Commit 9a2bb880 authored by Sebastian Diez's avatar Sebastian Diez
Browse files

replaces mysql_real_escape_string with DatabaseConnection::fullQuoteStr

parent 212ae462
Pipeline #879 passed with stages
in 2 minutes and 35 seconds
......@@ -130,8 +130,8 @@ class Tx_TerFe2_Task_ImportAllExtensionsTask extends tx_scheduler_Task
'tx_terfe2_domain_model_version
LEFT JOIN tx_terfe2_domain_model_extension ON tx_terfe2_domain_model_extension.uid = tx_terfe2_domain_model_version.extension',
'NOT tx_terfe2_domain_model_version.deleted
AND tx_terfe2_domain_model_version.version_string = "' . mysql_real_escape_string($extData['version']) . '"
AND tx_terfe2_domain_model_extension.ext_key = "' . mysql_real_escape_string($extData['extensionkey']) . '"'
AND tx_terfe2_domain_model_version.version_string = "' . $GLOBALS['TYPO3_DB']->fullQuoteStr($extData['version'], '') . '"
AND tx_terfe2_domain_model_extension.ext_key = "' . $GLOBALS['TYPO3_DB']->fullQuoteStr($extData['extensionkey'], '') . '"'
);
return (boolean)$GLOBALS['TYPO3_DB']->sql_num_rows($res);
}
......@@ -146,7 +146,7 @@ class Tx_TerFe2_Task_ImportAllExtensionsTask extends tx_scheduler_Task
$extRec = $GLOBALS['TYPO3_DB']->exec_SELECTgetSingleRow(
'uid',
'tx_terfe2_domain_model_extension',
'NOT deleted AND ext_key = "' . mysql_real_escape_string($extData['extensionkey']) . '"'
'NOT deleted AND ext_key = "' . $GLOBALS['TYPO3_DB']->fullQuoteStr($extData['extensionkey'], '') . '"'
);
if ($extRec) {
return $extRec['uid'];
......@@ -344,10 +344,10 @@ class Tx_TerFe2_Task_ImportAllExtensionsTask extends tx_scheduler_Task
'uid',
'tx_terfe2_domain_model_author',
'NOT deleted
AND username = "' . mysql_real_escape_string($extData['lastuploadbyusername']) . '"
AND name = "' . mysql_real_escape_string($extData['authorname']) . '"
AND email = "' . mysql_real_escape_string($extData['authoremail']) . '"
AND company = "' . mysql_real_escape_string($extData['authorcompany']) . '"'
AND username = "' . $GLOBALS['TYPO3_DB']->fullQuoteStr($extData['lastuploadbyusername'], '') . '"
AND name = "' . $GLOBALS['TYPO3_DB']->fullQuoteStr($extData['authorname'], '') . '"
AND email = "' . $GLOBALS['TYPO3_DB']->fullQuoteStr($extData['authoremail'], '') . '"
AND company = "' . $GLOBALS['TYPO3_DB']->fullQuoteStr($extData['authorcompany'], '') . '"'
);
if ($authorRec['uid']) {
return $authorRec['uid'];
......@@ -385,7 +385,7 @@ class Tx_TerFe2_Task_ImportAllExtensionsTask extends tx_scheduler_Task
$userRec = $GLOBALS['TYPO3_DB']->exec_SELECTgetSingleRow(
'uid',
'fe_users',
'username = "' . mysql_real_escape_string($username) . '"'
'username = "' . $GLOBALS['TYPO3_DB']->fullQuoteStr($username, '') . '"'
);
if ($userRec['uid']) {
return $userRec['uid'];
......
......@@ -129,8 +129,8 @@ class Tx_TerFe2_Task_ImportExtensionsFromQueueTask extends tx_scheduler_Task
'tx_terfe2_domain_model_version
LEFT JOIN tx_terfe2_domain_model_extension ON tx_terfe2_domain_model_extension.uid = tx_terfe2_domain_model_version.extension',
'NOT tx_terfe2_domain_model_version.deleted
AND tx_terfe2_domain_model_version.version_string = "' . mysql_real_escape_string($extData['version']) . '"
AND tx_terfe2_domain_model_extension.ext_key = "' . mysql_real_escape_string($extData['extensionkey']) . '"'
AND tx_terfe2_domain_model_version.version_string = "' . $GLOBALS['TYPO3_DB']->fullQuoteStr($extData['version'], '') . '"
AND tx_terfe2_domain_model_extension.ext_key = "' . $GLOBALS['TYPO3_DB']->fullQuoteStr($extData['extensionkey'], '') . '"'
);
return (boolean)$GLOBALS['TYPO3_DB']->sql_num_rows($res);
}
......@@ -145,7 +145,7 @@ class Tx_TerFe2_Task_ImportExtensionsFromQueueTask extends tx_scheduler_Task
$extRec = $GLOBALS['TYPO3_DB']->exec_SELECTgetSingleRow(
'uid',
'tx_terfe2_domain_model_extension',
'NOT deleted AND ext_key = "' . mysql_real_escape_string($extData['extensionkey']) . '"'
'NOT deleted AND ext_key = "' . $GLOBALS['TYPO3_DB']->fullQuoteStr($extData['extensionkey'], '') . '"'
);
if ($extRec) {
return $extRec['uid'];
......@@ -319,7 +319,7 @@ class Tx_TerFe2_Task_ImportExtensionsFromQueueTask extends tx_scheduler_Task
$extRec = $GLOBALS['TYPO3_DB']->exec_SELECTgetSingleRow(
'uid',
'tx_terfe2_domain_model_extension',
'ext_key = "' . mysql_real_escape_string($extKey) . '" AND NOT deleted'
'ext_key = "' . $GLOBALS['TYPO3_DB']->fullQuoteStr($extKey, '') . '" AND NOT deleted'
);
if ($extRec['uid']) {
return $extRec['uid'];
......@@ -348,10 +348,10 @@ class Tx_TerFe2_Task_ImportExtensionsFromQueueTask extends tx_scheduler_Task
'uid',
'tx_terfe2_domain_model_author',
'NOT deleted
AND username = "' . mysql_real_escape_string($extData['lastuploadbyusername']) . '"
AND name = "' . mysql_real_escape_string($extData['authorname']) . '"
AND email = "' . mysql_real_escape_string($extData['authoremail']) . '"
AND company = "' . mysql_real_escape_string($extData['authorcompany']) . '"'
AND username = "' . $GLOBALS['TYPO3_DB']->fullQuoteStr($extData['lastuploadbyusername'], '') . '"
AND name = "' . $GLOBALS['TYPO3_DB']->fullQuoteStr($extData['authorname'], '') . '"
AND email = "' . $GLOBALS['TYPO3_DB']->fullQuoteStr($extData['authoremail'], '') . '"
AND company = "' . $GLOBALS['TYPO3_DB']->fullQuoteStr($extData['authorcompany'], '') . '"'
);
if ($authorRec['uid']) {
return $authorRec['uid'];
......@@ -389,7 +389,7 @@ class Tx_TerFe2_Task_ImportExtensionsFromQueueTask extends tx_scheduler_Task
$userRec = $GLOBALS['TYPO3_DB']->exec_SELECTgetSingleRow(
'uid',
'fe_users',
'username = "' . mysql_real_escape_string($username) . '"'
'username = "' . $GLOBALS['TYPO3_DB']->fullQuoteStr($username, '') . '"'
);
if ($userRec['uid']) {
return $userRec['uid'];
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment