get_record('role', 'id', $CFG->defaultcourseroleid)) { + if ($sitedefaultrole = $DB->get_record('role', array('id'=>$CFG->defaultcourseroleid))) { $choices[0] = get_string('sitedefault').' ('.$sitedefaultrole->name.')'; } else { $choices[0] = get_string('sitedefault'); @@ -372,11 +381,11 @@ class course_edit_form extends moodleform { $mform->addElement('header','rolerenaming', get_string('rolerenaming')); $mform->setHelpButton('rolerenaming', array('rolerenaming', get_string('rolerenaming')), true); - if ($roles = get_records('role')) { + if ($roles = $DB->get_records('role')) { foreach ($roles as $role) { $mform->addElement('text', 'role_'.$role->id, $role->name); if ($coursecontext) { - if ($rolename = get_record('role_names', 'roleid', $role->id, 'contextid', $coursecontext->id)) { + if ($rolename = $DB->get_record('role_names', array('roleid'=>$role->id, 'contextid'=>$coursecontext->id))) { $mform->setDefault('role_'.$role->id, $rolename->name); } } @@ -397,14 +406,14 @@ class course_edit_form extends moodleform { } function definition_after_data() { - global $CFG; + global $DB; $mform =& $this->_form; // add availabe groupings if ($courseid = $mform->getElementValue('id') and $mform->elementExists('defaultgroupingid')) { $options = array(); - if ($groupings = get_records('groupings', 'courseid', $courseid)) { + if ($groupings = $DB->get_records('groupings', array('courseid'=>$courseid))) { foreach ($groupings as $grouping) { $options[$grouping->id] = format_string($grouping->name); } @@ -417,8 +426,10 @@ class course_edit_form extends moodleform { /// perform some extra moodle validation function validation($data, $files) { + global $DB; + $errors = parent::validation($data, $files); - if ($foundcourses = get_records('course', 'shortname', $data['shortname'])) { + if ($foundcourses = $DB->get_records('course', array('shortname'=>$data['shortname']))) { if (!empty($data['id'])) { unset($foundcourses[$data['id']]); } diff --git a/course/import/activities/index.php b/course/import/activities/index.php index 136d540ac8..6cdb5f1c17 100644 --- a/course/import/activities/index.php +++ b/course/import/activities/index.php @@ -10,6 +10,8 @@ $page = optional_param('page', 0, PARAM_INT); $filename = optional_param('filename', 0, PARAM_PATH); + $fromcoursesearch = stripslashes($fromcoursesearch); // TODO: remove soon + $strimportactivities = get_string('importactivities'); if (! ($course = get_record("course", "id", $id)) ) { diff --git a/course/importstudents.html b/course/importstudents.html index c997283dfe..6463648075 100644 --- a/course/importstudents.html +++ b/course/importstudents.html @@ -57,7 +57,7 @@
- wwwroot/$CFG->admin/index.php"); } diff --git a/course/lib.php b/course/lib.php index db38429a1b..9d3bb8de4a 100644 --- a/course/lib.php +++ b/course/lib.php @@ -146,7 +146,7 @@ function build_mnet_logs_array($hostid, $course, $user=0, $date=0, $order="l.tim function build_logs_array($course, $user=0, $date=0, $order="l.time ASC", $limitfrom='', $limitnum='', $modname="", $modid=0, $modaction="", $groupid=0) { - + global $DB; // It is assumed that $date is the GMT time of midnight for that day, // and so the next 86400 seconds worth of logs are printed. @@ -163,27 +163,34 @@ function build_logs_array($course, $user=0, $date=0, $order="l.time ASC", $limit } $joins = array(); + $oarams = array(); if ($course->id != SITEID || $modid != 0) { - $joins[] = "l.course='$course->id'"; + $joins[] = "l.course = :courseid"; + $params['courseid'] = $course->id; } if ($modname) { - $joins[] = "l.module = '$modname'"; + $joins[] = "l.module = :modname"; + $params['modname'] = $modname; } if ('site_errors' === $modid) { $joins[] = "( l.action='error' OR l.action='infected' )"; } else if ($modid) { - $joins[] = "l.cmid = '$modid'"; + $joins[] = "l.cmid = :modid"; + $params['modid'] = $modid; } if ($modaction) { + $ILIKE = $DB->sql_ilike(); $firstletter = substr($modaction, 0, 1); if (preg_match('/[[:alpha:]]/', $firstletter)) { - $joins[] = "lower(l.action) LIKE '%" . strtolower($modaction) . "%'"; + $joins[] = "l.action $ILIKE :modaction"; + $params['modaction'] = '%'.$modaction.'%'; } else if ($firstletter == '-') { - $joins[] = "lower(l.action) NOT LIKE '%" . strtolower(substr($modaction, 1)) . "%'"; + $joins[] = "l.action NOT $ILIKE :modaction"; + $params['modaction'] = '%'.substr($modaction, 1).'%'; } } @@ -198,19 +205,22 @@ function build_logs_array($course, $user=0, $date=0, $order="l.time ASC", $limit } } else if ($user) { - $joins[] = "l.userid = '$user'"; + $joins[] = "l.userid = :userid"; + $params['userid'] = $user; } if ($date) { $enddate = $date + 86400; - $joins[] = "l.time > '$date' AND l.time < '$enddate'"; + $joins[] = "l.time > :date AND l.time < :enddate"; + $params['date'] = $date; + $params['enddate'] = $enddate; } $selector = implode(' AND ', $joins); $totalcount = 0; // Initialise $result = array(); - $result['logs'] = get_logs($selector, $order, $limitfrom, $limitnum, $totalcount); + $result['logs'] = get_logs($selector, $params, $order, $limitfrom, $limitnum, $totalcount); $result['totalcount'] = $totalcount; return $result; } @@ -2940,13 +2950,13 @@ function can_delete_course($courseid) { } -/* +/** * Create a course and either return a $course object or false * * @param object $data - all the data needed for an entry in the 'course' table */ function create_course($data) { - global $CFG, $USER; + global $CFG, $USER, $DB; // preprocess allowed mods $allowedmods = empty($data->allowedmods) ? array() : $data->allowedmods; @@ -2961,14 +2971,14 @@ function create_course($data) { // place at beginning of category fix_course_sortorder(); - $data->sortorder = get_field_sql("SELECT min(sortorder)-1 FROM {$CFG->prefix}course WHERE category=$data->category"); + $data->sortorder = $DB->get_field_sql("SELECT MIN(sortorder)-1 FROM {course} WHERE category=?", array($data->category)); if (empty($data->sortorder)) { $data->sortorder = 100; } - if ($newcourseid = insert_record('course', $data)) { // Set up new course + if ($newcourseid = $DB->insert_record('course', $data)) { // Set up new course - $course = get_record('course', 'id', $newcourseid); + $course = $DB->get_record('course', array('id'=>$newcourseid)); // Setup the blocks $page = page_create_object(PAGE_COURSE_VIEW, $course->id); @@ -2979,7 +2989,7 @@ function create_course($data) { $section = new object(); $section->course = $course->id; // Create a default section. $section->section = 0; - $section->id = insert_record('course_sections', $section); + $section->id = $DB->insert_record('course_sections', $section); fix_course_sortorder(); @@ -2992,13 +3002,13 @@ function create_course($data) { } -/* +/** * Update a course and return true or false * * @param object $data - all the data needed for an entry in the 'course' table */ function update_course($data) { - global $USER, $CFG; + global $USER, $CFG, $DB; // Preprocess allowed mods $allowedmods = empty($data->allowedmods) ? array() : $data->allowedmods; @@ -3010,19 +3020,20 @@ function update_course($data) { } $movecat = false; - $oldcourse = get_record('course', 'id', $data->id); // should not fail, already tested above + $oldcourse = $DB->get_record('course', array('id'=>$data->id)); // should not fail, already tested above if (!has_capability('moodle/course:create', get_context_instance(CONTEXT_COURSECAT, $oldcourse->category)) or !has_capability('moodle/course:create', get_context_instance(CONTEXT_COURSECAT, $data->category))) { // can not move to new category, keep the old one unset($data->category); + } elseif ($oldcourse->category != $data->category) { $movecat = true; } // Update with the new data - if (update_record('course', $data)) { + if ($DB->update_record('course', $data)) { - $course = get_record('course', 'id', $data->id); + $course = $DB->get_record('course', array('id'=>$data->id)); add_to_log($course->id, "course", "update", "edit.php?id=$course->id", $course->id); @@ -3061,19 +3072,19 @@ function update_course($data) { if (empty($dvalue)) { - delete_records('role_names', 'contextid', $context->id, 'roleid', $roleid); + $DB->delete_records('role_names', array('contextid'=>$context->id, 'roleid'=>$roleid)); - } else if ($t = get_record('role_names', 'contextid', $context->id, 'roleid', $roleid)) { + } else if ($t = $DB->get_record('role_names', array('contextid'=>$context->id, 'roleid'=>$roleid))) { $t->name = $dvalue; - update_record('role_names', $t); + $DB->update_record('role_names', $t); } else { $t->contextid = $context->id; $t->roleid = $roleid; $t->name = $dvalue; - insert_record('role_names', $t); + $DB->insert_record('role_names', $t); } } diff --git a/course/search.php b/course/search.php index d6645ab393..e09d78b1dd 100644 --- a/course/search.php +++ b/course/search.php @@ -15,6 +15,8 @@ $blocklist = optional_param('blocklist', 0, PARAM_INT); $modulelist= optional_param('modulelist', '', PARAM_ALPHAEXT); + $search = stripslashes($search); // TODO: remove soon + $search = trim(strip_tags($search)); // trim & clean raw searched string if ($search) { diff --git a/lib/datalib.php b/lib/datalib.php index 682110c556..0d23e56488 100644 --- a/lib/datalib.php +++ b/lib/datalib.php @@ -1219,8 +1219,7 @@ function get_all_subcategories($catid) { * safely from 1.4 to 1.5 */ function fix_course_sortorder($categoryid=0, $n=0, $safe=0, $depth=0, $path='') { - - global $CFG; + global $CFG, $DB; $count = 0; @@ -1229,13 +1228,13 @@ function fix_course_sortorder($categoryid=0, $n=0, $safe=0, $depth=0, $path='') if ($categoryid > 0){ // update depth and path - $cat = get_record('course_categories', 'id', $categoryid); + $cat = $DB->get_record('course_categories', array('id'=>$categoryid)); if ($cat->parent == 0) { $depth = 0; $path = ''; } else if ($depth == 0 ) { // doesn't make sense; get from DB // this is only called if the $depth parameter looks dodgy - $parent = get_record('course_categories', 'id', $cat->parent); + $parent = $DB->get_record('course_categories', array('id'=>$cat->parent)); $path = $parent->path; $depth = $parent->depth; } @@ -1243,20 +1242,20 @@ function fix_course_sortorder($categoryid=0, $n=0, $safe=0, $depth=0, $path='') $depth = $depth + 1; if ($cat->path !== $path) { - set_field('course_categories', 'path', addslashes($path), 'id', $categoryid); + $DB->set_field('course_categories', 'path', $path, array('id'=>$categoryid)); } if ($cat->depth != $depth) { - set_field('course_categories', 'depth', $depth, 'id', $categoryid); + $DB->set_field('course_categories', 'depth', $depth, array('id'=>$categoryid)); } } // get some basic info about courses in the category - $info = get_record_sql('SELECT MIN(sortorder) AS min, - MAX(sortorder) AS max, - COUNT(sortorder) AS count - FROM ' . $CFG->prefix . 'course - WHERE category=' . $categoryid); - if (is_object($info)) { // no courses? + $info = $DB->get_record_sql("SELECT MIN(sortorder) AS min, + MAX(sortorder) AS max, + COUNT(sortorder) AS count + FROM {course} + WHERE category=?", array($categoryid)); + if ($info) { // no courses? $max = $info->max; $count = $info->count; $min = $info->min; @@ -1293,9 +1292,9 @@ function fix_course_sortorder($categoryid=0, $n=0, $safe=0, $depth=0, $path='') $shift = $count + $catgap; } // UPDATE course SET sortorder=sortorder+$shift - execute_sql("UPDATE {$CFG->prefix}course - SET sortorder=sortorder+$shift - WHERE category=$categoryid", 0); + $DB->execute("UPDATE {course} + SET sortorder=sortorder+? + WHERE category=?", array($shift, $categoryid)); $n = $n + $catgap + $count; } else { // do it slowly @@ -1304,25 +1303,24 @@ function fix_course_sortorder($categoryid=0, $n=0, $safe=0, $depth=0, $path='') // will stop us -- shift things aside for a moment... if ($safe || ($n >= $min && $n+$count+1 < $min && $CFG->dbfamily==='mysql')) { $shift = $max + $n + 1000; - execute_sql("UPDATE {$CFG->prefix}course - SET sortorder=sortorder+$shift - WHERE category=$categoryid", 0); + $DB->execute_sql("UPDATE {$CFG->prefix}course + SET sortorder=sortorder+? + WHERE category=?", array($shift, $categoryid)); } $courses = get_courses($categoryid, 'c.sortorder ASC', 'c.id,c.sortorder'); - begin_sql(); + $DB->begin_sql(); $tx = true; // transaction sanity foreach ($courses as $course) { if ($tx && $course->sortorder != $n ) { // save db traffic - $tx = $tx && set_field('course', 'sortorder', $n, - 'id', $course->id); + $tx = $tx && $DB->set_field('course', 'sortorder', $n, array('id'=>$course->id)); } $n++; } if ($tx) { - commit_sql(); + $DB->commit_sql(); } else { - rollback_sql(); + $DB->rollback_sql(); if (!