From 6a053be850a54bdde5c58859335ce129947cc141 Mon Sep 17 00:00:00 2001 From: Michael Michaelis Date: Thu, 25 Jul 2024 18:19:50 +0200 Subject: [PATCH 1/6] ref #64074: consider restriction of an MLT table field --- .../TCMSListManagerEndPoint.class.php | 62 ++++++++++++++++++- .../TCMSListManagerMLT.class.php | 23 +++++++ 2 files changed, 84 insertions(+), 1 deletion(-) diff --git a/src/CoreBundle/private/library/classes/TCMSListManager/TCMSListManagerEndPoint.class.php b/src/CoreBundle/private/library/classes/TCMSListManager/TCMSListManagerEndPoint.class.php index 82e72aeee..a94df94a5 100644 --- a/src/CoreBundle/private/library/classes/TCMSListManager/TCMSListManagerEndPoint.class.php +++ b/src/CoreBundle/private/library/classes/TCMSListManager/TCMSListManagerEndPoint.class.php @@ -12,6 +12,7 @@ use ChameleonSystem\CoreBundle\ServiceLocator; use ChameleonSystem\CoreBundle\Util\FieldTranslationUtil; use ChameleonSystem\CoreBundle\Util\InputFilterUtilInterface; +use ChameleonSystem\CoreBundle\Util\MltFieldUtil; use Doctrine\DBAL\Connection; /** @@ -417,12 +418,63 @@ public function GetCustomRestriction() if (!empty($this->sRestrictionField) && !is_null($this->sRestriction)) { $sourceID = $this->sRestriction; - $query .= $this->CreateRestriction($this->sRestrictionField, "= '".MySqlLegacySupport::getInstance()->real_escape_string($sourceID)."'"); + $fieldname = $this->sRestrictionField; + + if (false === str_ends_with($fieldname, '_mlt') && true === TTools::FieldExists($this->tableObj->sTableName, $fieldname)) { + return $this->CreateRestriction($this->sRestrictionField, "= '".MySqlLegacySupport::getInstance()->real_escape_string($sourceID)."'"); + } + + $mltTable = $this->GetMLTTableName(); + $query = sprintf("SELECT `target_id` FROM %s WHERE `source_id` = :value", $this->getDatabaseConnection()->quoteIdentifier($mltTable)); + + $idList = $this->getDatabaseConnection()->fetchFirstColumn($query, ['value' => $this->sRestriction]); + if ([] === $idList) { + return '1=0'; + } + + $idListString = implode(',', array_map([$this->getDatabaseConnection(), 'quote'], $idList)); + $quotedTableName = $this->getDatabaseConnection()->quoteIdentifier($this->oTableConf->sqlData['name']); + + return " $quotedTableName.`id` IN ($idListString)"; + + //$query .= $this->CreateRestriction($this->sRestrictionField, "= '".MySqlLegacySupport::getInstance()->real_escape_string($sourceID)."'"); } return $query; } + protected function GetMLTTableName() + { + $sFieldMltName = $this->GetFieldMltName(); + $sMLTTableName = substr($this->sRestrictionField, 0, -4).'_'.$sFieldMltName.'_mlt'; + + return $sMLTTableName; + } + + /** + * Returns the name of the MLt field without source table name. + * Postfix _mlt was filtered. + * + * @return string + */ + protected function GetFieldMltName() + { + $sFieldMltName = $this->oTableConf->sqlData['name']; + if (array_key_exists('name', $this->tableObj->_postData)) { + $sPostFieldMltName = $this->tableObj->_postData['name']; + $mltFieldUtil = $this->getMltFieldUtil(); + $sPostFieldMltName = $mltFieldUtil->cutMltExtension($sPostFieldMltName); + $cleanMltFieldName = $mltFieldUtil->cutMultiMltFieldNumber($sPostFieldMltName); + if ($cleanMltFieldName != $sFieldMltName) { + $sFieldMltName = $sPostFieldMltName.'_'.$sFieldMltName; + } else { + $sFieldMltName = $sPostFieldMltName; + } + } + + return $sFieldMltName; + } + public function GetTableAlias($query) { $databaseConnection = $this->getDatabaseConnection(); @@ -575,4 +627,12 @@ private function getInputFilterUtil(): InputFilterUtilInterface { return ServiceLocator::get('chameleon_system_core.util.input_filter'); } + + /** + * @return MltFieldUtil + */ + protected function getMltFieldUtil() + { + return ServiceLocator::get('chameleon_system_core.util.mlt_field'); + } } diff --git a/src/CoreBundle/private/library/classes/TCMSListManager/TCMSListManagerMLT.class.php b/src/CoreBundle/private/library/classes/TCMSListManager/TCMSListManagerMLT.class.php index 4bffd4ba7..e0f2a6ff2 100644 --- a/src/CoreBundle/private/library/classes/TCMSListManager/TCMSListManagerMLT.class.php +++ b/src/CoreBundle/private/library/classes/TCMSListManager/TCMSListManagerMLT.class.php @@ -108,6 +108,29 @@ public function GetCustomRestriction() return $query; } +// /** +// * @throws \Doctrine\DBAL\Exception +// */ +// public function CreateRestriction($fieldname, $operatorAndValue) +// { +// if (false === str_ends_with($fieldname, '_mlt') && true === TTools::FieldExists($this->tableObj->sTableName, $fieldname)) { +// return parent::CreateRestriction($fieldname, $operatorAndValue); +// } +// +// $mltTable = $this->GetMLTTableName(); +// $query = sprintf("SELECT `target_id` FROM %s WHERE `source_id` %s", $this->getDatabaseConnection()->quoteIdentifier($mltTable), $operatorAndValue); +// +// $idList = $this->getDatabaseConnection()->fetchFirstColumn($query, ['value' => $this->sRestriction]); +// if ([] === $idList) { +// return '1=0'; +// } +// +// $idListString = implode(',', array_map([$this->getDatabaseConnection(), 'quote'], $idList)); +// $quotedTableName = $this->getDatabaseConnection()->quoteIdentifier($this->oTableConf->sqlData['name']); +// +// return " $quotedTableName.`id` IN ($idListString)"; +// } + protected function AddRowPrefixFields() { } From a07b8a1502e3d4f9c25f818d01d7e5c229c97d19 Mon Sep 17 00:00:00 2001 From: Michael Michaelis Date: Thu, 25 Jul 2024 18:20:56 +0200 Subject: [PATCH 2/6] ref #64074: remove old method --- .../TCMSListManagerEndPoint.class.php | 2 -- .../TCMSListManagerMLT.class.php | 23 ------------------- 2 files changed, 25 deletions(-) diff --git a/src/CoreBundle/private/library/classes/TCMSListManager/TCMSListManagerEndPoint.class.php b/src/CoreBundle/private/library/classes/TCMSListManager/TCMSListManagerEndPoint.class.php index a94df94a5..3d54edc55 100644 --- a/src/CoreBundle/private/library/classes/TCMSListManager/TCMSListManagerEndPoint.class.php +++ b/src/CoreBundle/private/library/classes/TCMSListManager/TCMSListManagerEndPoint.class.php @@ -436,8 +436,6 @@ public function GetCustomRestriction() $quotedTableName = $this->getDatabaseConnection()->quoteIdentifier($this->oTableConf->sqlData['name']); return " $quotedTableName.`id` IN ($idListString)"; - - //$query .