Commit a0608f0c authored by catch's avatar catch

Issue #2850037 by voleger, shashikant_chauhan, gaurav.kapoor, MerryHamster,...

Issue #2850037 by voleger, shashikant_chauhan, gaurav.kapoor, MerryHamster, xjm: Replace all calls to db_like(), which is deprecated
parent 2a4fa156
......@@ -436,6 +436,7 @@ function db_escape_field($field) {
* @see \Drupal\Core\Database\Connection::escapeLike()
*/
function db_like($string) {
@trigger_error('db_like() is deprecated in Drupal 8.0.x and will be removed before Drupal 9.0.0. Instead, get a database connection injected into your service from the container and call escapeLike() on it. For example, $injected_database->escapeLike($string). See https://www.drupal.org/node/2993033', E_USER_DEPRECATED);
return Database::getConnection()->escapeLike($string);
}
......
......@@ -1028,7 +1028,7 @@ public function escapeAlias($field) {
* @code
* $result = db_query(
* 'SELECT * FROM person WHERE name LIKE :pattern',
* array(':pattern' => db_like($prefix) . '%')
* array(':pattern' => $injected_connection->escapeLike($prefix) . '%')
* );
* @endcode
*
......
......@@ -31,7 +31,7 @@ interface ConditionInterface {
* to tell the database that case insensitive equivalence is desired:
* @code
* db_select('users')
* ->condition('name', db_like($name), 'LIKE')
* ->condition('name', $injected_connection->escapeLike($name), 'LIKE')
* @endcode
* Use 'LIKE BINARY' instead of 'LIKE' for case sensitive queries.
*
......
......@@ -438,7 +438,7 @@ protected function dbStringSelect(array $conditions, array $options = []) {
$filter = $query;
}
foreach ($options['filters'] as $field => $string) {
$filter->condition($this->dbFieldTable($field) . '.' . $field, '%' . db_like($string) . '%', 'LIKE');
$filter->condition($this->dbFieldTable($field) . '.' . $field, '%' . $this->connection->escapeLike($string) . '%', 'LIKE');
}
}
......
......@@ -2,7 +2,9 @@
namespace Drupal\views\Plugin\views\display;
use Drupal\Core\Database\Connection;
use Drupal\Core\Database\Query\Condition;
use Symfony\Component\DependencyInjection\ContainerInterface;
/**
* The plugin that handles an EntityReference display.
......@@ -41,6 +43,42 @@ class EntityReference extends DisplayPluginBase {
*/
protected $usesAttachments = FALSE;
/**
* The database connection.
*
* @var \Drupal\Core\Database\Connection
*/
protected $connection;
/**
* Constructs a new EntityReference object.
*
* @param array $configuration
* A configuration array containing information about the plugin instance.
* @param string $plugin_id
* The plugin_id for the plugin instance.
* @param mixed $plugin_definition
* The plugin implementation definition.
* @param \Drupal\Core\Database\Connection $connection
* The database connection.
*/
public function __construct(array $configuration, $plugin_id, $plugin_definition, Connection $connection) {
parent::__construct($configuration, $plugin_id, $plugin_definition);
$this->connection = $connection;
}
/**
* {@inheritdoc}
*/
public static function create(ContainerInterface $container, array $configuration, $plugin_id, $plugin_definition) {
return new static(
$configuration,
$plugin_id,
$plugin_definition,
$container->get('database')
);
}
/**
* {@inheritdoc}
*/
......@@ -123,7 +161,7 @@ public function query() {
// Restrict the autocomplete options based on what's been typed already.
if (isset($options['match'])) {
$style_options = $this->getOption('style');
$value = db_like($options['match']);
$value = $this->connection->escapeLike($options['match']);
if ($options['match_operator'] !== '=') {
$value = $value . '%';
if ($options['match_operator'] != 'STARTS_WITH') {
......
......@@ -3,7 +3,6 @@
namespace Drupal\views\Plugin\views\filter;
use Drupal\Core\Form\FormStateInterface;
use Drupal\Core\Database\Database;
/**
* Filter handler which allows to search on multiple fields.
......@@ -136,7 +135,7 @@ public function opEqual($expression) {
protected function opContains($expression) {
$placeholder = $this->placeholder();
$this->query->addWhereExpression($this->options['group'], "$expression LIKE $placeholder", [$placeholder => '%' . db_like($this->value) . '%']);
$this->query->addWhereExpression($this->options['group'], "$expression LIKE $placeholder", [$placeholder => '%' . $this->connection->escapeLike($this->value) . '%']);
}
/**
......@@ -162,40 +161,40 @@ protected function opContainsWord($expression) {
// Switch between the 'word' and 'allwords' operator.
$type = $this->operator == 'word' ? 'OR' : 'AND';
$group = $this->query->setWhereGroup($type);
$operator = Database::getConnection()->mapConditionOperator('LIKE');
$operator = $this->connection->mapConditionOperator('LIKE');
$operator = isset($operator['operator']) ? $operator['operator'] : 'LIKE';
foreach ($matches as $match_key => $match) {
$temp_placeholder = $placeholder . '_' . $match_key;
// Clean up the user input and remove the sentence delimiters.
$word = trim($match[2], ',?!();:-"');
$this->query->addWhereExpression($group, "$expression $operator $temp_placeholder", [$temp_placeholder => '%' . Database::getConnection()->escapeLike($word) . '%']);
$this->query->addWhereExpression($group, "$expression $operator $temp_placeholder", [$temp_placeholder => '%' . $this->connection->escapeLike($word) . '%']);
}
}
protected function opStartsWith($expression) {
$placeholder = $this->placeholder();
$this->query->addWhereExpression($this->options['group'], "$expression LIKE $placeholder", [$placeholder => db_like($this->value) . '%']);
$this->query->addWhereExpression($this->options['group'], "$expression LIKE $placeholder", [$placeholder => $this->connection->escapeLike($this->value) . '%']);
}
protected function opNotStartsWith($expression) {
$placeholder = $this->placeholder();
$this->query->addWhereExpression($this->options['group'], "$expression NOT LIKE $placeholder", [$placeholder => db_like($this->value) . '%']);
$this->query->addWhereExpression($this->options['group'], "$expression NOT LIKE $placeholder", [$placeholder => $this->connection->escapeLike($this->value) . '%']);
}
protected function opEndsWith($expression) {
$placeholder = $this->placeholder();
$this->query->addWhereExpression($this->options['group'], "$expression LIKE $placeholder", [$placeholder => '%' . db_like($this->value)]);
$this->query->addWhereExpression($this->options['group'], "$expression LIKE $placeholder", [$placeholder => '%' . $this->connection->escapeLike($this->value)]);
}
protected function opNotEndsWith($expression) {
$placeholder = $this->placeholder();
$this->query->addWhereExpression($this->options['group'], "$expression NOT LIKE $placeholder", [$placeholder => '%' . db_like($this->value)]);
$this->query->addWhereExpression($this->options['group'], "$expression NOT LIKE $placeholder", [$placeholder => '%' . $this->connection->escapeLike($this->value)]);
}
protected function opNotLike($expression) {
$placeholder = $this->placeholder();
$this->query->addWhereExpression($this->options['group'], "$expression NOT LIKE $placeholder", [$placeholder => '%' . db_like($this->value) . '%']);
$this->query->addWhereExpression($this->options['group'], "$expression NOT LIKE $placeholder", [$placeholder => '%' . $this->connection->escapeLike($this->value) . '%']);
}
protected function opRegex($expression) {
......
......@@ -2,8 +2,10 @@
namespace Drupal\views\Plugin\views\filter;
use Drupal\Core\Database\Connection;
use Drupal\Core\Database\Query\Condition;
use Drupal\Core\Form\FormStateInterface;
use Symfony\Component\DependencyInjection\ContainerInterface;
/**
* Basic textfield filter to handle string filtering commands
......@@ -23,6 +25,42 @@ class StringFilter extends FilterPluginBase {
// exposed filter options
protected $alwaysMultiple = TRUE;
/**
* The database connection.
*
* @var \Drupal\Core\Database\Connection
*/
protected $connection;
/**
* Constructs a new EntityReference object.
*
* @param array $configuration
* A configuration array containing information about the plugin instance.
* @param string $plugin_id
* The plugin_id for the plugin instance.
* @param mixed $plugin_definition
* The plugin implementation definition.
* @param \Drupal\Core\Database\Connection $connection
* The database connection.
*/
public function __construct(array $configuration, $plugin_id, $plugin_definition, Connection $connection) {
parent::__construct($configuration, $plugin_id, $plugin_definition);
$this->connection = $connection;
}
/**
* {@inheritdoc}
*/
public static function create(ContainerInterface $container, array $configuration, $plugin_id, $plugin_definition) {
return new static(
$configuration,
$plugin_id,
$plugin_definition,
$container->get('database')
);
}
protected function defineOptions() {
$options = parent::defineOptions();
......@@ -288,7 +326,7 @@ public function opEqual($field) {
}
protected function opContains($field) {
$this->query->addWhere($this->options['group'], $field, '%' . db_like($this->value) . '%', 'LIKE');
$this->query->addWhere($this->options['group'], $field, '%' . $this->connection->escapeLike($this->value) . '%', 'LIKE');
}
protected function opContainsWord($field) {
......@@ -310,7 +348,7 @@ protected function opContainsWord($field) {
$words = trim($match[2], ',?!();:-');
$words = $phrase ? [$words] : preg_split('/ /', $words, -1, PREG_SPLIT_NO_EMPTY);
foreach ($words as $word) {
$where->condition($field, '%' . db_like(trim($word, " ,!?")) . '%', 'LIKE');
$where->condition($field, '%' . $this->connection->escapeLike(trim($word, " ,!?")) . '%', 'LIKE');
}
}
......@@ -324,23 +362,23 @@ protected function opContainsWord($field) {
}
protected function opStartsWith($field) {
$this->query->addWhere($this->options['group'], $field, db_like($this->value) . '%', 'LIKE');
$this->query->addWhere($this->options['group'], $field, $this->connection->escapeLike($this->value) . '%', 'LIKE');
}
protected function opNotStartsWith($field) {
$this->query->addWhere($this->options['group'], $field, db_like($this->value) . '%', 'NOT LIKE');
$this->query->addWhere($this->options['group'], $field, $this->connection->escapeLike($this->value) . '%', 'NOT LIKE');
}
protected function opEndsWith($field) {
$this->query->addWhere($this->options['group'], $field, '%' . db_like($this->value), 'LIKE');
$this->query->addWhere($this->options['group'], $field, '%' . $this->connection->escapeLike($this->value), 'LIKE');
}
protected function opNotEndsWith($field) {
$this->query->addWhere($this->options['group'], $field, '%' . db_like($this->value), 'NOT LIKE');
$this->query->addWhere($this->options['group'], $field, '%' . $this->connection->escapeLike($this->value), 'NOT LIKE');
}
protected function opNotLike($field) {
$this->query->addWhere($this->options['group'], $field, '%' . db_like($this->value) . '%', 'NOT LIKE');
$this->query->addWhere($this->options['group'], $field, '%' . $this->connection->escapeLike($this->value) . '%', 'NOT LIKE');
}
protected function opShorterThan($field) {
......
......@@ -91,7 +91,7 @@ public function testLikeEscape() {
$this->assertIdentical($num_matches, '2', 'Found 2 records.');
// Match only "Ring_" using a LIKE expression with no wildcards.
$num_matches = db_select('test', 't')
->condition('name', db_like('Ring_'), 'LIKE')
->condition('name', $this->connection->escapeLike('Ring_'), 'LIKE')
->countQuery()
->execute()
->fetchField();
......@@ -122,7 +122,7 @@ public function testLikeBackslash() {
$this->assertIdentical($num_matches, '2', 'Found 2 records.');
// Match only the former using a LIKE expression with no wildcards.
$num_matches = db_select('test', 't')
->condition('name', db_like('abc%\_'), 'LIKE')
->condition('name', $this->connection->escapeLike('abc%\_'), 'LIKE')
->countQuery()
->execute()
->fetchField();
......
......@@ -302,6 +302,15 @@ public function testDbEscapeField() {
$this->assertNotNull(db_escape_field('test'));
}
/**
* Tests deprecation of the db_like() function.
*
* @expectedDeprecation db_like() is deprecated in Drupal 8.0.x and will be removed before Drupal 9.0.0. Instead, get a database connection injected into your service from the container and call escapeLike() on it. For example, $injected_database->escapeLike($string). See https://www.drupal.org/node/2993033
*/
public function testDbLike() {
$this->assertSame('test\%', db_like('test%'));
}
/**
* Tests deprecation of the db_escape_table() function.
*
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment