From 1d8bf5f0ab33570d2b3eed7f5de3b506018976d5 Mon Sep 17 00:00:00 2001 From: skodak Date: Fri, 30 May 2008 21:36:57 +0000 Subject: [PATCH] MDL-14679 towards /admin conversion --- admin/enrol_config.php | 4 ++-- admin/filter.php | 12 +++++------ admin/handlevirus.php | 4 ++-- admin/health.php | 4 ++-- admin/maintenance.php | 4 ++-- admin/multilangupgrade.php | 2 +- admin/oacleanup.php | 41 +++++++++++++++++++------------------- admin/process_email.php | 3 ++- admin/replace.php | 5 ++++- admin/search.php | 6 ++++-- admin/settings.php | 6 +++--- admin/upgradesettings.php | 2 +- admin/uploaduser.php | 22 ++++++++++---------- 13 files changed, 62 insertions(+), 53 deletions(-) diff --git a/admin/enrol_config.php b/admin/enrol_config.php index 6adca6d13c8e2..f9fe5cedd9892 100644 --- a/admin/enrol_config.php +++ b/admin/enrol_config.php @@ -17,9 +17,9 @@ /// If data submitted, then process and store. - if ($frm = data_submitted()) { + if ($frm = data_submitted(false)) { if (!confirm_sesskey()) { - error(get_string('confirmsesskeybad', 'error')); + print_error('confirmsesskeybad', 'error'); } if ($enrolment->process_config($frm)) { redirect("enrol.php?sesskey=$USER->sesskey", get_string("changessaved"), 1); diff --git a/admin/filter.php b/admin/filter.php index 8c51c70f4ecbf..d9bb97988b0c0 100644 --- a/admin/filter.php +++ b/admin/filter.php @@ -7,7 +7,7 @@ require_once($CFG->libdir.'/tablelib.php'); $filterfull = required_param('filter', PARAM_PATH); - $forcereset = optional_param('reset', 0, PARAM_BOOL); + $forcereset = optional_param('reset', 0, PARAM_BOOL); $filtername = substr($filterfull, strpos( $filterfull, '/' )+1 ) ; @@ -17,17 +17,17 @@ // get translated strings for use on page - $txt = new Object; - $txt->managefilters = get_string( 'managefilters' ); + $txt = new object(); + $txt->managefilters = get_string( 'managefilters' ); $txt->administration = get_string( 'administration' ); - $txt->configuration = get_string( 'configuration' ); + $txt->configuration = get_string( 'configuration' ); //====================== // Process Actions //====================== // if reset pressed let filter config page handle it - if ($config = data_submitted() and !$forcereset) { + if ($config = data_submitted(false) and !$forcereset) { // check session key if (!confirm_sesskey()) { @@ -48,7 +48,7 @@ // run through submitted data // reject if does not start with filter_ foreach ($config as $name => $value) { - set_config($name, stripslashes($value)); + set_config($name, $value); } } diff --git a/admin/handlevirus.php b/admin/handlevirus.php index 7a09c1eb672e0..59464ea4c1b8a 100644 --- a/admin/handlevirus.php +++ b/admin/handlevirus.php @@ -38,8 +38,8 @@ $action = clam_handle_infected_file($file,$log->userid,true); clam_replace_infected_file($file); - $user = get_record("user","id",$log->userid); - $course = get_record("course","id",$log->course); + $user = $DB->get_record("user", array("id"=>$log->userid)); + $course = $DB->get_record("course", array("id"=>$log->course)); $subject = get_string('virusfoundsubject','moodle',format_string($site->fullname)); $a->date = userdate($log->time); diff --git a/admin/health.php b/admin/health.php index e9fe728ed776a..ac6aa744db2ae 100644 --- a/admin/health.php +++ b/admin/health.php @@ -275,8 +275,8 @@ function title() { return 'cron.php is not set up to run automatically'; } function exists() { - global $CFG; - $lastcron = get_field_sql('SELECT max(lastcron) FROM '.$CFG->prefix.'modules'); + global $DB; + $lastcron = $DB->get_field_sql('SELECT max(lastcron) FROM {modules}'); return (time() - $lastcron > 3600 * 24); } function severity() { diff --git a/admin/maintenance.php b/admin/maintenance.php index 071a873254c34..a4bfa1cdbc700 100644 --- a/admin/maintenance.php +++ b/admin/maintenance.php @@ -15,14 +15,14 @@ $filename = $CFG->dataroot.'/'.SITEID.'/maintenance.html'; - if ($form = data_submitted()) { + if ($form = data_submitted(false)) { if (confirm_sesskey()) { if ($form->action == "disable") { unlink($filename); redirect('maintenance.php', get_string('sitemaintenanceoff','admin')); } else { $file = fopen($filename, 'w'); - fwrite($file, stripslashes($form->text)); + fwrite($file, $form->text); fclose($file); redirect('maintenance.php', get_string('sitemaintenanceon', 'admin')); } diff --git a/admin/multilangupgrade.php b/admin/multilangupgrade.php index 0903b652ab063..5bd05248a0f77 100644 --- a/admin/multilangupgrade.php +++ b/admin/multilangupgrade.php @@ -49,7 +49,7 @@ } $fulltable = $DB->get_prefix().$table; if ($columns = $DB->get_columns($table)) { - if (!array_key_exists('id', $columns) and !array_key_exists('ID', $columns)) { + if (!array_key_exists('id', $columns)) { continue; // moodle tables have id } foreach ($columns as $column => $data) { diff --git a/admin/oacleanup.php b/admin/oacleanup.php index 04d0cd3fd6bbb..ae3e6923cecc7 100644 --- a/admin/oacleanup.php +++ b/admin/oacleanup.php @@ -16,7 +16,7 @@ function online_assignment_cleanup($output=false) { - global $CFG; + global $CFG, $DB; if ($output) { print_heading('Online Assignment Cleanup'); @@ -27,7 +27,7 @@ function online_assignment_cleanup($output=false) { /// We don't want to run this code if we are doing an upgrade from an assignment /// version earlier than 2005041400 /// because the assignment type field will not exist - $amv = get_field('modules', 'version', 'name', 'assignment'); + $amv = $DB->get_field('modules', 'version', array('name'=>'assignment')); if ((int)$amv < 2005041400) { if ($output) { echo ''; @@ -37,12 +37,12 @@ function online_assignment_cleanup($output=false) { /// get the module id for assignments from db - $arecord = get_record('modules', 'name', 'assignment'); + $arecord = $DB->get_record('modules', array('name', 'assignment')); $aid = $arecord->id; /// get a list of all courses on this site - $courses = get_records('course'); + $courses = $DB->get_records('course'); /// cycle through each course foreach ($courses as $course) { @@ -51,8 +51,12 @@ function online_assignment_cleanup($output=false) { if ($output) print_heading($fullname); /// retrieve a list of sections beyond what is currently being shown - $sql = 'SELECT * FROM '.$CFG->prefix.'course_sections WHERE course='.$course->id.' AND section>'.$course->numsections.' ORDER BY section ASC'; - if (!($xsections = get_records_sql($sql))) { + $sql = "SELECT * + FROM {course_sections} + WHERE course=? AND section>? + ORDER BY section ASC"; + $params = array($course->id, $course->numsections); + if (!($xsections = $DB->get_records_sql($sql, $params))) { if ($output) echo 'No extra sections
'; continue; } @@ -70,16 +74,13 @@ function online_assignment_cleanup($output=false) { foreach ($instances as $instance) { /// is this an instance of an online assignment $sql = "SELECT a.id - FROM {$CFG->prefix}course_modules cm, - {$CFG->prefix}assignment a - WHERE cm.id = '$instance' AND - cm.module = '$aid' AND - cm.instance = a.id AND - a.assignmenttype = 'online'"; - + FROM {course_modules} cm, {assignment} a + WHERE cm.id = ? AND cm.module = ? AND + cm.instance = a.id AND a.assignmenttype = 'online'"; + $params = array($instance, $aid); /// if record exists then we need to move instance to it's correct section - if (record_exists_sql($sql)) { + if ($DB->record_exists_sql($sql, $params)) { /// check the new section id /// the journal update erroneously stored it in course_sections->section @@ -87,14 +88,14 @@ function online_assignment_cleanup($output=false) { /// double check the new section if ($newsection > $course->numsections) { /// get the record for section 0 for this course - if (!($zerosection = get_record('course_sections', 'course', $course->id, 'section', '0'))) { + if (!($zerosection = $DB->get_record('course_sections', array('course'=>$course->id, 'section'=>'0')))) { continue; } $newsection = $zerosection->id; } /// grab the section record - if (!($section = get_record('course_sections', 'id', $newsection))) { + if (!($section = $DB->get_record('course_sections', array('id'=>$newsection)))) { if ($output) echo 'Serious error: Cannot retrieve section: '.$newsection.' for course: '. format_string($course->fullname) .'
'; continue; } @@ -110,12 +111,12 @@ function online_assignment_cleanup($output=false) { /// implode the sequence $section->sequence = implode(',', $sequence); - set_field('course_sections', 'sequence', $section->sequence, 'id', $section->id); + $DB->set_field('course_sections', 'sequence', $section->sequence, array('id'=>$section->id)); /// now we need to remove the instance from the old sequence /// grab the old section record - if (!($section = get_record('course_sections', 'id', $xsection->id))) { + if (!($section = $DB->get_record('course_sections', array('id'=>$xsection->id)))) { if ($output) echo 'Serious error: Cannot retrieve old section: '.$xsection->id.' for course: '.$course->fullname.'
