Commit c27b62b1 authored by Steven Wittens's avatar Steven Wittens

- #41940: Locale string search broken in some cases (and remove some...

- #41940: Locale string search broken in some cases (and remove some inappropriate db_escape_string() usage)
- #43491: Missing drupal_goto() after saving settings
parent f940d8a2
......@@ -984,7 +984,7 @@ function _locale_string_edit($lid) {
: array('#type' => 'textfield', '#title' => $languages['name'][$translation->locale], '#default_value' => $translation->translation);
unset($languages['name'][$translation->locale]);
}
$form['item'] = array('#type' => 'item', '#title' => t('Original text'), '#value' => wordwrap(check_plain($orig, 0)));
$form['item'] = array('#type' => 'item', '#title' => t('Original text'), '#value' => check_plain(wordwrap($orig, 0)));
foreach ($languages['name'] as $key => $lang) {
$form[$key] = (strlen($orig) > 40) ?
array('#type' => 'textarea', '#title' => $lang, '#rows' => 15) :
......@@ -1047,27 +1047,33 @@ function _locale_string_seek() {
if ($query = _locale_string_seek_query()) {
$join = "SELECT s.source, s.location, s.lid, t.translation, t.locale FROM {locales_source} s INNER JOIN {locales_target} t ON s.lid = t.lid ";
$arguments = array();
// Compute LIKE section
switch ($query->searchin) {
case 'translated':
$where = "WHERE (t.translation LIKE '%". db_escape_string($query->string) ."%' AND t.translation != '')";
$where = "WHERE (t.translation LIKE '%%%s%%' AND t.translation != '')";
$orderby = "ORDER BY t.translation";
$arguments[] = $query->string;
break;
case 'untranslated':
$where = "WHERE (s.source LIKE '%". db_escape_string($query->string) ."%' AND t.translation = '')";
$where = "WHERE (s.source LIKE '%%%s%%' AND t.translation = '')";
$orderby = "ORDER BY s.source";
$arguments[] = $query->string;
break;
case 'all' :
default:
$where = "WHERE (s.source LIKE '%". db_escape_string($query->string) ."%' OR t.translation LIKE '%". db_escape_string($query->string) ."%')";
$where = "WHERE (s.source LIKE '%%%s%%' OR t.translation LIKE '%%%s%%')";
$orderby = '';
$arguments[] = $query->string;
$arguments[] = $query->string;
break;
}
switch ($query->language) {
// Force search in source strings
case "en":
$sql = $join ." WHERE s.source LIKE '%". db_escape_string($query->string) ."%' ORDER BY s.source";
$sql = $join ." WHERE s.source LIKE '%%%s%%' ORDER BY s.source";
$arguments = array($query->string); // $where is not used, discard its arguments
break;
// Search in all languages
case "all":
......@@ -1075,10 +1081,11 @@ function _locale_string_seek() {
break;
// Some different language
default:
$sql = "$join $where AND t.locale = '". db_escape_string($query->language) ."' $orderby";
$sql = "$join $where AND t.locale = '%s' $orderby";
$arguments[] = $query->language;
}
$result = pager_query($sql, 50);
$result = pager_query($sql, 50, 0, NULL, $arguments);
$header = array(t('String'), t('Locales'), array('data' => t('Operations'), 'colspan' => '2'));
$arr = array();
......
......@@ -438,11 +438,11 @@ function locale_admin_string() {
switch ($op) {
case 'delete':
$output .= _locale_string_delete(db_escape_string(arg(4)));
$output .= _locale_string_delete(arg(4));
$output .= _locale_string_seek();
break;
case 'edit':
$output .= _locale_string_edit(db_escape_string(arg(4)));
$output .= _locale_string_edit(arg(4));
$output .= _locale_string_seek();
break;
case t('Search'):
......@@ -451,7 +451,7 @@ function locale_admin_string() {
$output .= _locale_string_seek_form();
break;
case t('Save translations'):
$output .= _locale_string_save(db_escape_string(arg(4)));
$output .= _locale_string_save(arg(4));
drupal_goto('admin/locale/string/search');
break;
default:
......
......@@ -438,11 +438,11 @@ function locale_admin_string() {
switch ($op) {
case 'delete':
$output .= _locale_string_delete(db_escape_string(arg(4)));
$output .= _locale_string_delete(arg(4));
$output .= _locale_string_seek();
break;
case 'edit':
$output .= _locale_string_edit(db_escape_string(arg(4)));
$output .= _locale_string_edit(arg(4));
$output .= _locale_string_seek();
break;
case t('Search'):
......@@ -451,7 +451,7 @@ function locale_admin_string() {
$output .= _locale_string_seek_form();
break;
case t('Save translations'):
$output .= _locale_string_save(db_escape_string(arg(4)));
$output .= _locale_string_save(arg(4));
drupal_goto('admin/locale/string/search');
break;
default:
......
......@@ -345,27 +345,31 @@ function node_load($param = array(), $revision = NULL, $reset = NULL) {
$nodes = array();
}
$arguments = array();
if (is_numeric($param)) {
$cachable = $revision == NULL;
if ($cachable && isset($nodes[$param])) {
return $nodes[$param];
}
$cond = 'n.nid = '. $param;
$cond = 'n.nid = %d';
$arguments[] = $param;
}
else {
// Turn the conditions into a query.
foreach ($param as $key => $value) {
$cond[] = 'n.'. db_escape_string($key) ." = '". db_escape_string($value) ."'";
$cond[] = 'n.'. db_escape_string($key) ." = '%s'";
$arguments[] = $value;
}
$cond = implode(' AND ', $cond);
}
// Retrieve the node.
if ($revision) {
$node = db_fetch_object(db_query(db_rewrite_sql('SELECT n.nid, r.vid, n.type, n.status, n.created, n.changed, n.comment, n.promote, n.moderate, n.sticky, r.timestamp AS revision_timestamp, r.title, r.body, r.teaser, r.log, r.format, u.uid, u.name, u.picture, u.data FROM {node} n INNER JOIN {users} u ON u.uid = n.uid INNER JOIN {node_revisions} r ON r.nid = n.nid AND r.vid = %d WHERE '. $cond), $revision));
array_unshift($arguments, $revision);
$node = db_fetch_object(db_query(db_rewrite_sql('SELECT n.nid, r.vid, n.type, n.status, n.created, n.changed, n.comment, n.promote, n.moderate, n.sticky, r.timestamp AS revision_timestamp, r.title, r.body, r.teaser, r.log, r.format, u.uid, u.name, u.picture, u.data FROM {node} n INNER JOIN {users} u ON u.uid = n.uid INNER JOIN {node_revisions} r ON r.nid = n.nid AND r.vid = %d WHERE '. $cond), $arguments));
}
else {
$node = db_fetch_object(db_query(db_rewrite_sql('SELECT n.nid, n.vid, n.type, n.status, n.created, n.changed, n.comment, n.promote, n.moderate, n.sticky, r.timestamp AS revision_timestamp, r.title, r.body, r.teaser, r.log, r.format, u.uid, u.name, u.picture, u.data FROM {node} n INNER JOIN {users} u ON u.uid = n.uid INNER JOIN {node_revisions} r ON r.vid = n.vid WHERE '. $cond)));
$node = db_fetch_object(db_query(db_rewrite_sql('SELECT n.nid, n.vid, n.type, n.status, n.created, n.changed, n.comment, n.promote, n.moderate, n.sticky, r.timestamp AS revision_timestamp, r.title, r.body, r.teaser, r.log, r.format, u.uid, u.name, u.picture, u.data FROM {node} n INNER JOIN {users} u ON u.uid = n.uid INNER JOIN {node_revisions} r ON r.vid = n.vid WHERE '. $cond), $arguments));
}
if ($node->nid) {
......
......@@ -345,27 +345,31 @@ function node_load($param = array(), $revision = NULL, $reset = NULL) {
$nodes = array();
}
$arguments = array();
if (is_numeric($param)) {
$cachable = $revision == NULL;
if ($cachable && isset($nodes[$param])) {
return $nodes[$param];
}
$cond = 'n.nid = '. $param;
$cond = 'n.nid = %d';
$arguments[] = $param;
}
else {
// Turn the conditions into a query.
foreach ($param as $key => $value) {
$cond[] = 'n.'. db_escape_string($key) ." = '". db_escape_string($value) ."'";
$cond[] = 'n.'. db_escape_string($key) ." = '%s'";
$arguments[] = $value;
}
$cond = implode(' AND ', $cond);
}
// Retrieve the node.
if ($revision) {
$node = db_fetch_object(db_query(db_rewrite_sql('SELECT n.nid, r.vid, n.type, n.status, n.created, n.changed, n.comment, n.promote, n.moderate, n.sticky, r.timestamp AS revision_timestamp, r.title, r.body, r.teaser, r.log, r.format, u.uid, u.name, u.picture, u.data FROM {node} n INNER JOIN {users} u ON u.uid = n.uid INNER JOIN {node_revisions} r ON r.nid = n.nid AND r.vid = %d WHERE '. $cond), $revision));
array_unshift($arguments, $revision);
$node = db_fetch_object(db_query(db_rewrite_sql('SELECT n.nid, r.vid, n.type, n.status, n.created, n.changed, n.comment, n.promote, n.moderate, n.sticky, r.timestamp AS revision_timestamp, r.title, r.body, r.teaser, r.log, r.format, u.uid, u.name, u.picture, u.data FROM {node} n INNER JOIN {users} u ON u.uid = n.uid INNER JOIN {node_revisions} r ON r.nid = n.nid AND r.vid = %d WHERE '. $cond), $arguments));
}
else {
$node = db_fetch_object(db_query(db_rewrite_sql('SELECT n.nid, n.vid, n.type, n.status, n.created, n.changed, n.comment, n.promote, n.moderate, n.sticky, r.timestamp AS revision_timestamp, r.title, r.body, r.teaser, r.log, r.format, u.uid, u.name, u.picture, u.data FROM {node} n INNER JOIN {users} u ON u.uid = n.uid INNER JOIN {node_revisions} r ON r.vid = n.vid WHERE '. $cond)));
$node = db_fetch_object(db_query(db_rewrite_sql('SELECT n.nid, n.vid, n.type, n.status, n.created, n.changed, n.comment, n.promote, n.moderate, n.sticky, r.timestamp AS revision_timestamp, r.title, r.body, r.teaser, r.log, r.format, u.uid, u.name, u.picture, u.data FROM {node} n INNER JOIN {users} u ON u.uid = n.uid INNER JOIN {node_revisions} r ON r.vid = n.vid WHERE '. $cond), $arguments));
}
if ($node->nid) {
......
......@@ -783,6 +783,7 @@ function system_settings_form_submit($form_id, $values) {
if ($form_id == 'system_settings_form') {
menu_rebuild();
}
drupal_goto($_GET['q']);
}
/**
......
......@@ -783,6 +783,7 @@ function system_settings_form_submit($form_id, $values) {
if ($form_id == 'system_settings_form') {
menu_rebuild();
}
drupal_goto($_GET['q']);
}
/**
......
......@@ -71,10 +71,8 @@ function watchdog_overview() {
$classes = array(WATCHDOG_NOTICE => 'watchdog-notice', WATCHDOG_WARNING => 'watchdog-warning', WATCHDOG_ERROR => 'watchdog-error');
$names['all'] = t('all messages');
$queries['all'] = '';
foreach (_watchdog_get_message_types() as $type) {
$names[$type] = t('%type messages', array('%type' => t($type)));
$queries[$type] = "WHERE type = '". db_escape_string($type) ."'";
}
if (empty($_SESSION['watchdog_overview_filter'])) {
......@@ -104,8 +102,16 @@ function watchdog_overview() {
array('data' => t('User'), 'field' => 'u.name'),
array('data' => t('Operations'))
);
$sql = 'SELECT w.*, u.name, u.uid FROM {watchdog} w INNER JOIN {users} u ON w.uid = u.uid '. $queries[$_SESSION['watchdog_overview_filter']] . tablesort_sql($header);
$result = pager_query($sql, 50);
$sql = "SELECT w.*, u.name, u.uid FROM {watchdog} w INNER JOIN {users} u ON w.uid = u.uid";
$tablesort = tablesort_sql($header);
$type = $_SESSION['watchdog_overview_filter'];
if ($type != 'all') {
$result = pager_query($sql ." WHERE w.type = '%s'". $tablesort, 50, 0, NULL, $type);
}
else {
$result = pager_query($sql . $tablesort, 50);
}
while ($watchdog = db_fetch_object($result)) {
$rows[] = array('data' =>
......@@ -127,7 +133,6 @@ function watchdog_overview() {
$rows[] = array(array('data' => t('No log messages available.'), 'colspan' => 6));
}
$output .= theme('table', $header, $rows);
$output .= theme('pager', NULL, 50, 0, tablesort_pager());
......
......@@ -71,10 +71,8 @@ function watchdog_overview() {
$classes = array(WATCHDOG_NOTICE => 'watchdog-notice', WATCHDOG_WARNING => 'watchdog-warning', WATCHDOG_ERROR => 'watchdog-error');
$names['all'] = t('all messages');
$queries['all'] = '';
foreach (_watchdog_get_message_types() as $type) {
$names[$type] = t('%type messages', array('%type' => t($type)));
$queries[$type] = "WHERE type = '". db_escape_string($type) ."'";
}
if (empty($_SESSION['watchdog_overview_filter'])) {
......@@ -104,8 +102,16 @@ function watchdog_overview() {
array('data' => t('User'), 'field' => 'u.name'),
array('data' => t('Operations'))
);
$sql = 'SELECT w.*, u.name, u.uid FROM {watchdog} w INNER JOIN {users} u ON w.uid = u.uid '. $queries[$_SESSION['watchdog_overview_filter']] . tablesort_sql($header);
$result = pager_query($sql, 50);
$sql = "SELECT w.*, u.name, u.uid FROM {watchdog} w INNER JOIN {users} u ON w.uid = u.uid";
$tablesort = tablesort_sql($header);
$type = $_SESSION['watchdog_overview_filter'];
if ($type != 'all') {
$result = pager_query($sql ." WHERE w.type = '%s'". $tablesort, 50, 0, NULL, $type);
}
else {
$result = pager_query($sql . $tablesort, 50);
}
while ($watchdog = db_fetch_object($result)) {
$rows[] = array('data' =>
......@@ -127,7 +133,6 @@ function watchdog_overview() {
$rows[] = array(array('data' => t('No log messages available.'), 'colspan' => 6));
}
$output .= theme('table', $header, $rows);
$output .= theme('pager', NULL, 50, 0, tablesort_pager());
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment