add using strings to prepare Query

add edit_area to source_editor for testing
2021-09-04 10:16:14 +02:00 · 2021-09-04 10:16:14 +02:00 · 0ebf3dfabf
Commit 0ebf3dfabf
--- a/conlib/db_sql_abstract.inc
+++ b/conlib/db_sql_abstract.inc
@ -417,11 +417,31 @@ abstract class DB_Sql_Abstract {
     * @return  string
     */
    public function _prepareQueryf($sQuery, array $aArgs) {
+        var_dump($sQuery);
+        print_r($aArgs);
        if (count($aArgs) > 0) {
-            $aArgs = array_map(array($this, 'escape'), $aArgs);
-            array_unshift($aArgs, $sQuery);
-            $sQuery = call_user_func_array('sprintf', $aArgs);
+            if (count(array_filter(array_keys($aArgs), 'is_string')) > 0) {
+                foreach ($aArgs as $key => $value) {
+                    $param = ':' . $key;
+                    $statement = $sQuery;
+                    if (cSecurity::isInteger($value)) {
+                        $statement = preg_replace('/' . $param . '/', cSecurity::toInteger($value), $statement);
+                        $statement = preg_replace('/\'' . $param . '\'/', '\'' . cSecurity::toInteger($value) . '\'', $statement);
+                    } else {
+                        $param = cSecurity::toString($param);
+                        $statement = preg_replace('/' . $param . '/', cSecurity::escapeString($value), $statement);
+                        $statement = preg_replace('/\'' . $param . '\'/', '\'' . cSecurity::escapeString($value) . '\'', $statement);
+                        $statement = preg_replace('/`' . $param . '`/', '`' . cSecurity::escapeString($value) . '`', $statement);
+                    }
+                    $sQuery = $statement;
+                }
+            } else {
+                $aArgs = array_map(array($this, 'escape'), $aArgs);
+                array_unshift($aArgs, $sQuery);
+                $sQuery = call_user_func_array('sprintf', $aArgs);
+            }
        }
+        var_dump($sQuery);
        return $sQuery;
    }

@ -755,9 +775,9 @@ abstract class DB_Sql_Abstract {
        self::$_aProfileData[] = array(
            'time' => $fEndTime - $fStartTime,
            'query' => $sQuery
-                /*,
-            'ErrNo' => static::_getErrorNumber(),
-            'ErrMess' => static::_getErrorMessage()*/
+                /* ,
+                  'ErrNo' => static::_getErrorNumber(),
+                  'ErrMess' => static::_getErrorMessage() */
        );
    }

@ -783,21 +803,21 @@ abstract class DB_Sql_Abstract {
            printf("<pre>" . $sMsg . "</pre>\n");
        }
    }
-    
+
    /**
     * returns info about db-server
     * 
     * return string
     */
    abstract public function getServerInfo();
-    
+
    /**
     * returns client encoding
     * 
     * return string
     */
    abstract public function getClientEncoding();
-    
+
    /**
     * returns client info
     * 
--- a/conlite/classes/gui/class.sourceeditor.php
+++ b/conlite/classes/gui/class.sourceeditor.php
@ -64,8 +64,11 @@ class cGuiSourceEditor extends cGuiPage {
        $this->_filename = $filename;

        // include the class and create the codemirror instance
-        cInclude('external', 'codemirror/class.codemirror.php');
-        $this->_codeMirror = new CodeMirror('code', $this->_filetype, cString::getPartOfString(cString::toLowerCase($belang), 0, 2), true, $cfg, !$this->_readOnly);
+        //cInclude('external', 'codemirror/class.codemirror.php');
+        //$this->_codeMirror = new CodeMirror('code', $this->_filetype, cString::getPartOfString(cString::toLowerCase($belang), 0, 2), true, $cfg, !$this->_readOnly);
+        // include the class and create the codemirror instance
+        cInclude('external', 'edit_area/class.edit_area.php');
+        $this->_codeMirror = new EditArea('code', $this->_filetype, cString::getPartOfString(cString::toLowerCase($belang), 0, 2), true, $cfg, !$this->_readOnly);

        $this->_versioning = $versioning;

