use sql statement and code review and doc

This commit is contained in:
Jean-Christian Denis 2023-04-24 23:21:54 +02:00
parent a2455b148d
commit 4db3c5438f
Signed by: JcDenis
GPG key ID: 1B5B8C5B90B6C951

View file

@ -17,10 +17,13 @@ namespace Dotclear\Plugin\postWidgetText;
use dcCore;
use Dotclear\Database\{
Cursor,
MetaRecord,
Structure
MetaRecord
};
use Dotclear\Database\Statement\{
DeleteStatement,
JoinStatement,
SelectStatement
};
use Exception;
/**
@ -30,82 +33,116 @@ use Exception;
*/
class Utils
{
/**
* Open cursor.
*
* @return Cursor The fresh cursor
*/
public static function openCursor(): Cursor
{
return dcCore::app()->con->openCursor(dcCore::app()->prefix . My::TABLE_NAME);
}
/**
* Get widgetTexts.
*
* @param array $params The query params
* @param bool $count_only Return count only
*
* @return MetaRecord The record (that mixes post and widgetText info)
*/
public static function getWidgets(array $params, bool $count_only = false): MetaRecord
{
// nullsafe
if (is_null(dcCore::app()->blog)) {
throw new Exception('blog is not set');
throw new Exception(__('Blog is not set'));
}
if (!isset($params['columns'])) {
$params['columns'] = [];
}
$params['columns'][] = 'option_id';
$params['columns'][] = 'option_creadt';
$params['columns'][] = 'option_upddt';
$params['columns'][] = 'option_type';
$params['columns'][] = 'option_format';
$params['columns'][] = 'option_lang';
$params['columns'][] = 'option_title';
$params['columns'][] = 'option_content';
$params['columns'][] = 'option_content_xhtml';
$sql = new SelectStatement();
$sql->columns([
'option_id',
'option_creadt',
'option_upddt',
'option_type',
'option_format',
'option_lang',
'option_title',
'option_content',
'option_content_xhtml',
]);
if (!isset($params['from'])) {
$params['from'] = '';
}
$params['join'] = 'LEFT JOIN ' . dcCore::app()->prefix . My::TABLE_NAME . ' W ON P.post_id=W.post_id ';
$sql->join(
(new JoinStatement())
->left()
->from($sql->as(dcCore::app()->prefix . My::TABLE_NAME, 'W'))
->on('P.post_id = W.post_id')
->statement()
);
if (!isset($params['sql'])) {
$params['sql'] = '';
}
if (isset($params['option_type'])) {
$params['sql'] .= "AND W.option_type = '" . dcCore::app()->con->escapeStr((string) $params['option_type']) . "' ";
} else {
$params['sql'] .= "AND W.option_type = '" . dcCore::app()->con->escapeStr((string) My::id()) . "' ";
if (is_array($params['option_type']) || $params['option_type'] != '') {
$sql->and('option_type' . $sql->in($params['option_type']));
}
unset($params['option_type']);
} else {
$sql->and('option_type = ' . $sql->quote(My::id()));
}
// work on all post type by default
if (!isset($params['post_type'])) {
$params['post_type'] = '';
}
return dcCore::app()->blog->getPosts($params, $count_only);
return dcCore::app()->blog->getPosts($params, $count_only, $sql);
}
/**
* Add a widgetText.
*
* @param Cursor $cur The widgetText Cursor
*
* @return int The new widgetText ID
*/
public static function addWidget(Cursor $cur): int
{
// nullsafe
if (is_null(dcCore::app()->auth) || is_null(dcCore::app()->blog)) {
throw new Exception('blog is not set');
throw new Exception(__('Blog is not set'));
}
// check permissions to add post
if (!dcCore::app()->auth->check(dcCore::app()->auth->makePermissions([
dcCore::app()->auth::PERMISSION_USAGE,
dcCore::app()->auth::PERMISSION_CONTENT_ADMIN,
]), dcCore::app()->blog->id)) {
throw new Exception(__('You are not allowed to create an entry text widget'));
}
if ($cur->post_id == '') {
// check properties
if ($cur->getField('post_id') == '') {
throw new Exception('No such entry ID');
}
// lock table
dcCore::app()->con->writeLock(dcCore::app()->prefix . My::TABLE_NAME);
try {
$rs = dcCore::app()->con->select(
'SELECT MAX(option_id) ' .
'FROM ' . dcCore::app()->prefix . My::TABLE_NAME
);
$sql = new SelectStatement();
$rs = $sql->from(dcCore::app()->prefix . My::TABLE_NAME)->column($sql->max('option_id'))->select();
if (is_null($rs) || $rs->isEmtpy()) {
throw new Exception(__('Something went wrong)'));
}
$cur->option_id = (int) $rs->f(0) + 1;
$cur->option_creadt = date('Y-m-d H:i:s');
$cur->option_upddt = date('Y-m-d H:i:s');
// set default widgetText properties
$cur->setField('option_id', (int) $rs->f(0) + 1);
$cur->setField('option_creadt', date('Y-m-d H:i:s'));
$cur->setField('option_upddt', date('Y-m-d H:i:s'));
self::getWidgetContent($cur, (int) $cur->option_id);
// check and complete Cursor
self::getWidgetContent($cur, (int) $cur->getField('option_id'));
// add new widgetText
$cur->insert();
dcCore::app()->con->unlock();
} catch (Exception $e) {
dcCore::app()->con->unlock();
@ -113,17 +150,27 @@ class Utils
throw $e;
}
// update blog
dcCore::app()->blog->triggerBlog();
return (int) $cur->option_id;
// return new widgetText ID
return (int) $cur->getField('option_id');
}
/**
* Update a widgetText.
*
* @param int $id The widgetText ID
* @param Cursor $cur The widgetText Cursor
*/
public static function updWidget(int $id, Cursor $cur): void
{
// nullsafe
if (is_null(dcCore::app()->auth) || is_null(dcCore::app()->blog)) {
throw new Exception('blog is not set');
throw new Exception(__('Blog is not set'));
}
// check permission to delete post
if (!dcCore::app()->auth->check(dcCore::app()->auth->makePermissions([
dcCore::app()->auth::PERMISSION_USAGE,
dcCore::app()->auth::PERMISSION_CONTENT_ADMIN,
@ -131,39 +178,50 @@ class Utils
throw new Exception(__('You are not allowed to update entries text widget'));
}
$id = (int) $id;
// check properties
if (empty($id)) {
throw new Exception(__('No such ID'));
}
// check and complete Cursor
self::getWidgetContent($cur, $id);
$cur->setField('option_upddt', date('Y-m-d H:i:s'));
$cur->option_upddt = date('Y-m-d H:i:s');
// check if user is post owner
if (!dcCore::app()->auth->check(dcCore::app()->auth->makePermissions([dcCore::app()->auth::PERMISSION_CONTENT_ADMIN]), dcCore::app()->blog->id)) {
$params['option_id'] = $id;
$params['user_id'] = dcCore::app()->con->escapeStr((string) dcCore::app()->auth->userID());
$params['no_content'] = true;
$params['limit'] = 1;
$rs = self::getWidgets($params);
$rs = self::getWidgets([
'option_id' => $id,
'user_id' => dcCore::app()->con->escapeStr((string) dcCore::app()->auth->userID()),
'no_content' => true,
'limit' => 1,
]);
if ($rs->isEmpty()) {
throw new Exception(__('You are not allowed to delete this entry text widget'));
}
}
// update widgetText
$cur->update('WHERE option_id = ' . $id . ' ');
// update blog
dcCore::app()->blog->triggerBlog();
}
/**
* Delete a widgetText.
*
* @param int $id The widgetText ID
* @param null|string $type The widgetText optionnal type
*/
public static function delWidget(int $id, ?string $type = null): void
{
// nullsafe
if (is_null(dcCore::app()->auth) || is_null(dcCore::app()->blog)) {
throw new Exception('blog is not set');
throw new Exception(__('Blog is not set'));
}
// check permission to delete post
if (!dcCore::app()->auth->check(dcCore::app()->auth->makePermissions([
dcCore::app()->auth::PERMISSION_DELETE,
dcCore::app()->auth::PERMISSION_CONTENT_ADMIN,
@ -171,35 +229,48 @@ class Utils
throw new Exception(__('You are not allowed to delete entries text widget'));
}
$id = (int) $id;
$type ??= My::id();
// check properties
if (empty($id)) {
throw new Exception(__('No such ID'));
}
if (empty($type)) {
$type = My::id();
}
// check if user is post owner
if (!dcCore::app()->auth->check(dcCore::app()->auth->makePermissions([dcCore::app()->auth::PERMISSION_CONTENT_ADMIN]), dcCore::app()->blog->id)) {
$params['option_id'] = $id;
$params['user_id'] = dcCore::app()->con->escapeStr((string) dcCore::app()->auth->userID());
$params['no_content'] = true;
$params['limit'] = 1;
$rs = self::getWidgets($params);
$rs = self::getWidgets([
'option_id' => $id,
'user_id' => dcCore::app()->con->escapeStr((string) dcCore::app()->auth->userID()),
'no_content' => true,
'limit' => 1,
]);
if ($rs->isEmpty()) {
throw new Exception(__('You are not allowed to delete this entry text widget'));
}
}
dcCore::app()->con->execute(
'DELETE FROM ' . dcCore::app()->prefix . My::TABLE_NAME . ' ' .
'WHERE option_id = ' . $id . ' ' .
"AND option_type = '" . dcCore::app()->con->escapeStr((string) $type) . "' "
);
// delete widgetText
$sql = new DeleteStatement();
$sql->from(dcCore::app()->prefix . My::TABLE_NAME)
->where('option_id = ' . $id)
->and('option_type = ' . $sql->quote($type))
->delete();
// update blog
dcCore::app()->blog->triggerBlog();
}
/**
* Parse widgetText content.
*
* @param int $option_id The widgetText ID
* @param string $format The format
* @param string $lang The lang
* @param null|string $content The content
* @param null|string $content_xhtml The xhtml content
*/
public static function setWidgetContent(int $option_id, string $format, string $lang, ?string &$content, ?string &$content_xhtml): void
{
if ($format == 'wiki') {
@ -219,7 +290,7 @@ class Utils
$excerpt = $excerpt_xhtml = '';
# --BEHAVIOR-- coreAfterPostContentFormat
# --BEHAVIOR-- coreAfterPostContentFormat -- array
dcCore::app()->callBehavior('coreAfterPostContentFormat', [
'excerpt' => &$excerpt,
'content' => &$content,
@ -228,20 +299,26 @@ class Utils
]);
}
/**
* Extract content.
*
* @param Cursor $cur The widgetText Cursor
* @param int $option_id The widgetText ID
*/
private static function getWidgetContent(Cursor $cur, int $option_id): void
{
$option_content = $cur->option_content;
$option_content_xhtml = $cur->option_content_xhtml;
$option_content = $cur->getfield('option_content');
$option_content_xhtml = $cur->getField('option_content_xhtml');
self::setWidgetContent(
$option_id,
$cur->option_format,
$cur->option_lang,
$cur->getField('option_format'),
$cur->getField('option_lang'),
$option_content,
$option_content_xhtml
);
$cur->option_content = $option_content;
$cur->option_content_xhtml = $option_content_xhtml;
$cur->setField('option_content', $option_content);
$cur->setField('option_content_xhtml', $option_content_xhtml);
}
}