PostgreSQL - code changes to avoid problems where user table is referenced in ad-hoc queries

This commit is contained in:
Ciaran Gultnieks 2009-01-26 21:10:32 +00:00
parent a4291d64ce
commit 53274a6d93
4 changed files with 37 additions and 30 deletions

View File

@ -273,8 +273,10 @@ class Notice extends Memcached_DataObject
if ($cache) {
$user = new User();
$UT = common_config('db','type')=='pgsql'?'"user"':'user';
$user->query('SELECT id ' .
'FROM user JOIN subscription ON user.id = subscription.subscriber ' .
"FROM $UT JOIN subscription ON $UT.id = subscription.subscriber " .
'WHERE subscription.subscribed = ' . $this->profile_id);
while ($user->fetch()) {
@ -568,16 +570,17 @@ class Notice extends Memcached_DataObject
if ($enabled === true || $enabled === 'transitional') {
$inbox = new Notice_inbox();
$UT = common_config('db','type')=='pgsql'?'"user"':'user';
$qry = 'INSERT INTO notice_inbox (user_id, notice_id, created) ' .
'SELECT user.id, ' . $this->id . ', "' . $this->created . '" ' .
'FROM user JOIN subscription ON user.id = subscription.subscriber ' .
"SELECT $UT.id, " . $this->id . ', "' . $this->created . '" ' .
"FROM $UT JOIN subscription ON $UT.id = subscription.subscriber " .
'WHERE subscription.subscribed = ' . $this->profile_id . ' ' .
'AND NOT EXISTS (SELECT user_id, notice_id ' .
'FROM notice_inbox ' .
'WHERE user_id = user.id ' .
"WHERE user_id = $UT.id " .
'AND notice_id = ' . $this->id . ' )';
if ($enabled === 'transitional') {
$qry .= ' AND user.inboxed = 1';
$qry .= " AND $UT.inboxed = 1";
}
$inbox->query($qry);
}
@ -628,16 +631,17 @@ class Notice extends Memcached_DataObject
// FIXME: do this in an offline daemon
$inbox = new Notice_inbox();
$UT = common_config('db','type')=='pgsql'?'"user"':'user';
$qry = 'INSERT INTO notice_inbox (user_id, notice_id, created, source) ' .
'SELECT user.id, ' . $this->id . ', "' . $this->created . '", 2 ' .
'FROM user JOIN group_member ON user.id = group_member.profile_id ' .
"SELECT $UT.id, " . $this->id . ', "' . $this->created . '", 2 ' .
"FROM $UT JOIN group_member ON $UT.id = group_member.profile_id " .
'WHERE group_member.group_id = ' . $group->id . ' ' .
'AND NOT EXISTS (SELECT user_id, notice_id ' .
'FROM notice_inbox ' .
'WHERE user_id = user.id ' .
"WHERE user_id = $UT.id " .
'AND notice_id = ' . $this->id . ' )';
if ($enabled === 'transitional') {
$qry .= ' AND user.inboxed = 1';
$qry .= " AND $UT.inboxed = 1";
}
$result = $inbox->query($qry);
}

View File

@ -338,11 +338,12 @@ class User extends Memcached_DataObject
{
# 3-way join; probably should get cached
$qry = 'SELECT user.* ' .
'FROM subscription sub1 JOIN user ON sub1.subscribed = user.id ' .
'JOIN subscription sub2 ON user.id = sub2.subscriber ' .
$UT = common_config('db','type')=='pgsql'?'"user"':'user';
$qry = "SELECT $UT.* " .
"FROM subscription sub1 JOIN $UT ON sub1.subscribed = $UT.id " .
"JOIN subscription sub2 ON $UT.id = sub2.subscriber " .
'WHERE sub1.subscriber = %d and sub2.subscribed = %d ' .
'ORDER BY user.nickname';
"ORDER BY $UT.nickname";
$user = new User();
$user->query(sprintf($qry, $this->id, $this->id));

View File

@ -354,12 +354,13 @@ function jabber_broadcast_notice($notice)
// First, get users to whom this is a direct reply
$user = new User();
$user->query('SELECT user.id, user.jabber ' .
'FROM user JOIN reply ON user.id = reply.profile_id ' .
$UT = common_config('db','type')=='pgsql'?'"user"':'user';
$user->query("SELECT $UT.id, $UT.jabber " .
"FROM $UT JOIN reply ON $UT.id = reply.profile_id " .
'WHERE reply.notice_id = ' . $notice->id . ' ' .
'AND user.jabber is not null ' .
'AND user.jabbernotify = 1 ' .
'AND user.jabberreplies = 1 ');
"AND $UT.jabber is not null " .
"AND $UT.jabbernotify = 1 " .
"AND $UT.jabberreplies = 1 ");
while ($user->fetch()) {
common_log(LOG_INFO,
@ -375,12 +376,12 @@ function jabber_broadcast_notice($notice)
// Now, get users subscribed to this profile
$user = new User();
$user->query('SELECT user.id, user.jabber ' .
'FROM user JOIN subscription ' .
'ON user.id = subscription.subscriber ' .
$user->query("SELECT $UT.id, $UT.jabber " .
"FROM $UT JOIN subscription " .
"ON $UT.id = subscription.subscriber " .
'WHERE subscription.subscribed = ' . $notice->profile_id . ' ' .
'AND user.jabber is not null ' .
'AND user.jabbernotify = 1 ' .
"AND $UT.jabber is not null " .
"AND $UT.jabbernotify = 1 " .
'AND subscription.jabber = 1 ');
while ($user->fetch()) {
@ -399,9 +400,9 @@ function jabber_broadcast_notice($notice)
// Now, get users who have it in their inbox because of groups
$user = new User();
$user->query('SELECT user.id, user.jabber ' .
'FROM user JOIN notice_inbox ' .
'ON user.id = notice_inbox.user_id ' .
$user->query("SELECT $UT.id, $UT.jabber " .
"FROM $UT JOIN notice_inbox " .
"ON $UT.id = notice_inbox.user_id " .
'WHERE notice_inbox.notice_id = ' . $notice->id . ' ' .
'AND notice_inbox.source = 2 ' .
'AND user.jabber is not null ' .

View File

@ -331,12 +331,13 @@ function mail_broadcast_notice_sms($notice)
$user = new User();
$UT = common_config('db','type')=='pgsql'?'"user"':'user';
$user->query('SELECT nickname, smsemail, incomingemail ' .
'FROM user JOIN subscription ' .
'ON user.id = subscription.subscriber ' .
"FROM $UT JOIN subscription " .
"ON $UT.id = subscription.subscriber " .
'WHERE subscription.subscribed = ' . $notice->profile_id . ' ' .
'AND user.smsemail IS NOT null ' .
'AND user.smsnotify = 1 ' .
"AND $UT.smsemail IS NOT null " .
"AND $UT.smsnotify = 1 " .
'AND subscription.sms = 1 ');
while ($user->fetch()) {