* Added Karsten D.s patches for DBAL.
authorKasper Skårhøj <kasper@typo3.org>
Sun, 2 Jan 2005 17:18:03 +0000 (17:18 +0000)
committerKasper Skårhøj <kasper@typo3.org>
Sun, 2 Jan 2005 17:18:03 +0000 (17:18 +0000)
git-svn-id: https://svn.typo3.org/TYPO3v4/Core/trunk@528 709f56b5-9817-0410-a4d7-c38de5d9e867

45 files changed:
ChangeLog
t3lib/class.t3lib_admin.php
t3lib/class.t3lib_befunc.php
t3lib/class.t3lib_db.php
t3lib/class.t3lib_div.php
t3lib/class.t3lib_dmailer.php
t3lib/class.t3lib_install.php
t3lib/class.t3lib_loaddbgroup.php
t3lib/class.t3lib_page.php
t3lib/class.t3lib_pagetree.php
t3lib/class.t3lib_querygenerator.php
t3lib/class.t3lib_sqlengine.php
t3lib/class.t3lib_sqlparser.php
t3lib/class.t3lib_stdgraphic.php
t3lib/class.t3lib_superadmin.php
t3lib/class.t3lib_tceforms.php
t3lib/class.t3lib_tcemain.php
t3lib/class.t3lib_treeview.php
t3lib/class.t3lib_tsfebeuserauth.php
t3lib/class.t3lib_tstemplate.php
t3lib/class.t3lib_userauth.php
t3lib/class.t3lib_userauthgroup.php
typo3/alt_doc.php
typo3/class.db_list.inc
typo3/class.show_rechis.inc
typo3/sysext/beuser/mod/index.php
typo3/sysext/cms/layout/class.tx_cms_layout.php
typo3/sysext/cms/layout/db_layout.php
typo3/sysext/cms/tslib/class.tslib_content.php
typo3/sysext/cms/tslib/class.tslib_fe.php
typo3/sysext/cms/tslib/class.tslib_feuserauth.php
typo3/sysext/cms/tslib/class.tslib_menu.php
typo3/sysext/cms/tslib/class.tslib_search.php
typo3/sysext/cms/tslib/index_ts.php
typo3/sysext/cms/tslib/media/scripts/freesite_dummy_page_menu.php
typo3/sysext/cms/tslib/media/scripts/makeMenu_datedirectory.inc
typo3/sysext/cms/tslib/showpic.php
typo3/sysext/impexp/doc/TODO.txt
typo3/sysext/indexed_search/class.indexer.php
typo3/sysext/indexed_search/mod/index.php
typo3/sysext/indexed_search/modfunc1/class.tx_indexedsearch_modfunc1.php
typo3/sysext/indexed_search/pi/class.tx_indexedsearch.php
typo3/sysext/install/mod/class.tx_install.php
typo3/sysext/sv/class.tx_sv_auth.php
typo3/wizard_rte.php

index 8ed683e..b96a97e 100755 (executable)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+2005-01-02  Kasper Skårhøj,,,  <kasper@typo3.com>
+
+       * Added Karsten D.s patches for DBAL.
+
 2004-12-20  Kasper Skårhøj,,,  <kasper@typo3.com>
 
        * Changed "config.disableContentLengthHeader" over to "enableContentLengthHeader" because a default content-length header might introduce some weird and hard-to-debug situation for people.
index 20014ce..3ef7bd4 100644 (file)
@@ -326,7 +326,23 @@ class t3lib_admin {
                                if ($TCA[$table] && trim($field_list))  {
                                        t3lib_div::loadTCA($table);
                                        $fieldArr = explode(',',$field_list);
+
+                                       if(t3lib_extMgm::isLoaded('dbal')) {
+                                               $fields = $GLOBALS['TYPO3_DB']->admin_get_fields($table);
+                                               reset($fields);
+                                               list(,$field)=each($fieldArr);
+                                               $cl_fl = ($GLOBALS['TYPO3_DB']->MetaType($fields[$field]['type'],$table) == 'I' || $GLOBALS['TYPO3_DB']->MetaType($fields[$field]['type'],$table) == 'N' || $GLOBALS['TYPO3_DB']->MetaType($fields[$field]['type'],$table) == 'R') ?
+                                               $field.'!=0' : $field.'!=\'\'';
+                                               while (list(,$field)=each($fieldArr))   {
+                                                       $cl_fl .= ($GLOBALS['TYPO3_DB']->MetaType($fields[$field]['type'],$table) == 'I' || $GLOBALS['TYPO3_DB']->MetaType($fields[$field]['type'],$table) == 'N' || $GLOBALS['TYPO3_DB']->MetaType($fields[$field]['type'],$table) == 'R') ?
+                                                       ' OR '.$field.'!=0' : ' OR '.$field.'!=\'\'';
+                                               }
+                                               unset($fields);
+                                       }
+                                       else {
                                        $cl_fl = implode ('!="" OR ',$fieldArr). '!=""';
+                                       }
+
                                        $mres = $GLOBALS['TYPO3_DB']->exec_SELECTquery('uid,'.$field_list, $table, $cl_fl);
                                        while ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($mres))     {
                                                reset($fieldArr);
@@ -490,7 +506,7 @@ class t3lib_admin {
                        $mres = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
                                                        'uid,pid,'.$TCA[$table]['ctrl']['label'].','.$field,
                                                        $table,
-                                                       $field.' LIKE "%'.$GLOBALS['TYPO3_DB']->quoteStr($id, $table).'%"'
+                                                       $field.' LIKE \'%'.$GLOBALS['TYPO3_DB']->quoteStr($id, $table).'%\''
                                                );
                        while ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($mres))     {
                                        // Now this is the field, where the reference COULD come from. But we're not garanteed, so we must carefully examine the data.
@@ -526,7 +542,7 @@ class t3lib_admin {
                        $mres = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
                                                        'uid,pid,'.$TCA[$table]['ctrl']['label'].','.$field,
                                                        $table,
-                                                       $field.' LIKE "%'.$GLOBALS['TYPO3_DB']->quoteStr($filename, $table).'%"'
+                                                       $field.' LIKE \'%'.$GLOBALS['TYPO3_DB']->quoteStr($filename, $table).'%\''
                                                );
                        while ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($mres))     {
                                // Now this is the field, where the reference COULD come from. But we're not garanteed, so we must carefully examine the data.
index c07fec8..87047f0 100755 (executable)
@@ -183,12 +183,12 @@ class t3lib_BEfunc        {
         * Usage: 71
         *
         * @param       string          Table name present in $TCA
-        * @return      string          WHERE clause for filtering out deleted records, eg " AND NOT tablename.deleted"
+        * @return      string          WHERE clause for filtering out deleted records, eg " AND tablename.deleted=0"
         */
        function deleteClause($table)   {
                global $TCA;
                if ($TCA[$table]['ctrl']['delete'])     {
-                       return ' AND NOT '.$table.'.'.$TCA[$table]['ctrl']['delete'];
+                       return ' AND '.$table.'.'.$TCA[$table]['ctrl']['delete'].'=0';
                } else {
                        return '';
                }
@@ -258,7 +258,7 @@ class t3lib_BEfunc  {
                        $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
                                                '*',
                                                $theTable,
-                                               $theField.'="'.$GLOBALS['TYPO3_DB']->quoteStr($theValue, $theTable).'"'.
+                                               $theField.'='.$GLOBALS['TYPO3_DB']->fullQuoteStr($theValue, $theTable).
                                                        t3lib_BEfunc::deleteClause($theTable).' '.
                                                        $whereClause,   // whereClauseMightContainGroupOrderBy
                                                $groupBy,
@@ -395,8 +395,8 @@ class t3lib_BEfunc  {
                        if (is_array($ctrl['enablecolumns']))   {
                                if ($ctrl['enablecolumns']['disabled']) {
                                        $field = $table.'.'.$ctrl['enablecolumns']['disabled'];
-                                       $query[]='NOT '.$field;
-                                       $invQuery[]=$field;
+                                       $query[]=$field.'=0';
+                                       $invQuery[]=$field.'!=0';
                                }
                                if ($ctrl['enablecolumns']['starttime'])        {
                                        $field = $table.'.'.$ctrl['enablecolumns']['starttime'];
@@ -1052,7 +1052,7 @@ class t3lib_BEfunc        {
                        'ident' => $ident,
                        'tstamp' => time()
                );
-               $GLOBALS['TYPO3_DB']->exec_DELETEquery('cache_hash', 'hash="'.$GLOBALS['TYPO3_DB']->quoteStr($hash, 'cache_hash').'"');
+               $GLOBALS['TYPO3_DB']->exec_DELETEquery('cache_hash', 'hash='.$GLOBALS['TYPO3_DB']->fullQuoteStr($hash, 'cache_hash'));
                $GLOBALS['TYPO3_DB']->exec_INSERTquery('cache_hash', $insertFields);
        }
 
@@ -1071,7 +1071,7 @@ class t3lib_BEfunc        {
                if ($expTime)   {
                        $whereAdd = ' AND tstamp > '.(time()-$expTime);
                }
-               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('content', 'cache_hash', 'hash="'.$GLOBALS['TYPO3_DB']->quoteStr($hash, 'cache_hash').'"'.$whereAdd);
+               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('content', 'cache_hash', 'hash='.$GLOBALS['TYPO3_DB']->fullQuoteStr($hash, 'cache_hash').$whereAdd);
                if ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
                        return $row['content'];
                }
@@ -1877,7 +1877,7 @@ class t3lib_BEfunc        {
                                if ($fN==$TCA[$table]['ctrl']['tstamp'] || $fN==$TCA[$table]['ctrl']['crdate']) {
                                        $fVnew = t3lib_BEfunc::datetime($fV);
                                } elseif ($fN=='pid'){
-                                       $fVnew = t3lib_BEfunc::getRecordPath($fV,'1',20);       // Fetches the path with no regard to the users permissions to select pages.
+                                       $fVnew = t3lib_BEfunc::getRecordPath($fV,'1=1',20);     // Fetches the path with no regard to the users permissions to select pages.
                                } else {
                                        $fVnew = $fV;
                                }
@@ -2552,7 +2552,7 @@ class t3lib_BEfunc        {
                                        'SELECT' => t3lib_BEfunc::getCommonSelectFields($foreign_table,$foreign_table.'.'),
                                        'FROM' => $foreign_table.',pages',
                                        'WHERE' => 'pages.uid='.$foreign_table.'.pid
-                                                               AND NOT pages.deleted '.
+                                                               AND pages.deleted=0 '.
                                                                t3lib_BEfunc::deleteClause($foreign_table).
                                                                ' AND '.$pageClause.' '.
                                                                $wgolParts['WHERE'],
@@ -2564,7 +2564,7 @@ class t3lib_BEfunc        {
                                $queryParts = array(
                                        'SELECT' => t3lib_BEfunc::getCommonSelectFields($foreign_table,$foreign_table.'.'),
                                        'FROM' => 'pages',
-                                       'WHERE' => 'NOT pages.deleted
+                                       'WHERE' => 'pages.deleted=0
                                                                AND '.$pageClause.' '.
                                                                $wgolParts['WHERE'],
                                        'GROUPBY' => $wgolParts['GROUPBY'],
@@ -2698,7 +2698,7 @@ class t3lib_BEfunc        {
                if (t3lib_extMgm::isLoaded('cms'))      {
                        reset($rootLine);
                        while(list(,$row)=each($rootLine))      {
-                               $dRec = t3lib_BEfunc::getRecordsByField('sys_domain','pid',$row['uid'],' AND redirectTo="" AND hidden=0', '', 'sorting');
+                               $dRec = t3lib_BEfunc::getRecordsByField('sys_domain','pid',$row['uid'],' AND redirectTo=\'\' AND hidden=0', '', 'sorting');
                                if (is_array($dRec))    {
                                        reset($dRec);
                                        $dRecord = current($dRec);
@@ -2727,8 +2727,8 @@ class t3lib_BEfunc        {
 
                        $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('sys_domain.*', 'pages,sys_domain', '
                                pages.uid=sys_domain.pid
-                               AND NOT sys_domain.hidden
-                               AND (sys_domain.domainName="'.$GLOBALS['TYPO3_DB']->quoteStr($domain, 'sys_domain').'" or sys_domain.domainName="'.$GLOBALS['TYPO3_DB']->quoteStr($domain.'/', 'sys_domain').'")'.
+                               AND sys_domain.hidden=0
+                               AND (sys_domain.domainName='.$GLOBALS['TYPO3_DB']->fullQuoteStr($domain, 'sys_domain').' or sys_domain.domainName='.$GLOBALS['TYPO3_DB']->fullQuoteStr($domain.'/', 'sys_domain').')'.
                                t3lib_BEfunc::deleteClause('pages'),
                                '', '', '1');
                        return $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res);
@@ -3090,7 +3090,7 @@ class t3lib_BEfunc        {
         * @obsolete
         */
        function getListOfBackendModules($name,$perms_clause,$backPath='',$script='index.php')  {
-               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', 'pages', 'doktype!=255 AND module IN ("'.implode('","',$name).'") AND'.$perms_clause.t3lib_BEfunc::deleteClause('pages'));
+               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', 'pages', 'doktype!=255 AND module IN (\''.implode('\',\'',$name).'\') AND'.$perms_clause.t3lib_BEfunc::deleteClause('pages'));
                if (!$GLOBALS['TYPO3_DB']->sql_num_rows($res))  return false;
 
                $out='';
index b36e9e6..11653bb 100755 (executable)
@@ -176,7 +176,7 @@ class t3lib_DB {
         * Usage count/core: 50
         *
         * @param       string          Database tablename
-        * @param       string          WHERE clause, eg. "uid=1". NOTICE: You must escape values in this argument with $this->quoteStr() yourself!
+        * @param       string          WHERE clause, eg. "uid=1". NOTICE: You must escape values in this argument with $this->fullQuoteStr() yourself!
         * @param       array           Field values as key=>value pairs. Values will be escaped internally. Typically you would fill an array like "$updateFields" with 'fieldname'=>'value' and pass it to this function as argument.
         * @return      pointer         MySQL result pointer / DBAL object
         */
@@ -191,7 +191,7 @@ class t3lib_DB {
         * Usage count/core: 40
         *
         * @param       string          Database tablename
-        * @param       string          WHERE clause, eg. "uid=1". NOTICE: You must escape values in this argument with $this->quoteStr() yourself!
+        * @param       string          WHERE clause, eg. "uid=1". NOTICE: You must escape values in this argument with $this->fullQuoteStr() yourself!
         * @return      pointer         MySQL result pointer / DBAL object
         */
        function exec_DELETEquery($table,$where)        {
@@ -207,7 +207,7 @@ class t3lib_DB {
         *
         * @param       string          List of fields to select from the table. This is what comes right after "SELECT ...". Required value.
         * @param       string          Table(s) from which to select. This is what comes right after "FROM ...". Required value.
-        * @param       string          Optional additional WHERE clauses put in the end of the query. NOTICE: You must escape values in this argument with $this->quoteStr() yourself! DO NOT PUT IN GROUP BY, ORDER BY or LIMIT!
+        * @param       string          Optional additional WHERE clauses put in the end of the query. NOTICE: You must escape values in this argument with $this->fullQuoteStr() yourself! DO NOT PUT IN GROUP BY, ORDER BY or LIMIT!
         * @param       string          Optional GROUP BY field(s), if none, supply blank string.
         * @param       string          Optional ORDER BY field(s), if none, supply blank string.
         * @param       string          Optional LIMIT value ([begin,]max), if none, supply blank string.
@@ -231,7 +231,7 @@ class t3lib_DB {
         * @param       string          Tablename, local table
         * @param       string          Tablename, relation table
         * @param       string          Tablename, foreign table
-        * @param       string          Optional additional WHERE clauses put in the end of the query. NOTICE: You must escape values in this argument with $this->quoteStr() yourself! DO NOT PUT IN GROUP BY, ORDER BY or LIMIT!
+        * @param       string          Optional additional WHERE clauses put in the end of the query. NOTICE: You must escape values in this argument with $this->fullQuoteStr() yourself! DO NOT PUT IN GROUP BY, ORDER BY or LIMIT!
         * @param       string          Optional GROUP BY field(s), if none, supply blank string.
         * @param       string          Optional ORDER BY field(s), if none, supply blank string.
         * @param       string          Optional LIMIT value ([begin,]max), if none, supply blank string.
@@ -336,7 +336,7 @@ class t3lib_DB {
 
                                // Add slashes old-school:
                        foreach($fields_values as $k => $v)     {
-                               $fields_values[$k] = $this->quoteStr($fields_values[$k], $table);
+                               $fields_values[$k] = $this->fullQuoteStr($fields_values[$k], $table);
                        }
 
                                // Build query:
@@ -345,8 +345,8 @@ class t3lib_DB {
                                        '.implode(',
                                        ',array_keys($fields_values)).'
                                ) VALUES (
-                                       "'.implode('",
-                                       "',$fields_values).'"
+                                       '.implode(',
+                                       ',$fields_values).'
                                )';
 
                                // Return query:
@@ -374,7 +374,7 @@ class t3lib_DB {
                                        // Add slashes old-school:
                                $nArr = array();
                                foreach($fields_values as $k => $v)     {
-                                       $nArr[] = $k.'="'.$this->quoteStr($v, $table).'"';
+                                       $nArr[] = $k.'='.$this->fullQuoteStr($v, $table);
                                }
 
                                        // Build query:
@@ -476,7 +476,7 @@ class t3lib_DB {
         */
        function listQuery($field, $value, $table)      {
                $command = $this->quoteStr($value, $table);
-               $where = '('.$field.' LIKE "%,'.$command.',%" OR '.$field.' LIKE "'.$command.',%" OR '.$field.' LIKE "%,'.$command.'" OR '.$field.'="'.$command.'")';
+               $where = '('.$field.' LIKE \'%,'.$command.',%\' OR '.$field.' LIKE \''.$command.',%\' OR '.$field.' LIKE \'%,'.$command.'\' OR '.$field.'=\''.$command.'\')';
                return $where;
        }
 
@@ -492,7 +492,7 @@ class t3lib_DB {
                $queryParts = array();
 
                foreach($searchWords as $sw)    {
-                       $like=' LIKE "%'.$this->quoteStr($sw, $table).'%"';
+                       $like=' LIKE \'%'.$this->quoteStr($sw, $table).'%\'';
                        $queryParts[] = $table.'.'.implode($like.' OR '.$table.'.',$fields).$like;
                }
                $query = '('.implode(') AND (',$queryParts).')';
@@ -526,13 +526,29 @@ class t3lib_DB {
         **************************************/
 
        /**
+        * Escaping and quoting values for SQL statements.
+        * Usage count/core: 100
+        *
+        * @param       string          Input string
+        * @param       string          Table name for which to quote string. Just enter the table that the field-value is selected from (and any DBAL will look up which handler to use and then how to quote the string!).
+        * @return      string          Output string; Wrapped in single quotes and quotes in the string (" / ') and \ will be backslashed (or otherwise based on DBAL handler)
+        * @see quoteStr()
+        */
+       function fullQuoteStr($str, $table)     {
+               return '\''.addslashes($str).'\'';
+       }
+
+       /**
         * Substitution for PHP function "addslashes()"
         * Use this function instead of the PHP addslashes() function when you build queries - this will prepare your code for DBAL.
-        * Usage count/core: 105
+        * NOTICE: You must wrap the output of this function in SINGLE QUOTES to be DBAL compatible. Unless you have to apply the single quotes yourself you should rather use ->fullQuoteStr()!
+        *
+        * Usage count/core: 20
         *
         * @param       string          Input string
         * @param       string          Table name for which to quote string. Just enter the table that the field-value is selected from (and any DBAL will look up which handler to use and then how to quote the string!).
         * @return      string          Output string; Quotes (" / ') and \ will be backslashed (or otherwise based on DBAL handler)
+        * @see quoteStr()
         */
        function quoteStr($str, $table) {
                return addslashes($str);
@@ -578,7 +594,7 @@ class t3lib_DB {
         * @see exec_SELECTquery(), stripGroupBy()
         */
        function stripOrderBy($str)     {
-               return eregi_replace('^ORDER[[:space:]]+BY[[:space:]]+','',trim($str));
+               return preg_replace('/^ORDER[[:space:]]+BY[[:space:]]+/i','',trim($str));
        }
 
        /**
@@ -592,7 +608,7 @@ class t3lib_DB {
         * @see exec_SELECTquery(), stripOrderBy()
         */
        function stripGroupBy($str)     {
-               return eregi_replace('^GROUP[[:space:]]+BY[[:space:]]+','',trim($str));
+               return preg_replace('/^GROUP[[:space:]]+BY[[:space:]]+/i','',trim($str));
        }
 
        /**
@@ -614,19 +630,19 @@ class t3lib_DB {
                );
 
                        // Find LIMIT:
-               if (eregi('^(.*)[[:space:]]+LIMIT[[:space:]]+([[:alnum:][:space:],._]+)$',$str,$reg))   {
+               if (preg_match('/^(.*)[[:space:]]+LIMIT[[:space:]]+([[:alnum:][:space:],._]+)$/i',$str,$reg))   {
                        $wgolParts['LIMIT'] = trim($reg[2]);
                        $str = $reg[1];
                }
 
                        // Find ORDER BY:
-               if (eregi('^(.*)[[:space:]]+ORDER[[:space:]]+BY[[:space:]]+([[:alnum:][:space:],._]+)$',$str,$reg))     {
+               if (preg_match('/^(.*)[[:space:]]+ORDER[[:space:]]+BY[[:space:]]+([[:alnum:][:space:],._]+)$/i',$str,$reg))     {
                        $wgolParts['ORDERBY'] = trim($reg[2]);
                        $str = $reg[1];
                }
 
                        // Find GROUP BY:
-               if (eregi('^(.*)[[:space:]]+GROUP[[:space:]]+BY[[:space:]]+([[:alnum:][:space:],._]+)$',$str,$reg))     {
+               if (preg_match('/^(.*)[[:space:]]+GROUP[[:space:]]+BY[[:space:]]+([[:alnum:][:space:],._]+)$/i',$str,$reg))     {
                        $wgolParts['GROUPBY'] = trim($reg[2]);
                        $str = $reg[1];
                }
@@ -845,7 +861,7 @@ class t3lib_DB {
 
        /**
         * Listing databases from current MySQL connection. NOTICE: It WILL try to select those databases and thus break selection of current database.
-        * This doesn't really make sense to transfer to a DBAL layer - this detection is also PRE-DBAL in many ways since it is only used as a service function in the 1-2-3 process of the Install Tool. In any case a lookup should be done in the _DEFAULT handler DBMS then.
+        * This is only used as a service function in the (1-2-3 process) of the Install Tool. In any case a lookup should be done in the _DEFAULT handler DBMS then.
         * Use in Install Tool only!
         * Usage count/core: 1
         *
index 0284466..0c06962 100755 (executable)
@@ -3473,7 +3473,7 @@ class t3lib_div {
        function makeRedirectUrl($inUrl,$l=0,$index_script_url='')      {
                if (strlen($inUrl)>$l)  {
                        $md5 = substr(md5($inUrl),0,20);
-                       $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('md5hash', 'cache_md5params', 'md5hash="'.$GLOBALS['TYPO3_DB']->quoteStr($md5, 'cache_md5params').'"');
+                       $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('md5hash', 'cache_md5params', 'md5hash='.$GLOBALS['TYPO3_DB']->fullQuoteStr($md5, 'cache_md5params'));
                        if (!$GLOBALS['TYPO3_DB']->sql_num_rows($res))  {
                                $insertFields = array(
                                        'md5hash' => $md5,
index 4c84cbd..808e71e 100755 (executable)
@@ -261,8 +261,8 @@ class t3lib_dmailer extends t3lib_htmlmail {
         * @return      [type]          ...
         */
        function dmailer_masssend($query_info,$table,$mid)      {
-               $enableFields['tt_address']='NOT tt_address.deleted AND NOT tt_address.hidden';
-               $enableFields['fe_users']='NOT fe_users.deleted AND NOT fe_users.disable';
+               $enableFields['tt_address']='tt_address.deleted=0 AND tt_address.hidden=0';
+               $enableFields['fe_users']='fe_users.deleted=0 AND fe_users.disable=0';
                $tKey = substr($table,0,1);
                $begin=intval($this->dmailer_howManySendMails($mid,$tKey));
                if ($query_info[$table])        {
@@ -297,8 +297,8 @@ class t3lib_dmailer extends t3lib_htmlmail {
         * @return      [type]          ...
         */
        function dmailer_masssend_list($query_info,$mid)        {
-               $enableFields['tt_address']='NOT tt_address.deleted AND NOT tt_address.hidden';
-               $enableFields['fe_users']='NOT fe_users.deleted AND NOT fe_users.disable';
+               $enableFields['tt_address']='tt_address.deleted=0 AND tt_address.hidden=0';
+               $enableFields['fe_users']='fe_users.deleted=0 AND fe_users.disable=0';
 
                $c=0;
                $returnVal=true;
@@ -414,7 +414,7 @@ class t3lib_dmailer extends t3lib_htmlmail {
         * @return      [type]          ...
         */
        function dmailer_howManySendMails($mid,$rtbl='')        {
-               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('count(*)', 'sys_dmail_maillog', 'mid='.intval($mid).' AND response_type=0'.($rtbl ? ' AND rtbl="'.$GLOBALS['TYPO3_DB']->quoteStr($rtbl, 'sys_dmail_maillog').'"' : ''));
+               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('count(*)', 'sys_dmail_maillog', 'mid='.intval($mid).' AND response_type=0'.($rtbl ? ' AND rtbl='.$GLOBALS['TYPO3_DB']->fullQuoteStr($rtbl, 'sys_dmail_maillog') : ''));
                $row = $GLOBALS['TYPO3_DB']->sql_fetch_row($res);
                return $row[0];
        }
@@ -428,7 +428,7 @@ class t3lib_dmailer extends t3lib_htmlmail {
         * @return      [type]          ...
         */
        function dmailer_isSend($mid,$rid,$rtbl)        {
-               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('uid', 'sys_dmail_maillog', 'rid='.intval($rid).' AND rtbl="'.$GLOBALS['TYPO3_DB']->quoteStr($rtbl, 'sys_dmail_maillog').'" AND mid='.intval($mid).' AND response_type=0');
+               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('uid', 'sys_dmail_maillog', 'rid='.intval($rid).' AND rtbl='.$GLOBALS['TYPO3_DB']->fullQuoteStr($rtbl, 'sys_dmail_maillog').' AND mid='.intval($mid).' AND response_type=0');
                return $GLOBALS['TYPO3_DB']->sql_num_rows($res);
        }
 
@@ -440,7 +440,7 @@ class t3lib_dmailer extends t3lib_htmlmail {
         * @return      [type]          ...
         */
        function dmailer_getSentMails($mid,$rtbl)       {
-               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('rid', 'sys_dmail_maillog', 'mid='.intval($mid).' AND rtbl="'.$GLOBALS['TYPO3_DB']->quoteStr($rtbl, 'sys_dmail_maillog').'" AND response_type=0');
+               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('rid', 'sys_dmail_maillog', 'mid='.intval($mid).' AND rtbl='.$GLOBALS['TYPO3_DB']->fullQuoteStr($rtbl, 'sys_dmail_maillog').' AND response_type=0');
                $list = array();
                while($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res))       {
                        $list[] = $row['rid'];
index 4e5769b..6944f2d 100755 (executable)
@@ -82,6 +82,7 @@ require_once(PATH_t3lib.'class.t3lib_sqlparser.php');
  */
 class t3lib_install {
 
+
                // External, Static
        var $updateIdentity = '';                                       // Set to string which identifies the script using this class.
        var $deletedPrefixKey = 'zzz_deleted_';         // Prefix used for tables/fields when deleted/renamed.
@@ -120,6 +121,7 @@ class t3lib_install {
         *
         * Writing to localconf.php
         *
+
         **************************************/
 
        /**
@@ -423,7 +425,7 @@ class t3lib_install {
                                                                foreach($info[$theKey] as $fieldN => $fieldC) {
                                                                        if (!isset($FDcomp[$table][$theKey][$fieldN]))  {
                                                                                $extraArr[$table][$theKey][$fieldN] = $fieldC;
-                                                                       } elseif (strcmp($FDcomp[$table][$theKey][$fieldN], $fieldC)){
+                                                                       } elseif (strcmp($FDcomp[$table][$theKey][$fieldN], $fieldC) && strcmp($FDcomp[$table][$theKey][$fieldN], str_replace(' unsigned','',$fieldC))){
                                                                                $diffArr[$table][$theKey][$fieldN] = $fieldC;
                                                                                $diffArr_cur[$table][$theKey][$fieldN] = $FDcomp[$table][$theKey][$fieldN];
                                                                        }
index 2b01c47..0072442 100755 (executable)
@@ -109,7 +109,7 @@ class t3lib_loadDBGroup     {
                        $this->tableArray[$tName] = Array();
                        if ($this->checkIfDeleted && $GLOBALS['TCA'][$tName]['ctrl']['delete']) {
                                $fieldN = $tName.'.'.$GLOBALS['TCA'][$tName]['ctrl']['delete'];
-                               $this->additionalWhere[$tName].=' AND NOT '.$fieldN;
+                               $this->additionalWhere[$tName].=' AND '.$fieldN.'=0';
                        }
                }
 
index 321ab7c..28e0791 100755 (executable)
@@ -220,7 +220,7 @@ class t3lib_pageSelect {
         */
        function getPageIdFromAlias($alias)     {
                $alias = strtolower($alias);
-               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('uid', 'pages', 'alias="'.$GLOBALS['TYPO3_DB']->quoteStr($alias, 'pages').'" AND pid>=0 AND pages.deleted=0');    // "AND pid>=0" is because of versioning...
+               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('uid', 'pages', 'alias='.$GLOBALS['TYPO3_DB']->fullQuoteStr($alias, 'pages').' AND pid>=0 AND pages.deleted=0');  // "AND pid>=0" is because of versioning...
                if ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
                        return $row['uid'];
                }
@@ -442,7 +442,7 @@ class t3lib_pageSelect {
                                        'pages,sys_domain',
                                        'pages.uid=sys_domain.pid
                                                AND sys_domain.hidden=0
-                                               AND (sys_domain.domainName="'.$GLOBALS['TYPO3_DB']->quoteStr($domain, 'sys_domain').'" OR sys_domain.domainName="'.$GLOBALS['TYPO3_DB']->quoteStr($domain.'/', 'sys_domain').'") '.
+                                               AND (sys_domain.domainName='.$GLOBALS['TYPO3_DB']->fullQuoteStr($domain, 'sys_domain').' OR sys_domain.domainName='.$GLOBALS['TYPO3_DB']->fullQuoteStr($domain.'/', 'sys_domain').') '.
                                                $this->where_hid_del,
                                        '',
                                        '',
@@ -777,7 +777,7 @@ class t3lib_pageSelect {
                        $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
                                                '*',
                                                $theTable,
-                                               $theField.'="'.$GLOBALS['TYPO3_DB']->quoteStr($theValue, $theTable).'"'.
+                                               $theField.'='.$GLOBALS['TYPO3_DB']->fullQuoteStr($theValue, $theTable).
                                                        $this->deleteClause($theTable).' '.
                                                                $whereClause,   // whereClauseMightContainGroupOrderBy
                                                $groupBy,
@@ -829,7 +829,7 @@ class t3lib_pageSelect {
                if ($expTime)   {
                        $whereAdd = ' AND tstamp > '.(time()-$expTime);
                }
-               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('content', 'cache_hash', 'hash="'.$GLOBALS['TYPO3_DB']->quoteStr($hash, 'cache_hash').'"'.$whereAdd);
+               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('content', 'cache_hash', 'hash='.$GLOBALS['TYPO3_DB']->fullQuoteStr($hash, 'cache_hash').$whereAdd);
                if ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
                        $GLOBALS['TYPO3_DB']->sql_free_result($res);
                        return $row['content'];
@@ -853,7 +853,7 @@ class t3lib_pageSelect {
                        'ident' => $ident,
                        'tstamp' => time()
                );
-               $GLOBALS['TYPO3_DB']->exec_DELETEquery('cache_hash', 'hash="'.$GLOBALS['TYPO3_DB']->quoteStr($hash, 'cache_hash').'"');
+               $GLOBALS['TYPO3_DB']->exec_DELETEquery('cache_hash', 'hash='.$GLOBALS['TYPO3_DB']->fullQuoteStr($hash, 'cache_hash'));
                $GLOBALS['TYPO3_DB']->exec_INSERTquery('cache_hash', $insertFields);
        }
 
index 34eb08b..961d3da 100755 (executable)
@@ -88,7 +88,7 @@ class t3lib_pageTree extends t3lib_treeView   {
         * @return      void
         */
        function init($clause='')       {
-               parent::init(' AND NOT deleted '.$clause, 'sorting');
+               parent::init(' AND deleted=0 '.$clause, 'sorting');
 
                if (t3lib_extMgm::isLoaded('cms'))      {
                        $this->fieldArray=array_merge($this->fieldArray,array('hidden','starttime','endtime','fe_group','module','extendToSubpages'));
index 0060629..de5e98d 100755 (executable)
@@ -127,14 +127,14 @@ class t3lib_queryGenerator        {
                "0" => "#FIELD# LIKE '%#VALUE#%'",
                "1" => "#FIELD# NOT LIKE '%#VALUE#%'",
                "2" => "#FIELD# LIKE '#VALUE#%'",
-               "3" => "#FIELD# NOT LIKE '#VALUE#%'",
+               "3" => "#FIELD# NOT LIKE #VALUE#%",
                "4" => "#FIELD# LIKE '%#VALUE#'",
                "5" => "#FIELD# NOT LIKE '%#VALUE#'",
-               "6" => "#FIELD# = '#VALUE#'",
-               "7" => "#FIELD# != '#VALUE#'",
+               "6" => "#FIELD# = #VALUE#",
+               "7" => "#FIELD# != #VALUE#",
                        // Type = date,number , offset = 32
-               "32" => "#FIELD# = '#VALUE#'",
-               "33" => "#FIELD# != '#VALUE#'",
+               "32" => "#FIELD# = #VALUE#",
+               "33" => "#FIELD# != #VALUE#",
                "34" => "#FIELD# > #VALUE#",
                "35" => "#FIELD# < #VALUE#",
                "36" => "#FIELD# >= #VALUE# AND #FIELD# <= #VALUE1#",
index 69e7152..d23cacd 100755 (executable)
@@ -368,7 +368,7 @@ class t3lib_sqlengine extends t3lib_sqlparser {
         *
         * @param       string          List of fields to select from the table. This is what comes right after "SELECT ...". Required value.
         * @param       string          Table(s) from which to select. This is what comes right after "FROM ...". Required value.
-        * @param       string          Optional additional WHERE clauses put in the end of the query. NOTICE: You must escape values in this argument with $this->quoteStr() yourself! DO NOT PUT IN GROUP BY, ORDER BY or LIMIT!
+        * @param       string          Optional additional WHERE clauses put in the end of the query. NOTICE: You must escape values in this argument with $this->fullQuoteStr() yourself! DO NOT PUT IN GROUP BY, ORDER BY or LIMIT!
         * @param       string          Optional GROUP BY field(s), if none, supply blank string.
         * @param       string          Optional ORDER BY field(s), if none, supply blank string.
         * @param       string          Optional LIMIT value ([begin,]max), if none, supply blank string.
@@ -617,7 +617,7 @@ class t3lib_sqlengine extends t3lib_sqlparser {
         * @return      [type]          ...
         */
        function select_evalSingle($table,$config,&$itemKeys)   {
-               $neg = ereg('^AND[[:space:]]+NOT$',trim($config['operator']));
+               $neg = preg_match('/^AND[[:space:]]+NOT$/',trim($config['operator']));
 
                if (is_array($config['sub']))   {
                        $subSelKeys = $this->selectFromData($table,$config['sub']);
@@ -631,7 +631,7 @@ class t3lib_sqlengine extends t3lib_sqlparser {
                                $itemKeys = array_intersect($itemKeys, $subSelKeys);
                        }
                } else {
-                       $comp = strtoupper(ereg_replace('[[:space:]]','',$config['comparator']));
+                       $comp = strtoupper(str_replace(array(' ',"\t","\r","\n"),'',$config['comparator']));
                        $mod = strtoupper($config['modifier']);
                        switch($comp)   {
                                case 'NOTLIKE':
@@ -758,18 +758,6 @@ class t3lib_sqlengine extends t3lib_sqlparser {
 
 
 
-
-
-
-
-
-
-
-
-
-
-
-
        /*************************
         *
         * Debugging
index c5b5769..df07db5 100755 (executable)
@@ -126,7 +126,6 @@ class t3lib_sqlparser {
         * @see compileSQL(), debug_testSQL()
         */
        function parseSQL($parseString) {
-
                        // Prepare variables:
                $parseString = $this->trimSQL($parseString);
                $this->parse_error = '';
@@ -134,8 +133,8 @@ class t3lib_sqlparser {
 
                        // Finding starting keyword of string:
                $_parseString = $parseString;   // Protecting original string...
-               $keyword = $this->nextPart($_parseString, '^(SELECT|UPDATE|INSERT[[:space:]]+INTO|DELETE[[:space:]]+FROM|EXPLAIN|DROP[[:space:]]+TABLE|CREATE[[:space:]]+TABLE|ALTER[[:space:]]+TABLE)[[:space:]]+');
-               $keyword = strtoupper(ereg_replace('[[:space:]]*','',$keyword));
+               $keyword = $this->nextPart($_parseString, '^(SELECT|UPDATE|INSERT[[:space:]]+INTO|DELETE[[:space:]]+FROM|EXPLAIN|DROP[[:space:]]+TABLE|CREATE[[:space:]]+TABLE|CREATE[[:space:]]+DATABASE|ALTER[[:space:]]+TABLE)[[:space:]]+');
+               $keyword = strtoupper(str_replace(array(' ',"\t","\r","\n"),'',$keyword));
 
                switch($keyword)        {
                        case 'SELECT':
@@ -170,6 +169,10 @@ class t3lib_sqlparser {
                                        // Parsing CREATE TABLE query:
                                $result = $this->parseCREATETABLE($parseString);
                        break;
+                       case 'CREATEDATABASE':
+                                       // Parsing CREATE DATABASE query:
+                               $result = $this->parseCREATEDATABASE($parseString);
+                       break;
                        default:
                                return $this->parseError('"'.$keyword.'" is not a keyword',$parseString);
                        break;
@@ -189,7 +192,7 @@ class t3lib_sqlparser {
 
                        // Removing SELECT:
                $parseString = $this->trimSQL($parseString);
-               $parseString = eregi_replace('^SELECT[[:space:]]+','',$parseString);
+               $parseString = ltrim(substr($parseString,6)); // REMOVE eregi_replace('^SELECT[[:space:]]+','',$parseString);
 
                        // Init output variable:
                $result = array();
@@ -233,7 +236,7 @@ class t3lib_sqlparser {
 
                                                // LIMIT parsing:
                                        if ($this->lastStopKeyWord == 'LIMIT')  {
-                                               if (ereg('^([0-9]+|[0-9]+[[:space:]]*,[[:space:]]*[0-9]+)$',trim($parseString)))        {
+                                               if (preg_match('/^([0-9]+|[0-9]+[[:space:]]*,[[:space:]]*[0-9]+)$/',trim($parseString)))        {
                                                        $result['LIMIT'] = $parseString;
                                                } else {
                                                        return $this->parseError('No value for limit!',$parseString);
@@ -258,7 +261,7 @@ class t3lib_sqlparser {
 
                        // Removing UPDATE
                $parseString = $this->trimSQL($parseString);
-               $parseString = eregi_replace('^UPDATE[[:space:]]+','',$parseString);
+               $parseString = ltrim(substr($parseString,6)); // REMOVE eregi_replace('^UPDATE[[:space:]]+','',$parseString);
 
                        // Init output variable:
                $result = array();
@@ -312,7 +315,7 @@ class t3lib_sqlparser {
 
                        // Removing INSERT
                $parseString = $this->trimSQL($parseString);
-               $parseString = eregi_replace('^INSERT[[:space:]]+INTO[[:space:]]+','',$parseString);
+               $parseString = ltrim(substr(ltrim(substr($parseString,6)),4)); // REMOVE eregi_replace('^INSERT[[:space:]]+INTO[[:space:]]+','',$parseString);
 
                        // Init output variable:
                $result = array();
@@ -337,7 +340,7 @@ class t3lib_sqlparser {
                                        if ($this->parse_error) { return $this->parse_error; }
 
                                        foreach($fieldNames as $k => $fN)       {
-                                               if (ereg('^[[:alnum:]_]+$',$fN))        {
+                                               if (preg_match('/^[[:alnum:]_]+$/',$fN))        {
                                                        if (isset($values[$k])) {
                                                                if (!isset($result['FIELDS'][$fN]))     {
                                                                        $result['FIELDS'][$fN] = $values[$k];
@@ -372,7 +375,7 @@ class t3lib_sqlparser {
 
                        // Removing DELETE
                $parseString = $this->trimSQL($parseString);
-               $parseString = eregi_replace('^DELETE[[:space:]]+FROM[[:space:]]+','',$parseString);
+               $parseString = ltrim(substr(ltrim(substr($parseString,6)),4)); // REMOVE eregi_replace('^DELETE[[:space:]]+FROM[[:space:]]+','',$parseString);
 
                        // Init output variable:
                $result = array();
@@ -410,7 +413,7 @@ class t3lib_sqlparser {
 
                        // Removing EXPLAIN
                $parseString = $this->trimSQL($parseString);
-               $parseString = eregi_replace('^EXPLAIN[[:space:]]+','',$parseString);
+               $parseString = ltrim(substr($parseString,6)); // REMOVE eregi_replace('^EXPLAIN[[:space:]]+','',$parseString);
 
                        // Init output variable:
                $result = $this->parseSELECT($parseString);
@@ -432,7 +435,7 @@ class t3lib_sqlparser {
 
                        // Removing CREATE TABLE
                $parseString = $this->trimSQL($parseString);
-               $parseString = eregi_replace('^CREATE[[:space:]]+TABLE[[:space:]]+','',$parseString);
+               $parseString = ltrim(substr(ltrim(substr($parseString,6)),5)); // REMOVE eregi_replace('^CREATE[[:space:]]+TABLE[[:space:]]+','',$parseString);
 
                        // Init output variable:
                $result = array();
@@ -446,7 +449,7 @@ class t3lib_sqlparser {
                                // While the parseString is not yet empty:
                        while(strlen($parseString)>0)   {
                                if ($key = $this->nextPart($parseString, '^(KEY|PRIMARY KEY)([[:space:]]+|\()'))        {       // Getting key
-                                       $key = strtoupper(ereg_replace('[[:space:]]','',$key));
+                                       $key = strtoupper(str_replace(array(' ',"\t","\r","\n"),'',$key));
 
                                        switch($key)    {
                                                case 'PRIMARYKEY':
@@ -504,7 +507,7 @@ class t3lib_sqlparser {
 
                        // Removing ALTER TABLE
                $parseString = $this->trimSQL($parseString);
-               $parseString = eregi_replace('^ALTER[[:space:]]+TABLE[[:space:]]+','',$parseString);
+               $parseString = ltrim(substr(ltrim(substr($parseString,5)),5)); // REMOVE eregi_replace('^ALTER[[:space:]]+TABLE[[:space:]]+','',$parseString);
 
                        // Init output variable:
                $result = array();
@@ -515,7 +518,7 @@ class t3lib_sqlparser {
 
                if ($result['TABLE'])   {
                        if ($result['action'] = $this->nextPart($parseString, '^(CHANGE|DROP[[:space:]]+KEY|DROP[[:space:]]+PRIMARY[[:space:]]+KEY|ADD[[:space:]]+KEY|ADD[[:space:]]+PRIMARY[[:space:]]+KEY|DROP|ADD|RENAME)([[:space:]]+|\()'))        {
-                               $actionKey = strtoupper(ereg_replace('[[:space:]]','',$result['action']));
+                               $actionKey = strtoupper(str_replace(array(' ',"\t","\r","\n"),'',$result['action']));
 
                                        // Getting field:
                                if (t3lib_div::inList('ADDPRIMARYKEY,DROPPRIMARYKEY',$actionKey) || $fieldKey = $this->nextPart($parseString, '^([[:alnum:]_]+)[[:space:]]+'))  {
@@ -573,7 +576,7 @@ class t3lib_sqlparser {
 
                        // Removing DROP TABLE
                $parseString = $this->trimSQL($parseString);
-               $parseString = eregi_replace('^DROP[[:space:]]+TABLE[[:space:]]+','',$parseString);
+               $parseString = ltrim(substr(ltrim(substr($parseString,4)),5)); // eregi_replace('^DROP[[:space:]]+TABLE[[:space:]]+','',$parseString);
 
                        // Init output variable:
                $result = array();
@@ -596,7 +599,35 @@ class t3lib_sqlparser {
                } else return $this->parseError('No table found!',$parseString);
        }
 
+       /**
+        * Parsing CREATE DATABASE query
+        *
+        * @param       string          SQL string starting with CREATE DATABASE
+        * @return      mixed           Returns array with components of CREATE DATABASE query on success, otherwise an error message string.
+        */
+       function parseCREATEDATABASE($parseString)      {
 
+                       // Removing CREATE DATABASE
+               $parseString = $this->trimSQL($parseString);
+               $parseString = ltrim(substr(ltrim(substr($parseString,6)),8)); // eregi_replace('^CREATE[[:space:]]+DATABASE[[:space:]]+','',$parseString);
+
+                       // Init output variable:
+               $result = array();
+               $result['type'] = 'CREATEDATABASE';
+
+                       // Get table:
+               $result['DATABASE'] = $this->nextPart($parseString, '^([[:alnum:]_]+)[[:space:]]+');
+
+               if ($result['DATABASE'])        {
+
+                               // Should be no more content now:
+                       if ($parseString)       {
+                               return $this->parseError('Still content in clause after parsing!',$parseString);
+                       }
+
+                       return $result;
+               } else return $this->parseError('No database found!',$parseString);
+       }
 
 
 
@@ -713,7 +744,7 @@ class t3lib_sqlparser {
 
                                        // Looking for stop-keywords:
                                if ($stopRegex && $this->lastStopKeyWord = $this->nextPart($parseString, $stopRegex))   {
-                                       $this->lastStopKeyWord = strtoupper(ereg_replace('[[:space:]]*','',$this->lastStopKeyWord));
+                                       $this->lastStopKeyWord = strtoupper(str_replace(array(' ',"\t","\r","\n"),'',$this->lastStopKeyWord));
                                        return $stack;
                                }
 
@@ -759,13 +790,9 @@ class t3lib_sqlparser {
 
                        // $parseString is continously shortend by the process and we keep parsing it till it is zero:
                while (strlen($parseString)) {
-
                                // Looking for the table:
                        if ($stack[$pnt]['table'] = $this->nextPart($parseString,'^([[:alnum:]_]+)(,|[[:space:]]+)'))   {
-                               if ($as = $this->nextPart($parseString,'^(AS)[[:space:]]+'))    {
-                                       $stack[$pnt]['as'] = $this->nextPart($parseString,'^([[:alnum:]_]+)(,|[[:space:]]+)');
-                                       $stack[$pnt]['as_keyword'] = $as;
-                               }
+                           $stack[$pnt]['as'] = $this->nextPart($parseString,'^([[:alnum:]_]+)[[:space:]]*');
                        } else return $this->parseError('No table name found as expected!',$parseString);
 
                                // Looking for JOIN
@@ -782,7 +809,7 @@ class t3lib_sqlparser {
 
                                // Looking for stop-keywords:
                        if ($stopRegex && $this->lastStopKeyWord = $this->nextPart($parseString, $stopRegex))   {
-                               $this->lastStopKeyWord = strtoupper(ereg_replace('[[:space:]]*','',$this->lastStopKeyWord));
+                               $this->lastStopKeyWord = strtoupper(str_replace(array(' ',"\t","\r","\n"),'',$this->lastStopKeyWord));
                                return $stack;
                        }
 
@@ -894,7 +921,7 @@ class t3lib_sqlparser {
 
                                                // Looking for stop-keywords:
                                        if ($stopRegex && $this->lastStopKeyWord = $this->nextPart($parseString, $stopRegex))   {
-                                               $this->lastStopKeyWord = strtoupper(ereg_replace('[[:space:]]*','',$this->lastStopKeyWord));
+                                               $this->lastStopKeyWord = strtoupper(str_replace(array(' ',"\t","\r","\n"),'',$this->lastStopKeyWord));
                                                return $stack[0];
                                        } else {
                                                return $this->parseError('No operator, but parsing not finished.',$parseString);
@@ -942,7 +969,7 @@ class t3lib_sqlparser {
 
                                // Looking for keywords
                        while($keyword = $this->nextPart($parseString,'^(DEFAULT|NOT[[:space:]]+NULL|AUTO_INCREMENT|UNSIGNED)([[:space:]]+|,|\))'))     {
-                               $keywordCmp = strtoupper(ereg_replace('[[:space:]]*','',$keyword));
+                               $keywordCmp = strtoupper(str_replace(array(' ',"\t","\r","\n"),'',$keyword));
 
                                $result['featureIndex'][$keywordCmp]['keyword'] = $keyword;
 
@@ -983,7 +1010,8 @@ class t3lib_sqlparser {
         * @return      string          The value of the first parenthesis level of the REGEX.
         */
        function nextPart(&$parseString,$regex,$trimAll=FALSE)  {
-               if (eregi($regex,$parseString.' ', $reg))       {       // Adding space char because [[:space:]]+ is often a requirement in regex's
+               //if (eregi($regex,$parseString.' ', $reg))     {       // Adding space char because [[:space:]]+ is often a requirement in regex's
+               if (preg_match('/'.$regex.'/i',$parseString.' ', $reg)) {       // Adding space char because [[:space:]]+ is often a requirement in regex's
                        $parseString = ltrim(substr($parseString,strlen($reg[$trimAll?0:1])));
                        return $reg[1];
                }
@@ -997,7 +1025,8 @@ class t3lib_sqlparser {
         * @return      string          The value (string/integer). Otherwise an array with error message in first key (0)
         */
        function getValue(&$parseString,$comparator='') {
-               if (t3lib_div::inList('NOTIN,IN,_LIST',strtoupper(ereg_replace('[[:space:]]','',$comparator)))) {       // List of values:
+               //if (t3lib_div::inList('NOTIN,IN,_LIST',strtoupper(ereg_replace('[[:space:]]','',$comparator))))       {       // List of values:
+               if (t3lib_div::inList('NOTIN,IN,_LIST',strtoupper(str_replace(array(' ',"\n","\r","\t"),'',$comparator))))      {       // List of values:
                        if ($this->nextPart($parseString,'^([(])'))     {
                                $listValues = array();
                                $comma=',';
@@ -1034,7 +1063,7 @@ class t3lib_sqlparser {
                                        return array($this->getValueInQuotes($parseString,"'"),"'");
                                break;
                                default:
-                                       if (eregi('^([[:alnum:]._-]+)',$parseString, $reg))     {
+                                       if (preg_match('/^([[:alnum:]._-]+)/i',$parseString, $reg))     {
                                                $parseString = ltrim(substr($parseString,strlen($reg[0])));
                                                return array($reg[1]);
                                        }
@@ -1059,6 +1088,7 @@ class t3lib_sqlparser {
                        $buffer.=$v;
 
