summaryrefslogtreecommitdiffstats
path: root/db
diff options
context:
space:
mode:
Diffstat (limited to 'db')
-rw-r--r--db/feedmapper.php6
-rw-r--r--db/feedtype.php2
-rw-r--r--db/foldermapper.php12
-rw-r--r--db/item.php15
-rw-r--r--db/itemmapper.php75
-rw-r--r--db/mapperfactory.php4
-rw-r--r--db/mysql/itemmapper.php6
-rw-r--r--db/newsmapper.php10
8 files changed, 87 insertions, 43 deletions
diff --git a/db/feedmapper.php b/db/feedmapper.php
index 0d00057d3..479cead28 100644
--- a/db/feedmapper.php
+++ b/db/feedmapper.php
@@ -13,14 +13,14 @@
namespace OCA\News\Db;
-use \OCP\IDb;
-use \OCP\AppFramework\Db\Entity;
+use OCP\IDBConnection;
+use OCP\AppFramework\Db\Entity;
class FeedMapper extends NewsMapper {
- public function __construct(IDb $db) {
+ public function __construct(IDBConnection $db) {
parent::__construct($db, 'news_feeds', '\OCA\News\Db\Feed');
}
diff --git a/db/feedtype.php b/db/feedtype.php
index a630d80f4..fcb42bb8a 100644
--- a/db/feedtype.php
+++ b/db/feedtype.php
@@ -21,4 +21,4 @@ class FeedType {
const SUBSCRIPTIONS = 3;
const SHARED = 4;
const EXPLORE = 5;
-}; \ No newline at end of file
+} \ No newline at end of file
diff --git a/db/foldermapper.php b/db/foldermapper.php
index bce599b45..867e05493 100644
--- a/db/foldermapper.php
+++ b/db/foldermapper.php
@@ -13,12 +13,12 @@
namespace OCA\News\Db;
-use \OCP\IDb;
-use \OCP\AppFramework\Db\Entity;
+use OCP\IDBConnection;
+use OCP\AppFramework\Db\Entity;
class FolderMapper extends NewsMapper {
- public function __construct(IDb $db) {
+ public function __construct(IDBConnection $db) {
parent::__construct($db, 'news_folders', '\OCA\News\Db\Folder');
}
@@ -58,12 +58,14 @@ class FolderMapper extends NewsMapper {
// we needz CASCADE + FKs please
$sql = 'DELETE FROM `*PREFIX*news_feeds` WHERE `folder_id` = ?';
$params = [$entity->getId()];
- $this->execute($sql, $params);
+ $stmt = $this->execute($sql, $params);
+ $stmt->closeCursor();
$sql = 'DELETE FROM `*PREFIX*news_items` WHERE `feed_id` NOT IN '.
'(SELECT `feeds`.`id` FROM `*PREFIX*news_feeds` `feeds`)';
- $this->execute($sql);
+ $stmt = $this->execute($sql);
+ $stmt->closeCursor();
}
diff --git a/db/item.php b/db/item.php
index 24cc45de1..3d12692bc 100644
--- a/db/item.php
+++ b/db/item.php
@@ -57,6 +57,7 @@ class Item extends Entity implements IAPI, \JsonSerializable {
protected $feedId;
protected $status = 0;
protected $lastModified;
+ protected $searchIndex;
public function __construct(){
$this->addType('pubDate', 'integer');
@@ -196,6 +197,16 @@ class Item extends Entity implements IAPI, \JsonSerializable {
parent::setTitle(strip_tags($title));
}
+ public function generateSearchIndex() {
+ $this->setSearchIndex(
+ strtolower(
+ html_entity_decode(strip_tags($this->getBody())) .
+ html_entity_decode($this->getAuthor()) .
+ html_entity_decode($this->getTitle()) .
