From 34a0902089a410d1f7dda78d1f8b0771333c09df Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Fri, 12 Sep 2014 14:37:51 +0200
Subject: Use consistent column/table quoting in sql queries

---
 bin/cleandb.sh       | 12 ++++++------
 bin/deluser.sh       |  2 +-
 bin/indexcontacts.sh |  2 +-
 bin/moduserprefs.sh  |  4 ++--
 bin/updatedb.sh      | 15 +++++++--------
 5 files changed, 17 insertions(+), 18 deletions(-)

(limited to 'bin')

diff --git a/bin/cleandb.sh b/bin/cleandb.sh
index 165d33f38..9edfeec91 100755
--- a/bin/cleandb.sh
+++ b/bin/cleandb.sh
@@ -48,7 +48,7 @@ $threshold = date('Y-m-d 00:00:00', time() - $days * 86400);
 
 foreach (array('contacts','contactgroups','identities') as $table) {
 
-    $sqltable = $db->table_name($table);
+    $sqltable = $db->table_name($table, true);
 
     // also delete linked records
     // could be skipped for databases which respect foreign key constraints
@@ -59,10 +59,10 @@ foreach (array('contacts','contactgroups','identities') as $table) {
         $memberstable = $db->table_name('contactgroupmembers');
 
         $db->query(
-            "DELETE FROM $memberstable".
-            " WHERE $pk IN (".
-                "SELECT $pk FROM $sqltable".
-                " WHERE del=1 AND changed < ?".
+            "DELETE FROM " . $db->quote_identifier($memberstable).
+            " WHERE `$pk` IN (".
+                "SELECT `$pk` FROM $sqltable".
+                " WHERE `del` = 1 AND `changed` < ?".
             ")",
             $threshold);
 
@@ -70,7 +70,7 @@ foreach (array('contacts','contactgroups','identities') as $table) {
     }
 
     // delete outdated records
-    $db->query("DELETE FROM $sqltable WHERE del=1 AND changed < ?", $threshold);
+    $db->query("DELETE FROM $sqltable WHERE `del` = 1 AND `changed` < ?", $threshold);
 
     echo $db->affected_rows() . " records deleted from '$table'\n";
 }
diff --git a/bin/deluser.sh b/bin/deluser.sh
index f12ec9032..9504d5b43 100755
--- a/bin/deluser.sh
+++ b/bin/deluser.sh
@@ -91,7 +91,7 @@ if ($plugin['abort']) {
 // deleting the user record should be sufficient due to ON DELETE CASCADE foreign key references
 // but not all database backends actually support this so let's do it by hand
 foreach (array('identities','contacts','contactgroups','dictionaries','cache','cache_index','cache_messages','cache_thread','searches','users') as $table) {
-    $db->query('DELETE FROM ' . $db->table_name($table) . ' WHERE user_id=?', $user->ID);
+    $db->query('DELETE FROM ' . $db->table_name($table, true) . ' WHERE `user_id` = ?', $user->ID);
 }
 
 if ($db->is_error()) {
diff --git a/bin/indexcontacts.sh b/bin/indexcontacts.sh
index df403807c..9509dc06a 100755
--- a/bin/indexcontacts.sh
+++ b/bin/indexcontacts.sh
@@ -35,7 +35,7 @@ if (!$db->is_connected() || $db->is_error()) {
 }
 
 // iterate over all users
-$sql_result = $db->query("SELECT user_id FROM " . $db->table_name('users') . " ORDER BY user_id");
+$sql_result = $db->query("SELECT `user_id` FROM " . $db->table_name('users', true) . " ORDER BY `user_id`");
 while ($sql_result && ($sql_arr = $db->fetch_assoc($sql_result))) {
     echo "Indexing contacts for user " . $sql_arr['user_id'] . "...";
 
diff --git a/bin/moduserprefs.sh b/bin/moduserprefs.sh
index 8a9725fa4..e892b1f4d 100755
--- a/bin/moduserprefs.sh
+++ b/bin/moduserprefs.sh
@@ -58,10 +58,10 @@ if (!$db->is_connected() || $db->is_error())
 $query = '1=1';
 
 if ($args['user'])
-	$query = 'user_id=' . intval($args['user']);
+	$query = '`user_id` = ' . intval($args['user']);
 
 // iterate over all users
-$sql_result = $db->query("SELECT * FROM " . $db->table_name('users') . " WHERE $query");
+$sql_result = $db->query("SELECT * FROM " . $db->table_name('users', true) . " WHERE $query");
 while ($sql_result && ($sql_arr = $db->fetch_assoc($sql_result))) {
 	echo "Updating prefs for user " . $sql_arr['user_id'] . "...";
 
diff --git a/bin/updatedb.sh b/bin/updatedb.sh
index 964bc184c..e9818074d 100755
--- a/bin/updatedb.sh
+++ b/bin/updatedb.sh
@@ -55,9 +55,9 @@ if (!$DB->is_connected()) {
 
 // Read DB schema version from database (if 'system' table exists)
 if (in_array($DB->table_name('system'), (array)$DB->list_tables())) {
-    $DB->query("SELECT " . $DB->quote_identifier('value')
-        ." FROM " . $DB->quote_identifier($DB->table_name('system'))
-        ." WHERE " . $DB->quote_identifier('name') ." = ?",
+    $DB->query("SELECT `value`"
+        ." FROM " . $DB->table_name('system', true)
+        ." WHERE `name` = ?",
         $opts['package'] . '-version');
 
     $row     = $DB->fetch_array();
@@ -159,17 +159,16 @@ function update_db_schema($package, $version, $file)
         return;
     }
 
-    $system_table = $DB->quote_identifier($DB->table_name('system'));
+    $system_table = $DB->table_name('system', true);
 
     $DB->query("UPDATE " . $system_table
-        ." SET " . $DB->quote_identifier('value') . " = ?"
-        ." WHERE " . $DB->quote_identifier('name') . " = ?",
+        ." SET `value` = ?"
+        ." WHERE `name` = ?",
         $version, $package . '-version');
 
     if (!$DB->is_error() && !$DB->affected_rows()) {
         $DB->query("INSERT INTO " . $system_table
-            ." (" . $DB->quote_identifier('name') . ", " . $DB->quote_identifier('value') . ")"
-            ." VALUES (?, ?)",
+            ." (`name`, `value`) VALUES (?, ?)",
             $package . '-version', $version);
     }
 
-- 
cgit v1.2.3