[Koha-patches] [PATCH] SQL cleanup in new circ scripts: use placeholders
Galen Charlton
galen.charlton at liblime.com
Tue Apr 1 19:01:09 CEST 2008
---
circ/billing.pl | 44 +++++++++++++++++++++++++-------------------
circ/pendingreserves.pl | 35 +++++++++++++++++++----------------
circ/reserveratios.pl | 36 ++++++++++++++++++++----------------
3 files changed, 64 insertions(+), 51 deletions(-)
diff --git a/circ/billing.pl b/circ/billing.pl
index a1586a7..764899c 100755
--- a/circ/billing.pl
+++ b/circ/billing.pl
@@ -87,26 +87,34 @@ if (!defined($max_bill) or $max_bill eq "") {
my $dbh = C4::Context->dbh;
my ($sqlorderby, $sqldatewhere, $presqldatewhere) = ("","","");
$debug and warn format_date_in_iso($startdate) . "\n" . format_date_in_iso($enddate);
+my @query_params = ();
# the dates below is to check for compliance of the current date range
-#$sqldatewhere .= " AND date >= " . $dbh->quote(format_date_in_iso($startdate)) if ($startdate) ;
-$sqldatewhere .= " AND date <= " . $dbh->quote(format_date_in_iso($enddate)) if ($enddate) ;
+if ($enddate) {
+ $sqldatewhere .= " AND date <= ?";
+ push @query_params, format_date_in_iso($enddate);
+}
+push @query_params, $max_bill;
# the date below is to check for compliance of all fees prior
-$presqldatewhere .= " AND date < " . $dbh->quote(format_date_in_iso($startdate)) if ($startdate) ;
+if ($startdate) {
+ $presqldatewhere .= " AND date < ?";
+ push @query_params, format_date_in_iso($startdate);
+}
+push @query_params, $max_bill;
if ($order eq "patron") {
- $sqlorderby = " order by surname, firstname ";
+ $sqlorderby = " ORDER BY surname, firstname ";
} elsif ($order eq "fee") {
- $sqlorderby = " order by l_amountoutstanding DESC ";
+ $sqlorderby = " ORDER BY l_amountoutstanding DESC ";
} elsif ($order eq "desc") {
- $sqlorderby = " order by l_description ";
+ $sqlorderby = " ORDER BY l_description ";
} elsif ($order eq "type") {
- $sqlorderby = " order by l_accounttype ";
+ $sqlorderby = " ORDER BY l_accounttype ";
} elsif ($order eq "date") {
- $sqlorderby = " order by l_date DESC ";
+ $sqlorderby = " ORDER BY l_date DESC ";
} elsif ($order eq "total") {
- $sqlorderby = " order by sum_amount DESC ";
+ $sqlorderby = " ORDER BY sum_amount DESC ";
} else {
- $sqlorderby = " order by surname, firstname ";
+ $sqlorderby = " ORDER BY surname, firstname ";
}
my $strsth =
"SELECT
@@ -135,27 +143,25 @@ my $strsth =
IN (SELECT borrowernumber FROM accountlines
where borrowernumber >= 0
$sqldatewhere
- GROUP BY accountlines.borrowernumber HAVING sum(amountoutstanding) >= $max_bill )
+ GROUP BY accountlines.borrowernumber HAVING sum(amountoutstanding) >= ? )
AND accountlines.borrowernumber
NOT IN (SELECT borrowernumber FROM accountlines
where borrowernumber >= 0
$presqldatewhere
- GROUP BY accountlines.borrowernumber HAVING sum(amountoutstanding) >= $max_bill )
+ GROUP BY accountlines.borrowernumber HAVING sum(amountoutstanding) >= ? )
";
if (C4::Context->preference('IndependantBranches')){
$strsth .= " AND borrowers.branchcode=? ";
+ push @query_params, C4::Context->userenv->{'branch'};
}
-$strsth .= " GROUP BY accountlines.borrowernumber HAVING sum(amountoutstanding) >= $max_bill " . $sqlorderby;
+$strsth .= " GROUP BY accountlines.borrowernumber HAVING sum(amountoutstanding) >= ? " . $sqlorderby;
+push @query_params, $max_bill;
+
my $sth = $dbh->prepare($strsth);
+$sth->execute(@query_params);
-if (C4::Context->preference('IndependantBranches')){
- $sth->execute(C4::Context->userenv->{'branch'});
-}
-else {
- $sth->execute();
-}
my @billingdata;
my $previous;
my $this;
diff --git a/circ/pendingreserves.pl b/circ/pendingreserves.pl
index b9fa6d9..f8ac860 100755
--- a/circ/pendingreserves.pl
+++ b/circ/pendingreserves.pl
@@ -87,24 +87,30 @@ if (!defined($enddate) or $enddate eq "") {
my $dbh = C4::Context->dbh;
my ($sqlorderby, $sqldatewhere) = ("","");
$debug and warn format_date_in_iso($startdate) . "\n" . format_date_in_iso($enddate);
-$sqldatewhere .= " AND reservedate >= " . $dbh->quote(format_date_in_iso($startdate)) if ($startdate) ;
-$sqldatewhere .= " AND reservedate <= " . $dbh->quote(format_date_in_iso($enddate)) if ($enddate) ;
-
+my @query_params = ();
+if ($startdate) {
+ $sqldatewhere .= " AND reservedate >= ?";
+ push @query_params, format_date_in_iso($startdate);
+}
+if ($enddate) {
+ $sqldatewhere .= " AND reservedate <= ?";
+ push @query_params, format_date_in_iso($enddate);