+ $this->getUrl()
+ )
+ );
+ }
public function setUrl($url) {
$url = trim($url);
@@ -208,7 +219,9 @@ class Item extends Entity implements IAPI, \JsonSerializable {
public function setBody($body) {
// FIXME: this should not happen if the target="_blank" is already
// on the link
- parent::setBody(str_replace('<a', '<a target="_blank" rel="noreferrer"', $body));
+ parent::setBody(str_replace(
+ '<a', '<a target="_blank" rel="noreferrer"', $body
+ ));
}
}
diff --git a/db/itemmapper.php b/db/itemmapper.php
index a41ecfd66..0ea3b77fc 100644
--- a/db/itemmapper.php
+++ b/db/itemmapper.php
@@ -13,12 +13,12 @@
namespace OCA\News\Db;
-use \OCP\IDb;
+use OCP\IDBConnection;
class ItemMapper extends NewsMapper {
- public function __construct(IDb $db){
+ public function __construct(IDBConnection $db){
parent::__construct($db, 'news_items', '\OCA\News\Db\Item');
}
@@ -44,24 +44,30 @@ class ItemMapper extends NewsMapper {
}
private function makeSelectQueryStatus($prependTo, $status,
- $oldestFirst=false) {
- // Hi this is Ray and you're watching Jack Ass
- // Now look closely: this is how we adults handle weird bugs in our
- // code: we take them variables and we cast the shit out of them
+ $oldestFirst=false, $search=[]) {
$status = (int) $status;
- // now im gonna slowly stick them in the query, be careful!
- return $this->makeSelectQuery(
+ // WARNING: Potential SQL injection if you change this carelessly
+ $sql = 'AND ((`items`.`status` & ' . $status . ') = ' . $status . ') ';
- // WARNING: this is a desperate attempt at making this query work
- // because prepared statements dont work. This is a possible
- // SQL INJECTION RISK WHEN MODIFIED WITHOUT THOUGHT.
- // think twice when changing this
- 'AND ((`items`.`status` & ' . $status . ') = ' . $status . ') ' .
- $prependTo, $oldestFirst
- );
+ foreach ($search as $_) {
+ $sql .= 'AND `items`.`search_index` LIKE ? ';
+ }
+
+ $sql .= $prependTo;
+
+ return $this->makeSelectQuery($sql, $oldestFirst);
}
+ /**
+ * wrap and escape search parameters in a like statement
+ */
+ private function buildLikeParameters($search=[]) {
+ return array_map(function ($param) {
+ $param = addcslashes($param, '\\_%');
+ return '%' . strtolower($param) . '%';
+ }, $search);
+ }
public function find($id, $userId){
$sql = $this->makeSelectQuery('AND `items`.`id` = ? ');
@@ -183,42 +189,53 @@ class ItemMapper extends NewsMapper {
public function findAllFeed($id, $limit, $offset, $status, $oldestFirst,
- $userId){
- $params = [$userId, $id];
+ $userId, $search=[]){
+ $params = [$userId];
+ $params = array_merge($params, $this->buildLikeParameters($search));
+ $params[] = $id;
+
$sql = 'AND `items`.`feed_id` = ? ';
if($offset !== 0){
$sql .= 'AND `items`.`id` ' .
$this->getOperator($oldestFirst) . ' ? ';
$params[] = $offset;
}
- $sql = $this->makeSelectQueryStatus($sql, $status, $oldestFirst);
+ $sql = $this->makeSelectQueryStatus($sql, $status, $oldestFirst,
+ $search);
return $this->findEntitiesIgnoringNegativeLimit($sql, $params, $limit);
}
public function findAllFolder($id, $limit, $offset, $status, $oldestFirst,
- $userId){
- $params = [$userId, $id];
+ $userId, $search=[]){
+ $params = [$userId];
+ $params = array_merge($params, $this->buildLikeParameters($search));
+ $params[] = $id;
+
$sql = 'AND `feeds`.`folder_id` = ? ';
if($offset !== 0){
$sql .= 'AND `items`.`id` ' .