= $this->CreateRestriction($this->sRestrictionField, "= '".MySqlLegacySupport::getInstance()->real_escape_string($sourceID)."'"); } return $query; diff --git a/src/CoreBundle/private/library/classes/TCMSListManager/TCMSListManagerMLT.class.php b/src/CoreBundle/private/library/classes/TCMSListManager/TCMSListManagerMLT.class.php index e0f2a6ff2..4bffd4ba7 100644 --- a/src/CoreBundle/private/library/classes/TCMSListManager/TCMSListManagerMLT.class.php +++ b/src/CoreBundle/private/library/classes/TCMSListManager/TCMSListManagerMLT.class.php @@ -108,29 +108,6 @@ public function GetCustomRestriction() return $query; } -// /** -// * @throws \Doctrine\DBAL\Exception -// */ -// public function CreateRestriction($fieldname, $operatorAndValue) -// { -// if (false === str_ends_with($fieldname, '_mlt') && true === TTools::FieldExists($this->tableObj->sTableName, $fieldname)) { -// return parent::CreateRestriction($fieldname, $operatorAndValue); -// } -// -// $mltTable = $this->GetMLTTableName(); -// $query = sprintf("SELECT `target_id` FROM %s WHERE `source_id` %s", $this->getDatabaseConnection()->quoteIdentifier($mltTable), $operatorAndValue); -// -// $idList = $this->getDatabaseConnection()->fetchFirstColumn($query, ['value' => $this->sRestriction]); -// if ([] === $idList) { -// return '1=0'; -// } -// -// $idListString = implode(',', array_map([$this->getDatabaseConnection(), 'quote'], $idList)); -// $quotedTableName = $this->getDatabaseConnection()->quoteIdentifier($this->oTableConf->sqlData['name']); -// -// return " $quotedTableName.`id` IN ($idListString)"; -// } - protected function AddRowPrefixFields() { } From 490f37d8c0fbdb99c6c4b78dab66f4a78193c9b8 Mon Sep 17 00:00:00 2001 From: Michael Michaelis Date: Thu, 25 Jul 2024 18:21:19 +0200 Subject: [PATCH 3/6] ref #64074: modernize --- .../TCMSListManagerEndPoint.class.php | 68 +++++++++---------- 1 file changed, 33 insertions(+), 35 deletions(-) diff --git a/src/CoreBundle/private/library/classes/TCMSListManager/TCMSListManagerEndPoint.class.php b/src/CoreBundle/private/library/classes/TCMSListManager/TCMSListManagerEndPoint.class.php index 3d54edc55..92d1dbec3 100644 --- a/src/CoreBundle/private/library/classes/TCMSListManager/TCMSListManagerEndPoint.class.php +++ b/src/CoreBundle/private/library/classes/TCMSListManager/TCMSListManagerEndPoint.class.php @@ -411,42 +411,40 @@ protected function GetUserRestrictionJoin($recordQuery) * any custom restrictions can be added to the query by overwriting this function. * * @return string + * @throws \Doctrine\DBAL\Exception */ public function GetCustomRestriction() { - $query = ''; - - if (!empty($this->sRestrictionField) && !is_null($this->sRestriction)) { - $sourceID = $this->sRestriction; - $fieldname = $this->sRestrictionField; - - if (false === str_ends_with($fieldname, '_mlt') && true === TTools::FieldExists($this->tableObj->sTableName, $fieldname)) { - return $this->CreateRestriction($this->sRestrictionField, "= '".MySqlLegacySupport::getInstance()->real_escape_string($sourceID)."'"); - } + if (true === empty($this->sRestrictionField) || null === $this->sRestriction) { + return ''; + } - $mltTable = $this->GetMLTTableName(); - $query = sprintf("SELECT `target_id` FROM %s WHERE `source_id` = :value", $this->getDatabaseConnection()->quoteIdentifier($mltTable)); + $sourceID = $this->sRestriction; + $fieldName = $this->sRestrictionField; + $foreignTableName = $this->oTableConf->sqlData['name']; + $connection = $this->getDatabaseConnection(); - $idList = $this->getDatabaseConnection()->fetchFirstColumn($query, ['value' => $this->sRestriction]); - if ([] === $idList) { - return '1=0'; - } + if (false === str_ends_with($fieldName, '_mlt') && true === TTools::FieldExists($foreignTableName, $fieldName)) { + return $this->CreateRestriction($this->sRestrictionField, '= '.$connection->quote($sourceID)); + } - $idListString = implode(',', array_map([$this->getDatabaseConnection(), 'quote'], $idList)); - $quotedTableName = $this->getDatabaseConnection()->quoteIdentifier($this->oTableConf->sqlData['name']); + $mltTable = $this->GetMLTTableName(); + $query = sprintf("SELECT `target_id` FROM %s WHERE `source_id` = :value", $connection->quoteIdentifier($mltTable)); - return " $quotedTableName.`id` IN ($idListString)"; + $idList = $connection->fetchFirstColumn($query, ['value' => $this->sRestriction]); + if ([] === $idList) { + return '1=0'; } - return $query; + $idListString = implode(',', array_map([$connection, 'quote'], $idList)); + $quotedTableName = $connection->quoteIdentifier($foreignTableName); + + return " $quotedTableName.`id` IN ($idListString)"; } protected function GetMLTTableName() { - $sFieldMltName = $this->GetFieldMltName(); - $sMLTTableName = substr($this->sRestrictionField, 0, -4).'_'.$sFieldMltName.'_mlt'; - - return $sMLTTableName; + return substr($this->sRestrictionField, 0, -4).'_'.$this->GetFieldMltName().'_mlt'; } /** @@ -457,20 +455,20 @@ protected function GetMLTTableName() */ protected function GetFieldMltName() { - $sFieldMltName = $this->oTableConf->sqlData['name']; - if (array_key_exists('name', $this->tableObj->_postData)) { - $sPostFieldMltName = $this->tableObj->_postData['name']; - $mltFieldUtil = $this->getMltFieldUtil(); - $sPostFieldMltName = $mltFieldUtil->cutMltExtension($sPostFieldMltName); - $cleanMltFieldName = $mltFieldUtil->cutMultiMltFieldNumber($sPostFieldMltName); - if ($cleanMltFieldName != $sFieldMltName) { - $sFieldMltName = $sPostFieldMltName.'_'.$sFieldMltName; - } else { - $sFieldMltName = $sPostFieldMltName; - } + $fieldMltName = $this->oTableConf->sqlData['name']; + $postFieldMltName = $this->tableObj->_postData['name'] ?? null; + if (null === $postFieldMltName) { + return $fieldMltName; + } + + $mltFieldUtil = $this->getMltFieldUtil(); + $postFieldMltName = $mltFieldUtil->cutMltExtension($postFieldMltName); + $cleanMltFieldName = $mltFieldUtil->cutMultiMltFieldNumber($postFieldMltName); + if ($cleanMltFieldName === $fieldMltName) { + return $postFieldMltName; } - return $sFieldMltName; + return $postFieldMltName.'_'.$fieldMltName; } public function GetTableAlias($query) From 153e9290b626993d9201493c4ec3215fb1291b16 Mon Sep 17 00:00:00 2001 From: Michael Michaelis Date: Thu, 25 Jul 2024 18:22:52 +0200 Subject: [PATCH 4/6] ref #64074: remove equivalent inherited method --- .../TCMSListManagerMLT.class.php | 24 ------------------- 1 file changed, 24 deletions(-) diff --git a/src/CoreBundle/private/library/classes/TCMSListManager/TCMSListManagerMLT.class.php b/src/CoreBundle/private/library/classes/TCMSListManager/TCMSListManagerMLT.class.php index 4bffd4ba7..aa13155ad 100644 --- a/src/CoreBundle/private/library/classes/TCMSListManager/TCMSListManagerMLT.class.php +++ b/src/CoreBundle/private/library/classes/TCMSListManager/TCMSListManagerMLT.class.php @@ -34,30 +34,6 @@ public function _AddFunctionColumn() $this->tableObj->AddColumn('id', 'left', array($this, 