Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fixed mysql statements #1684

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion interface/login/login.php
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,7 @@ function imsubmitted() {

<?php
// collect groups
$res = sqlStatement("select distinct name from groups");
$res = sqlStatement("select distinct name from `groups`");
for ($iter = 0; $row = sqlFetchArray($res); $iter++)
$result[$iter] = $row;
if (count($result) == 1) {
Expand Down
16 changes: 8 additions & 8 deletions interface/usergroup/usergroup_admin.php
Original file line number Diff line number Diff line change
Expand Up @@ -442,7 +442,7 @@
//set the facility name from the selected facility_id
sqlStatement("UPDATE users, facility SET users.facility = facility.name WHERE facility.id = '" . trim(formData('facility_id')) . "' AND users.username = '" . trim(formData('rumple')) . "'");

sqlStatement("insert into groups set name = '" . trim(formData('groupname')) .
sqlStatement("insert into `groups` set name = '" . trim(formData('groupname')) .
"', user = '" . trim(formData('rumple')) . "'");

if (isset($phpgacl_location) && acl_check('admin', 'acl') && trim(formData('rumple'))) {
Expand Down Expand Up @@ -470,7 +470,7 @@
refreshCalendar(); //after "Add User" process is complete
}
else if ($_POST["mode"] == "new_group") {
$res = sqlStatement("select distinct name, user from groups");
$res = sqlStatement("select distinct name, user from `groups`");
for ($iter = 0; $row = sqlFetchArray($res); $iter++)
$result[$iter] = $row;
$doit = 1;
Expand All @@ -479,7 +479,7 @@
$doit--;
}
if ($doit == 1) {
sqlStatement("insert into groups set name = '" . trim(formData('groupname')) .
sqlStatement("insert into `groups` set name = '" . trim(formData('groupname')) .
"', user = '" . trim(formData('rumple')) . "'");
} else {
$alertmsg .= "User " . trim(formData('rumple')) .
Expand All @@ -504,25 +504,25 @@
// reference users to make sure this user is not referenced!

foreach($result as $iter) {
sqlStatement("delete from groups where user = '" . $iter{"username"} . "'");
sqlStatement("delete from `groups` where user = '" . $iter{"username"} . "'");
}
sqlStatement("delete from users where iid = ?", array($_GET["id"]))
}
*******************************************************************/

if ($_GET["mode"] == "delete_group") {
$res = sqlStatement("select distinct user from groups where id = ?", array($_GET["id"]));
$res = sqlStatement("select distinct user from `groups` where id = ?", array($_GET["id"]));
for ($iter = 0; $row = sqlFetchArray($res); $iter++)
$result[$iter] = $row;
foreach($result as $iter)
$un = $iter{"user"};
$res = sqlStatement("select name, user from groups where user = '$un' " .
$res = sqlStatement("select name, user from `groups` where user = '$un' " .
"and id != ?", array($_GET["id"]));

// Remove the user only if they are also in some other group. I.e. every
// user must be a member of at least one group.
if (sqlFetchArray($res) != FALSE) {
sqlStatement("delete from groups where id = ?", array($_GET["id"]));
sqlStatement("delete from `groups` where id = ?", array($_GET["id"]));
} else {
$alertmsg .= "You must add this user to some other group before " .
"removing them from this group. ";
Expand Down Expand Up @@ -684,7 +684,7 @@ function authorized_clicked() {
</div>
<?php
if (empty($GLOBALS['disable_non_default_groups'])) {
$res = sqlStatement("select * from groups order by name");
$res = sqlStatement("select * from `groups` order by name");
for ($iter = 0;$row = sqlFetchArray($res);$iter++)
$result5[$iter] = $row;

Expand Down
6 changes: 3 additions & 3 deletions interface/usergroup/usergroup_admin_add.php
Original file line number Diff line number Diff line change
Expand Up @@ -241,7 +241,7 @@ function authorized_clicked() {
<td>
<select name=groupname<?php if ($GLOBALS['disable_non_default_groups']) echo " style='display:none'"; ?>>
<?php
$res = sqlStatement("select distinct name from groups");
$res = sqlStatement("select distinct name from `groups`");
$result2 = array();
for ($iter = 0;$row = sqlFetchArray($res);$iter++)
$result2[$iter] = $row;
Expand Down Expand Up @@ -484,7 +484,7 @@ function authorized_clicked() {
<span class="text"><?php echo xlt('Groupname'); ?>: </span>
<select name=groupname>
<?php
$res = sqlStatement("select distinct name from groups");
$res = sqlStatement("select distinct name from `groups`");
$result2 = array();
for ($iter = 0;$row = sqlFetchArray($res);$iter++)
$result2[$iter] = $row;
Expand All @@ -503,7 +503,7 @@ function authorized_clicked() {