$safe) { // if we failed when called with !safe, try // to recover calling self with safe=true @@ -1331,10 +1329,10 @@ function fix_course_sortorder($categoryid=0, $n=0, $safe=0, $depth=0, $path='') } } } - set_field('course_categories', 'coursecount', $count, 'id', $categoryid); + $DB->set_field('course_categories', 'coursecount', $count, array('id'=>$categoryid)); // $n could need updating - $max = get_field_sql("SELECT MAX(sortorder) from {$CFG->prefix}course WHERE category=$categoryid"); + $max = $DB->get_field_sql("SELECT MAX(sortorder) FROM {course} WHERE category=?", array($categoryid)); if ($max > $n) { $n = $max; } @@ -1353,43 +1351,42 @@ function fix_course_sortorder($categoryid=0, $n=0, $safe=0, $depth=0, $path='') * useful if a category has been removed manually **/ function fix_coursecategory_orphans() { - - global $CFG; + global $DB; // Note: the handling of sortorder here is arguably // open to race conditions. Hard to fix here, unlikely // to hit anyone in production. $sql = "SELECT c.id, c.category, c.shortname - FROM {$CFG->prefix}course c - LEFT OUTER JOIN {$CFG->prefix}course_categories cc ON c.category=cc.id - WHERE cc.id IS NULL AND c.id != " . SITEID; + FROM {course} c + LEFT OUTER JOIN {course_categories} cc ON c.category=cc.id + WHERE cc.id IS NULL AND c.id <> " . SITEID; - $rs = get_recordset_sql($sql); + if (!$rs = $DB->get_recordset_sql($sql)) { + return; + } - if (!rs_EOF($rs)) { // we have some orphans + if ($rs->valid()) { // we have some orphans // the "default" category is the lowest numbered... - $default = get_field_sql("SELECT MIN(id) - FROM {$CFG->prefix}course_categories"); - $sortorder = get_field_sql("SELECT MAX(sortorder) - FROM {$CFG->prefix}course - WHERE category=$default"); - - - begin_sql(); - $tx = true; - while ($tx && $course = rs_fetch_next_record($rs)) { - $tx = $tx && set_field('course', 'category', $default, 'id', $course->id); - $tx = $tx && set_field('course', 'sortorder', ++$sortorder, 'id', $course->id); - } - if ($tx) { - commit_sql(); - } else { - rollback_sql(); + $default = $DB->get_field_sql("SELECT MIN(id) + FROM {course_categories}"); + $sortorder = $DB->get_field_sql("SELECT MAX(sortorder) + FROM {course} + WHERE category=?", array($default)); + + + $DB->begin_sql(); + foreach ($rs as $course) { + if (!$DB->set_field('course', 'category', $default, array('id'=>$course->id)) + or !$DB->set_field('course', 'sortorder', ++$sortorder, array('id'=>$course->id))) { + $DB->rollback_sql(); + return; + } } + $DB->commit_sql(); } - rs_close($rs); + $rs->close(); } /** @@ -1400,7 +1397,7 @@ function fix_coursecategory_orphans() { * @return array {@link $COURSE} of course objects */ function get_my_remotecourses($userid=0) { - global $CFG, $USER; + global $DB, $USER; if (empty($userid)) { $userid = $USER->id; @@ -1409,12 +1406,12 @@ function get_my_remotecourses($userid=0) { $sql = "SELECT c.remoteid, c.shortname, c.fullname, c.hostid, c.summary, c.cat_name, h.name AS hostname - FROM {$CFG->prefix}mnet_enrol_course c - JOIN {$CFG->prefix}mnet_enrol_assignments a ON c.id=a.courseid - JOIN {$CFG->prefix}mnet_host h ON c.hostid=h.id - WHERE a.userid={$userid}"; + FROM {mnet_enrol_course} c + JOIN {mnet_enrol_assignments} a ON c.id=a.courseid + JOIN {mnet_host} h ON c.hostid=h.id + WHERE a.userid=?"; - return get_records_sql($sql); + return $DB->get_records_sql($sql, array($userid)); } /** @@ -1444,12 +1441,9 @@ function get_my_remotehosts() { * strings and files is a bit odd, but this is because we * need to maintain backward compatibility with many different * existing language translations and older sites. - * - * @uses $CFG */ function make_default_scale() { - - global $CFG; + global $CFG, $DB; $defaultscale = NULL; $defaultscale->courseid = 0; @@ -1480,10 +1474,10 @@ function make_default_scale() { $file = ''; } - $defaultscale->description = addslashes(implode('', $file)); + $defaultscale->description = implode('', $file); - if ($defaultscale->id = insert_record('scale', $defaultscale)) { - execute_sql('UPDATE '. $CFG->prefix .'forum SET scale = \''. $defaultscale->id .'