'; continue; } @@ -132,7 +133,7 @@ function online_assignment_cleanup($output=false) { /// implode the sequence $section->sequence = implode(',', $sequence); - set_field('course_sections', 'sequence', $section->sequence, 'id', $section->id); + $DB->set_field('course_sections', 'sequence', $section->sequence, array('id'=>$section->id)); if ($output) echo 'Online Assignment (instance '.$instance.') moved from section '.$section->id.': to section '.$newsection.'
'; @@ -143,7 +144,7 @@ function online_assignment_cleanup($output=false) { /// if the summary and sequence are empty then remove this section if (empty($xsection->summary) and empty($xsection->sequence)) { - delete_records('course_sections', 'id', $xsection->id); + $DB->delete_records('course_sections', array('id'=>$xsection->id)); if ($output) echo 'Deleting empty section '.$xsection->section.'
'; } } diff --git a/admin/process_email.php b/admin/process_email.php index 33c8783d793c5..1b311776565d8 100755 --- a/admin/process_email.php +++ b/admin/process_email.php @@ -9,6 +9,7 @@ // BOUNCE EMAILS TO NOREPLY if ($_ENV['RECIPIENT'] == $CFG->noreplyaddress) { + $user = new pbject(); $user->email = $_ENV['SENDER']; if (!validate_email($user->email)) { @@ -53,7 +54,7 @@ $modname = 'moodle'; } else { - $modname = get_field("modules","name","id",$modid); + $modname = $DB->get_field("modules", "name", array("id"=>$modid)); include_once('mod/'.$modname.'/lib.php'); } $function = $modname.'_process_email'; diff --git a/admin/replace.php b/admin/replace.php index cdff6ae39a47a..f9dc986a02d02 100644 --- a/admin/replace.php +++ b/admin/replace.php @@ -10,6 +10,9 @@ $search = optional_param('search', '', PARAM_RAW); $replace = optional_param('replace', '', PARAM_RAW); +$search = stripslashes($search); // TODO: remove soon +$replace = stripslashes($replace); // TODO: remove soon + ################################################################### admin_externalpage_print_header(); @@ -34,7 +37,7 @@ print_simple_box_start('center'); -if (!db_replace(stripslashes($search), stripslashes($replace))) { +if (!db_replace($search, $replace)) { print_error('erroroccur', debug); } diff --git a/admin/search.php b/admin/search.php index 4fcde9546a3d9..a8ee38ba2fb7c 100644 --- a/admin/search.php +++ b/admin/search.php @@ -5,7 +5,9 @@ require_once('../config.php'); require_once($CFG->libdir.'/adminlib.php'); -$query = trim(stripslashes(optional_param('query', '', PARAM_NOTAGS))); // Search string +$query = trim(optional_param('query', '', PARAM_NOTAGS)); // Search string + +$query = stripslashes($query); // TODO: remove soon $adminroot =& admin_get_root(); // need all settings here $adminroot->search = $query; // So we can reference it in search boxes later in this invocation @@ -16,7 +18,7 @@ admin_externalpage_setup('search'); // now hidden page // now we'll deal with the case that the admin has submitted the form with changed settings -if ($data = data_submitted() and confirm_sesskey()) { +if ($data = data_submitted(false) and confirm_sesskey()) { if (admin_write_settings($data)) { $statusmsg = get_string('changessaved'); } diff --git a/admin/settings.php b/admin/settings.php index f4ead11bec381..d0f771f77b849 100644 --- a/admin/settings.php +++ b/admin/settings.php @@ -16,12 +16,12 @@ $page =& $adminroot->locate($section); if (empty($page) or !is_a($page, 'admin_settingpage')) { - error(get_string('sectionerror', 'admin'), "$CFG->wwwroot/$CFG->admin/"); + print_error('sectionerror', 'admin', "$CFG->wwwroot/$CFG->admin/"); die; } if (!