+}
if ($order eq "biblio") {
- $sqlorderby = " order by biblio.title ";
+ $sqlorderby = " ORDER BY biblio.title ";
} elsif ($order eq "itype") {
- $sqlorderby = " order by l_itype, location, l_itemcallnumber ";
+ $sqlorderby = " ORDER BY l_itype, location, l_itemcallnumber ";
} elsif ($order eq "location") {
- $sqlorderby = " order by location, l_itemcallnumber, holdingbranch ";
+ $sqlorderby = " ORDER BY location, l_itemcallnumber, holdingbranch ";
} elsif ($order eq "date") {
- $sqlorderby = " order by l_reservedate, location, l_itemcallnumber ";
+ $sqlorderby = " ORDER BY l_reservedate, location, l_itemcallnumber ";
} elsif ($order eq "library") {
- $sqlorderby = " order by holdingbranch, l_itemcallnumber, location ";
+ $sqlorderby = " ORDER BY holdingbranch, l_itemcallnumber, location ";
} elsif ($order eq "call") {
- $sqlorderby = " order by l_itemcallnumber, holdingbranch, location ";
+ $sqlorderby = " ORDER BY l_itemcallnumber, holdingbranch, location ";
} else {
- $sqlorderby = " order by biblio.title ";
+ $sqlorderby = " ORDER BY biblio.title ";
}
my $strsth =
"SELECT min(reservedate) as l_reservedate,
@@ -152,16 +158,13 @@ AND notforloan = 0 AND damaged = 0 AND itemlost = 0 AND wthdrawn = 0
if (C4::Context->preference('IndependantBranches')){
$strsth .= " AND items.holdingbranch=? ";
+ push @query_params, C4::Context->userenv->{'branch'};
}
$strsth .= " GROUP BY reserves.biblionumber " . $sqlorderby;
+
my $sth = $dbh->prepare($strsth);
+$sth->execute(@query_params);
-if (C4::Context->preference('IndependantBranches')){
- $sth->execute(C4::Context->userenv->{'branch'});
-}
-else {
- $sth->execute();
-}
my @reservedata;
my $previous;
my $this;
diff --git a/circ/reserveratios.pl b/circ/reserveratios.pl
index 8523a1e..60f01bb 100755
--- a/circ/reserveratios.pl
+++ b/circ/reserveratios.pl
@@ -87,25 +87,32 @@ if ($ratio == 0) {
my $dbh = C4::Context->dbh;
my ($sqlorderby, $sqldatewhere) = ("","");
$debug and warn format_date_in_iso($startdate) . "\n" . format_date_in_iso($enddate);
-$sqldatewhere .= " AND reservedate >= " . $dbh->quote(format_date_in_iso($startdate)) if ($startdate) ;
-$sqldatewhere .= " AND reservedate <= " . $dbh->quote(format_date_in_iso($enddate)) if ($enddate) ;
+my @query_params = ();
+if ($startdate) {
+ $sqldatewhere .= " AND reservedate >= ?";
+ push @query_params, format_date_in_iso($startdate);
+}
+if ($enddate) {
+ $sqldatewhere .= " AND reservedate <= ?";
+ push @query_params, format_date_in_iso($enddate);
+}
if ($order eq "biblio") {
- $sqlorderby = " order by biblio.title, holdingbranch, listcall, l_location ";
+ $sqlorderby = " ORDER BY biblio.title, holdingbranch, listcall, l_location ";
} elsif ($order eq "callnumber") {
- $sqlorderby = " order by listcall, holdingbranch, l_location ";
+ $sqlorderby = " ORDER BY listcall, holdingbranch, l_location ";
} elsif ($order eq "itemcount") {
- $sqlorderby = " order by itemcount, reservecount ";
+ $sqlorderby = " ORDER BY itemcount, reservecount ";
} elsif ($order eq "itype") {
- $sqlorderby = " order by l_itype, holdingbranch, listcall ";
+ $sqlorderby = " ORDER BY l_itype, holdingbranch, listcall ";
} elsif ($order eq "location") {
- $sqlorderby = " order by l_location, holdingbranch, listcall ";
+ $sqlorderby = " ORDER BY l_location, holdingbranch, listcall ";
} elsif ($order eq "reservecount") {
- $sqlorderby = " order by reservecount DESC ";
+ $sqlorderby = " ORDER BY reservecount DESC ";
} elsif ($order eq "branch") {
- $sqlorderby = " order by holdingbranch, l_location, listcall ";
+ $sqlorderby = " ORDER BY holdingbranch, l_location, listcall ";
} else {
- $sqlorderby = " order by reservecount DESC ";
+ $sqlorderby = " ORDER BY reservecount DESC ";
}
my $strsth =
"SELECT reservedate,
@@ -140,16 +147,13 @@ notforloan = 0 AND damaged = 0 AND itemlost = 0 AND wthdrawn = 0
if (C4::Context->preference('IndependantBranches')){
$strsth .= " AND items.holdingbranch=? ";
+ push @query_params, C4::Context->userenv->{'branch'};
}
+
$strsth .= " GROUP BY reserves.biblionumber " . $sqlorderby;
my $sth = $dbh->prepare($strsth);
+$sth->execute(@query_params);
-if (C4::Context->preference('IndependantBranches')){
- $sth->execute(C4::Context->userenv->{'branch'});
-}
-else {
- $sth->execute();
-}
my @reservedata;
while ( my $data = $sth->fetchrow_hashref ) {
my @itemlist;
--
1.5.5.rc0.16.g02b00
More information about the Koha-patches
mailing list