use sql statement and code review and doc

This commit is contained in:
Jean-Christian Denis 2023-04-24 23:21:54 +02:00
parent a2455b148d
commit 4db3c5438f
Signed by: JcDenis
GPG key ID: 1B5B8C5B90B6C951

View file

@ -17,10 +17,13 @@ namespace Dotclear\Plugin\postWidgetText;
use dcCore; use dcCore;
use Dotclear\Database\{ use Dotclear\Database\{
Cursor, Cursor,
MetaRecord, MetaRecord
Structure };
use Dotclear\Database\Statement\{
DeleteStatement,
JoinStatement,
SelectStatement
}; };
use Exception; use Exception;
/** /**
@ -30,82 +33,116 @@ use Exception;
*/ */
class Utils class Utils
{ {
/**
* Open cursor.
*
* @return Cursor The fresh cursor
*/
public static function openCursor(): Cursor public static function openCursor(): Cursor
{ {
return dcCore::app()->con->openCursor(dcCore::app()->prefix . My::TABLE_NAME); return dcCore::app()->con->openCursor(dcCore::app()->prefix . My::TABLE_NAME);
} }
/**
* Get widgetTexts.
*
* @param array $params The query params
* @param bool $count_only Return count only
*
* @return MetaRecord The record (that mixes post and widgetText info)
*/
public static function getWidgets(array $params, bool $count_only = false): MetaRecord public static function getWidgets(array $params, bool $count_only = false): MetaRecord
{ {
// nullsafe
if (is_null(dcCore::app()->blog)) { if (is_null(dcCore::app()->blog)) {
throw new Exception('blog is not set'); throw new Exception(__('Blog is not set'));
} }
if (!isset($params['columns'])) { $sql = new SelectStatement();
$params['columns'] = []; $sql->columns([
} 'option_id',
$params['columns'][] = 'option_id'; 'option_creadt',
$params['columns'][] = 'option_creadt'; 'option_upddt',
$params['columns'][] = 'option_upddt'; 'option_type',
$params['columns'][] = 'option_type'; 'option_format',
$params['columns'][] = 'option_format'; 'option_lang',
$params['columns'][] = 'option_lang'; 'option_title',
$params['columns'][] = 'option_title'; 'option_content',
$params['columns'][] = 'option_content'; 'option_content_xhtml',
$params['columns'][] = 'option_content_xhtml'; ]);
if (!isset($params['from'])) { $sql->join(
$params['from'] = ''; (new JoinStatement())
} ->left()
$params['join'] = 'LEFT JOIN ' . dcCore::app()->prefix . My::TABLE_NAME . ' W ON P.post_id=W.post_id '; ->from($sql->as(dcCore::app()->prefix . My::TABLE_NAME, 'W'))
->on('P.post_id = W.post_id')
->statement()
);
if (!isset($params['sql'])) {
$params['sql'] = '';
}
if (isset($params['option_type'])) { if (isset($params['option_type'])) {
$params['sql'] .= "AND W.option_type = '" . dcCore::app()->con->escapeStr((string) $params['option_type']) . "' "; if (is_array($params['option_type']) || $params['option_type'] != '') {
$sql->and('option_type' . $sql->in($params['option_type']));
}
} else { } else {
$params['sql'] .= "AND W.option_type = '" . dcCore::app()->con->escapeStr((string) My::id()) . "' "; $sql->and('option_type = ' . $sql->quote(My::id()));
} }
unset($params['option_type']);
// work on all post type by default
if (!isset($params['post_type'])) { if (!isset($params['post_type'])) {
$params['post_type'] = ''; $params['post_type'] = '';
} }
return dcCore::app()->blog->getPosts($params, $count_only); return dcCore::app()->blog->getPosts($params, $count_only, $sql);
} }
/**
* Add a widgetText.
*
* @param Cursor $cur The widgetText Cursor
*
* @return int The new widgetText ID
*/
public static function addWidget(Cursor $cur): int public static function addWidget(Cursor $cur): int
{ {
// nullsafe
if (is_null(dcCore::app()->auth) || is_null(dcCore::app()->blog)) { if (is_null(dcCore::app()->auth) || is_null(dcCore::app()->blog)) {
throw new Exception('blog is not set'); throw new Exception(__('Blog is not set'));
} }
// check permissions to add post
if (!dcCore::app()->auth->check(dcCore::app()->auth->makePermissions([ if (!dcCore::app()->auth->check(dcCore::app()->auth->makePermissions([
dcCore::app()->auth::PERMISSION_USAGE, dcCore::app()->auth::PERMISSION_USAGE,
dcCore::app()->auth::PERMISSION_CONTENT_ADMIN, dcCore::app()->auth::PERMISSION_CONTENT_ADMIN,
]), dcCore::app()->blog->id)) { ]), dcCore::app()->blog->id)) {
throw new Exception(__('You are not allowed to create an entry text widget')); throw new Exception(__('You are not allowed to create an entry text widget'));
} }
if ($cur->post_id == '') {
// check properties
if ($cur->getField('post_id') == '') {
throw new Exception('No such entry ID'); throw new Exception('No such entry ID');
} }
// lock table
dcCore::app()->con->writeLock(dcCore::app()->prefix . My::TABLE_NAME); dcCore::app()->con->writeLock(dcCore::app()->prefix . My::TABLE_NAME);
try { try {
$rs = dcCore::app()->con->select( $sql = new SelectStatement();
'SELECT MAX(option_id) ' . $rs = $sql->from(dcCore::app()->prefix . My::TABLE_NAME)->column($sql->max('option_id'))->select();
'FROM ' . dcCore::app()->prefix . My::TABLE_NAME if (is_null($rs) || $rs->isEmtpy()) {
); throw new Exception(__('Something went wrong)'));
}
$cur->option_id = (int) $rs->f(0) + 1; // set default widgetText properties
$cur->option_creadt = date('Y-m-d H:i:s'); $cur->setField('option_id', (int) $rs->f(0) + 1);
$cur->option_upddt = date('Y-m-d H:i:s'); $cur->setField('option_creadt', date('Y-m-d H:i:s'));
$cur->setField('option_upddt', date('Y-m-d H:i:s'));
self::getWidgetContent($cur, (int) $cur->option_id); // check and complete Cursor
self::getWidgetContent($cur, (int) $cur->getField('option_id'));
// add new widgetText
$cur->insert(); $cur->insert();
dcCore::app()->con->unlock(); dcCore::app()->con->unlock();
} catch (Exception $e) { } catch (Exception $e) {
dcCore::app()->con->unlock(); dcCore::app()->con->unlock();
@ -113,17 +150,27 @@ class Utils
throw $e; throw $e;
} }
// update blog
dcCore::app()->blog->triggerBlog(); dcCore::app()->blog->triggerBlog();
return (int) $cur->option_id; // return new widgetText ID
return (int) $cur->getField('option_id');
} }
/**
* Update a widgetText.
*
* @param int $id The widgetText ID
* @param Cursor $cur The widgetText Cursor
*/
public static function updWidget(int $id, Cursor $cur): void public static function updWidget(int $id, Cursor $cur): void
{ {
// nullsafe
if (is_null(dcCore::app()->auth) || is_null(dcCore::app()->blog)) { if (is_null(dcCore::app()->auth) || is_null(dcCore::app()->blog)) {
throw new Exception('blog is not set'); throw new Exception(__('Blog is not set'));
} }
// check permission to delete post
if (!dcCore::app()->auth->check(dcCore::app()->auth->makePermissions([ if (!dcCore::app()->auth->check(dcCore::app()->auth->makePermissions([
dcCore::app()->auth::PERMISSION_USAGE, dcCore::app()->auth::PERMISSION_USAGE,
dcCore::app()->auth::PERMISSION_CONTENT_ADMIN, dcCore::app()->auth::PERMISSION_CONTENT_ADMIN,
@ -131,39 +178,50 @@ class Utils
throw new Exception(__('You are not allowed to update entries text widget')); throw new Exception(__('You are not allowed to update entries text widget'));
} }
$id = (int) $id; // check properties
if (empty($id)) { if (empty($id)) {
throw new Exception(__('No such ID')); throw new Exception(__('No such ID'));
} }
// check and complete Cursor
self::getWidgetContent($cur, $id); self::getWidgetContent($cur, $id);
$cur->setField('option_upddt', date('Y-m-d H:i:s'));
$cur->option_upddt = date('Y-m-d H:i:s'); // check if user is post owner
if (!dcCore::app()->auth->check(dcCore::app()->auth->makePermissions([dcCore::app()->auth::PERMISSION_CONTENT_ADMIN]), dcCore::app()->blog->id)) { if (!dcCore::app()->auth->check(dcCore::app()->auth->makePermissions([dcCore::app()->auth::PERMISSION_CONTENT_ADMIN]), dcCore::app()->blog->id)) {
$params['option_id'] = $id; $rs = self::getWidgets([
$params['user_id'] = dcCore::app()->con->escapeStr((string) dcCore::app()->auth->userID()); 'option_id' => $id,
$params['no_content'] = true; 'user_id' => dcCore::app()->con->escapeStr((string) dcCore::app()->auth->userID()),
$params['limit'] = 1; 'no_content' => true,
'limit' => 1,
$rs = self::getWidgets($params); ]);
if ($rs->isEmpty()) { if ($rs->isEmpty()) {
throw new Exception(__('You are not allowed to delete this entry text widget')); throw new Exception(__('You are not allowed to delete this entry text widget'));
} }
} }
// update widgetText
$cur->update('WHERE option_id = ' . $id . ' '); $cur->update('WHERE option_id = ' . $id . ' ');
// update blog
dcCore::app()->blog->triggerBlog(); dcCore::app()->blog->triggerBlog();
} }
/**
* Delete a widgetText.
*
* @param int $id The widgetText ID
* @param null|string $type The widgetText optionnal type
*/
public static function delWidget(int $id, ?string $type = null): void public static function delWidget(int $id, ?string $type = null): void
{ {
// nullsafe
if (is_null(dcCore::app()->auth) || is_null(dcCore::app()->blog)) { if (is_null(dcCore::app()->auth) || is_null(dcCore::app()->blog)) {
throw new Exception('blog is not set'); throw new Exception(__('Blog is not set'));
} }
// check permission to delete post
if (!dcCore::app()->auth->check(dcCore::app()->auth->makePermissions([ if (!dcCore::app()->auth->check(dcCore::app()->auth->makePermissions([
dcCore::app()->auth::PERMISSION_DELETE, dcCore::app()->auth::PERMISSION_DELETE,
dcCore::app()->auth::PERMISSION_CONTENT_ADMIN, dcCore::app()->auth::PERMISSION_CONTENT_ADMIN,
@ -171,35 +229,48 @@ class Utils
throw new Exception(__('You are not allowed to delete entries text widget')); throw new Exception(__('You are not allowed to delete entries text widget'));
} }
$id = (int) $id; // check properties
$type ??= My::id();
if (empty($id)) { if (empty($id)) {
throw new Exception(__('No such ID')); throw new Exception(__('No such ID'));
} }
if (empty($type)) {
$type = My::id();
}
// check if user is post owner
if (!dcCore::app()->auth->check(dcCore::app()->auth->makePermissions([dcCore::app()->auth::PERMISSION_CONTENT_ADMIN]), dcCore::app()->blog->id)) { if (!dcCore::app()->auth->check(dcCore::app()->auth->makePermissions([dcCore::app()->auth::PERMISSION_CONTENT_ADMIN]), dcCore::app()->blog->id)) {
$params['option_id'] = $id; $rs = self::getWidgets([
$params['user_id'] = dcCore::app()->con->escapeStr((string) dcCore::app()->auth->userID()); 'option_id' => $id,
$params['no_content'] = true; 'user_id' => dcCore::app()->con->escapeStr((string) dcCore::app()->auth->userID()),
$params['limit'] = 1; 'no_content' => true,
'limit' => 1,
$rs = self::getWidgets($params); ]);
if ($rs->isEmpty()) { if ($rs->isEmpty()) {
throw new Exception(__('You are not allowed to delete this entry text widget')); throw new Exception(__('You are not allowed to delete this entry text widget'));
} }
} }
dcCore::app()->con->execute( // delete widgetText
'DELETE FROM ' . dcCore::app()->prefix . My::TABLE_NAME . ' ' . $sql = new DeleteStatement();
'WHERE option_id = ' . $id . ' ' . $sql->from(dcCore::app()->prefix . My::TABLE_NAME)
"AND option_type = '" . dcCore::app()->con->escapeStr((string) $type) . "' " ->where('option_id = ' . $id)
); ->and('option_type = ' . $sql->quote($type))
->delete();
// update blog
dcCore::app()->blog->triggerBlog(); dcCore::app()->blog->triggerBlog();
} }
/**
* Parse widgetText content.
*
* @param int $option_id The widgetText ID
* @param string $format The format
* @param string $lang The lang
* @param null|string $content The content
* @param null|string $content_xhtml The xhtml content
*/
public static function setWidgetContent(int $option_id, string $format, string $lang, ?string &$content, ?string &$content_xhtml): void public static function setWidgetContent(int $option_id, string $format, string $lang, ?string &$content, ?string &$content_xhtml): void
{ {
if ($format == 'wiki') { if ($format == 'wiki') {
@ -219,7 +290,7 @@ class Utils
$excerpt = $excerpt_xhtml = ''; $excerpt = $excerpt_xhtml = '';
# --BEHAVIOR-- coreAfterPostContentFormat # --BEHAVIOR-- coreAfterPostContentFormat -- array
dcCore::app()->callBehavior('coreAfterPostContentFormat', [ dcCore::app()->callBehavior('coreAfterPostContentFormat', [
'excerpt' => &$excerpt, 'excerpt' => &$excerpt,
'content' => &$content, 'content' => &$content,
@ -228,20 +299,26 @@ class Utils
]); ]);
} }
/**
* Extract content.
*
* @param Cursor $cur The widgetText Cursor
* @param int $option_id The widgetText ID
*/
private static function getWidgetContent(Cursor $cur, int $option_id): void private static function getWidgetContent(Cursor $cur, int $option_id): void
{ {
$option_content = $cur->option_content; $option_content = $cur->getfield('option_content');
$option_content_xhtml = $cur->option_content_xhtml; $option_content_xhtml = $cur->getField('option_content_xhtml');
self::setWidgetContent( self::setWidgetContent(
$option_id, $option_id,
$cur->option_format, $cur->getField('option_format'),
$cur->option_lang, $cur->getField('option_lang'),
$option_content, $option_content,
$option_content_xhtml $option_content_xhtml
); );
$cur->option_content = $option_content; $cur->setField('option_content', $option_content);
$cur->option_content_xhtml = $option_content_xhtml; $cur->setField('option_content_xhtml', $option_content_xhtml);
} }
} }