--- a/conlite/templates/standard/html5/template.generic_source_editor.html
+++ b/conlite/templates/standard/html5/template.generic_source_editor.html
@ -1,7 +1,13 @@
+<style>
+    .cl_form_row {
+        margin-bottom: 1em;
+    }
+</style>
+

 {CODEMIRROR_SCRIPT}

-<form  enctype="multipart/form-data" style="margin:0px" name="file_editor" method="post" action="main.php">
+<form  enctype="multipart/form-data" name="file_editor" method="post" action="main.php">
 <input id="m4" name="area" type="hidden" value="{AREA}" />
 <input id="m5" name="action" type="hidden" value="{ACTION}" />
 <input id="m6" name="frame" type="hidden" value="4" />
@ -9,32 +15,24 @@
 <input id="m8" name="tmp_file" type="hidden" value="{FILENAME}" />
 <input id="m9" name="contenido" type="hidden" value="1" />

-<table style="width: auto;" id="" class="generic" cellspacing="0" cellpadding="2">
-    <tr id="m10"><th id="m11" colspan="2" valign="top">i18n("Edit file")</th></tr>
-    
-    
-    <tr id="1">
-        <td nowrap="nowrap" valign="top" style="white-space: nowrap;" width="1"><nobr>i18n("Name")</nobr></td>
-        <td nowrap="nowrap" valign="top" align="left"><input id="m1" name="file" value="{FILENAME}" size="60" type="text" /></td>
-    </tr>
-    
-    
-    <tr id="2">
-        <td nowrap="nowrap" valign="top" style="white-space: nowrap;" width="1"><nobr>i18n("Description")</nobr></td>
-        <td nowrap="nowrap" valign="top" align="left"><textarea id="m3" name="description" cols="100" rows="5" style="font-family: monospace;width: 100%;">{DESCRIPTION}</textarea></td>
-    </tr>
-    
-    
-    <tr id="3">
-        <td nowrap="nowrap" valign="top" style="white-space: nowrap;" width="1"><nobr>i18n("Source code")</nobr></td>
-        <td nowrap="nowrap" valign="top" align="left"><textarea id="code" name="code" cols="100" rows="35" style="font-family: monospace;width: 100%;" wrap="off">{SOURCE}</textarea></td>
-    </tr>
-    
-    <tr id="4">
-        <td nowrap="nowrap" valign="top">&nbsp;</td>
-        <td nowrap="nowrap" valign="top" style="white-space: nowrap;" align="right"><input id="m12" name="submit" type="image" src="{SAVE_BUTTON_IMAGE}" alt="{SAVE_BUTTON_DESC}" title="{SAVE_BUTTON_DESC}" accesskey="s" onclick="" /></td>
-    </tr>
-</table>
+<fieldset style="width: calc(100% - 40px); margin: auto;">
+    <legend><strong>i18n("Edit file")</strong></legend>
+    <div class="cl_form_row">
+    <label style="width: 100px;display: inline-block;vertical-align: top;">i18n("Name")</label>
+    <input name="file" value="{FILENAME}" size="60" type="text" />
+    </div>
+    <div class="cl_form_row">
+    <label style="width: 100px;display: inline-block;vertical-align: top;">i18n("Description")</label>
+    <textarea name="description" style="width: calc(100% - 130px);" cols="100" rows="5" wrap="off">{DESCRIPTION}</textarea>
+    </div>
+    <div class="cl_form_row">
+        <label style="width: 100px;display: inline-block;vertical-align: top;">i18n("Code")</label>
+    <textarea id="code" name="code" style="width: calc(100% - 120px);" cols="100" rows="35" wrap="off">{SOURCE}</textarea>
+    </div>
+    <div style="text-align: right;padding-right: 1%;" class="cl_form_row cl_action_buttons">
+        <input id="m12" name="submit" type="image" src="{SAVE_BUTTON_IMAGE}" alt="{SAVE_BUTTON_DESC}" title="{SAVE_BUTTON_DESC}" accesskey="s" onclick="" />
+    </div>
+</fieldset>
 </form>
 <script type="text/javascript">
 (function(Con, $) {