'CallBackMLTFunctionBlock'), null, 1); } - /** - * Returns the name of the MLt field without source table name. - * Postfix _mlt was filtered. - * - * @return string - */ - protected function GetFieldMltName() - { - $sFieldMltName = $this->oTableConf->sqlData['name']; - if (array_key_exists('name', $this->tableObj->_postData)) { - $sPostFieldMltName = $this->tableObj->_postData['name']; - $mltFieldUtil = $this->getMltFieldUtil(); - $sPostFieldMltName = $mltFieldUtil->cutMltExtension($sPostFieldMltName); - $cleanMltFieldName = $mltFieldUtil->cutMultiMltFieldNumber($sPostFieldMltName); - if ($cleanMltFieldName != $sFieldMltName) { - $sFieldMltName = $sPostFieldMltName.'_'.$sFieldMltName; - } else { - $sFieldMltName = $sPostFieldMltName; - } - } - - return $sFieldMltName; - } - /** * Returns the mlt table name. * From 670baa24c59a3ff1ff5b177d4190f7b35dbbd7e3 Mon Sep 17 00:00:00 2001 From: Michael Michaelis Date: Thu, 25 Jul 2024 18:31:14 +0200 Subject: [PATCH 5/6] ref #64074: use tools as service --- .../TCMSListManager/TCMSListManagerEndPoint.class.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/CoreBundle/private/library/classes/TCMSListManager/TCMSListManagerEndPoint.class.php b/src/CoreBundle/private/library/classes/TCMSListManager/TCMSListManagerEndPoint.class.php index 92d1dbec3..05fd38f92 100644 --- a/src/CoreBundle/private/library/classes/TCMSListManager/TCMSListManagerEndPoint.class.php +++ b/src/CoreBundle/private/library/classes/TCMSListManager/TCMSListManagerEndPoint.class.php @@ -424,7 +424,7 @@ public function GetCustomRestriction() $foreignTableName = $this->oTableConf->sqlData['name']; $connection = $this->getDatabaseConnection(); - if (false === str_ends_with($fieldName, '_mlt') && true === TTools::FieldExists($foreignTableName, $fieldName)) { + if (false === str_ends_with($fieldName, '_mlt') && true === $this->getToolsService()::FieldExists($foreignTableName, $fieldName)) { return $this->CreateRestriction($this->sRestrictionField, '= '.$connection->quote($sourceID)); } @@ -631,4 +631,9 @@ protected function getMltFieldUtil() { return ServiceLocator::get('chameleon_system_core.util.mlt_field'); } + + private function getToolsService(): TTools + { + return ServiceLocator::get('chameleon_system_core.tools'); + } } From 73ed5e07dece2e5d8e65b914cf9f1396fddfd2b8 Mon Sep 17 00:00:00 2001 From: Michael Michaelis Date: Thu, 25 Jul 2024 18:49:13 +0200 Subject: [PATCH 6/6] ref #64074: comment if restrictions set, but no matches --- .../classes/TCMSListManager/TCMSListManagerEndPoint.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/CoreBundle/private/library/classes/TCMSListManager/TCMSListManagerEndPoint.class.php b/src/CoreBundle/private/library/classes/TCMSListManager/TCMSListManagerEndPoint.class.php index 05fd38f92..7606be635 100644 --- a/src/CoreBundle/private/library/classes/TCMSListManager/TCMSListManagerEndPoint.class.php +++ b/src/CoreBundle/private/library/classes/TCMSListManager/TCMSListManagerEndPoint.class.php @@ -433,7 +433,7 @@ public function GetCustomRestriction() $idList = $connection->fetchFirstColumn($query, ['value' => $this->sRestriction]); if ([] === $idList) { - return '1=0'; + return '1=0'; // restrictions set, but no matches } $idListString = implode(',', array_map([$connection, 'quote'], $idList));