<?php
if (empty($GLOBALS['disable_non_default_groups'])) {
$res = sqlStatement("select * from groups order by name");
$res = sqlStatement("select * from `groups` order by name");
for ($iter = 0;$row = sqlFetchArray($res);$iter++)
$result5[$iter] = $row;

Expand Down
8 changes: 4 additions & 4 deletions library/auth.inc
Original file line number Diff line number Diff line change
Expand Up @@ -201,22 +201,22 @@ function getUserList ($cols = '*', $limit = 'all', $start = '0')
function getProviderList ($cols = '*', $limit= 'all', $start = '0')
{
if ($limit = "all")
$rez = sqlStatement("select ? from groups order by date DESC", array($cols));
$rez = sqlStatement("select ? from `groups` order by date DESC", array($cols));
else
$rez = sqlStatement("select ? from groups order by date DESC limit ?, ?", array($cols, $limit, $start));
$rez = sqlStatement("select ? from `groups` order by date DESC limit ?, ?", array($cols, $limit, $start));
for ($iter = 0; $row = sqlFetchArray($rez); $iter++)
$tbl[$iter] = $row;
return $tbl;
}

function addGroup ($groupname)
{
return sqlInsert("insert into groups (name) values (?)", array($groupname));
return sqlInsert("insert into `groups` (name) values (?)", array($groupname));
}

function delGroup ($group_id)
{
return sqlQuery("delete from groups where id = ? limit 0,1", array($group_id));
return sqlQuery("delete from `groups` where id = ? limit 0,1", array($group_id));
}

/***************************************************************
Expand Down
2 changes: 1 addition & 1 deletion library/authentication/login_operations.php
Original file line number Diff line number Diff line change
Expand Up @@ -101,7 +101,7 @@ function validate_user_password($username,&$password,$provider)
$password='';
if($valid)
{
if ($authGroup = privQuery("select * from groups where user=? and name=?",array($username,$provider)))
if ($authGroup = privQuery("select * from `groups` where user=? and name=?",array($username,$provider)))
{
$_SESSION['authUser'] = $username;
$_SESSION['authPass'] = $phash;
Expand Down
2 changes: 1 addition & 1 deletion library/classes/Installer.class.php
Original file line number Diff line number Diff line change
Expand Up @@ -221,7 +221,7 @@ public function add_version_info() {
}

public function add_initial_user() {
if ($this->execute_sql("INSERT INTO groups (id, name, user) VALUES (1,'$this->igroup','$this->iuser')") == FALSE) {
if ($this->execute_sql("INSERT INTO `groups` (id, name, user) VALUES (1,'$this->igroup','$this->iuser')") == FALSE) {
$this->error_message = "ERROR. Unable to add initial user group\n" .
"<p>".mysqli_error($this->dbh)." (#".mysqli_errno($this->dbh).")\n";
return FALSE;
Expand Down
4 changes: 2 additions & 2 deletions modules/calendar/find_patient.php
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@
}
$timesave = "$year-$month-$day $hour:$minute";
//echo $timesave;
$providerres = sqlQuery("select name from groups where user=? limit 1", array($_POST["provider"]) );
$providerres = sqlQuery("select name from `groups` where user=? limit 1", array($_POST["provider"]) );

saveCalendarUpdate($_POST["calid"],$_POST["pid"],$timesave,$_POST["reason"],$_POST["provider"],$providerres{"name"});
}
Expand All @@ -49,7 +49,7 @@
$hour += 12;
}
$timesave = "$year-$month-$day $hour:$minute";
$providerres = sqlQuery("select name from groups where user=? limit 1", array($_POST["provider"]) );
$providerres = sqlQuery("select name from `groups` where user=? limit 1", array($_POST["provider"]) );
newCalendarItem($_POST["pid"],$timesave,$_POST["reason"],$_POST["provider"],$providerres{"name"});
} else {
$body_code = "";
Expand Down
2 changes: 1 addition & 1 deletion modules/setup/classes/Database.php
Original file line number Diff line number Diff line change
Expand Up @@ -246,7 +246,7 @@ public function add_version_info() {

public function add_initial_user() {

if ($this->execute_sql("INSERT INTO groups (id, name, user) VALUES (1,'$this->igroup','$this->iuser')") == FALSE) {
if ($this->execute_sql("INSERT INTO `groups` VALUES (1,'$this->igroup','$this->iuser')") == FALSE) {
$this->error_message = "ERROR. Unable to add initial user group "." ".mysqli_error($this->dbh)." (#".mysqli_errno($this->dbh).")";
return false;
}
Expand Down