\'', false); + if ($defaultscale->id = $DB->insert_record('scale', $defaultscale)) { + $DB->execute("UPDATE {forum} SET scale = ?", array($defaultscale->id)); } } @@ -1496,20 +1490,21 @@ function make_default_scale() { * @return object */ function get_scales_menu($courseid=0) { + global $DB; - global $CFG; - - $sql = "SELECT id, name FROM {$CFG->prefix}scale - WHERE courseid = '0' or courseid = '$courseid' + $sql = "SELECT id, name + FROM {scale} + WHERE courseid = 0 or courseid = ? ORDER BY courseid ASC, name ASC"; + $params = array($courseid); - if ($scales = get_records_sql_menu($sql)) { + if ($scales = $DB->get_records_sql_menu($sql, $params)) { return $scales; } make_default_scale(); - return get_records_sql_menu($sql); + return $DB->get_records_sql_menu($sql, $params); } @@ -1521,19 +1516,17 @@ function get_scales_menu($courseid=0) { * @param array $timezones An array of timezone records */ function update_timezone_records($timezones) { -/// Given a set of timezone records, put them in the database - - global $CFG; + global $DB; /// Clear out all the old stuff - execute_sql('TRUNCATE TABLE '.$CFG->prefix.'timezone', false); + $DB->execute("TRUNCATE TABLE {timezone}"); /// Insert all the new stuff foreach ($timezones as $timezone) { if (is_array($timezone)) { $timezone = (object)$timezone; } - insert_record('timezone', $timezone); + $DB->insert_record('timezone', $timezone); } } @@ -1543,22 +1536,20 @@ function update_timezone_records($timezones) { /** * Just gets a raw list of all modules in a course * - * @uses $CFG * @param int $courseid The id of the course as found in the 'course' table. * @return object */ function get_course_mods($courseid) { - global $CFG; + global $DB; if (empty($courseid)) { return false; // avoid warnings } - return get_records_sql("SELECT cm.*, m.name as modname - FROM {$CFG->prefix}modules m, - {$CFG->prefix}course_modules cm - WHERE cm.course = ".intval($courseid)." - AND cm.module = m.id AND m.visible = 1"); // no disabled mods + return $DB->get_records_sql("SELECT cm.*, m.name as modname + FROM {modules} m, {course_modules} cm + WHERE cm.course = ? AND cm.module = m.id AND m.visible = 1", + array($courseid)); // no disabled mods } @@ -1571,20 +1562,25 @@ function get_course_mods($courseid) { * @return object course module instance with instance and module name */ function get_coursemodule_from_id($modulename, $cmid, $courseid=0) { + global $DB; - global $CFG; + $params = array(); + $courseselect = ""; - $courseselect = ($courseid) ? 'cm.course = '.intval($courseid).' AND ' : ''; - - return get_record_sql("SELECT cm.*, m.name, md.name as modname - FROM {$CFG->prefix}course_modules cm, - {$CFG->prefix}modules md, - {$CFG->prefix}$modulename m - WHERE $courseselect - cm.id = ".intval($cmid)." AND - cm.instance = m.id AND - md.name = '$modulename' AND - md.id = cm.module"); + if ($courseid) { + $courseselect = "cm.course = :courseid AND "; + $params['courseid'] = $courseid; + } + $params['cmid'] = $cmid; + $params['modulename'] = $modulename; + + return $DB->get_record_sql("SELECT cm.*, m.name, md.name as modname + FROM {course_modules} cm, {modules} md, {".$modulename."} m + WHERE $courseselect + cm.id = :cmid AND + cm.instance = m.id AND + md.name = :modulename AND + md.id = cm.module", $params); } /** @@ -1596,20 +1592,25 @@ function get_coursemodule_from_id($modulename, $cmid, $courseid=0) { * @return object course module instance with instance and module name */ function get_coursemodule_from_instance($modulename, $instance, $courseid=0) { + global $DB; - global $CFG; - - $courseselect = ($courseid) ? 'cm.course = '.intval($courseid).' AND ' : ''; + $params = array(); + $courseselect = ""; - return get_record_sql("SELECT cm.*, m.name, md.name as modname - FROM {$CFG->prefix}course_modules cm, - {$CFG->prefix}modules md, - {$CFG->prefix}$modulename m - WHERE $courseselect - cm.instance = m.id AND - md.name = '$modulename' AND - md.id = cm.module AND - m.id = ".intval($instance)); + if ($courseid) { + $courseselect = "cm.course = :courseid AND "; + $params['courseid'] = $courseid; + } + $params['instance'] = $instance; + $params['modulename'] = $modulename; + + return $DB->get_record_sql("SELECT cm.*, m.name, md.name as modname + FROM {course_modules} cm, {modules} md, {".$modulename."