($page->check_access())) { - error(get_string('accessdenied', 'admin')); + print_error('accessdenied', 'admin'); die; } @@ -31,7 +31,7 @@ $errormsg = ''; $focus = ''; -if ($data = data_submitted() and confirm_sesskey()) { +if ($data = data_submitted(false) and confirm_sesskey()) { if (admin_write_settings($data)) { $statusmsg = get_string('changessaved'); } diff --git a/admin/upgradesettings.php b/admin/upgradesettings.php index 65fbf3c4cb1ea..6d4d5e10fa4cc 100644 --- a/admin/upgradesettings.php +++ b/admin/upgradesettings.php @@ -15,7 +15,7 @@ admin_externalpage_setup('upgradesettings'); // now hidden page // now we'll deal with the case that the admin has submitted the form with new settings -if ($data = data_submitted() and confirm_sesskey()) { +if ($data = data_submitted(false) and confirm_sesskey()) { $count = admin_write_settings($data); $adminroot =& admin_get_root(true); //reload tree } diff --git a/admin/uploaduser.php b/admin/uploaduser.php index 6a4c411ade7b8..4511b81e8e75f 100755 --- a/admin/uploaduser.php +++ b/admin/uploaduser.php @@ -76,7 +76,7 @@ $PRF_FIELDS = array(); -if ($prof_fields = get_records('user_info_field')) { +if ($prof_fields = $DB->get_records('user_info_field')) { foreach ($prof_fields as $prof_field) { $PRF_FIELDS[] = 'profile_field_'.$prof_field->shortname; } @@ -264,7 +264,7 @@ continue; } - if ($existinguser = get_record('user', 'username', addslashes($user->username), 'mnethostid', $user->mnethostid)) { + if ($existinguser = $DB->get_record('user', array('username'=>$user->username, 'mnethostid'=>$user->mnethostid))) { $upt->track('id', $existinguser->id, 'normal', false); } @@ -342,14 +342,14 @@ continue; } - if ($olduser = get_record('user', 'username', addslashes($oldusername), 'mnethostid', addslashes($user->mnethostid))) { + if ($olduser = $DB->get_record('user', array('username'=>$oldusername, 'mnethostid'=>$user->mnethostid))) { $upt->track('id', $olduser->id, 'normal', false); if (has_capability('moodle/site:doanything', $systemcontext, $olduser->id)) { $upt->track('status', $strusernotrenamedadmin, 'error'); $renameerrors++; continue; } - if (set_field('user', 'username', addslashes($user->username), 'id', $olduser->id)) { + if ($DB->set_field('user', 'username', $user->username, array('id'=>$olduser->id))) { $upt->track('username', '', 'normal', false); // clear previous $upt->track('username', $oldusername.'-->'.$user->username, 'info'); $upt->track('status', $struserrenamed); @@ -444,7 +444,7 @@ } if ($existinguser->$column !== $user->$column) { if ($column == 'email') { - if (record_exists('user', 'email', addslashes($user->email))) { + if ($DB->record_exists('user', array('email'=>$user->email))) { if ($noemailduplicates) { $upt->track('email', $stremailduplicate, 'error'); $upt->track('status', $strusernotupdated, 'error'); @@ -474,7 +474,7 @@ $upt->track('auth', $struserauthunsupported, 'warning'); } - if (update_record('user', addslashes_recursive($existinguser))) { + if ($DB->update_record('user', $existinguser)) { $upt->track('status', $struserupdated); $usersupdated++; } else { @@ -516,7 +516,7 @@ } } - if (record_exists('user', 'email', addslashes($user->email))) { + if ($DB->record_exists('user', array('email'=>$user->email))) { if ($noemailduplicates) { $upt->track('email', $stremailduplicate, 'error'); $upt->track('status', $strusernotaddederror, 'error'); @@ -527,7 +527,7 @@ } } - if ($user->id = insert_record('user', addslashes_recursive($user))) { + if ($user->id = $DB->insert_record('user', $user)) { $info = ': ' . $user->username .' (ID = ' . $user->id . ')'; $upt->track('status', $struseradded); $upt->track('id', $user->id, 'normal', false); @@ -566,7 +566,7 @@ $shortname = $user->{'course'.$i}; if (!array_key_exists($shortname, $ccache)) { - if (!$course = get_record('course', 'shortname', addslashes($shortname), '', '', '', '', 'id, shortname, defaultrole')) { + if (!$course = $DB->get_record('course', array('shortname'=>$shortname), 'id, shortname, defaultrole')) { $upt->track('enrolments', get_string('unknowncourse', 'error', $shortname), 'error'); continue; } @@ -883,13 +883,15 @@ function validate_user_upload_columns(&$columns) { * @return incremented username which does not exist yet */ function increment_username($username, $mnethostid) { + global $DB; + if (!preg_match_all('/(.*?)([0-9]+)$/', $username, $matches)) { $username = $username.'2'; } else { $username = $matches[1][0].($matches[2][0]+1); } - if (record_exists('user', 'username', addslashes($username), 'mnethostid', addslashes($mnethostid))) { + if ($DB->record_exists('user', array('username'=>$username, 'mnethostid'=>$mnethostid))) { return increment_username($username, $mnethostid); } else { return $username;