Commit 3e354810 authored by ACF's avatar ACF Committed by tim.plunkett

Issue #1748168 by ACF | tim.plunkett: Convert or document all usages of db_query().

parent 9965220a
......@@ -4694,7 +4694,9 @@ function views_ui_get_roles() {
static $roles = NULL;
if (!isset($roles)) {
$roles = array();
$result = db_query("SELECT r.rid, r.name FROM {role} r ORDER BY r.name");
// Uses db_query() rather than db_select() because the query is static and
// does not include any variables.
$result = $result = db_query("SELECT r.rid, r.name FROM {role} r ORDER BY r.name");
foreach ($result as $obj) {
$roles[$obj->rid] = $obj->name;
}
......
......@@ -28,7 +28,10 @@ class CategoryCid extends Numeric {
function title_query() {
$titles = array();
$result = db_query("SELECT c.title FROM {aggregator_category} c WHERE c.cid IN (:cid)", array(':cid' => $this->value));
$query = db_select('aggregator_category', 'c');
$query->addField('c', 'title');
$query->condition('c.cid', $this->value);
$result = $query->execute();
foreach ($result as $term) {
$titles[] = check_plain($term->title);
}
......
......@@ -29,6 +29,10 @@ function title_query() {
$titles = array();
$result = db_query("SELECT f.title FROM {aggregator_feed} f WHERE f.fid IN (:fids)", array(':fids' => $this->value));
$query = db_select('aggregator_feed', 'f');
$query->addField('f', 'title');
$query->condition('f.fid', $this->value);
$result = $query->execute();
foreach ($result as $term) {
$titles[] = check_plain($term->title);
}
......
......@@ -28,7 +28,8 @@ function get_value_options() {
}
$this->value_options = array();
// Uses db_query() rather than db_select() because the query is static and
// does not include any variables.
$result = db_query('SELECT * FROM {aggregator_category} ORDER BY title');
foreach ($result as $category) {
$this->value_options[$category->cid] = $category->title;
......
......@@ -52,12 +52,13 @@ function options_form(&$form, &$form_state) {
function render($row) {
$iid = $row->{$this->field_alias};
$sql = "SELECT ai.iid, ai.fid, ai.title, ai.link, ai.author, ai.description, ";
$sql .= "ai.timestamp, ai.guid, af.title AS feed_title, ai.link AS feed_LINK ";
$sql .= "FROM {aggregator_item} ai LEFT JOIN {aggregator_feed} af ON ai.fid = af.fid ";
$sql .= "WHERE ai.iid = :iid";
$item = db_query($sql, array(':iid' => $iid))->fetchObject();
$query = db_select('aggregator_item', 'ai');
$query->leftJoin('aggregator_feed', 'af', 'ai.fid = af.fid');
$query->fields('ai');
$query->addExpression('af.title', 'feed_title');
$query->addExpression('ai.link', 'feed_LINK');
$query->condition('iid', $iid);
$result = $query->execute();
$item->elements = array(
array(
......
......@@ -28,7 +28,10 @@ function title() {
$title = config('user.settings')->get('anonymous');
}
else {
$title = db_query('SELECT u.name FROM {users} u WHERE u.uid = :uid', array(':uid' => $this->argument))->fetchField();
$query = db_select('users', 'u');
$query->addField('u', 'name');
$query->condition('u.uid', $this->argument);
$title = $query->execute()->fetchField();
}
if (empty($title)) {
return t('No user');
......
......@@ -73,15 +73,16 @@ function pre_render(&$values) {
}
if ($nids) {
$result = db_query("SELECT n.nid, COUNT(c.cid) as num_comments FROM {node} n INNER JOIN {comment} c ON n.nid = c.nid
LEFT JOIN {history} h ON h.nid = n.nid AND h.uid = :h_uid WHERE n.nid IN (:nids)
AND c.changed > GREATEST(COALESCE(h.timestamp, :timestamp), :timestamp) AND c.status = :status GROUP BY n.nid ", array(
':status' => COMMENT_PUBLISHED,
':h_uid' => $user->uid,
':nids' => $nids,
':timestamp' => NODE_NEW_LIMIT,
));
$query = db_select('node', 'n');
$query->addField('n', 'nid');
$query->innerJoin('comment', 'c', 'n.nid = c.nid');
$query->addExpression('COUNT(c.cid)', 'num_comments');
$query->leftJoin('history', 'h', 'h.nid = n.nid');
$query->condition('n.nid', $nids);
$query->where('c.changed > GREATEST(COALESCE(h.timestamp, :timestamp), :timestamp)', array(':timestamp' => NODE_NEW_LIMIT));
$query->condition('c.status', COMMENT_PUBLISHED);
$query->groupBy('n.nid');
$result = $query->execute();
foreach ($result as $node) {
foreach ($ids[$node->nid] as $id) {
$values[$id]->{$this->field_alias} = $node->num_comments;
......
......@@ -27,6 +27,8 @@ function get_value_options() {
$this->value_title = t('Version');
// Enable filtering by the current installed Drupal version.
$versions = array('***CURRENT_VERSION***' => t('Current installed version'));
// Uses db_query() rather than db_select() because the query is static and
// does not include any variables.
$result = db_query('SELECT DISTINCT(version) FROM {locales_source} ORDER BY version');
foreach ($result as $row) {
if (!empty($row->version)) {
......
......@@ -28,8 +28,11 @@ class Vid extends Numeric {
function title_query() {
$titles = array();
$results = db_query("SELECT nr.vid, nr.nid, nr.title FROM {node_revision} nr WHERE nr.vid IN (:vids)", array(':vids' => $this->value))->fetchAllAssoc('vid', PDO::FETCH_ASSOC);
$results = db_select('node_revision', 'nr')
->fields('nr', array('vid', 'nid', 'title'))
->condition('nr.vid', $this->value)
->execute()
->fetchAllAssoc('vid', PDO::FETCH_ASSOC);
$nids = array();
foreach ($results as $result) {
$nids[] = $result['nid'];
......
......@@ -25,6 +25,8 @@ function get_value_options() {
$this->value_title = t('Type');
// Enable filtering by type.
$types = array();
// Uses db_query() rather than db_select() because the query is static and
// does not include any variables.
$types = db_query('SELECT DISTINCT(type) FROM {system} ORDER BY type')->fetchAllKeyed(0, 0);
$this->value_options = $types;
}
......
......@@ -26,7 +26,10 @@ class VocabularyMachineName extends String {
* Override the behavior of title(). Get the name of the vocabulary..
*/
function title() {
$title = db_query("SELECT v.name FROM {taxonomy_vocabulary} v WHERE v.machine_name = :machine_name", array(':machine_name' => $this->argument))->fetchField();
$query = db_select('taxonomy_vocabulary', 'v');
$query->addField('v', 'name');
$query->condition('v.machine_name', $this->argument);
$title = $query->execute()->fetchField();
if (empty($title)) {
return t('No vocabulary');
......
......@@ -26,8 +26,10 @@ class VocabularyVid extends Numeric {
* Override the behavior of title(). Get the name of the vocabulary.
*/
function title() {
$title = db_query("SELECT v.name FROM {taxonomy_vocabulary} v WHERE v.vid = :vid", array(':vid' => $this->argument))->fetchField();
$query = db_select('taxonomy_vocabulary', 'v');
$query->addField('v', 'name');
$query->condition('v.vid', $this->argument);
$title = $query->execute()->fetchField();
if (empty($title)) {
return t('No vocabulary');
}
......
......@@ -28,7 +28,10 @@ class NodeTnid extends Numeric {
function title_query() {
$titles = array();
$result = db_query("SELECT n.title FROM {node} n WHERE n.tnid IN (:tnids)", array(':tnids' => $this->value));
$query = db_select('node', 'n');
$query->addField('n', 'title');
$query->condition('n.tnid', $this->value);
$result = $query->execute();
foreach ($result as $term) {
$titles[] = check_plain($term->title);
}
......
......@@ -25,7 +25,10 @@ class RolesRid extends ManyToOne {
function title_query() {
$titles = array();
$result = db_query("SELECT name FROM {role} WHERE rid IN (:rids)", array(':rids' => $this->value));
$query = db_select('role', 'r');
$query->addField('r', 'name');
$query->condition('r.rid', $this->value);
$result = $query->execute();
foreach ($result as $term) {
$titles[] = check_plain($term->name);
}
......
......@@ -85,7 +85,7 @@ function validate_argument($argument) {
// real global $user object.