$this->getOperator($oldestFirst) . ' ? ';
$params[] = $offset;
}
- $sql = $this->makeSelectQueryStatus($sql, $status, $oldestFirst);
+ $sql = $this->makeSelectQueryStatus($sql, $status, $oldestFirst,
+ $search);
return $this->findEntitiesIgnoringNegativeLimit($sql, $params, $limit);
}
- public function findAll($limit, $offset, $status, $oldestFirst, $userId){
+ public function findAll($limit, $offset, $status, $oldestFirst, $userId,
+ $search=[]){
$params = [$userId];
+ $params = array_merge($params, $this->buildLikeParameters($search));
$sql = '';
if($offset !== 0){
$sql .= 'AND `items`.`id` ' .
$this->getOperator($oldestFirst) . ' ? ';
$params[] = $offset;
}
- $sql = $this->makeSelectQueryStatus($sql, $status, $oldestFirst);
+ $sql = $this->makeSelectQueryStatus($sql, $status, $oldestFirst,
+ $search);
return $this->findEntitiesIgnoringNegativeLimit($sql, $params, $limit);
}
@@ -314,4 +331,16 @@ class ItemMapper extends NewsMapper {
}
+ /**
+ * Returns a list of ids and userid of all items
+ */
+ public function findAllItemIdsAndUsers() {
+ $sql = 'SELECT `items`.`id`, `feeds`.`user_id` ' .
+ 'FROM `*PREFIX*news_items` `items` ' .
+ 'JOIN `*PREFIX*news_feeds` `feeds` ' .
+ 'ON `items`.`feed_id` = `feeds`.`id`';
+ return $this->execute($sql)->fetchAll();
+ }
+
+
}
diff --git a/db/mapperfactory.php b/db/mapperfactory.php
index 0b26574dc..6704842e4 100644
--- a/db/mapperfactory.php
+++ b/db/mapperfactory.php
@@ -13,7 +13,7 @@
namespace OCA\News\Db;
-use \OCP\IDb;
+use \OCP\IDBConnection;
use \OCA\News\Db\Mysql\ItemMapper as MysqlItemMapper;
class MapperFactory {
@@ -21,7 +21,7 @@ class MapperFactory {
private $dbType;
private $db;
- public function __construct($DatabaseType, IDb $db) {
+ public function __construct($DatabaseType, IDBConnection $db) {
$this->dbType = $DatabaseType;
$this->db = $db;
}
diff --git a/db/mysql/itemmapper.php b/db/mysql/itemmapper.php
index c58036350..61d32a821 100644
--- a/db/mysql/itemmapper.php
+++ b/db/mysql/itemmapper.php
@@ -13,14 +13,14 @@
namespace OCA\News\Db\Mysql;
-use \OCP\IDb;
+use OCP\IDBConnection;
-use \OCA\News\Db\StatusFlag;
+use OCA\News\Db\StatusFlag;
class ItemMapper extends \OCA\News\Db\ItemMapper {
- public function __construct(IDb $db){
+ public function __construct(IDBConnection $db){
parent::__construct($db);
}
diff --git a/db/newsmapper.php b/db/newsmapper.php
index c483bd329..5f857d8ee 100644
--- a/db/newsmapper.php
+++ b/db/newsmapper.php
@@ -13,13 +13,13 @@
namespace OCA\News\Db;
-use \OCP\IDb;
-use \OCP\AppFramework\Db\Entity;
-use \OCP\AppFramework\Db\Mapper;
+use OCP\IDBConnection;
+use OCP\AppFramework\Db\Entity;
+use OCP\AppFramework\Db\Mapper;
abstract class NewsMapper extends Mapper {
- public function __construct(IDb $db, $table, $entity) {
+ public function __construct(IDBConnection $db, $table, $entity) {
parent::__construct($db, $table, $entity);
}
@@ -28,7 +28,7 @@ abstract class NewsMapper extends Mapper {
* @param string $userId the id of the user
* @return \OCP\AppFramework\Db\Entity
*/
- public abstract function find($id, $userId);
+ abstract public function find($id, $userId);
} \ No newline at end of file
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-23 05:25:21 +0000