Bug #837013

Change-Id: I54e1964487c885bbde709bef51e4e377b1ae8904
Signed-off-by: Hugh Davenport <hugh@catalyst.net.nz>

Change-Id: Ie90dce891d3ca33aef721574a36dfca01a17f30f
Signed-off-by: Eugene Venter <eugene@catalyst.net.nz>

The get_record_select() query (checking record existence) in
ensure_record_exists() method was not using prepared statements and was
quoting all comparison values (regardless of their data type).

Change-Id: Ie862ad4062584efa8c956096a8b1cf08e3fc6c0b
Signed-off-by: Eugene Venter <eugene@catalyst.net.nz>

These closing tags are unnecessary and against our coding
guidelines. Let's get rid of them all in one go.

Change-Id: Ia94f103e525185597ee3780a3839d7577cdd0c29
Signed-off-by: Francois Marier <francois@catalyst.net.nz>

Bug #716533
Signed-off-by: Matt Oquist <moquist@majen.net>
Signed-off-by: Francois Marier <francois@catalyst.net.nz>

Signed-off-by: Richard Mansfield <richard.mansfield@catalyst.net.nz>

Signed-off-by: Richard Mansfield <richardm@catalyst.net.nz>

Signed-off-by: Richard Mansfield <richardm@catalyst.net.nz>

Several functions seemed to be missing the @param for $values and others
seemed had differing descriptions.
I've tried to keep all of these as similar as possible to avoid confusion.

[Nigel: removed part of one hunk - we don't name return variables in
phpdoc]
Signed-off-by: Andrew Robert Nicols <andrew.nicols@luns.net.uk>
Signed-off-by: Nigel McNie <nigel@catalyst.net.nz>

(cherry picked from commit 23670d2e5d77f930bfc79ecd5624ccf6e6b126e7)

This reverts commit 638c1a05.

This is the setting that rejects invalid data. Too risky to turn on for 1.0_STABLE.

Now no longer counts SET NAMES 'utf8' as a write. This means most pages
show as doing no writes, which is correct. 0 writes showed up as blank
in the footer, so tweaked the code appropriately.

This reverts commit 5780e905.

I'm going to fix installs now!

It's now only included on lib/upgrade.php.

One existing call to table_exists that was in safe_require has now been ditched as it's unnecessary.

More work on profile views and three new blocktypes (myfriends/mygroups/myviews) to emulate current profile page TODO: - write wall blocktype - change install default profile view hook to add blocks - upgrade path (xmldb & migration) - blocktype and category and singleblockperview implementation

    - TESTING

This will be broken until I write a database patch. But the appropriate data is inserted into the group tables when a group is created now.

Otherwise, $db->BindTimestamp() will return the string 'null' for 0 and '0', which no code in Mahara is expecting.

Noticed as part of the previous commit, where $user->lastlogin defaulted to 0 (which was incorrect), and which db_format_timestamp was converting to 'null'.

Work around a bug in insert_record, where the table columns were cached for a table the first time the table was inserted into, making it impossible to do inserts into the table in the same request if the table is changed.

Added a global variable, $INSERTRECORD_NOCACHE, that can be set in order to force re-looking up the table columns.

Use this feature to fix the installation of the forum interaction activity type "new post" when upgrading.

The name is largely irrelevant as it's only the creator of the file.

Fixes to the upgrade so that an upgrade from a pristine 0.9 postgres to 1.0 produces the same schema as installing from 1.0.

Make admin users/staff users scripts show all users rather than just users that would be returned by standard search. Fxies #1756.

This is actually quite a large patch, which does the following:

 * adds a db_ilike() method, which returns the correct keyword (LIKE or ILIKE) to do case insensitive searching.
 * Switches the templates used for the admin user search for strings, rather than using files. This prevents problems when the theme is not the default and the templates are not there.
 * Implements admin_search_user in the internal search plugin for MySQL as well as postgres, without needing two separate methods since the query works on both.
 * Make the userlist element use the new json/adminusersearch.php script, which performs an admin user search.

One happy upside is that the admin user search screen now works in MySQL.

Signed-off-by: Andrew McMillan

Handle the case where we call ensure_record_exists with the same object as $where and $data. update_record was getting teh angry.

This change adds the ability to prevent the SQLException constructor from logging errors, which is used in init.php when attempting to load the config data and set default config values.

Namely, when a block doesn't migrate properly.

Also reduced the size of resized images in views somewhat to work better on smaller screens.

This means that we can safely call db_begin() and db_commit() anywhere, and as long as the calls balance, the transaction will only be committed when the last one is committed.

If a rollback is asked for at any time, the entire transaction is rolled back.

& updated call to it in artefact/blog

This uses the postgres SELECT FOR UPDATE syntax to ensure we don't have a race condition when inserting a record that previously didn't exist. The other database one is a bit more race condition-ey.

Given that update_record munges its $dataobject parameter and we're in php5 land, this causes update_record to unset properties we might need later. Clone it inside the function so this doesn't happen. Yet again, dml--

fixed up some stuff in dml around quoting of identifiers and added prepared statements to execute_sql

Fix up some places where database field name quoting is only done some of the time - made it happen all the time. There's only gains to be had here

Now, table names (and other identifiers that could be confused with SQL kewords), should be put into SQL like this:

SELECT * FROM {artefact}

The braces are matched and expanded by DML now to include the prefix and be properly quoted, which means that tables like 'view' and 'group' don't need renaming (and nor should they, there's little reason why we should rename tables to get around such constraints).

This has removed a whole bunch of $prefix = ... and get_config('dbprefix') stuff, which makes things a little simpler yet again.