                        unset($reg);
+                       //preg_match('/[\]*$/',$v,$reg); // does not work. what is the *exact* meaning of the next line?
                        ereg('[\]*$',$v,$reg);
                        if (strlen($reg[0])%2)  {
                                $buffer.=$quote;
@@ -1091,6 +1121,7 @@ class t3lib_sqlparser {
         * @return      string          Output string
         */
        function compileAddslashes($str)        {
+return $str;
                $search = array('\\', '\'', '"', "\x00", "\x0a", "\x0d", "\x1a");
                $replace = array('\\\\', '\\\'', '\\"', '\0', '\n', '\r', '\Z');
 
@@ -1119,7 +1150,8 @@ class t3lib_sqlparser {
         * @return      string          Output string
         */
        function trimSQL($str)  {
-               return trim(ereg_replace('[[:space:];]*$','',$str)).' ';
+               return trim(rtrim($str, "; \r\n\t")).' ';
+               //return trim(ereg_replace('[[:space:];]*$','',$str)).' ';
        }
 
 
@@ -1340,7 +1372,7 @@ class t3lib_sqlparser {
                $query = 'ALTER TABLE '.$components['TABLE'].' '.$components['action'].' '.($components['FIELD']?$components['FIELD']:$components['KEY']);
 
                        // Based on action, add the final part:
-               switch(strtoupper(ereg_replace('[[:space:]]','',$components['action'])))        {
+               switch(strtoupper(str_replace(array(' ',"\t","\r","\n"),'',$components['action'])))     {
                        case 'ADD':
                                $query.=' '.$this->compileFieldCfg($components['definition']);
                        break;
@@ -1460,6 +1492,7 @@ class t3lib_sqlparser {
        /**
         * Implodes an array of WHERE clause configuration into a WHERE clause.
         * NOTICE: MIGHT BY A TEMPORARY FUNCTION. Use for debugging only!
+        * BUT IT IS NEEDED FOR DBAL - MAKE IT PERMANENT?!?!
         *
         * @param       array           WHERE clause configuration
         * @return      string          WHERE clause as string.
@@ -1495,7 +1528,7 @@ class t3lib_sqlparser {
                                                $output.=' '.$v['comparator'];
 
                                                        // Detecting value type; list or plain:
-                                               if (t3lib_div::inList('NOTIN,IN',strtoupper(ereg_replace('[[:space:]]','',$v['comparator']))))  {
+                                               if (t3lib_div::inList('NOTIN,IN',strtoupper(str_replace(array(' ',"\t","\r","\n"),'',$v['comparator']))))       {
                                                        $valueBuffer = array();
                                                        foreach($v['value'] as $realValue)      {
                                                                $valueBuffer[]=$realValue[1].$this->compileAddslashes($realValue[0]).$realValue[1];
@@ -1609,10 +1642,10 @@ class t3lib_sqlparser {
 #              $str1 = stripslashes($str1);
 #              $str2 = stripslashes($str2);
 
-               if (strcmp(ereg_replace('[[:space:]]','',$this->trimSQL($str1)),ereg_replace('[[:space:]]','',$this->trimSQL($str2))))  {
+               if (strcmp(str_replace(array(' ',"\t","\r","\n"),'',$this->trimSQL($str1)),str_replace(array(' ',"\t","\r","\n"),'',$this->trimSQL($str2))))    {
                        return array(
-                                       ereg_replace('[[:space:]]+',' ',$str),
-                                       ereg_replace('[[:space:]]+',' ',$newStr),
+                                       str_replace(array(' ',"\t","\r","\n"),' ',$str),
+                                       str_replace(array(' ',"\t","\r","\n"),' ',$newStr),
                                );
                }
        }
index ceee62c..0e64a96 100644 (file)
@@ -2161,12 +2161,12 @@ class t3lib_stdGraphic  {
                        $md5Hash = md5(t3lib_div::getURL ($imageFile));
                }
                ereg('([^\.]*)$',$imageFile,$reg);
-               $res = $TYPO3_DB->exec_SELECTquery ('md5hash, imagewidth, imageheight', 'cache_imagesizes', 'md5filename="'.md5($imageFile).'"');
+               $res = $TYPO3_DB->exec_SELECTquery ('md5hash, imagewidth, imageheight', 'cache_imagesizes', 'md5filename='.$TYPO3_DB->fullQuoteStr(md5($imageFile),'cache_imagesizes'));
                if ($res) {
                        if ($row = $TYPO3_DB->sql_fetch_assoc($res)) {
                                if ($row['md5hash']!=$md5Hash) {
                                                // file has changed, delete the row
-                                       $TYPO3_DB->exec_DELETEquery ('cache_imagesizes', 'md5hash="'.$TYPO3_DB->quoteStr($row['md5hash'], 'cache_imagesizes').'"');
+                                       $TYPO3_DB->exec_DELETEquery ('cache_imagesizes', 'md5hash='.$TYPO3_DB->fullQuoteStr($row['md5hash'],'cache_imagesizes'));
                                } else {
                                        return (array($row['imagewidth'], $row['imageheight'], strtolower($reg[0]), $imageFile));
                                }
@@ -2280,7 +2280,7 @@ class t3lib_stdGraphic    {
                                return 1;
                        } else {        // If not, we look up in the cache_typo3temp_log table to see if there is a image being rendered right now.
                                $md5Hash=md5($output);
-                               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('md5hash', 'cache_typo3temp_log', 'md5hash="'.$GLOBALS['TYPO3_DB']->quoteStr($md5Hash, 'cache_typo3temp_log').'" AND tstamp>'.(time()-30));
+                               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('md5hash', 'cache_typo3temp_log', 'md5hash='.$GLOBALS['TYPO3_DB']->fullQuoteStr($md5Hash, 'cache_typo3temp_log').' AND tstamp>'.(time()-30));
                                if ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {       // If there was a record, the image is being generated by another proces (we assume)
                                        if (is_object($GLOBALS['TSFE']))        $GLOBALS['TSFE']->set_no_cache();       // ...so we set no_cache, because we dont want this page (which will NOT display an image...!) to be cached! (Only a page with the correct image on...)
                                        if (is_object($GLOBALS['TT']))  $GLOBALS['TT']->setTSlogMessage('typo3temp_log: Assume this file is being rendered now: '.$output);
@@ -2293,7 +2293,7 @@ class t3lib_stdGraphic    {
                                                'filename' => $output,
                                                'orig_filename' => $orig
                                        );
-                                       $GLOBALS['TYPO3_DB']->exec_DELETEquery('cache_typo3temp_log', 'md5hash="'.$GLOBALS['TYPO3_DB']->quoteStr($md5Hash, 'cache_typo3temp_log').'"');
+                                       $GLOBALS['TYPO3_DB']->exec_DELETEquery('cache_typo3temp_log', 'md5hash='.$GLOBALS['TYPO3_DB']->fullQuoteStr($md5Hash, 'cache_typo3temp_log'));
                                        $GLOBALS['TYPO3_DB']->exec_INSERTquery('cache_typo3temp_log', $insertFields);
 
                                        if (is_object($GLOBALS['TT']))  $GLOBALS['TT']->setTSlogMessage('typo3temp_log: The row did not exist, so a new is written and file is being processed: '.$output);
index a394d43..27f206a 100755 (executable)
@@ -567,19 +567,19 @@ class t3lib_superadmin {
                $DB = $this->globalSiteInfo[$key]['siteInfo']['TYPO3_db'];
 
                        // Non-admin users
-               $query = $GLOBALS['TYPO3_DB']->SELECTquery('count(*)', 'be_users', 'admin=0 AND NOT deleted');
+               $query = $GLOBALS['TYPO3_DB']->SELECTquery('count(*)', 'be_users', 'admin=0 AND deleted=0');
                $res = mysql($DB, $query);
                $row = mysql_fetch_row($res);
                $this->globalSiteInfo[$key]['siteInfo']['BE_USERS_NONADMIN'] = $row[0];
 
                        // Admin users
-               $query = $GLOBALS['TYPO3_DB']->SELECTquery('count(*)', 'be_users', 'admin!=0 AND NOT deleted');
+               $query = $GLOBALS['TYPO3_DB']->SELECTquery('count(*)', 'be_users', 'admin!=0 AND deleted=0');
                $res = mysql($DB, $query);
                $row = mysql_fetch_row($res);
                $this->globalSiteInfo[$key]['siteInfo']['BE_USERS_ADMIN'] = $row[0];
 
                        // Select Admin users
-               $query = $GLOBALS['TYPO3_DB']->SELECTquery('uid,username,password,email,realName,disable', 'be_users', 'admin!=0 AND NOT deleted');
+               $query = $GLOBALS['TYPO3_DB']->SELECTquery('uid,username,password,email,realName,disable', 'be_users', 'admin!=0 AND deleted=0');
                $res = mysql($DB, $query);
                while($row = mysql_fetch_assoc($res))   {
                        $this->globalSiteInfo[$key]['siteInfo']['ADMINS'][] = $row;
index b1b1002..3f89f0b 100755 (executable)
@@ -4818,7 +4818,7 @@ class t3lib_TCEforms      {
                $isL = t3lib_extMgm::isLoaded('static_info_tables');
 
                        // Find all language records in the system:
-               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('static_lang_isocode,title,uid', 'sys_language', 'pid=0 AND NOT hidden'.t3lib_BEfunc::deleteClause('sys_language'), '', 'title');
+               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('static_lang_isocode,title,uid', 'sys_language', 'pid=0 AND hidden=0'.t3lib_BEfunc::deleteClause('sys_language'), '', 'title');
 
                        // Traverse them:
                $output=array();
index 62528f4..e4b03d4 100755 (executable)
@@ -1841,13 +1841,13 @@ class t3lib_TCEmain     {
                if (is_array($TCA[$table]) && is_array($TCA[$table]['columns'][$field]))        {
 
                                // Look for a record which might already have the value:
-                       $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('uid', $table, $field.'="'.$GLOBALS['TYPO3_DB']->quoteStr($value, $table).'" AND uid!='.intval($id).$whereAdd);
+                       $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('uid', $table, $field.'='.$GLOBALS['TYPO3_DB']->fullQuoteStr($value, $table).' AND uid!='.intval($id).$whereAdd);
                        $counter = 0;
 
                                // For as long as records with the test-value existing, try again (with incremented numbers appended).
                        while ($GLOBALS['TYPO3_DB']->sql_num_rows($res))        {
                                $newValue = $value.$counter;
-                               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('uid', $table, $field.'="'.$GLOBALS['TYPO3_DB']->quoteStr($newValue, $table).'" AND uid!='.intval($id).$whereAdd);
+                               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('uid', $table, $field.'='.$GLOBALS['TYPO3_DB']->fullQuoteStr($newValue, $table).' AND uid!='.intval($id).$whereAdd);
                                $counter++;
                                if ($counter>100)       { break; }      // At "100" it will give up and accept a duplicate - should probably be fixed to a small hash string instead...!
                        }
@@ -2259,9 +2259,12 @@ class t3lib_TCEmain      {
                        $c = 0;
                        $cRecTypes = array();
                        foreach($currentRecord as $col => $val) {
+// DBAL
+#                              $cRecTypes[$col] = $GLOBALS['TYPO3_DB']->sql_field_type($table,$col);
                                $cRecTypes[$col] = $GLOBALS['TYPO3_DB']->sql_field_type($res,$c);
                                $c++;
                        }
+#debug($cRecTypes);
 
                                // Free result:
                        $GLOBALS['TYPO3_DB']->sql_free_result($res);
@@ -2376,13 +2379,14 @@ class t3lib_TCEmain     {
                if (is_array($TCA[$table]) && $id)      {
                        $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', $table, 'uid='.intval($id));
                        if ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
-
                                        // Traverse arrow of values that was inserted into the database and compare with the actually stored value:
                                $errorString = array();
                                foreach($fieldArray as $key => $value)  {
                                        if ($this->checkStoredRecords_loose && !$value && !$row[$key])  {
                                                // Nothing...
                                        } elseif (strcmp($value,$row[$key]))    {
+                                         // DEBUGGING KFISH
+                                         // debug(array("$value != ".$row[$key]));
                                                $errorString[] = $key;
                                        }
                                }
@@ -2457,7 +2461,7 @@ class t3lib_TCEmain       {
                                                        // Builds list of pages on the SAME level as this page (siblings)
                                                $res_tmp = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
                                                                                'A.pid AS pid, B.uid AS uid',
-                                                                               'pages AS A, pages AS  B',
+                                                                               'pages A, pages B',
                                                                                'A.uid='.intval($uid).' AND B.pid=A.pid AND B.deleted=0'
                                                                        );
 
@@ -3704,7 +3708,7 @@ class t3lib_TCEmain       {
 
                        // Do check:
                if ($prevTitle != $checkTitle || $count<100)    {
-                       $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('uid', $table, 'pid='.intval($pid).' AND '.$field.'="'.$GLOBALS['TYPO3_DB']->quoteStr($checkTitle, $table).'"'.$this->deleteClause($table), '', '', '1');
+                       $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('uid', $table, 'pid='.intval($pid).' AND '.$field.'='.$GLOBALS['TYPO3_DB']->fullQuoteStr($checkTitle, $table).$this->deleteClause($table), '', '', '1');
                        if ($GLOBALS['TYPO3_DB']->sql_num_rows($res))   {
                                return $this->getCopyHeader($table,$pid,$field,$value,$count+1,$checkTitle);
                        }
@@ -4363,7 +4367,7 @@ class t3lib_TCEmain       {
                        // Returns the proper delete-clause if any for a table from TCA
                global $TCA;
                if ($TCA[$table]['ctrl']['delete'])     {
-                       return ' AND NOT '.$table.'.'.$TCA[$table]['ctrl']['delete'];
+                       return ' AND '.$table.'.'.$TCA[$table]['ctrl']['delete'].'=0';
                } else {
                        return '';
                }
@@ -4404,13 +4408,13 @@ class t3lib_TCEmain     {
        function getInterfacePagePositionID($uid)       {
                global $TCA;
                $perms_clause = $this->BE_USER->getPagePermsClause(1);
-               $deleted = $TCA['pages']['ctrl']['delete'] ? 'AND NOT A.'.$TCA['pages']['ctrl']['delete'].' AND NOT pages.'.$TCA['pages']['ctrl']['delete'].' ' : '';
+               $deleted = $TCA['pages']['ctrl']['delete'] ? 'AND A.'.$TCA['pages']['ctrl']['delete'].'=0 AND pages.'.$TCA['pages']['ctrl']['delete'].'=0 ' : '';
 
                        // This fetches a list of 1 or 2 pages, where - if 2 - the 2nd is the page BEFORE this ($uid). If 1 then the page ($uid) is at the top itself
                $subres = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
                                        'pages.uid, pages.pid',
-                                       'pages AS A, pages',
-                                       'A.pid=pages.pid AND A.uid="'.$uid.'"
+                                       'pages A, pages',
+                                       'A.pid=pages.pid AND A.uid=\''.$uid.'\'
                                                '.$deleted.'
                                                AND pages.sorting<=A.sorting
                                                AND '.$perms_clause,
@@ -4513,7 +4517,7 @@ class t3lib_TCEmain       {
                $tstampLimit = $maxAgeSeconds ? time()-$maxAgeSeconds : 0;
 
                $where = '
-                       tablename="'.$GLOBALS['TYPO3_DB']->quoteStr($table, 'sys_history').'"
+                       tablename='.$GLOBALS['TYPO3_DB']->fullQuoteStr($table, 'sys_history').'
                        AND recuid='.intval($id).'
                        AND snapshot=0';
 
index 145d5db..b85ec2d 100755 (executable)
@@ -833,11 +833,11 @@ class t3lib_treeView {
                        $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
                                                'count(*)',
                                                $this->table,
-                                               $this->parentField.'="'.$GLOBALS['TYPO3_DB']->quoteStr($uid, $this->table).'"'.
+                                               $this->parentField.'='.$GLOBALS['TYPO3_DB']->fullQuoteStr($uid, $this->table).
                                                        t3lib_BEfunc::deleteClause($this->table).
                                                        $this->clause,  // whereClauseMightContainGroupOrderBy
                                                '',
-                                               $this->orderByFields
+                                               '' //$this->orderByFields // sorting is senseless for count(*) !?!
                                        );
                        $row = $GLOBALS['TYPO3_DB']->sql_fetch_row($res);
                        return $row[0];
@@ -894,7 +894,7 @@ class t3lib_treeView {
                        $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
                                                implode(',',$this->fieldArray),
                                                $this->table,
-                                               $this->parentField.'="'.$GLOBALS['TYPO3_DB']->quoteStr($parentId, $this->table).'"'.
+                                               $this->parentField.'='.$GLOBALS['TYPO3_DB']->fullQuoteStr($parentId, $this->table).
                                                        t3lib_BEfunc::deleteClause($this->table).
                                                        $this->clause,  // whereClauseMightContainGroupOrderBy
                                                '',
index f6b443a..3a3b713 100755 (executable)
@@ -262,7 +262,7 @@ class t3lib_tsfeBeUserAuth extends t3lib_beUserAuth {
                        $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
                                                'fe_groups.uid, fe_groups.title',
                                                'fe_groups,pages',
-                                               'pages.uid=fe_groups.pid AND NOT pages.deleted '.t3lib_BEfunc::deleteClause('fe_groups').' AND '.$this->getPagePermsClause(1)
+                                               'pages.uid=fe_groups.pid AND pages.deleted=0 '.t3lib_BEfunc::deleteClause('fe_groups').' AND '.$this->getPagePermsClause(1)
                                        );
                        while($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res))       {
                                $options.= '<option value="'.$row['uid'].'"'.($this->uc['TSFE_adminConfig']['preview_simulateUserGroup']==$row['uid']?' selected="selected"':'').'>'.htmlspecialchars('['.$row['uid'].'] '.$row['title']).'</option>';
@@ -801,7 +801,7 @@ class t3lib_tsfeBeUserAuth extends t3lib_beUserAuth {
                        $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
                                                'uid,title',
                                                'pages',
-                                               'pid='.$id.' AND doktype IN ('.$GLOBALS['TYPO3_CONF_VARS']['FE']['content_doktypes'].') AND NOT deleted AND '.$perms_clause
+                                               'pid='.$id.' AND doktype IN ('.$GLOBALS['TYPO3_CONF_VARS']['FE']['content_doktypes'].') AND deleted=0 AND '.$perms_clause
                                        );
                        while ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res))      {
                                if ($begin<=0)  {
index 7579c39..b84cb69 100755 (executable)
@@ -346,7 +346,7 @@ class t3lib_TStemplate      {
                                if ($this->tt_track)    $GLOBALS['TT']->setTSlogMessage('TS template size, serialized: '.strlen(serialize($this->setup)).' bytes');
 
                                $rowSumHash = md5('ROWSUM:'.serialize($this->rowSum));
-                               t3lib_pageSelect::storeHash($rowSumHash, serialize($cc['all']), 'TMPL CONDITIONS - ALL');
+                               t3lib_pageSelect::storeHash($rowSumHash, serialize($cc['all']), 'TMPL CONDITIONS - AL');
                        }
                                // Add rootLine
                        $cc['rootLine'] = $this->rootLine;
@@ -361,6 +361,7 @@ class t3lib_TStemplate      {
                                        'tstamp' => $GLOBALS['EXEC_TIME']
                                );
                                $GLOBALS['TYPO3_DB']->exec_DELETEquery('cache_pagesection', 'page_id='.intval($GLOBALS['TSFE']->id).' AND mpvar_hash='.t3lib_div::md5int($GLOBALS['TSFE']->MP));
+
                                $GLOBALS['TYPO3_DB']->exec_INSERTquery('cache_pagesection', $insertFields);
                        }
                                // If everything OK.
index 876463d..60a136a 100755 (executable)
@@ -202,8 +202,8 @@ class t3lib_userAuth {
                $dbres = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
                                                '*',
                                                $this->session_table.','.$this->user_table,
-                                               $this->session_table.'.ses_id = "'.$GLOBALS['TYPO3_DB']->quoteStr($this->id, $this->session_table).'"
-                                                       AND '.$this->session_table.'.ses_name = "'.$GLOBALS['TYPO3_DB']->quoteStr($this->name, $this->session_table).'"
+                                               $this->session_table.'.ses_id = '.$GLOBALS['TYPO3_DB']->fullQuoteStr($this->id, $this->session_table).'
+                                                       AND '.$this->session_table.'.ses_name = '.$GLOBALS['TYPO3_DB']->fullQuoteStr($this->name, $this->session_table).'
                                                        AND '.$this->session_table.'.ses_userid = '.$this->user_table.'.'.$this->userid_column.'
                                                        '.$this->ipLockClause().'
                                                        '.$this->hashLockClause().'
@@ -222,8 +222,8 @@ class t3lib_userAuth {
                        if ($timeout>0 && ($GLOBALS['EXEC_TIME'] < ($this->user['ses_tstamp']+$timeout)))       {
                                        $GLOBALS['TYPO3_DB']->exec_UPDATEquery(
                                                                                        $this->session_table,
-                                                                                       'ses_id="'.$GLOBALS['TYPO3_DB']->quoteStr($this->id, $this->session_table).'"
-                                                                                               AND ses_name="'.$GLOBALS['TYPO3_DB']->quoteStr($this->name, $this->session_table).'"',
+                                                                                       'ses_id='.$GLOBALS['TYPO3_DB']->fullQuoteStr($this->id, $this->session_table).'
+                                                                                               AND ses_name='.$GLOBALS['TYPO3_DB']->fullQuoteStr($this->name, $this->session_table),
                                                                                        array('ses_tstamp' => $GLOBALS['EXEC_TIME'])
                                                                                );
                                        $this->user['ses_tstamp'] = $GLOBALS['EXEC_TIME'];      // Make sure that the timestamp is also updated in the array
@@ -295,7 +295,7 @@ class t3lib_userAuth {
                                                                        '*',
                                                                        $this->user_table,
                                                                        ($this->checkPid ? 'pid IN ('.$GLOBALS['TYPO3_DB']->cleanIntList($this->checkPid_value).') AND ' : '').
-                                                                               $this->username_column.'="'.$GLOBALS['TYPO3_DB']->quoteStr($F_uname, $this->user_table).'" '.
+                                                                               $this->username_column.'='.$GLOBALS['TYPO3_DB']->fullQuoteStr($F_uname, $this->user_table).' '.
                                                                                $this->user_where_clause()
                                                        );
 
@@ -352,7 +352,7 @@ class t3lib_userAuth {
                                                                if ($this->lastLogin_column)    {
                                                                        $GLOBALS['TYPO3_DB']->exec_UPDATEquery(
                                                                                                                        $this->user_table,
-                                                                                                                       $this->userid_column.'="'.$GLOBALS['TYPO3_DB']->quoteStr($tempuser[$this->userid_column], $this->user_table).'"',
+                                                                                                                       $this->userid_column.'='.$GLOBALS['TYPO3_DB']->fullQuoteStr($tempuser[$this->userid_column], $this->user_table),
                                                                                                                        array($this->lastLogin_column => $GLOBALS['EXEC_TIME'])
                                                                                                                );
                                                                }
@@ -426,8 +426,8 @@ class t3lib_userAuth {
        function logoff() {
                $GLOBALS['TYPO3_DB']->exec_DELETEquery(
                                        $this->session_table,
-                                       'ses_id = "'.$GLOBALS['TYPO3_DB']->quoteStr($this->id, $this->session_table).'"
-                                               AND ses_name = "'.$GLOBALS['TYPO3_DB']->quoteStr($this->name, $this->session_table).'"'
+                                       'ses_id = '.$GLOBALS['TYPO3_DB']->fullQuoteStr($this->id, $this->session_table).'
+                                               AND ses_name = '.$GLOBALS['TYPO3_DB']->fullQuoteStr($this->name, $this->session_table)
                                );
                $this->user = "";
        }
@@ -442,7 +442,7 @@ class t3lib_userAuth {
                $GLOBALS['TYPO3_DB']->exec_DELETEquery(
                                        $this->session_table,
                                        'ses_tstamp < '.intval(time()-($this->gc_time*60*60)).'
-                                               AND ses_name = "'.$GLOBALS['TYPO3_DB']->quoteStr($this->name, $this->session_table).'"'
+                                               AND ses_name = '.$GLOBALS['TYPO3_DB']->fullQuoteStr($this->name, $this->session_table)
                                );
        }
 
@@ -454,8 +454,8 @@ class t3lib_userAuth {
         */
        function user_where_clause()    {
                return  (($this->enablecolumns['rootLevel']) ? 'AND '.$this->user_table.'.pid=0 ' : '').
-                               (($this->enablecolumns['disabled']) ? ' AND NOT '.$this->user_table.'.'.$this->enablecolumns['disabled'] : '').
-                               (($this->enablecolumns['deleted']) ? ' AND NOT '.$this->user_table.'.'.$this->enablecolumns['deleted'] : '').
+                               (($this->enablecolumns['disabled']) ? ' AND '.$this->user_table.'.'.$this->enablecolumns['disabled'].'=0' : '').
+                               (($this->enablecolumns['deleted']) ? ' AND '.$this->user_table.'.'.$this->enablecolumns['deleted'].'=0' : '').
                                (($this->enablecolumns['starttime']) ? ' AND ('.$this->user_table.'.'.$this->enablecolumns['starttime'].'<='.time().')' : '').
                                (($this->enablecolumns['endtime']) ? ' AND ('.$this->user_table.'.'.$this->enablecolumns['endtime'].'=0 OR '.$this->user_table.'.'.$this->enablecolumns['endtime'].'>'.time().')' : '');
        }
@@ -469,8 +469,8 @@ class t3lib_userAuth {
        function ipLockClause() {
                if ($this->lockIP)      {
                        $wherePart = 'AND (
-                               '.$this->session_table.'.ses_iplock="'.$GLOBALS['TYPO3_DB']->quoteStr($this->ipLockClause_remoteIPNumber($this->lockIP),$this->session_table).'"
-                               OR '.$this->session_table.'.ses_iplock="[DISABLED]"
+                               '.$this->session_table.'.ses_iplock='.$GLOBALS['TYPO3_DB']->fullQuoteStr($this->ipLockClause_remoteIPNumber($this->lockIP),$this->session_table).'
+                               OR '.$this->session_table.'.ses_iplock=\'[DISABLED]\'
                                )';
                        return $wherePart;
                }
@@ -633,7 +633,7 @@ class t3lib_userAuth {
                $sesDat[$key] = $data;
                $this->user['ses_data'] = serialize($sesDat);
 
-               $GLOBALS['TYPO3_DB']->exec_UPDATEquery($this->session_table, 'ses_id="'.$GLOBALS['TYPO3_DB']->quoteStr($this->user['ses_id'], $this->session_table).'"', array('ses_data' => $this->user['ses_data']));
+               $GLOBALS['TYPO3_DB']->exec_UPDATEquery($this->session_table, 'ses_id='.$GLOBALS['TYPO3_DB']->fullQuoteStr($this->user['ses_id'], $this->session_table), array('ses_data' => $this->user['ses_data']));
        }
 
        /**
@@ -648,7 +648,7 @@ class t3lib_userAuth {
         * @see SC_mod_tools_be_user_index::compareUsers(), SC_mod_user_setup_index::simulateUser(), freesite_admin::startCreate()
         */
        function setBeUserByUid($uid)   {
-               $dbres = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', $this->user_table, 'uid="'.intval($uid).'" '.$this->user_where_clause());
+               $dbres = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', $this->user_table, 'uid='.intval($uid).' '.$this->user_where_clause());
                $this->user = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($dbres);
        }
 
@@ -661,7 +661,7 @@ class t3lib_userAuth {
         * @internal
         */
        function setBeUserByName($name) {
-               $dbres = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', $this->user_table, 'username="'.$GLOBALS['TYPO3_DB']->quoteStr($name, $this->user_table).'" '.$this->user_where_clause());
+               $dbres = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', $this->user_table, 'username='.$GLOBALS['TYPO3_DB']->fullQuoteStr($name, $this->user_table).' '.$this->user_where_clause());
                $this->user = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($dbres);
        }
 }
index 15419a2..1ec56ac 100755 (executable)
@@ -772,7 +772,7 @@ class t3lib_userAuthGroup extends t3lib_userAuth {
                                // Processing filemounts
                        $this->dataLists['filemount_list'] = t3lib_div::uniqueList($this->dataLists['filemount_list']);
                        if ($this->dataLists['filemount_list']) {
-                               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', 'sys_filemounts', 'NOT deleted AND NOT hidden AND pid=0 AND uid IN ('.$this->dataLists['filemount_list'].')');
+                               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', 'sys_filemounts', 'deleted=0 AND hidden=0 AND pid=0 AND uid IN ('.$this->dataLists['filemount_list'].')');
                                while ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res))      {
                                        $this->addFileMount($row['title'], $row['path'], $row['path'], $row['base']?1:0, '');
                                }
@@ -810,8 +810,8 @@ class t3lib_userAuthGroup extends t3lib_userAuth {
        function fetchGroups($grList,$idList='')        {
 
                        // Fetching records of the groups in $grList (which are not blocked by lockedToDomain either):
-               $lockToDomain_SQL = ' AND (lockToDomain="" OR lockToDomain="'.t3lib_div::getIndpEnv('HTTP_HOST').'")';
-               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', $this->usergroup_table, 'NOT deleted AND NOT hidden AND pid=0 AND uid IN ('.$grList.')'.$lockToDomain_SQL);
+               $lockToDomain_SQL = ' AND (lockToDomain=\'\' OR lockToDomain=\''.t3lib_div::getIndpEnv('HTTP_HOST').'\')';
+               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', $this->usergroup_table, 'deleted=0 AND hidden=0 AND pid=0 AND uid IN ('.$grList.')'.$lockToDomain_SQL);
 
                        // The userGroups array is filled
                while ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res))      {
index 88f7745..5d699e2 100755 (executable)
@@ -759,7 +759,7 @@ class SC_alt_doc {
 
                                        // Undo:
                                $undoButton = 0;
-                               $undoRes = $GLOBALS['TYPO3_DB']->exec_SELECTquery('tstamp', 'sys_history', 'tablename="'.$GLOBALS['TYPO3_DB']->quoteStr($this->firstEl['table'], 'sys_history').'" AND recuid="'.intval($this->firstEl['uid']).'"', '', 'tstamp DESC', '1');
+                               $undoRes = $GLOBALS['TYPO3_DB']->exec_SELECTquery('tstamp', 'sys_history', 'tablename='.$GLOBALS['TYPO3_DB']->fullQuoteStr($this->firstEl['table'], 'sys_history').' AND recuid='.intval($this->firstEl['uid']), '', 'tstamp DESC', '1');
                                if ($undoButtonR = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($undoRes))     {
                                        $undoButton = 1;
                                }
index d7f037d..856728c 100755 (executable)
@@ -292,7 +292,7 @@ class recordList extends t3lib_recordList {
                if (!t3lib_extMgm::isLoaded('sys_note'))        return '';
 
                        // Create query for selecting the notes:
-               $result = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*','sys_note','pid IN ('.$this->id.') AND (!personal OR cruser="'.intval($GLOBALS['BE_USER']->user['uid']).'")'.t3lib_BEfunc::deleteClause('sys_note'));
+               $result = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*','sys_note','pid IN ('.$this->id.') AND (personal=0 OR cruser='.intval($GLOBALS['BE_USER']->user['uid']).')'.t3lib_BEfunc::deleteClause('sys_note'));
 
                        // Executing query:
                $dbCount = $GLOBALS['TYPO3_DB']->sql_num_rows($result);
@@ -478,7 +478,7 @@ class recordList extends t3lib_recordList {
 
                                // If search-fields were defined (and there always are) we create the query:
                        if (count($sfields))    {
-                               $like=' LIKE "%'.$GLOBALS['TYPO3_DB']->quoteStr($this->searchString, $table).'%"';              // Free-text searching...
+                               $like = ' LIKE \'%'.$GLOBALS['TYPO3_DB']->quoteStr($this->searchString, $table).'%\'';          // Free-text searching...
                                $queryPart = ' AND ('.implode($like.' OR ',$sfields).$like.')';
 
                                        // Return query:
index c8e0ac1..cebc998 100755 (executable)
@@ -225,7 +225,7 @@ class recordHistory {
                        $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
                                                'uid',
                                                'sys_history',
-                                               'sys_history.tablename="'.$GLOBALS['TYPO3_DB']->quoteStr($elParts[0], 'sys_history').'"
+                                               'sys_history.tablename='.$GLOBALS['TYPO3_DB']->fullQuoteStr($elParts[0], 'sys_history').'
                                                        AND sys_history.recuid='.intval($elParts[1]),
                                                '',
                                                'uid DESC',
@@ -293,7 +293,7 @@ class recordHistory {
                $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
                                        'history_data',
                                        'sys_history',
-                                       'sys_history.tablename="'.$GLOBALS['TYPO3_DB']->quoteStr($elParts[0], 'sys_history').'"
+                                       'sys_history.tablename='.$GLOBALS['TYPO3_DB']->fullQuoteStr($elParts[0], 'sys_history').'
                                                AND sys_history.recuid='.intval($elParts[1]),
                                        '',
                                        'uid DESC',
@@ -348,10 +348,10 @@ class recordHistory {
 
                                // Counting number of states:
                        $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
-                                               'count(*)',
+                                               'COUNT(*)',
                                                'sys_history,sys_log',
                                                'sys_history.sys_log_uid=sys_log.uid
-                                                       AND sys_history.tablename="'.$GLOBALS['TYPO3_DB']->quoteStr($table, 'sys_history').'"
+                                                       AND sys_history.tablename='.$GLOBALS['TYPO3_DB']->fullQuoteStr($table, 'sys_history').'
                                                        AND sys_history.recuid='.intval($elParts[1])
                                        );
                        list($Rcount) = $GLOBALS['TYPO3_DB']->sql_fetch_row($res);
@@ -361,10 +361,10 @@ class recordHistory {
                                                'sys_history.*,sys_log.userid',
                                                'sys_history,sys_log',
                                                'sys_history.sys_log_uid=sys_log.uid
-                                                       AND sys_history.tablename="'.$GLOBALS['TYPO3_DB']->quoteStr($table, 'sys_history').'"
+                                                       AND sys_history.tablename='.$GLOBALS['TYPO3_DB']->fullQuoteStr($table, 'sys_history').'
                                                        AND sys_history.recuid='.intval($elParts[1]),
                                                '',
-                                               'uid',
+                                               'sys_log.uid',
                                                t3lib_div::intInRange($Rcount-$this->maxSteps,0).','.$this->maxSteps
                                        );
 
@@ -544,7 +544,7 @@ class recordHistory {
                $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
                                        'uid',
                                        'sys_history',
-                                       'tablename="'.$GLOBALS['TYPO3_DB']->quoteStr($elParts[0], 'sys_history').'"
+                                       'tablename='.$GLOBALS['TYPO3_DB']->fullQuoteStr($elParts[0], 'sys_history').'
                                                AND recuid='.intval($elParts[1]).'
                                                AND uid<'.intval($hisUid),
                                        '',
@@ -559,7 +559,7 @@ class recordHistory {
                $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
                                        'uid',
                                        'sys_history',
-                                       'tablename="'.$GLOBALS['TYPO3_DB']->quoteStr($elParts[0], 'sys_history').'"
+                                       'tablename='.$GLOBALS['TYPO3_DB']->fullQuoteStr($elParts[0], 'sys_history').'
                                                AND recuid='.intval($elParts[1]).'
                                                AND uid>'.intval($hisUid),
                                        '',
@@ -639,6 +639,8 @@ class recordHistory {
                        $c=0;
                        $cRecTypes=array();
                        foreach($currentRecord as $col => $val) {
+                               //$cRecTypes[$col] = $GLOBALS['TYPO3_DB']->sql_field_type($table,$col);
+// DBAL
                                $cRecTypes[$col] = $GLOBALS['TYPO3_DB']->sql_field_type($res,$c);
                                $c++;
                        }
@@ -856,7 +858,7 @@ class recordHistory {
                                                        'sys_history.*,sys_log.userid',
                                                        'sys_history,sys_log',
                                                        'sys_history.sys_log_uid=sys_log.uid
-                                                               AND sys_history.tablename="'.$GLOBALS['TYPO3_DB']->quoteStr($elParts[0], 'sys_history').'"
+                                                               AND sys_history.tablename='.$GLOBALS['TYPO3_DB']->fullQuoteStr($elParts[0], 'sys_history').'
                                                                AND sys_history.recuid='.intval($elParts[1]).$addWhere,
                                                        '',
                                                        'uid DESC'
index f7b28fb..76a5982 100755 (executable)
@@ -1358,7 +1358,7 @@ class SC_mod_tools_be_user_index {
        function switchUser($switchUser)        {
                $uRec=t3lib_BEfunc::getRecord('be_users',$switchUser);
                if (is_array($uRec) && $GLOBALS['BE_USER']->isAdmin())  {
-                       $GLOBALS['TYPO3_DB']->exec_UPDATEquery('be_sessions', 'ses_id="'.$GLOBALS['TYPO3_DB']->quoteStr($GLOBALS['BE_USER']->id, 'be_sessions').'" AND ses_name="be_typo_user" AND ses_userid='.intval($GLOBALS['BE_USER']->user['uid']), array('ses_userid' => $uRec['uid']));
+                       $GLOBALS['TYPO3_DB']->exec_UPDATEquery('be_sessions', 'ses_id='.$GLOBALS['TYPO3_DB']->fullQuoteStr($GLOBALS['BE_USER']->id, 'be_sessions').' AND ses_name=\'be_typo_user\' AND ses_userid='.intval($GLOBALS['BE_USER']->user['uid']), array('ses_userid' => $uRec['uid']));
 
                        header('Location: '.t3lib_div::locationHeaderUrl($GLOBALS['BACK_PATH'].'index.php'.($GLOBALS['TYPO3_CONF_VARS']['BE']['interfaces']?'':'?commandLI=1')));
                        exit;
index f025fd7..e47c3e2 100755 (executable)
@@ -777,7 +777,7 @@ class tx_cms_layout extends recordList {
                $out='';
                if (count($tree->ids))          {
                        $delClause = t3lib_BEfunc::deleteClause('sys_note');
-                       $result = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', 'sys_note', 'pid IN ('.implode(',',$tree->ids).') AND (!personal OR cruser='.intval($GLOBALS['BE_USER']->user['uid']).')'.$delClause);
+                       $result = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', 'sys_note', 'pid IN ('.implode(',',$tree->ids).') AND (personal=0 OR cruser='.intval($GLOBALS['BE_USER']->user['uid']).')'.$delClause);
                        $dbCount = $GLOBALS['TYPO3_DB']->sql_num_rows($result);
 
                                // If sys_notes were found, render them:
index 4a5d7cd..78813f9 100755 (executable)
@@ -517,7 +517,7 @@ class SC_db_layout {
 
                        // If the former record edited was the creation of a NEW record, this will look up the created records uid:
                if ($this->new_unique_uid)      {
-                       $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', 'sys_log', 'userid='.intval($BE_USER->user['uid']).' AND NEWid="'.$GLOBALS['TYPO3_DB']->quoteStr($this->new_unique_uid, 'sys_log').'"');
+                       $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', 'sys_log', 'userid='.intval($BE_USER->user['uid']).' AND NEWid='.$GLOBALS['TYPO3_DB']->fullQuoteStr($this->new_unique_uid, 'sys_log'));
                        $sys_log_row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res);
                        if (is_array($sys_log_row))     {
                                $edit_record=$sys_log_row['tablename'].':'.$sys_log_row['recuid'];
@@ -597,7 +597,7 @@ class SC_db_layout {
 
                        // If undo-button should be rendered (depends on available items in sys_history)
                $undoButton=0;
-               $undoRes = $GLOBALS['TYPO3_DB']->exec_SELECTquery('tstamp', 'sys_history', 'tablename="'.$GLOBALS['TYPO3_DB']->quoteStr($eRParts[0], 'sys_history').'" AND recuid="'.$GLOBALS['TYPO3_DB']->quoteStr($eRParts[1], 'sys_history').'"', '', 'tstamp DESC', '1');
+               $undoRes = $GLOBALS['TYPO3_DB']->exec_SELECTquery('tstamp', 'sys_history', 'tablename='.$GLOBALS['TYPO3_DB']->fullQuoteStr($eRParts[0], 'sys_history').' AND recuid='.intval($eRParts[1]), '', 'tstamp DESC', '1');
                if ($undoButtonR = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($undoRes))     {
                        $undoButton=1;
                }
@@ -1203,7 +1203,7 @@ class SC_db_layout {
                                                        'sys_language.*',
                                                        'pages_language_overlay,sys_language',
                                                        'pages_language_overlay.sys_language_uid=sys_language.uid AND pages_language_overlay.pid='.intval($id).$exQ,
-                                                       'pages_language_overlay.sys_language_uid',
+                                                       'pages_language_overlay.sys_language_uid,sys_language.uid,sys_language.pid,sys_language.tstamp,sys_language.hidden,sys_language.title,sys_language.static_lang_isocode,sys_language.flag',
                                                        'sys_language.title'
                                                );
                } else {
index 360b090..4aa5b63 100755 (executable)
@@ -4948,7 +4948,7 @@ class tslib_cObj {
                                                        }
                                                        if (!$tCR_flag) {
                                                                foreach($tCR_rootline as $tCR_data)     {
-                                                                       $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', 'sys_domain', 'pid='.intval($tCR_data['uid']).' AND redirectTo=""'.$this->enableFields('sys_domain'), '', 'sorting');
+                                                                       $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', 'sys_domain', 'pid='.intval($tCR_data['uid']).' AND redirectTo=\'\''.$this->enableFields('sys_domain'), '', 'sorting');
                                                                        if ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
                                                                                $tCR_domain = ereg_replace('\/$','',$row['domainName']);
                                                                                break;
@@ -5912,7 +5912,7 @@ class tslib_cObj {
                if (count($OR_arr))     {
                        $whereDef=' AND ('.implode(' OR ',$OR_arr).')';
                        if ($GLOBALS['TCA'][$table]['ctrl']['fe_admin_lock'])   {
-                               $whereDef.=' AND NOT '.$GLOBALS['TCA'][$table]['ctrl']['fe_admin_lock'];
+                               $whereDef.=' AND '.$GLOBALS['TCA'][$table]['ctrl']['fe_admin_lock'].'=0';
                        }
                }
                return $whereDef;
@@ -5925,7 +5925,7 @@ class tslib_cObj {
         *
         * @param       string          The table for which to get the where clause
         * @param       boolean         If set, then you want NOT to filter out hidden records. Otherwise hidden record are filtered based on the current preview settings.
-        * @return      string          The part of the where clause on the form " AND NOT [fieldname] AND ...". Eg. " AND NOT hidden AND starttime < 123345567"
+        * @return      string          The part of the where clause on the form " AND [fieldname]=0 AND ...". Eg. " AND hidden=0 AND starttime < 123345567"
         * @see t3lib_pageSelect::enableFields()
         */
        function enableFields($table,$show_hidden=0)    {
@@ -5992,7 +5992,7 @@ class tslib_cObj {
 
                                // Select sublevel:
                        if ($depth>0)   {
-                               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery($allFields, 'pages', 'pid='.intval($id).' AND NOT deleted AND doktype!=255 AND doktype!=6'.$moreWhereClauses, '' ,'sorting');
+                               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery($allFields, 'pages', 'pid='.intval($id).' AND deleted=0 AND doktype!=255 AND doktype!=6'.$moreWhereClauses, '' ,'sorting');
                                while ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res))      {
 #??                            $GLOBALS['TSFE']->sys_page->versionOL('pages',$row);
 
@@ -6002,7 +6002,7 @@ class tslib_cObj {
                                                // Overlay mode:
                                        if (is_array($mount_info) && $mount_info['overlay'])    {
                                                $next_id = $mount_info['mount_pid'];
-                                               $res2 = $GLOBALS['TYPO3_DB']->exec_SELECTquery($allFields, 'pages', 'uid='.intval($next_id).' AND NOT deleted AND doktype!=255 AND doktype!=6'.$moreWhereClauses, '' ,'sorting');
+                                               $res2 = $GLOBALS['TYPO3_DB']->exec_SELECTquery($allFields, 'pages', 'uid='.intval($next_id).' AND deleted=0 AND doktype!=255 AND doktype!=6'.$moreWhereClauses, '' ,'sorting');
                                                $row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res2);
 #??                                            $GLOBALS['TSFE']->sys_page->versionOL('pages',$row);
                                        }
@@ -6131,7 +6131,7 @@ class tslib_cObj {
                                if (strlen($val)>=2)    {
                                        reset($searchFields);
                                        while(list(,$field)=each($searchFields))        {
-                                               $where_p[]=$prefixTableName.$field.' LIKE "%'.$GLOBALS['TYPO3_DB']->quoteStr($val, $searchTable).'%"';
+                                               $where_p[] = $prefixTableName.$field.' LIKE \'%'.$GLOBALS['TYPO3_DB']->quoteStr($val, $searchTable).'%\'';
                                        }
                                }
                                if (count($where_p))    {
index a929310..0611046 100755 (executable)
        }
 
        /**
-        * Connect to SQL database
+        * Connect to MySQL database
         * May exit after outputting an error message or some JavaScript redirecting to the install tool.
+        * Use connectToDB() instead!
         *
         * @return      void
+        * @deprecated
         */
        function connectToMySQL()       {
+         $this->connectToDB();
+       }
+
+       /**
+        * Connect to SQL database
+        * May exit after outputting an error message or some JavaScript redirecting to the install tool.
+        *
+        * @return      void
+        */
+       function connectToDB()  {
                if ($GLOBALS['TYPO3_DB']->sql_pconnect(TYPO3_db_host, TYPO3_db_username, TYPO3_db_password))    {
                        if (!TYPO3_db)  {
                                $this->printError('No database selected','Database Error');
         * @return      void
         */
        function sendRedirect() {
-               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('params', 'cache_md5params', 'md5hash="'.$GLOBALS['TYPO3_DB']->quoteStr($this->RDCT, 'cache_md5params').'"');
+               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('params', 'cache_md5params', 'md5hash='.$GLOBALS['TYPO3_DB']->fullQuoteStr($this->RDCT, 'cache_md5params'));
                if ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
                        $this->updateMD5paramsRecord($this->RDCT);
                        header('Location: '.$row['params']);
                                // Now it's investigated if the raw page-id points to a hidden page and if so, the flag is set.
                                // This does not require the preview flag to be set in the admin panel
                        if ($this->id)  {
-                               $idQ = t3lib_div::testInt($this->id) ? 'uid="'.intval($this->id).'"' : 'alias="'.$GLOBALS['TYPO3_DB']->quoteStr($this->id, 'pages').'" AND pid>=0';     // pid>=0 added for the sake of versioning...
-                               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('hidden', 'pages', $idQ.' AND hidden AND NOT deleted');
+                               $idQ = t3lib_div::testInt($this->id) ? 'uid='.intval($this->id) : 'alias='.$GLOBALS['TYPO3_DB']->fullQuoteStr($this->id, 'pages').' AND pid>=0';        // pid>=0 added for the sake of versioning...
+                               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('hidden', 'pages', $idQ.' AND hidden!=0 AND deleted=0');
                                if ($GLOBALS['TYPO3_DB']->sql_num_rows($res))   {
                                        $this->fePreview = 1;   // The preview flag is set only if the current page turns out to actually be hidden!
                                        $this->showHiddenPage = 1;
                                parse_str($addParams,$GET_VARS);
                        break;
                        case 'M5':
-                               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('params', 'cache_md5params', 'md5hash="'.$GLOBALS['TYPO3_DB']->quoteStr(substr($str,2), 'cache_md5params').'"');
+                               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('params', 'cache_md5params', 'md5hash='.$GLOBALS['TYPO3_DB']->fullQuoteStr(substr($str,2), 'cache_md5params'));
                                $row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res);
 
                                $this->updateMD5paramsRecord(substr($str,2));
                        $GLOBALS['TT']->push('Cache Query','');
                                $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
                                                        'S.*',
-                                                       'cache_pages AS S,pages AS P',
-                                                       'S.hash="'.$GLOBALS['TYPO3_DB']->quoteStr($this->newHash, 'cache_pages').'"
+                                                       'cache_pages S,pages P',
+                                                       'S.hash='.$GLOBALS['TYPO3_DB']->fullQuoteStr($this->newHash, 'cache_pages').'
                                                                AND S.page_id=P.uid
                                                                AND S.expires > '.intval($GLOBALS['EXEC_TIME']).'
-                                                               AND NOT P.deleted
-                                                               AND NOT P.hidden
+                                                               AND P.deleted=0
+                                                               AND P.hidden=0
                                                                AND P.starttime<='.intval($GLOBALS['EXEC_TIME']).'
                                                                AND (P.endtime=0 OR P.endtime>'.intval($GLOBALS['EXEC_TIME']).')'
                                                );
                        <html>
                                <head>
                                        <title>'.htmlspecialchars($this->tmpl->printTitle($this->page['title'])).'</title>
-                                       <meta http-equiv=Refresh Content="3; Url='.htmlspecialchars(t3lib_div::getIndpEnv('REQUEST_URI')).'" />
+                                       <meta http-equiv="refresh" content="3; URL='.htmlspecialchars(t3lib_div::getIndpEnv('REQUEST_URI')).'" />
                                </head>
                                <body bgcolor="white">
-                                       <font size="1" face="VERDANA,ARIAL,HELVETICA" color="#cccccc">
+                                       <span style="font-family:Verdana,Arial,Helvetica" color="#cccccc">
                                        <div align="center">
-                                               <b>Page is being generated.</b><br />
+                                               <strong>Page is being generated.</strong><br />
                                                If this message does not disappear within '.$seconds.' seconds, please reload.
                                        </div>
-                                       </font>
+                                       </span>
                                </body>
                        </html>';
                        $temp_content = $this->config['config']['message_page_is_being_generated'] ? $this->config['config']['message_page_is_being_generated'] : $stdMsg;
         * @return      void
         */
        function clearPageCacheContent()        {
-               $GLOBALS['TYPO3_DB']->exec_DELETEquery('cache_pages', 'hash="'.$GLOBALS['TYPO3_DB']->quoteStr($this->newHash, 'cache_pages').'"');
+               $GLOBALS['TYPO3_DB']->exec_DELETEquery('cache_pages', 'hash='.$GLOBALS['TYPO3_DB']->fullQuoteStr($this->newHash, 'cache_pages'));
        }
 
        /**
@@ -2788,7 +2800,7 @@ if (version == "n3") {
                                        $md5=substr(md5($addParams),0,10);
                                        $enc='+M5'.$md5;
 
-                                       $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('md5hash', 'cache_md5params', 'md5hash="'.$GLOBALS['TYPO3_DB']->quoteStr($md5, 'cache_md5params').'"');
+                                       $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('md5hash', 'cache_md5params', 'md5hash='.$GLOBALS['TYPO3_DB']->fullQuoteStr($md5, 'cache_md5params'));
                                        if (!$GLOBALS['TYPO3_DB']->sql_num_rows($res))  {
                                                $insertFields = array(
                                                        'md5hash' => $md5,
@@ -3017,7 +3029,7 @@ if (version == "n3") {
         * @access private
         */
        function updateMD5paramsRecord($hash)   {
-               $GLOBALS['TYPO3_DB']->exec_UPDATEquery('cache_md5params', 'md5hash="'.$GLOBALS['TYPO3_DB']->quoteStr($hash, 'cache_md5params').'"', array('tstamp' => time()));
+               $GLOBALS['TYPO3_DB']->exec_UPDATEquery('cache_md5params', 'md5hash='.$GLOBALS['TYPO3_DB']->fullQuoteStr($hash, 'cache_md5params'), array('tstamp' => time()));
        }
 
        /**
index 9da15d1..3358d4a 100644 (file)
@@ -149,10 +149,10 @@ class tslib_feUserAuth extends t3lib_userAuth {
                if (is_array($this->user) && $this->user['usergroup'])  {
                        $groups = t3lib_div::intExplode(',',$this->user['usergroup']);
                        $list = implode(',',$groups);
-                       $lockToDomain_SQL = ' AND (lockToDomain="" OR lockToDomain="'.t3lib_div::getIndpEnv('HTTP_HOST').'")';
-                       if (!$this->showHiddenRecords)  $hiddenP = 'AND NOT hidden ';
+                       $lockToDomain_SQL = ' AND (lockToDomain=\'\' OR lockToDomain=\''.t3lib_div::getIndpEnv('HTTP_HOST').'\')';
+                       if (!$this->showHiddenRecords)  $hiddenP = 'AND hidden=0 ';
 
-                       $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', $this->usergroup_table, 'NOT deleted '.$hiddenP.'AND uid IN ('.$list.')'.$lockToDomain_SQL);
+                       $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', $this->usergroup_table, 'deleted=0 '.$hiddenP.'AND uid IN ('.$list.')'.$lockToDomain_SQL);
                        while ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res))      {
                                $this->groupData['title'][$row['uid']] = $row['title'];
                                $this->groupData['uid'][$row['uid']] = $row['uid'];
@@ -234,7 +234,7 @@ class tslib_feUserAuth extends t3lib_userAuth {
        function fetchSessionData()     {
                // Gets SesData if any
                if ($this->id)  {
-                       $dbres = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', 'fe_session_data', 'hash="'.$GLOBALS['TYPO3_DB']->quoteStr($this->id, 'fe_session_data').'"');
+                       $dbres = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', 'fe_session_data', 'hash='.$GLOBALS['TYPO3_DB']->fullQuoteStr($this->id, 'fe_session_data'));
                        if ($sesDataRow = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($dbres))        {
                                $this->sesData = unserialize($sesDataRow['content']);
                        }
@@ -265,7 +265,7 @@ class tslib_feUserAuth extends t3lib_userAuth {
                                        'content' => serialize($this->sesData),
                                        'tstamp' => time()
                                );
-                               $GLOBALS['TYPO3_DB']->exec_DELETEquery('fe_session_data', 'hash="'.$GLOBALS['TYPO3_DB']->quoteStr($this->id, 'fe_session_data').'"');
+                               $GLOBALS['TYPO3_DB']->exec_DELETEquery('fe_session_data', 'hash='.$GLOBALS['TYPO3_DB']->fullQuoteStr($this->id, 'fe_session_data'));
                                $GLOBALS['TYPO3_DB']->exec_INSERTquery('fe_session_data', $insertFields);
                        }
                }
index 43d9030..38722e6 100755 (executable)
@@ -564,7 +564,7 @@ class tslib_menu {
                                                        foreach($kwArr as $word)        {
                                                                $word = trim($word);
                                                                if ($word)      {
-                                                                       $keyWordsWhereArr[] = $kfield.' LIKE "%'.$GLOBALS['TYPO3_DB']->quoteStr($word, 'pages').'%"';
+                                                                       $keyWordsWhereArr[] = $kfield.' LIKE \'%'.$GLOBALS['TYPO3_DB']->quoteStr($word, 'pages').'%\'';
                                                                }
                                                        }
                                                        $res = $GLOBALS['TSFE']->cObj->exec_getQuery('pages',Array('pidInList'=>'0', 'uidInList'=>$id_list, 'where'=>'('.implode(' OR ',$keyWordsWhereArr).')'.$extraWhere, 'orderBy'=>($altSortFieldValue ? $altSortFieldValue : $sortField.' desc'),'max'=>$limit));
index ae52c8d..ebc744e 100755 (executable)
@@ -388,7 +388,7 @@ class tslib_search {
                                        if (is_array($searchfields))    {
                                                foreach($searchfields as $key2 => $val2)        {
                                                        $this->listOfSearchFields.= $key3.'.'.$val2.',';
-                                                       $sub_query_part[] = $key3.'.'.$val2.' LIKE "%'.$GLOBALS['TYPO3_DB']->quoteStr($s_sword, $key3).'%"';
+                                                       $sub_query_part[] = $key3.'.'.$val2.' LIKE \'%'.$GLOBALS['TYPO3_DB']->quoteStr($s_sword, $key3).'%\'';
                                                }
                                        }
                                }
index 4b0b586..e5e2132 100755 (executable)
@@ -142,7 +142,7 @@ $TSFE = new $temp_TSFEclassName(
                t3lib_div::_GP('MP'),
                t3lib_div::_GP('RDCT')
        );
-$TSFE->connectToMySQL();
+$TSFE->connectToDB();
 if ($TSFE->RDCT)       {$TSFE->sendRedirect();}
 
 
index b78cc5c..f837958 100755 (executable)
@@ -1,22 +1,22 @@
 <?php
 /***************************************************************
 *  Copyright notice
-*  
+*
 *  (c) 1999-2004 Kasper Skaarhoj (kasperYYYY@typo3.com)
 *  All rights reserved
 *
-*  This script is part of the TYPO3 project. The TYPO3 project is 
+*  This script is part of the TYPO3 project. The TYPO3 project is
 *  free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 2 of the License, or
 *  (at your option) any later version.
-* 
+*
 *  The GNU General Public License can be found at
 *  http://www.gnu.org/copyleft/gpl.html.
-*  A copy is found in the textfile GPL.txt and important notices to the license 
+*  A copy is found in the textfile GPL.txt and important notices to the license
 *  from the author is found in LICENSE.txt distributed with these scripts.
 *
-* 
+*
 *  This script is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
@@ -49,7 +49,7 @@ $specialComment='';
 if ($pid)      {
                // Select templates in root
                // Does NOT take TSFE->showHiddenRecords into account!
-       $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', 'sys_template', 'pid='.intval($pid).' AND NOT deleted AND NOT hidden AND NOT starttime AND NOT endtime', '', 'sorting');
+       $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', 'sys_template', 'pid='.intval($pid).' AND deleted=0 AND hidden=0 AND starttime=0 AND endtime=0', '', 'sorting');
        while($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res))       {
                if (!$firstUID) $firstUID = $row['uid'];
                $key = $row['uid'];
@@ -58,10 +58,10 @@ if ($pid)   {
                $specialComment.= '[globalVar= based_on_uid='.$key.']'.chr(10);
        }
                // Select subcategories of template folder.
-       $page_res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', 'pages', 'pid='.intval($pid).' AND NOT deleted AND NOT hidden AND NOT starttime AND NOT endtime AND NOT fe_group', '', 'sorting');
+       $page_res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', 'pages', 'pid='.intval($pid).' AND deleted=0 AND hidden=0 AND starttime=0 AND endtime=0 AND fe_group=0', '', 'sorting');
        while($page_row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($page_res))     {
                        // Subcategory templates
-               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', 'sys_template', 'pid='.intval($page_row['uid']).' AND NOT deleted AND NOT hidden AND NOT starttime AND NOT endtime', '', 'sorting');
+               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', 'sys_template', 'pid='.intval($page_row['uid']).' AND deleted=0 AND hidden=0 AND starttime=0 AND endtime=0', '', 'sorting');
                while($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res))       {
                        if (!$firstUID) $firstUID = $row['uid'];
                        $key = $row['uid'];
@@ -70,7 +70,7 @@ if ($pid)     {
                        $specialComment.= '[globalVar= based_on_uid='.$key.']'.chr(10);
                }
        }
-}              
+}
 
 $content.='
 <!--
@@ -82,6 +82,6 @@ When updating the template archive, these TypoScript conditions should replace t
 '.$specialComment.'
 
 -->
-';     
+';
 
 ?>
\ No newline at end of file
index 05b0482..e58f62d 100755 (executable)
@@ -59,7 +59,7 @@ if ($day==date('w')) {
 }
 
 $date = date('Y-m-d', $son);
-$res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('uid', 'pages', 'title LIKE "'.$GLOBALS['TYPO3_DB']->quoteStr($name.$date, 'pages').'"');  // get the uid of the page
+$res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('uid', 'pages', 'title LIKE '.$GLOBALS['TYPO3_DB']->fullQuoteStr($name.$date, 'pages'));  // get the uid of the page
 $row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res);
 
 $value=$row['uid'];
index a9335c0..2904be9 100755 (executable)
@@ -174,10 +174,8 @@ class SC_tslib_showpic {
                        $img->tempPath = $this->alternativeTempPath;
                }
 
-               #if ($GLOBALS['TYPO3_CONF_VARS']['GFX']['enable_typo3temp_db_tracking'])        {
-                               // Need to connect to database, because this may be used (eg. by stdgraphic)
+               // Need to connect to database, because this is used (typo3temp_db_tracking, cached image dimensions).
                        $GLOBALS['TYPO3_DB']->sql_pconnect(TYPO3_db_host, TYPO3_db_username, TYPO3_db_password);
-               #}
 
                if (strstr($this->width.$this->height, 'm')) {$max='m';} else {$max='';}
 
index 6198a26..054e138 100755 (executable)
@@ -1,17 +1,17 @@
-Input Charset conversion NOTE:
-       - T3D + XML/PHP4: Traverse array and convert proper places (meta data, header summaries, record values)
-               - Serialized/binary content in fields may be mal-formed?
-       - XML/PHP5: May be converted automatically without we can do anything.
-               - May break encapsulated text files which are not base64 encoded
-               - May break serialized strings
-
-************
-TODO
-************
 General:
 - Add an "alias" field to tt_content elements (unique for the PAGE like the "pid" field). [I'm not clear anymore about what this should be used for... - maybe anchors in links to content elements? I guess so...]
+- Include all files from a path like fileadmin/xxx/
 
 IMPORT:
 - Better logging to system
 
 
+*********
+NOTES:
+*********
+Input Charset conversion NOTE:
+       - T3D + XML/PHP4: Traverse array and convert proper places (meta data, header summaries, record values)
+               - Serialized/binary content in fields may be mal-formed?
+       - XML/PHP5: May be converted automatically without we can do anything.
+               - May break encapsulated text files which are not base64 encoded
+               - May break serialized strings
index 24d0740..ae63739 100755 (executable)
@@ -1544,7 +1544,7 @@ class tx_indexedsearch_indexer {
         */
        function checkContentHash()     {
                        // With this query the page will only be indexed if it's content is different from the same "phash_grouping" -page.
-               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('phash', 'index_phash AS A', 'A.phash_grouping='.intval($this->hash['phash_grouping']).' AND A.contentHash='.intval($this->content_md5h));
+               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('phash', 'index_phash A', 'A.phash_grouping='.intval($this->hash['phash_grouping']).' AND A.contentHash='.intval($this->content_md5h));
                if ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
                        return $row;
                }
@@ -1560,7 +1560,7 @@ class tx_indexedsearch_indexer {
         * @return      boolean         Returns true if the document needs to be indexed (that is, there was no result)
         */
        function checkExternalDocContentHash($hashGr,$content_md5h)     {
-               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', 'index_phash AS A', 'A.phash_grouping='.intval($hashGr).' AND A.contentHash='.intval($content_md5h));
+               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', 'index_phash A', 'A.phash_grouping='.intval($hashGr).' AND A.contentHash='.intval($content_md5h));
                if ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
                        return 0;
                }
@@ -1665,7 +1665,7 @@ class tx_indexedsearch_indexer {
         * @return      void
         */
        function removeLoginpagesWithContentHash()      {
-               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', 'index_phash AS A,index_grlist AS B', '
+               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', 'index_phash A,index_grlist B', '
                                        A.phash=B.phash
                                        AND A.phash_grouping='.intval($this->hash['phash_grouping']).'
                                        AND B.hash_gr_list!='.$this->md5inthash($this->defaultGrList).'
index f05b572..99336e3 100755 (executable)
@@ -161,7 +161,7 @@ class SC_mod_tools_isearch_index {
 
                        // TYPO3 pages, unique
                $items = array();
-               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('count(*),phash', 'index_phash', 'data_page_id!=0', 'phash_grouping');
+               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('count(*),phash', 'index_phash', 'data_page_id!=0', 'phash_grouping,count(*),phash');
                while($row = $GLOBALS['TYPO3_DB']->sql_fetch_row($res)) {
                        $items[] = $row;
                }
@@ -174,14 +174,14 @@ class SC_mod_tools_isearch_index {
 
                        // External files, unique
                $items = array();
-               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('count(*),phash', 'index_phash', 'data_filename!=""', 'phash_grouping');
+               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('count(*),phash', 'index_phash', 'data_filename!=\'\'', 'phash_grouping');
                while($row = $GLOBALS['TYPO3_DB']->sql_fetch_row($res)) {
                        $items[] = $row;
                }
                $recList[] = array($this->tableHead("External files"), count($items));
 
                        // External files
-               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('count(*)', 'index_phash', 'data_filename!=""');
+               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('count(*)', 'index_phash', 'data_filename!=\'\'');
                $row = $GLOBALS['TYPO3_DB']->sql_fetch_row($res);
                $recList[] = array($this->tableHead("External files, raw"), $row[0]);
 
index 12eeead..0d85e69 100755 (executable)
@@ -313,10 +313,10 @@ class tx_indexedsearch_modfunc1 extends t3lib_extobjbase {
 
                        // Query:
                $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
-                                       'ISEC.*, IP.*, count(*) as count_val',
-                                       'index_phash AS IP, index_section AS ISEC',
+                                       'ISEC.*, IP.*, count(*) AS count_val',
+                                       'index_phash IP, index_section ISEC',
                                        'IP.phash = ISEC.phash AND ISEC.page_id = '.intval($data['uid']),
-                                       'IP.phash',
+                                       'IP.phash,IP.phash_grouping,IP.cHashParams,IP.data_filename,IP.data_page_id,IP.data_page_reg1,IP.data_page_type,IP.data_page_mp,IP.gr_list,IP.item_type,IP.item_title,IP.item_description,IP.item_mtime,IP.tstamp,IP.item_size,IP.contentHash,IP.crdate,IP.parsetime,IP.sys_language_uid,IP.item_crdate,ISEC.phash,ISEC.phash_t3,ISEC.rl0,ISEC.rl1,ISEC.rl2,ISEC.page_id,ISEC.uniqid',
                                        'IP.item_type, IP.tstamp',
                                        ($this->maxListPerPage+1)
                                );
@@ -374,7 +374,7 @@ class tx_indexedsearch_modfunc1 extends t3lib_extobjbase {
                }
 
                        // Checking for phash-rows which are NOT joined with the section table:
-               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('IP.*', 'index_phash AS IP', 'IP.data_page_id = '.intval($data['uid']).' AND IP.phash NOT IN ('.implode(',',$phashAcc).')');
+               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('IP.*', 'index_phash IP', 'IP.data_page_id = '.intval($data['uid']).' AND IP.phash NOT IN ('.implode(',',$phashAcc).')');
                while($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res))       {
                        $out.='
                                <tr class="typo3-red">
@@ -1182,7 +1182,7 @@ class tx_indexedsearch_modfunc1 extends t3lib_extobjbase {
                        // Query:
                list($resultRow) = $GLOBALS['TYPO3_DB']->exec_SELECTgetRows(
                                        'ISEC.*, IP.*',
-                                       'index_phash AS IP, index_section AS ISEC',
+                                       'index_phash IP, index_section ISEC',
                                        'IP.phash = ISEC.phash
                                                AND IP.phash = '.intval($phash).'
                                                AND ISEC.page_id = '.intval($pageId)
index 5804cd2..c91099b 100755 (executable)
@@ -189,7 +189,7 @@ class tx_indexedsearch extends tslib_pibase {
 
 
                        // Add search languages:
-               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', 'sys_language', '1'.$this->cObj->enableFields('sys_language'));
+               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', 'sys_language', '1=1'.$this->cObj->enableFields('sys_language'));
                while($lR = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res))        {
                        $optValues["lang"][$lR["uid"]]=$lR["title"];
                }
@@ -473,8 +473,8 @@ class tx_indexedsearch extends tslib_pibase {
                                case "20":
                                        $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
                                                                'ISEC.phash',
-                                                               'index_section AS ISEC, index_fulltext AS IFT',
-                                                               'IFT.fulltextdata LIKE "%'.$GLOBALS['TYPO3_DB']->quoteStr($sWord, 'index_fulltext').'%" AND
+                                                               'index_section ISEC, index_fulltext IFT',
+                                                               'IFT.fulltextdata LIKE \'%'.$GLOBALS['TYPO3_DB']->quoteStr($sWord, 'index_fulltext').'%\' AND
                                                                        ISEC.phash = IFT.phash
                                                                        '.$this->sectionTableWhere(),
                                                                'ISEC.phash'
@@ -532,10 +532,10 @@ class tx_indexedsearch extends tslib_pibase {
         */
        function execPHashListQuery($wordSel,$plusQ="") {
                return $GLOBALS['TYPO3_DB']->exec_SELECTquery(
-                                       'STRAIGHT_JOIN IR.phash',
-                                       'index_words AS IW,
-                                               index_rel AS IR,
-                                               index_section AS ISEC',
+                                       'IR.phash',
+                                       'index_words IW,
+                                               index_rel IR,
+                                               index_section ISEC',
                                        $wordSel.'
                                                AND IW.wid=IR.wid
                                                AND ISEC.phash = IR.phash
@@ -691,11 +691,12 @@ class tx_indexedsearch extends tslib_pibase {
                        $wordSel='('.implode(' OR ',$this->wSelClauses).') AND ';
 
                        return $GLOBALS['TYPO3_DB']->exec_SELECTquery(
-                                               'STRAIGHT_JOIN ISEC.*, IP.*, '.$grsel,
-                                               'index_words AS IW,
-                                                       index_rel AS IR,
-                                                       index_section AS ISEC,
-                                                       index_phash AS IP'.
+                                               'ISEC.*, IP.phash_grouping,  IP.data_filename, IP.data_page_id, IP.data_page_reg1, IP.data_page_type, IP.data_page_mp, IP.gr_list, IP.item_type, IP.item_title, IP.item_description, IP.item_mtime, IP.tstamp, IP.item_size, IP.contentHash, IP.crdate, IP.parsetime, IP.sys_language_uid, IP.item_crdate, '
+                                               .$grsel,
+                                               'index_words IW,
+                                                       index_rel IR,
+                                                       index_section ISEC,
+                                                       index_phash IP'.
                                                        $page_join,
                                                $wordSel.'
                                                        IP.phash IN ('.$list.') '.
@@ -705,7 +706,7 @@ class tx_indexedsearch extends tslib_pibase {
                                                        AND ISEC.phash = IR.phash
                                                        AND IP.phash = IR.phash
                                                        AND     '.$page_where,
-                                               'IP.phash',
+                                               'IP.phash,ISEC.phash,ISEC.phash_t3,ISEC.rl0,ISEC.rl1,ISEC.rl2 ,ISEC.page_id,ISEC.uniqid,IP.phash_grouping,IP.data_filename ,IP.data_page_id ,IP.data_page_reg1,IP.data_page_type,IP.data_page_mp,IP.gr_list,IP.item_type,IP.item_title,IP.item_description,IP.item_mtime,IP.tstamp,IP.item_size,IP.contentHash,IP.crdate,IP.parsetime,IP.sys_language_uid,IP.item_crdate',
                                                $orderBy
                                        );
                } else {        // Otherwise, if sorting are done with the pages table or other fields, there is no need for joining with the rel/word tables:
@@ -731,7 +732,7 @@ class tx_indexedsearch extends tslib_pibase {
 
                        return $GLOBALS['TYPO3_DB']->exec_SELECTquery(
                                                'ISEC.*, IP.*',
-                                               'index_phash AS IP,index_section AS ISEC'.$page_join,
+                                               'index_phash IP,index_section ISEC'.$page_join,
                                                'IP.phash IN ('.$list.') '.
                                                        $this->mediaTypeWhere().' '.
                                                        $this->languageWhere().'
@@ -752,7 +753,7 @@ class tx_indexedsearch extends tslib_pibase {
 
                                // So, selecting for the grlist records belonging to the parent phash-row where the current users gr_list exists.
                                // If this is NOT found, there is still a theoretical possibility that another user accessible page would display a link, so maybe the resume of such a document here may be unjustified hidden. But this case is rare.
-                       $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('phash', 'index_grlist', 'phash='.intval($row['phash_t3']).' AND gr_list="'.$GLOBALS['TYPO3_DB']->quoteStr($GLOBALS['TSFE']->gr_list, 'index_grlist').'"');
+                       $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('phash', 'index_grlist', 'phash='.intval($row['phash_t3']).' AND gr_list='.$GLOBALS['TYPO3_DB']->fullQuoteStr($GLOBALS['TSFE']->gr_list, 'index_grlist'));
                        if ($GLOBALS['TYPO3_DB']->sql_num_rows($res))   {
 #                              debug("Look up for external media '".$row["data_filename"]."': phash:".$row["phash_t3"]." YES - (".$GLOBALS["TSFE"]->gr_list.")!",1);
                                return 1;
@@ -763,7 +764,7 @@ class tx_indexedsearch extends tslib_pibase {
                } else {        // ALm typo3 pages:
                        if (strcmp($row["gr_list"],$GLOBALS["TSFE"]->gr_list))  {
                                        // Selecting for the grlist records belonging to the phash-row where the current users gr_list exists. If it is found it is proof that this user has direct access to the phash-rows content although he did not himself initiate the indexing...
-                               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('phash', 'index_grlist', 'phash='.intval($row['phash']).' AND gr_list="'.$GLOBALS['TYPO3_DB']->quoteStr($GLOBALS['TSFE']->gr_list, 'index_grlist').'"');
+                               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('phash', 'index_grlist', 'phash='.intval($row['phash']).' AND gr_list='.$GLOBALS['TYPO3_DB']->fullQuoteStr($GLOBALS['TSFE']->gr_list, 'index_grlist'));
                                if ($GLOBALS['TYPO3_DB']->sql_num_rows($res))   {
                                        #debug("Checking on it ...".$row["item_title"]."/".$row["phash"]." - YES (".$GLOBALS["TSFE"]->gr_list.")",1);
                                        return 1;
@@ -794,7 +795,7 @@ class tx_indexedsearch extends tslib_pibase {
                $insertFields = array(
                        'searchstring' => $this->piVars['sword'],
                        'searchoptions' => serialize(array($this->piVars,$sWArr,$pt)),
-                       'feuser_id' => $this->fe_user->user['uid'],                     // fe_user id, integer
+                       'feuser_id' => intval($this->fe_user->user['uid']),                     // fe_user id, integer
                        'cookie' => $this->fe_user->id,                                         // cookie as set or retrieve. If people has cookies disabled this will vary all the time...
                        'IP' => t3lib_div::getIndpEnv('REMOTE_ADDR'),           // Remote IP address
                        'hits' => intval($count),                                                       // Number of hits on the search.
index 63624f1..958faf9 100755 (executable)
@@ -1193,7 +1193,7 @@ From sub-directory:
                $action = $this->INSTALL['cleanup_type'];
 
                if (($action == 'cache_imagesizes' || $action == 'all') && isset ($tables['cache_imagesizes'])) {
-                       $GLOBALS['TYPO3_DB']->exec_DELETEquery ('cache_imagesizes','1');
+                       $GLOBALS['TYPO3_DB']->exec_DELETEquery ('cache_imagesizes','');
                }
 
                $cleanupType = array (
@@ -1203,9 +1203,9 @@ From sub-directory:
                        // Get cache_imagesizes info
                if (isset ($tables['cache_imagesizes'])) {
                        $cleanupType["cache_imagesizes"] = "Clear cached image sizes only";
-                       $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('count(*)', 'cache_imagesizes', '');
+                       $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('COUNT(*) AS icount', 'cache_imagesizes', '');
                        $resArr = $GLOBALS['TYPO3_DB']->sql_fetch_assoc ($res);
-                       $cachedImageSizesCounter = intval ($resArr['count(*)']);
+                       $cachedImageSizesCounter = intval ($resArr['icount']);
                } else {
                        $this->message($headCode,"Table cache_imagesizes does not exist!","
                                The table cache_imagesizes was not found. Please check your database settings in Basic Configuration and compare your table definition with the Database Analyzer.
@@ -3336,19 +3336,19 @@ From sub-directory:
                                        $FDdb = $this->getFieldDefinitions_database();
 
                                                // Displaying configured fields which are not in the database
-                                       $tLabel="Tables and fields in \$TCA, but not in database";
-                                       $cmpTCA_DB = $this->compareTCAandDatabase($GLOBALS["TCA"],$FDdb);
-                                       if (!count($cmpTCA_DB["extra"]))        {
-                                               $this->message($tLabel,"Table and field definitions OK","
+                                       $tLabel='Tables and fields in $TCA, but not in database';
+                                       $cmpTCA_DB = $this->compareTCAandDatabase($GLOBALS['TCA'],$FDdb);
+                                       if (!count($cmpTCA_DB['extra']))        {
+                                               $this->message($tLabel,'Table and field definitions OK','
                                                All fields and tables configured in $TCA appeared to exist in the database as well
-                                               ",-1);
+                                               ',-1);
                                        } else {
-                                               $this->message($tLabel,"Invalid table and field definitions in \$TCA!","
+                                               $this->message($tLabel,'Invalid table and field definitions in $TCA!','
                                                There are some tables and/or fields configured in the \$TCA array which does not exist in the database!
                                                This will most likely cause you trouble with the TYPO3 backend interface!
-                                               ",3);
-                                               while(list($tableName, $conf)=each($cmpTCA_DB["extra"]))        {
-                                                       $this->message($tLabel, $tableName,$this->displayFields($conf["fields"],0,"Suggested database field:"),2);
+                                               ',3);
+                                               while(list($tableName, $conf)=each($cmpTCA_DB['extra']))        {
+                                                       $this->message($tLabel, $tableName,$this->displayFields($conf['fields'],0,'Suggested database field:'),2);
                                                }
                                        }
 
@@ -3553,7 +3553,7 @@ From sub-directory:
                                                        $username = str_replace(" ","_",$username);
                                                        $pass = trim($this->INSTALL["database_adminUser"]["password"]);
                                                        if ($username && $pass) {
-                                                               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('uid', 'be_users', 'username="'.$GLOBALS['TYPO3_DB']->quoteStr($username, 'be_users').'"');
+                                                               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('uid', 'be_users', 'username='.$GLOBALS['TYPO3_DB']->fullQuoteStr($username, 'be_users'));
                                                                if (!$GLOBALS['TYPO3_DB']->sql_num_rows($res))  {
 
                                                                        $insertFields = array(
@@ -3701,7 +3701,7 @@ From sub-directory:
         * @return      [type]          ...
         */
        function isBackendAdminUser() {
-               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('count(*)', 'be_users', 'admin');
+               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('count(*)', 'be_users', 'admin=1');
                $row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res);
                return current($row);
        }
@@ -3768,7 +3768,7 @@ From sub-directory:
                        case "get_form":
                                $content="";
                                $content.=$this->generateUpdateDatabaseForm_checkboxes($arr_update["add"],"Add fields");
-                               $content.=$this->generateUpdateDatabaseForm_checkboxes($arr_update["change"],"Changing fields",1,0,$arr_update["change_currentValue"]);
+                               $content.=$this->generateUpdateDatabaseForm_checkboxes($arr_update["change"],"Changing fields",(t3lib_extMgm::isLoaded('dbal')?0:1),0,$arr_update["change_currentValue"]);
                                $content.=$this->generateUpdateDatabaseForm_checkboxes($arr_remove["change"],"Remove unused fields (rename with prefix)",$this->setAllCheckBoxesByDefault,1);
                                $content.=$this->generateUpdateDatabaseForm_checkboxes($arr_remove["drop"],"Drop fields (really!)",$this->setAllCheckBoxesByDefault);
 
index d56957b..8fd6aae 100644 (file)
@@ -47,7 +47,7 @@ class tx_sv_auth extends tx_sv_authbase       {
                        $dbres = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
                                                        '*',
                                                        $this->db_user['table'],
-                                                               $this->db_user['username_column'].'="'.$GLOBALS['TYPO3_DB']->quoteStr($this->login['uname'], $this->db_user['table']).'"'.
+                                                               $this->db_user['username_column'].'='.$GLOBALS['TYPO3_DB']->fullQuoteStr($this->login['uname'], $this->db_user['table']).
                                                                $this->db_user['check_pid_clause'].
                                                                $this->db_user['enable_clause']
                                        );
@@ -56,7 +56,7 @@ class tx_sv_auth extends tx_sv_authbase       {
                                $user = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($dbres);
                                $GLOBALS['TYPO3_DB']->sql_free_result($dbres);
                        }
-                       
+
                        if(!is_array($user)) {
                                        // Failed login attempt (no username found)
                                if ($this->pObj->writeAttemptLog) {
@@ -84,7 +84,7 @@ class tx_sv_auth extends tx_sv_authbase       {
 
                if ($this->login['uident'] && $this->login['uname'])    {
                        $OK = false;
-                       
+
                                // check the password
                        switch ($this->info['security_level'])  {
                                case 'superchallenged':         // If superchallenged the password in the database ($user[$this->db_user['userident_column']]) must be a md5-hash of the original password.
@@ -140,7 +140,7 @@ class tx_sv_auth extends tx_sv_authbase     {
        function getGroups($user, $knownGroups) {
 
                $groupDataArr = array();
-               
+
                if($this->mode=='getGroupsFE')  {
 
                        $groups = array();
@@ -160,17 +160,17 @@ class tx_sv_auth extends tx_sv_authbase   {
 
                        if (count($groups))     {
                                $list = implode(',',$groups);
-                               
+
                                if ($this->writeDevLog)         t3lib_div::devLog('Get usergroups with id: '.$list, 'tx_sv_auth');
 
                                $lockToDomain_SQL = ' AND (lockToDomain="" OR lockToDomain="'.$this->info['HTTP_HOST'].'")';
-                               if (!$this->info['showHiddenRecords'])  $hiddenP = 'AND NOT hidden ';
-                               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', $this->db_groups['table'], 'NOT deleted '.$hiddenP.' AND uid IN ('.$list.')'.$lockToDomain_SQL);
+                               if (!$this->info['showHiddenRecords'])  $hiddenP = 'AND hidden=0 ';
+                               $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', $this->db_groups['table'], 'deleted=0 '.$hiddenP.' AND uid IN ('.$list.')'.$lockToDomain_SQL);
                                while ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res))      {
                                        $groupDataArr[$row['uid']] = $row;
                                }
                                if ($res)       $GLOBALS['TYPO3_DB']->sql_free_result($res);
-                               
+
                        } else {
                                if ($this->writeDevLog)         t3lib_div::devLog('No usergroups found.', 'tx_sv_auth', 2);
                        }
@@ -181,7 +181,7 @@ class tx_sv_auth extends tx_sv_authbase     {
                        # Get the BE groups here
                        # still needs to be implemented in t3lib_userauthgroup
                }
-               
+
                return $groupDataArr;
        }
 }
index 2063b89..d235b7f 100755 (executable)
@@ -177,7 +177,7 @@ class SC_wizard_rte {
 
                                // Getting settings for the undo button:
                        $undoButton = 0;
-                       $undoRes = $GLOBALS['TYPO3_DB']->exec_SELECTquery('tstamp', 'sys_history', 'tablename="'.$GLOBALS['TYPO3_DB']->quoteStr($this->P['table'], 'sys_history').'" AND recuid="'.$GLOBALS['TYPO3_DB']->quoteStr($this->P['uid'], 'sys_history').'"', '', 'tstamp DESC', '1');
+                       $undoRes = $GLOBALS['TYPO3_DB']->exec_SELECTquery('tstamp', 'sys_history', 'tablename='.$GLOBALS['TYPO3_DB']->fullQuoteStr($this->P['table'], 'sys_history').' AND recuid='.intval($this->P['uid']), '', 'tstamp DESC', '1');
                        if ($undoButtonR = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($undoRes))     {
                                $undoButton = 1;
                        }