diff --git a/includes/admin.inc b/includes/admin.inc
index 808621811888f21374b8821efee58f32a380f415..303a053fe1ae2d5a09ac563bf8a5ad683ab12a30 100644
--- a/includes/admin.inc
+++ b/includes/admin.inc
@@ -4694,7 +4694,9 @@ function views_ui_get_roles() {
static $roles = NULL;
if (!isset($roles)) {
$roles = array();
- $result = db_query("SELECT r.rid, r.name FROM {role} r ORDER BY r.name");
+ // Uses db_query() rather than db_select() because the query is static and
+ // does not include any variables.
+ $result = $result = db_query("SELECT r.rid, r.name FROM {role} r ORDER BY r.name");
foreach ($result as $obj) {
$roles[$obj->rid] = $obj->name;
}
diff --git a/lib/Views/aggregator/Plugin/views/argument/CategoryCid.php b/lib/Views/aggregator/Plugin/views/argument/CategoryCid.php
index 52636453327d8f6da07148f483de443310f8b4f3..2be3fdd438e550e3d85dc2108929f7850b6560e1 100644
--- a/lib/Views/aggregator/Plugin/views/argument/CategoryCid.php
+++ b/lib/Views/aggregator/Plugin/views/argument/CategoryCid.php
@@ -28,7 +28,10 @@ class CategoryCid extends Numeric {
function title_query() {
$titles = array();
- $result = db_query("SELECT c.title FROM {aggregator_category} c WHERE c.cid IN (:cid)", array(':cid' => $this->value));
+ $query = db_select('aggregator_category', 'c');
+ $query->addField('c', 'title');
+ $query->condition('c.cid', $this->value);
+ $result = $query->execute();
foreach ($result as $term) {
$titles[] = check_plain($term->title);
}
diff --git a/lib/Views/aggregator/Plugin/views/argument/Fid.php b/lib/Views/aggregator/Plugin/views/argument/Fid.php
index a68bccf8ed214e1c7f9d70e364a44ca8c90dbac9..2561098e6df1bbfda10281d8abe01db34b9a0c2a 100644
--- a/lib/Views/aggregator/Plugin/views/argument/Fid.php
+++ b/lib/Views/aggregator/Plugin/views/argument/Fid.php
@@ -29,6 +29,10 @@ function title_query() {
$titles = array();
$result = db_query("SELECT f.title FROM {aggregator_feed} f WHERE f.fid IN (:fids)", array(':fids' => $this->value));
+ $query = db_select('aggregator_feed', 'f');
+ $query->addField('f', 'title');
+ $query->condition('f.fid', $this->value);
+ $result = $query->execute();
foreach ($result as $term) {
$titles[] = check_plain($term->title);
}
diff --git a/lib/Views/aggregator/Plugin/views/filter/CategoryCid.php b/lib/Views/aggregator/Plugin/views/filter/CategoryCid.php
index 22a9a4190b8a8ef83aff64ef4e1ae47e209b0494..c676ba48587412ad610a8ae731a6e9c6b0f3919b 100644
--- a/lib/Views/aggregator/Plugin/views/filter/CategoryCid.php
+++ b/lib/Views/aggregator/Plugin/views/filter/CategoryCid.php
@@ -28,7 +28,8 @@ function get_value_options() {
}
$this->value_options = array();
-
+ // Uses db_query() rather than db_select() because the query is static and
+ // does not include any variables.
$result = db_query('SELECT * FROM {aggregator_category} ORDER BY title');
foreach ($result as $category) {
$this->value_options[$category->cid] = $category->title;
diff --git a/lib/Views/aggregator/Plugin/views/row/Rss.php b/lib/Views/aggregator/Plugin/views/row/Rss.php
index 9ffaaba17da094483c50dc079e1bea6a26ae1b8c..e1b519cfdf423e7bdea81dde8ad3816773727fa4 100644
--- a/lib/Views/aggregator/Plugin/views/row/Rss.php
+++ b/lib/Views/aggregator/Plugin/views/row/Rss.php
@@ -52,12 +52,13 @@ function options_form(&$form, &$form_state) {
function render($row) {
$iid = $row->{$this->field_alias};
- $sql = "SELECT ai.iid, ai.fid, ai.title, ai.link, ai.author, ai.description, ";
- $sql .= "ai.timestamp, ai.guid, af.title AS feed_title, ai.link AS feed_LINK ";
- $sql .= "FROM {aggregator_item} ai LEFT JOIN {aggregator_feed} af ON ai.fid = af.fid ";
- $sql .= "WHERE ai.iid = :iid";
-
- $item = db_query($sql, array(':iid' => $iid))->fetchObject();
+ $query = db_select('aggregator_item', 'ai');
+ $query->leftJoin('aggregator_feed', 'af', 'ai.fid = af.fid');
+ $query->fields('ai');
+ $query->addExpression('af.title', 'feed_title');
+ $query->addExpression('ai.link', 'feed_LINK');
+ $query->condition('iid', $iid);
+ $result = $query->execute();
$item->elements = array(
array(
diff --git a/lib/Views/comment/Plugin/views/argument/UserUid.php b/lib/Views/comment/Plugin/views/argument/UserUid.php
index abb44b596a1b4a7e9e8cae5f03d2e9823c954af9..1ffa4ba91ccf29b40bb3b5794c7cc4b8fd78aa5e 100644
--- a/lib/Views/comment/Plugin/views/argument/UserUid.php
+++ b/lib/Views/comment/Plugin/views/argument/UserUid.php
@@ -28,7 +28,10 @@ function title() {
$title = config('user.settings')->get('anonymous');
}
else {
- $title = db_query('SELECT u.name FROM {users} u WHERE u.uid = :uid', array(':uid' => $this->argument))->fetchField();
+ $query = db_select('users', 'u');
+ $query->addField('u', 'name');
+ $query->condition('u.uid', $this->argument);
+ $title = $query->execute()->fetchField();
}
if (empty($title)) {
return t('No user');
diff --git a/lib/Views/comment/Plugin/views/field/NodeNewComments.php b/lib/Views/comment/Plugin/views/field/NodeNewComments.php
index 3cb5fc7c5c881a35475ae36769a8dfc084b5e8cf..6c5aab64beda02fc8cae6b3a83f7731efd40ae58 100644
--- a/lib/Views/comment/Plugin/views/field/NodeNewComments.php
+++ b/lib/Views/comment/Plugin/views/field/NodeNewComments.php
@@ -73,15 +73,16 @@ function pre_render(&$values) {
}
if ($nids) {
- $result = db_query("SELECT n.nid, COUNT(c.cid) as num_comments FROM {node} n INNER JOIN {comment} c ON n.nid = c.nid
- LEFT JOIN {history} h ON h.nid = n.nid AND h.uid = :h_uid WHERE n.nid IN (:nids)
- AND c.changed > GREATEST(COALESCE(h.timestamp, :timestamp), :timestamp) AND c.status = :status GROUP BY n.nid ", array(
- ':status' => COMMENT_PUBLISHED,
- ':h_uid' => $user->uid,
- ':nids' => $nids,
- ':timestamp' => NODE_NEW_LIMIT,
- ));
-
+ $query = db_select('node', 'n');
+ $query->addField('n', 'nid');
+ $query->innerJoin('comment', 'c', 'n.nid = c.nid');
+ $query->addExpression('COUNT(c.cid)', 'num_comments');
+ $query->leftJoin('history', 'h', 'h.nid = n.nid');
+ $query->condition('n.nid', $nids);
+ $query->where('c.changed > GREATEST(COALESCE(h.timestamp, :timestamp), :timestamp)', array(':timestamp' => NODE_NEW_LIMIT));
+ $query->condition('c.status', COMMENT_PUBLISHED);
+ $query->groupBy('n.nid');
+ $result = $query->execute();
foreach ($result as $node) {
foreach ($ids[$node->nid] as $id) {
$values[$id]->{$this->field_alias} = $node->num_comments;
diff --git a/lib/Views/locale/Plugin/views/filter/Version.php b/lib/Views/locale/Plugin/views/filter/Version.php
index 9d7367852ddc29c3381d1c8b700c7a0cddef3e71..a450317ea59a15ce080f62fc2b3241267d511fd9 100644
--- a/lib/Views/locale/Plugin/views/filter/Version.php
+++ b/lib/Views/locale/Plugin/views/filter/Version.php
@@ -27,6 +27,8 @@ function get_value_options() {
$this->value_title = t('Version');
// Enable filtering by the current installed Drupal version.
$versions = array('***CURRENT_VERSION***' => t('Current installed version'));
+ // Uses db_query() rather than db_select() because the query is static and
+ // does not include any variables.
$result = db_query('SELECT DISTINCT(version) FROM {locales_source} ORDER BY version');
foreach ($result as $row) {
if (!empty($row->version)) {
diff --git a/lib/Views/node/Plugin/views/argument/Vid.php b/lib/Views/node/Plugin/views/argument/Vid.php
index 45350e41224453d51014c620ecdd07a1ebd83ded..48376152a0b607e2a201ce8f623a4385f4d4d2d8 100644
--- a/lib/Views/node/Plugin/views/argument/Vid.php
+++ b/lib/Views/node/Plugin/views/argument/Vid.php
@@ -28,8 +28,11 @@ class Vid extends Numeric {
function title_query() {
$titles = array();
- $results = db_query("SELECT nr.vid, nr.nid, nr.title FROM {node_revision} nr WHERE nr.vid IN (:vids)", array(':vids' => $this->value))->fetchAllAssoc('vid', PDO::FETCH_ASSOC);
-
+ $results = db_select('node_revision', 'nr')
+ ->fields('nr', array('vid', 'nid', 'title'))
+ ->condition('nr.vid', $this->value)
+ ->execute()
+ ->fetchAllAssoc('vid', PDO::FETCH_ASSOC);
$nids = array();
foreach ($results as $result) {
$nids[] = $result['nid'];
diff --git a/lib/Views/system/Plugin/views/filter/Type.php b/lib/Views/system/Plugin/views/filter/Type.php
index f1ef7de77d0c434249c529ee86dcfcb7e00103a2..0cdb44f8cdcfb300cdd71e477b6bb0b38106d6e6 100644
--- a/lib/Views/system/Plugin/views/filter/Type.php
+++ b/lib/Views/system/Plugin/views/filter/Type.php
@@ -25,6 +25,8 @@ function get_value_options() {
$this->value_title = t('Type');
// Enable filtering by type.
$types = array();
+ // Uses db_query() rather than db_select() because the query is static and
+ // does not include any variables.
$types = db_query('SELECT DISTINCT(type) FROM {system} ORDER BY type')->fetchAllKeyed(0, 0);
$this->value_options = $types;
}
diff --git a/lib/Views/taxonomy/Plugin/views/argument/VocabularyMachineName.php b/lib/Views/taxonomy/Plugin/views/argument/VocabularyMachineName.php
index a17577349e5a44f151234f8e87b0da093be76a3b..71e7227a06bbf9e90bf8368059ff07488db9039b 100644
--- a/lib/Views/taxonomy/Plugin/views/argument/VocabularyMachineName.php
+++ b/lib/Views/taxonomy/Plugin/views/argument/VocabularyMachineName.php
@@ -26,7 +26,10 @@ class VocabularyMachineName extends String {
* Override the behavior of title(). Get the name of the vocabulary..
*/
function title() {
- $title = db_query("SELECT v.name FROM {taxonomy_vocabulary} v WHERE v.machine_name = :machine_name", array(':machine_name' => $this->argument))->fetchField();
+ $query = db_select('taxonomy_vocabulary', 'v');
+ $query->addField('v', 'name');
+ $query->condition('v.machine_name', $this->argument);
+ $title = $query->execute()->fetchField();
if (empty($title)) {
return t('No vocabulary');
diff --git a/lib/Views/taxonomy/Plugin/views/argument/VocabularyVid.php b/lib/Views/taxonomy/Plugin/views/argument/VocabularyVid.php
index 96ed2ff9db50f68d22a0ba7d1f5bf382b5bc8be6..7613f06257aaa37b6ef5df533537b57aba117442 100644
--- a/lib/Views/taxonomy/Plugin/views/argument/VocabularyVid.php
+++ b/lib/Views/taxonomy/Plugin/views/argument/VocabularyVid.php
@@ -26,8 +26,10 @@ class VocabularyVid extends Numeric {
* Override the behavior of title(). Get the name of the vocabulary.
*/
function title() {
- $title = db_query("SELECT v.name FROM {taxonomy_vocabulary} v WHERE v.vid = :vid", array(':vid' => $this->argument))->fetchField();
-
+ $query = db_select('taxonomy_vocabulary', 'v');
+ $query->addField('v', 'name');
+ $query->condition('v.vid', $this->argument);
+ $title = $query->execute()->fetchField();
if (empty($title)) {
return t('No vocabulary');
}
diff --git a/lib/Views/translation/Plugin/views/argument/NodeTnid.php b/lib/Views/translation/Plugin/views/argument/NodeTnid.php
index 2239a73c4bf92a325fd03b240ace2e13e85bfd67..53d60fc85c4bdc1667164b32eb98d77ef82cbd9a 100644
--- a/lib/Views/translation/Plugin/views/argument/NodeTnid.php
+++ b/lib/Views/translation/Plugin/views/argument/NodeTnid.php
@@ -28,7 +28,10 @@ class NodeTnid extends Numeric {
function title_query() {
$titles = array();
- $result = db_query("SELECT n.title FROM {node} n WHERE n.tnid IN (:tnids)", array(':tnids' => $this->value));
+ $query = db_select('node', 'n');
+ $query->addField('n', 'title');
+ $query->condition('n.tnid', $this->value);
+ $result = $query->execute();
foreach ($result as $term) {
$titles[] = check_plain($term->title);
}
diff --git a/lib/Views/user/Plugin/views/argument/RolesRid.php b/lib/Views/user/Plugin/views/argument/RolesRid.php
index 040e4e082f5b1dccce018ab56814923be2487706..80c7c67408c705fe4fc7c132238bb7aac029024b 100644
--- a/lib/Views/user/Plugin/views/argument/RolesRid.php
+++ b/lib/Views/user/Plugin/views/argument/RolesRid.php
@@ -25,7 +25,10 @@ class RolesRid extends ManyToOne {
function title_query() {
$titles = array();
- $result = db_query("SELECT name FROM {role} WHERE rid IN (:rids)", array(':rids' => $this->value));
+ $query = db_select('role', 'r');
+ $query->addField('r', 'name');
+ $query->condition('r.rid', $this->value);
+ $result = $query->execute();
foreach ($result as $term) {
$titles[] = check_plain($term->name);
}
diff --git a/lib/Views/user/Plugin/views/argument_validator/User.php b/lib/Views/user/Plugin/views/argument_validator/User.php
index 5f0df2b94b395c1123c3c5353667103ca23f3316..9ada23b8596554e4ef6a632ae6406bea4cdec516 100644
--- a/lib/Views/user/Plugin/views/argument_validator/User.php
+++ b/lib/Views/user/Plugin/views/argument_validator/User.php
@@ -85,7 +85,7 @@ function validate_argument($argument) {
// real global $user object.
$account = clone $GLOBALS['user'];
}
- $where = 'uid = :argument';
+ $condition = 'uid';
}
}
else {
@@ -94,18 +94,21 @@ function validate_argument($argument) {
if ($argument == $name) {
$account = clone $GLOBALS['user'];
}
- $where = "name = :argument";
+ $condition = 'name';
}
}
// If we don't have a WHERE clause, the argument is invalid.
- if (empty($where)) {
+ if (empty($condition)) {
return FALSE;
}
if (!isset($account)) {
- $query = "SELECT uid, name FROM {users} WHERE $where";
- $account = db_query($query, array(':argument' => $argument))->fetchObject();
+ $account = db_select('users', 'u')
+ ->fields('u', array('uid', 'name'))
+ ->condition($condition, $argument)
+ ->execute()
+ ->fetchObject();
}
if (empty($account)) {
// User not found.
@@ -117,7 +120,10 @@ function validate_argument($argument) {
$roles = $this->options['roles'];
$account->roles = array();
$account->roles[] = $account->uid ? DRUPAL_AUTHENTICATED_RID : DRUPAL_ANONYMOUS_RID;
- $result = db_query('SELECT rid FROM {users_roles} WHERE uid = :uid', array(':uid' => $account->uid));
+ $query = db_select('users_roles', 'u');
+ $query->addField('u', 'rid');
+ $query->condition('u.uid', $account->uid);
+ $result = $query->execute();
foreach ($result as $role) {
$account->roles[] = $role->rid;
}
diff --git a/lib/Views/user/Plugin/views/field/Permissions.php b/lib/Views/user/Plugin/views/field/Permissions.php
index 1e36c892b32a39b7ae63ee212ce6bc7e3aab2a19..c1112afe67a92d20cda09f284f97830ef9746465 100644
--- a/lib/Views/user/Plugin/views/field/Permissions.php
+++ b/lib/Views/user/Plugin/views/field/Permissions.php
@@ -52,8 +52,14 @@ function pre_render(&$values) {
$permissions = module_invoke_all('permission');
- $result = db_query("SELECT u.uid, u.rid, rp.permission FROM {role_permission} rp INNER JOIN {users_roles} u ON u.rid = rp.rid WHERE u.uid IN (:uids) AND rp.module IN (:modules) ORDER BY rp.permission",
- array(':uids' => $uids, ':modules' => array_keys($modules)));
+ $query = db_select('role_permission', 'rp');
+ $query->join('users_roles', 'u', 'u.rid = rp.rid');
+ $query->fields('u', array('uid', 'rid'));
+ $query->addField('rp', 'permission');
+ $query->condition('u.uid', $uids);
+ $query->condition('rp.module', array_keys($modules));
+ $query->orderBy('rp.permission');
+ $result = $query->execute();
foreach ($result as $perm) {
$this->items[$perm->uid][$perm->permission]['permission'] = $permissions[$perm->permission]['title'];
diff --git a/lib/Views/user/Plugin/views/field/Roles.php b/lib/Views/user/Plugin/views/field/Roles.php
index 2ab6bb6c64a44f0230437a8c4711deef8c2eccb3..e50c3f4f44ec260ee3520d3020843c37a3c6aa46 100644
--- a/lib/Views/user/Plugin/views/field/Roles.php
+++ b/lib/Views/user/Plugin/views/field/Roles.php
@@ -41,8 +41,13 @@ function pre_render(&$values) {
}
if ($uids) {
- $result = db_query("SELECT u.uid, u.rid, r.name FROM {role} r INNER JOIN {users_roles} u ON u.rid = r.rid WHERE u.uid IN (:uids) ORDER BY r.name",
- array(':uids' => $uids));
+ $query = db_select('role', 'r');
+ $query->join('users_roles', 'u', 'u.rid = r.rid');
+ $query->addField('r', 'name');
+ $query->fields('u', array('uid', 'rid'));
+ $query->condition('u.uid', $uids);
+ $query->orderBy('r.name');
+ $result = $query->execute();
foreach ($result as $role) {
$this->items[$role->uid][$role->rid]['role'] = check_plain($role->name);
$this->items[$role->uid][$role->rid]['rid'] = $role->rid;
diff --git a/lib/Views/user/Plugin/views/filter/Name.php b/lib/Views/user/Plugin/views/filter/Name.php
index 243bff0be3771e6e085f7217bccaaaf44b2492ba..b85f390e083e69087b4c46117c4cb7dee9a7903f 100644
--- a/lib/Views/user/Plugin/views/filter/Name.php
+++ b/lib/Views/user/Plugin/views/filter/Name.php
@@ -27,7 +27,7 @@ class Name extends InOperator {
function value_form(&$form, &$form_state) {
$values = array();
if ($this->value) {
- $result = db_query("SELECT * FROM {users} u WHERE uid IN (:uids)", array(':uids' => $this->value));
+ $result = entity_load_multiple_by_properties('user', array('uid' => $this->value));
foreach ($result as $account) {
if ($account->uid) {
$values[] = $account->name;
@@ -131,7 +131,7 @@ function validate_user_strings(&$form, $values) {
return $uids;
}
- $result = db_query("SELECT * FROM {users} WHERE name IN (:names)", array(':names' => $args));
+ $result = entity_load_multiple_by_properties('user', array('name' => $args));
foreach ($result as $account) {
unset($missing[strtolower($account->name)]);
$uids[] = $account->uid;
@@ -156,8 +156,7 @@ function admin_summary() {
$this->value_options = array();
if ($this->value) {
- $result = db_query("SELECT * FROM {users} u WHERE uid IN (:uids)", array(':uids' => $this->value));
-
+ $result = entity_load_multiple_by_properties('user', array('uid' => $this->value));
foreach ($result as $account) {
if ($account->uid) {
$this->value_options[$account->uid] = $account->name;