SV: [Phpgroupware-developers] sitemgr - mssql bugs

[Sigurd Nes]

> >
> > Some mssql related comments:
> >
> > 1)
> > Trying the link at
> > [Web Content Manager Administration] ->[Manage site-wide module
> > properties] ->[Register new
> > modules](menuaction=sitemgr.Modules_UI.findmodules)
> >
> > resulted in :
> >
> >    Incorrect syntax near 's'
> >    Invalid SQL: INSERT INTO phpgw_sitemgr_modules
> > (app_name,module_name,description) VALUES
> > ('sitemgr','administration','This module presents a link back to the
> > sitemgr\'s administration menu. It is meant for registered users')
> >
> > Sollution:
> >
> >    'addslashes' should be replaced with '$this->db->db_addslashes'
> 
> This is the intention of the db abstraction layer.  So data is
properly
> escaped regardless of rdbms being used.  I know not all devs have done
> this, I think i have committed stuff to cvs which just uses the php
> function addslashes.
> 
> It should be acknowledged that over 90% of installs are using
> mysql/pgsql.  This is not an excuse for it not working, but rather a
> reason for why this is not always picked up.
> 
> Are you interested in assisting with getting all apps to use the
> db_addslashes function, and help the cross rdbms compliance of phpgw?
> 


I think this could be easily done by search and replace 
        addslashes(
with
        $this->db->db_addslashes(

I could give it a go - preferably in HEAD


> 
> >
> > 2)
> >
> > function getChildrenIDList and function getFullCategoryIDList() in
> > class.Categories_SO.inc.php stumble into problems when trying to
order
> > by 'cat_data' on line 17,21 and 35 (mssql cant order by text)
> >
> > solution : leave as ''
> 
> hmmm ... its been awhile, but i thought it could, but I'll take you
word
> for it.
> 
> >
> > 3)
> > I suspect there are some things fishy about the join statements in
the
> > function 'getallblocksforarea' in class.Content_SO.inc.php(63)
> >
> > I think it should be altered to (assuming 'view' is altered to
> > 'viewable'):
> 
> If the field name is causing problems, then it should be changed imho.
> btw can you compile a list of mssql reserved words, so we can compile
a
> list for the dev docs.  I know where to find the mysql and pgsql ones,
> anyone with oracle, sybase, foxpro, paradox etc?

See attachment...

> 
> >
> > $sql = "SELECT t1.block_id, area, cat_id, page_id, t1.module_id,
> > app_name, module_name, arguments, arguments_lang, sort_order, title,
> > viewable, actif"
> > . " FROM phpgw_sitemgr_content AS t1 LEFT JOIN "
> > . " phpgw_sitemgr_modules AS t2 on t1.module_id=t2.module_id LEFT
> > JOIN "
> > . " phpgw_sitemgr_content_lang as t3 ON (t1.block_id=t3.block_id AND
> > lang='$lang') "
> > . " WHERE area = '$area' AND ((page_id = 0 and cat_id = 0)";
> 
> hmmm ... i have only scanned this, but looks reasonably ok to me.  I
did
> not look at the table structure tho.  What error does it produce?
> 
> 
> btw have you applied all patches to you SQL Server?
> 
> j/k :)
> 
> Cheers
> 
> Dave Hall (aka skwashd)

Sigurd

reserved_mssql.txt
Description: Text document