diff --git a/lib/classes/eventsmanager/broker.php b/lib/classes/eventsmanager/broker.php
index 24d787d65c..8b96f46faa 100644
--- a/lib/classes/eventsmanager/broker.php
+++ b/lib/classes/eventsmanager/broker.php
@@ -11,6 +11,7 @@
use Alchemy\Phrasea\Application;
use Alchemy\Phrasea\Model\Entities\User;
+use Doctrine\DBAL\Connection;
class eventsmanager_broker
{
@@ -260,12 +261,21 @@ class eventsmanager_broker
return false;
}
- $sql = 'UPDATE notifications SET unread="0"
- WHERE usr_id = :usr_id
- AND (id="' . implode('" OR id="', $notifications) . '")';
+ $sql = 'UPDATE notifications SET unread="0" WHERE usr_id = :usr_id AND (id IN (:notifications))';
- $stmt = $this->app['phraseanet.appbox']->get_connection()->prepare($sql);
- $stmt->execute([':usr_id' => $usr_id]);
+ /** @var Connection $connection */
+ $connection = $this->app['phraseanet.appbox']->get_connection();
+ $stmt = $connection->prepare($sql);
+ $stmt->execute(
+ [
+ 'usr_id' => $usr_id,
+ 'notifications' => $notifications,
+ ],
+ [
+ 'usr_id' => PDO::PARAM_INT,
+ 'notifications' => Connection::PARAM_INT_ARRAY,
+ ]
+ );
$stmt->closeCursor();
return $this;
diff --git a/lib/classes/module/console/fieldsMerge.php b/lib/classes/module/console/fieldsMerge.php
index 6c7e0b540c..438a78f7de 100644
--- a/lib/classes/module/console/fieldsMerge.php
+++ b/lib/classes/module/console/fieldsMerge.php
@@ -44,6 +44,7 @@ class module_console_fieldsMerge extends Command
$output->writeln("");
try {
+ /** @var databox $databox */
$databox = $this->getService('phraseanet.appbox')->get_databox((int) $input->getArgument('sbas_id'));
} catch (\Exception $e) {
$output->writeln("Invalid databox id ");
@@ -155,11 +156,16 @@ class module_console_fieldsMerge extends Command
$start = 0;
$quantity = 100;
+ $builder = $databox->get_connection()->createQueryBuilder();
+ $builder
+ ->select('r.record_id')
+ ->from('record', 'r')
+ ->orderBy('r.record_id', 'ASC')
+ ->setFirstResult($start)
+ ->setMaxResults($quantity)
+ ;
do {
- $sql = 'SELECT record_id FROM record
- ORDER BY record_id LIMIT ' . $start . ', ' . $quantity;
- $stmt = $databox->get_connection()->prepare($sql);
- $stmt->execute();
+ $stmt = $builder->execute();
$results = $stmt->fetchAll(PDO::FETCH_ASSOC);
$stmt->closeCursor();
diff --git a/lib/classes/module/console/fieldsRename.php b/lib/classes/module/console/fieldsRename.php
index 30f8fb76eb..6dbf7f931b 100644
--- a/lib/classes/module/console/fieldsRename.php
+++ b/lib/classes/module/console/fieldsRename.php
@@ -35,6 +35,7 @@ class module_console_fieldsRename extends Command
$new_name = $input->getArgument('name');
try {
+ /** @var databox $databox */
$databox = $this->getService('phraseanet.appbox')->get_databox((int) $input->getArgument('sbas_id'));
} catch (\Exception $e) {
$output->writeln("Invalid databox id ");
@@ -84,13 +85,18 @@ class module_console_fieldsRename extends Command
$start = 0;
$quantity = 100;
+ $builder = $databox->get_connection()->createQueryBuilder();
+ $builder
+ ->select('r.record_id')
+ ->from('record', 'r')
+ ->orderBy('r.record_id', 'ASC')
+ ->setFirstResult($start)
+ ->setMaxResults($quantity)
+ ;
do {
$output->write("\rUpdating records... ".min($start, $total)." / $total");
- $sql = 'SELECT record_id FROM record
- ORDER BY record_id LIMIT ' . $start . ', ' . $quantity;
- $stmt = $databox->get_connection()->prepare($sql);
- $stmt->execute();
+ $stmt = $builder->execute();
$results = $stmt->fetchAll(PDO::FETCH_ASSOC);
$stmt->closeCursor();
diff --git a/lib/classes/module/console/systemExport.php b/lib/classes/module/console/systemExport.php
index 68946ccdde..bc109ebbba 100644
--- a/lib/classes/module/console/systemExport.php
+++ b/lib/classes/module/console/systemExport.php
@@ -11,6 +11,7 @@
use Alchemy\Phrasea\Command\Command;
use Alchemy\Phrasea\Model\Serializer\CaptionSerializer;
+use Doctrine\DBAL\Connection;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Input\InputOption;
use Symfony\Component\Console\Output\OutputInterface;
@@ -120,6 +121,7 @@ class module_console_systemExport extends Command
$total = $errors = 0;
+ /** @var databox $databox */
foreach ($this->getService('phraseanet.appbox')->get_databoxes() as $databox) {
$output->writeln(sprintf("Processing %s", $databox->get_label($this->container['locale'])));
@@ -153,20 +155,27 @@ class module_console_systemExport extends Command
$this->getService('filesystem')->mkdir($local_export);
- $sql = 'SELECT record_id FROM record WHERE parent_record_id = 0 ';
+ $builder = $databox->get_connection()->createQueryBuilder();
+ $builder
+ ->select('r.record_id')
+ ->from('record', 'r')
+ ->where($builder->expr()->eq('r.parent_record_id', $builder->expr()->literal(0)))
+ ;
if (count($coll_ids) > 0) {
- $sql .= ' AND coll_id IN (' . implode(', ', $coll_ids) . ') ';
+ $builder
+ ->andWhere($builder->expr()->in('r.coll_id', [':collIds']))
+ ->setParameter('collIds', $coll_ids, Connection::PARAM_INT_ARRAY)
+ ;
}
- $sql .= ' ORDER BY record_id ASC ';
+ $builder->orderBy('r.record_id', 'ASC');
if ($limit) {
- $sql .= ' LIMIT 0, ' . $limit;
+ $builder->setMaxResults($limit);
}
- $stmt = $databox->get_connection()->prepare($sql);
- $stmt->execute();
+ $stmt = $builder->execute();
$rs = $stmt->fetchAll(PDO::FETCH_ASSOC);
$stmt->closeCursor();
diff --git a/lib/classes/module/report/activity.php b/lib/classes/module/report/activity.php
index 022279366f..53aa7aec6f 100644
--- a/lib/classes/module/report/activity.php
+++ b/lib/classes/module/report/activity.php
@@ -106,8 +106,6 @@ class module_report_activity extends module_report
WHERE (" . $filter['sql'] . ") AND !ISNULL(usrid)
GROUP BY heures;";
-// no_file_put_contents("/tmp/report.txt", sprintf("%s (%s)\n%s\n\n", __FILE__, __LINE__, $sql), FILE_APPEND);
-
$stmt = $sqlBuilder->getConnBas()->prepare($sql);
$stmt->execute($params);
$rs = $stmt->fetchAll(PDO::FETCH_ASSOC);