Re: [Phpgroupware-developers] sitemgr - mssql bugs

[Dave Hall]

Sigurd Nes <address@hidden> wrote:

> 
> Some mssql related comments:
> 
> 1)
> Trying the link at 
> [Web Content Manager Administration] ->[Manage site-wide module
> properties] ->[Register new
> modules](menuaction=sitemgr.Modules_UI.findmodules)
> 
> resulted in :
> 
>    Incorrect syntax near 's'
>    Invalid SQL: INSERT INTO phpgw_sitemgr_modules
> (app_name,module_name,description) VALUES
> ('sitemgr','administration','This module presents a link back to the
> sitemgr\'s administration menu. It is meant for registered users')
> 
> Sollution:
> 
>    'addslashes' should be replaced with '$this->db->db_addslashes'

This is the intention of the db abstraction layer.  So data is properly
escaped regardless of rdbms being used.  I know not all devs have done
this, I think i have committed stuff to cvs which just uses the php
function addslashes.  

It should be acknowledged that over 90% of installs are using
mysql/pgsql.  This is not an excuse for it not working, but rather a
reason for why this is not always picked up.  

Are you interested in assisting with getting all apps to use the
db_addslashes function, and help the cross rdbms compliance of phpgw? 

<snip />

> 
> 2)
> 
> function getChildrenIDList and function getFullCategoryIDList() in
> class.Categories_SO.inc.php stumble into problems when trying to order
> by 'cat_data' on line 17,21 and 35 (mssql cant order by text)
> 
> solution : leave as ''

hmmm ... its been awhile, but i thought it could, but I'll take you word
for it.

> 
> 3)
> I suspect there are some things fishy about the join statements in the
> function 'getallblocksforarea' in class.Content_SO.inc.php(63)
> 
> I think it should be altered to (assuming 'view' is altered to
> 'viewable'):

If the field name is causing problems, then it should be changed imho. 
btw can you compile a list of mssql reserved words, so we can compile a
list for the dev docs.  I know where to find the mysql and pgsql ones,
anyone with oracle, sybase, foxpro, paradox etc?

> 
> $sql = "SELECT t1.block_id, area, cat_id, page_id, t1.module_id,
> app_name, module_name, arguments, arguments_lang, sort_order, title,
> viewable, actif"
> . " FROM phpgw_sitemgr_content AS t1 LEFT JOIN "
> . " phpgw_sitemgr_modules AS t2 on t1.module_id=t2.module_id LEFT 
> JOIN "
> . " phpgw_sitemgr_content_lang as t3 ON (t1.block_id=t3.block_id AND
> lang='$lang') "
> . " WHERE area = '$area' AND ((page_id = 0 and cat_id = 0)";

hmmm ... i have only scanned this, but looks reasonably ok to me.  I did
not look at the table structure tho.  What error does it produce?


btw have you applied all patches to you SQL Server?

j/k :)

Cheers

Dave Hall (aka skwashd)

dave.hall.vcf
Description: Card for <dave.hall@mbox.com.au>