} m + WHERE $courseselect + cm.instance = m.id AND + md.name = :$modulename AND + md.id = cm.module AND + m.id = :$instance", $params); } @@ -1621,19 +1622,22 @@ function get_coursemodule_from_instance($modulename, $instance, $courseid=0) { * @return array of cm objects, false if not found or error */ function get_coursemodules_in_course($modulename, $courseid, $extrafields='') { - global $CFG; + global $DB; if (!empty($extrafields)) { $extrafields = ", $extrafields"; } - return get_records_sql("SELECT cm.*, m.name, md.name as modname $extrafields - FROM {$CFG->prefix}course_modules cm, - {$CFG->prefix}modules md, - {$CFG->prefix}$modulename m - WHERE cm.course = $courseid AND - cm.instance = m.id AND - md.name = '$modulename' AND - md.id = cm.module"); + $params = array(); + $params['courseid'] = $courseid; + $params['modulename'] = $modulename; + + + return $DB->get_records_sql("SELECT cm.*, m.name, md.name as modname $extrafields + FROM {course_modules} cm, {modules} md, {".$modulename."} m + WHERE cm.course = :courseid AND + cm.instance = m.id AND + md.name = :modulename AND + md.id = cm.module"); } /** @@ -1652,7 +1656,7 @@ function get_coursemodules_in_course($modulename, $courseid, $extrafields='') { * and course_sections tables, or an empty array if an error occurred. */ function get_all_instances_in_courses($modulename, $courses, $userid=NULL, $includeinvisible=false) { - global $CFG; + global $CFG, $DB; $outputarray = array(); @@ -1660,17 +1664,18 @@ function get_all_instances_in_courses($modulename, $courses, $userid=NULL, $incl return $outputarray; } - if (!$rawmods = get_records_sql("SELECT cm.id AS coursemodule, m.*, cw.section, cm.visible AS visible, - cm.groupmode, cm.groupingid, cm.groupmembersonly - FROM {$CFG->prefix}course_modules cm, - {$CFG->prefix}course_sections cw, - {$CFG->prefix}modules md, - {$CFG->prefix}$modulename m - WHERE cm.course IN (".implode(',',array_keys($courses)).") AND - cm.instance = m.id AND - cm.section = cw.id AND - md.name = '$modulename' AND - md.id = cm.module")) { + list($coursessql, $params) = $DB->get_in_or_equal(array_keys($courses), SQL_PARAMS_NAMED, 'c0'); + $params['modulename'] = $modulename; + + if (!$rawmods = $DB->get_records_sql("SELECT cm.id AS coursemodule, m.*, cw.section, cm.visible AS visible, + cm.groupmode, cm.groupingid, cm.groupmembersonly + FROM {course_modules} cm, {course_sections} cw, {modules} md, + {".$modulename."} m + WHERE cm.course $coursessql AND + cm.instance = m.id AND + cm.section = cw.id AND + md.name = :modulename AND + md.id = cm.module", $params)) { return $outputarray; } @@ -1729,23 +1734,21 @@ function get_all_instances_in_course($modulename, $course, $userid=NULL, $includ * and the module's type (eg "forum") returns whether the object * is visible or not, groupmembersonly visibility not tested * - * @uses $CFG * @param $moduletype Name of the module eg 'forum' * @param $module Object which is the instance of the module * @return bool */ function instance_is_visible($moduletype, $module) { - - global $CFG; + global $DB; if (!empty($module->id)) { - if ($records = get_records_sql("SELECT cm.instance, cm.visible, cm.groupingid, cm.id, cm.groupmembersonly, cm.course - FROM {$CFG->prefix}course_modules cm, - {$CFG->prefix}modules m - WHERE cm.course = '$module->course' AND - cm.module = m.id AND - m.name = '$moduletype' AND - cm.instance = '$module->id'")) { + $params = array('courseid'=>$module->course, 'moduletype'=>$moduletype, 'moduleid'=>$module->id); + if ($records = $DB->get_records_sql("SELECT cm.instance, cm.visible, cm.groupingid, cm.id, cm.groupmembersonly, cm.course + FROM {course_modules} cm, {modules} m + WHERE cm.course = :courseid AND + cm.module = m.id AND + m.name = :moduletype AND + cm.instance = :moduleid")) { foreach ($records as $record) { // there should only be one - use the first one return $record->visible; @@ -1896,7 +1899,6 @@ function add_to_log($courseid, $module, $action, $url='', $info='', $cm=0, $user * @return void */ function user_accesstime_log($courseid=0) { - global $USER, $CFG, $DB; if (!isloggedin() or !empty($USER->realuser)) { @@ -1964,8 +1966,8 @@ function user_accesstime_log($courseid=0) { /** * Select all log records based on SQL criteria * - * @uses $CFG * @param string $select SQL select criteria + * @param array $params named sql type params * @param string $order SQL order by clause to sort the records returned * @param string $limitfrom ? * @param int $limitnum ? @@ -1973,20 +1975,33 @@ function user_accesstime_log($courseid=0) { * @return object * @todo Finish documenting this function */ -function get_logs($select, $order='l.time DESC', $limitfrom='', $limitnum='', &$totalcount) { - global $CFG; +function get_logs($select, array $params=null, $order='l.time DESC', $limitfrom='', $limitnum='', &$totalcount) { + global $DB; if ($order) { - $order = 'ORDER BY '. $order; + $order = "ORDER BY $order"; + } + + $selectsql = ""; + $countsql = ""; + + if ($select) { + $select = "WHERE $select"; } - $selectsql = $CFG->prefix .'log l LEFT JOIN '. $CFG->prefix .'user u ON l.userid = u.id '. ((strlen($select) > 0) ? 'WHERE '. $select : ''); - $countsql = $CFG->prefix.'log l '.((strlen($select) > 0) ? ' WHERE '. $select : ''); + $sql = "SELECT COUNT(*) + FROM {log} l + $select"; + + $totalcount = $DB->count_records_sql($sql, $params); - $totalcount = count_records_sql("SELECT COUNT(*) FROM $countsql"); + $sql = "SELECT l.*, u.firstname, u.lastname, u.picture + FROM {log} l + LEFT JOIN {user} u ON l.userid = u.id + $select + $order"; - return get_records_sql('SELECT l.*, u.firstname, u.lastname, u.picture - FROM '. $selectsql .' '. $order, $limitfrom, $limitnum) ; + return $DB->get_records_sql($sql, $params, $limitfrom, $limitnum) ; } @@ -2001,19 +2016,23 @@ function get_logs($select, $order='l.time DESC', $limitfrom='', $limitnum='', &$ * @todo Finish documenting this function */ function get_logs_usercourse($userid, $courseid, $coursestart) { - global $CFG; + global $DB; + $params = array(); + + $courseselect = ''; if ($courseid) { - $courseselect = ' AND course = \''. $courseid .'\' '; - } else { - $courseselect = ''; + $courseselect = "AND course = :courseid"; + $params['courseid'] = $courseid; } + $params['userid'] = $userid; + $params['coursestart'] = $coursestart; - return get_records_sql("SELECT floor((time - $coursestart)/". DAYSECS .") as day, count(*) as num - FROM {$CFG->prefix}log - WHERE userid = '$userid' - AND time > '$coursestart' $courseselect - GROUP BY floor((time - $coursestart)/". DAYSECS .") "); + return $DB->get_records_sql("SELECT FLOOR((time - :coursestart)/". DAYSECS .") AS day, COUNT(*) AS num + FROM {log} + WHERE userid = :userid + AND time > :coursestart $courseselect + GROUP BY FLOOR((time - :coursestart)/". DAYSECS .")", $params); } /** @@ -2028,19 +2047,23 @@ function get_logs_usercourse($userid, $courseid, $coursestart) { * @todo Finish documenting this function */ function get_logs_userday($userid, $courseid, $daystart) { - global $CFG; + global $DB; + + $params = array(); + $courseselect = ''; if ($courseid) { - $courseselect = ' AND course = \''. $courseid .'\' '; - } else { - $courseselect = ''; + $courseselect = "AND course = :courseid"; + $params['courseid'] = $courseid; } + $params['userid'] = $userid; + $params['daystart'] = $daystart; - return get_records_sql("SELECT floor((time - $daystart)/". HOURSECS .") as hour, count(*) as num - FROM {$CFG->prefix}log - WHERE userid = '$userid' - AND time > '$daystart' $courseselect - GROUP BY floor((time - $daystart)/". HOURSECS .") "); + return $DB->get_records_sql("SELECT FLOOR((time - :daystart)/". HOURSECS .") AS hour, COUNT(*) AS num + FROM {log} + WHERE userid = :userid + AND time > :daystart $courseselect + GROUP BY FLOOR((time - :daystart)/". HOURSECS .") "); } /** @@ -2057,16 +2080,20 @@ function get_logs_userday($userid, $courseid, $daystart) { * @return int */ function count_login_failures($mode, $username, $lastlogin) { + global $DB; - $select = 'module=\'login\' AND action=\'error\' AND time > '. $lastlogin; + $params = array('mode'=>$mode, 'username'=>$username, 'lastlogin'=>$lastlogin); + $select = "module='login' AND action='error' AND time > :lastlogin"; + + $count = new object(); if (has_capability('moodle/site:config', get_context_instance(CONTEXT_SYSTEM))) { // Return information about all accounts - if ($count->attempts = count_records_select('log', $select)) { - $count->accounts = count_records_select('log', $select, 'COUNT(DISTINCT info)'); + if ($count->attempts = $DB->count_records_select('log', $select, $params)) { + $count->accounts = $DB->count_records_select('log', $select, $params, 'COUNT(DISTINCT info)'); return $count; } } else if ($mode == 'everybody' or ($mode == 'teacher' and isteacherinanycourse())) { - if ($count->attempts = count_records_select('log', $select .' AND info = \''. $username .'\'')) { + if ($count->attempts = $DB->count_records_select('log', "$select AND info = :username", $params)) { return $count; } } @@ -2112,7 +2139,7 @@ function print_object($object) { * @return bool */ function course_parent_visible($course = null) { - global $CFG; + global $CFG, $DB; //return true; static $mycache; @@ -2136,16 +2163,15 @@ function course_parent_visible($course = null) { if (isset($course->categorypath)) { $path = $course->categorypath; } else { - $path = get_field('course_categories', 'path', - 'id', $course->category); + $path = $DB->get_field('course_categories', 'path', array('id'=>$course->category)); } $catids = substr($path,1); // strip leading slash $catids = str_replace('/',',',$catids); $sql = "SELECT MIN(visible) - FROM {$CFG->prefix}course_categories - WHERE id IN ($catids)"; - $vis = get_field_sql($sql); + FROM {course_categories} + WHERE id IN ($catids)"; + $vis = $DB->get_field_sql($sql); // cast to force assoc array $k = (string)$course->category; @@ -2190,9 +2216,10 @@ function user_can_create_courses() { * @return array */ function get_creatable_categories() { + global $DB; $creatablecats = array(); - if ($cats = get_records('course_categories')) { + if ($cats = $DB->get_records('course_categories')) { foreach ($cats as $cat) { if (has_capability('moodle/course:create', get_context_instance(CONTEXT_COURSECAT, $cat->id))) { $creatablecats[$cat->id] = $cat->name; diff --git a/mod/forum/lib.php b/mod/forum/lib.php index 3368e3e813..197c56871f 100644 --- a/mod/forum/lib.php +++ b/mod/forum/lib.php @@ -3981,8 +3981,9 @@ function forum_get_subscribed_forums($course) { * Adds user to the subscriber list */ function forum_subscribe($userid, $forumid) { + global $DB; - if (record_exists("forum_subscriptions", "userid", $userid, "forum", $forumid)) { + if ($DB->record_exists("forum_subscriptions", array("userid"=>$userid, "forum"=>$forumid))) { return true; } @@ -3990,14 +3991,15 @@ function forum_subscribe($userid, $forumid) { $sub->userid = $userid; $sub->forum = $forumid; - return insert_record("forum_subscriptions", $sub); + return $DB->insert_record("forum_subscriptions", $sub); } /** * Removes user from the subscriber list */ function forum_unsubscribe($userid, $forumid) { - return delete_records("forum_subscriptions", "userid", $userid, "forum", $forumid); + global $DB; + return $DB->delete_records("forum_subscriptions", array("userid"=>$userid, "forum"=>$forumid)); } /** diff --git a/mod/forum/subscriber.html b/mod/forum/subscriber.html index 15a920da23..f100e4914f 100644 --- a/mod/forum/subscriber.html +++ b/mod/forum/subscriber.html @@ -56,7 +56,7 @@ ?>
- '."\n"; + echo ''."\n"; } ?> diff --git a/mod/forum/subscribers.php b/mod/forum/subscribers.php index 6b284a2a6d..265b842cc0 100644 --- a/mod/forum/subscribers.php +++ b/mod/forum/subscribers.php @@ -7,15 +7,15 @@ $group = optional_param('group',0,PARAM_INT); // change of group $edit = optional_param('edit',-1,PARAM_BOOL); // Turn editing on and off - if (! $forum = $DB->get_record("forum", array("id"=>$id))) { + if (! $forum = $DB->get_record('forum', array('id'=>$id))) { print_error('invalidforumid', 'forum'); } - if (! $course = $DB->get_record("course", array("id"=>$forum->course))) { + if (! $course = $DB->get_record('course', array('id'=>$forum->course))) { print_error('invalidcourseid'); } - if (! $cm = get_coursemodule_from_instance("forum", $forum->id, $course->id)) { + if (! $cm = get_coursemodule_from_instance('forum', $forum->id, $course->id)) { $cm->id = 0; } @@ -93,7 +93,7 @@ $strsubscribers = get_string("subscribers", "forum"); $strforums = get_string("forums", "forum"); - if ($frm = data_submitted()) { + if ($frm = data_submitted(false)) { /// A form was submitted so process the input -- 2.39.5