$account = clone $GLOBALS['user'];
}
$where = 'uid = :argument';
$condition = 'uid';
}
}
else {
......@@ -94,18 +94,21 @@ function validate_argument($argument) {
if ($argument == $name) {
$account = clone $GLOBALS['user'];
}
$where = "name = :argument";
$condition = 'name';
}
}
// If we don't have a WHERE clause, the argument is invalid.
if (empty($where)) {
if (empty($condition)) {
return FALSE;
}
if (!isset($account)) {
$query = "SELECT uid, name FROM {users} WHERE $where";
$account = db_query($query, array(':argument' => $argument))->fetchObject();
$account = db_select('users', 'u')
->fields('u', array('uid', 'name'))
->condition($condition, $argument)
->execute()
->fetchObject();
}
if (empty($account)) {
// User not found.
......@@ -117,7 +120,10 @@ function validate_argument($argument) {
$roles = $this->options['roles'];
$account->roles = array();
$account->roles[] = $account->uid ? DRUPAL_AUTHENTICATED_RID : DRUPAL_ANONYMOUS_RID;
$result = db_query('SELECT rid FROM {users_roles} WHERE uid = :uid', array(':uid' => $account->uid));
$query = db_select('users_roles', 'u');
$query->addField('u', 'rid');
$query->condition('u.uid', $account->uid);
$result = $query->execute();
foreach ($result as $role) {
$account->roles[] = $role->rid;
}
......
......@@ -52,8 +52,14 @@ function pre_render(&$values) {
$permissions = module_invoke_all('permission');
$result = db_query("SELECT u.uid, u.rid, rp.permission FROM {role_permission} rp INNER JOIN {users_roles} u ON u.rid = rp.rid WHERE u.uid IN (:uids) AND rp.module IN (:modules) ORDER BY rp.permission",
array(':uids' => $uids, ':modules' => array_keys($modules)));
$query = db_select('role_permission', 'rp');
$query->join('users_roles', 'u', 'u.rid = rp.rid');
$query->fields('u', array('uid', 'rid'));
$query->addField('rp', 'permission');
$query->condition('u.uid', $uids);
$query->condition('rp.module', array_keys($modules));
$query->orderBy('rp.permission');
$result = $query->execute();
foreach ($result as $perm) {
$this->items[$perm->uid][$perm->permission]['permission'] = $permissions[$perm->permission]['title'];
......
......@@ -41,8 +41,13 @@ function pre_render(&$values) {
}
if ($uids) {
$result = db_query("SELECT u.uid, u.rid, r.name FROM {role} r INNER JOIN {users_roles} u ON u.rid = r.rid WHERE u.uid IN (:uids) ORDER BY r.name",
array(':uids' => $uids));
$query = db_select('role', 'r');
$query->join('users_roles', 'u', 'u.rid = r.rid');
$query->addField('r', 'name');
$query->fields('u', array('uid', 'rid'));
$query->condition('u.uid', $uids);
$query->orderBy('r.name');
$result = $query->execute();
foreach ($result as $role) {
$this->items[$role->uid][$role->rid]['role'] = check_plain($role->name);
$this->items[$role->uid][$role->rid]['rid'] = $role->rid;
......
......@@ -27,7 +27,7 @@ class Name extends InOperator {
function value_form(&$form, &$form_state) {
$values = array();
if ($this->value) {
$result = db_query("SELECT * FROM {users} u WHERE uid IN (:uids)", array(':uids' => $this->value));
$result = entity_load_multiple_by_properties('user', array('uid' => $this->value));
foreach ($result as $account) {
if ($account->uid) {
$values[] = $account->name;
......@@ -131,7 +131,7 @@ function validate_user_strings(&$form, $values) {
return $uids;
}
$result = db_query("SELECT * FROM {users} WHERE name IN (:names)", array(':names' => $args));
$result = entity_load_multiple_by_properties('user', array('name' => $args));
foreach ($result as $account) {
unset($missing[strtolower($account->name)]);
$uids[] = $account->uid;
......@@ -156,8 +156,7 @@ function admin_summary() {
$this->value_options = array();
if ($this->value) {
$result = db_query("SELECT * FROM {users} u WHERE uid IN (:uids)", array(':uids' => $this->value));
$result = entity_load_multiple_by_properties('user', array('uid' => $this->value));
foreach ($result as $account) {
if ($account->uid) {
$this->value_options[$account->uid] = $account->name;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment