diff --git a/workflow/engine/classes/model/AdditionalTables.php b/workflow/engine/classes/model/AdditionalTables.php index bb73c9bdc..4c6e020b0 100644 --- a/workflow/engine/classes/model/AdditionalTables.php +++ b/workflow/engine/classes/model/AdditionalTables.php @@ -443,109 +443,122 @@ class AdditionalTables extends BaseAdditionalTables if ($keyOrderUppercase) { foreach ($aData['FIELDS'] as $aField) { - $field = '$oCriteria->addSelectColumn(' . $sClassPeerName . '::' . $aField['FLD_NAME'] . ');'; + $columnConstant = constant($sClassPeerName . '::' . $aField['FLD_NAME']); + if (in_array($aField['FLD_TYPE'], $types)) { - + $round = ''; if ($aField['FLD_TYPE'] == 'DECIMAL' || $aField['FLD_TYPE'] == 'REAL') { - $round = '", "" . ' . $sClassPeerName . '::' . $aField['FLD_NAME'] . ' . "");'; - + $oCriteria->addAsColumn($aField['FLD_NAME'], $columnConstant); } else { $double = self::validateParameter($conf['report_table_double_number'], 1, 8, 4); $float = self::validateParameter($conf['report_table_floating_number'], 1, 5, 4); - $round = '", "round(" . ' . $sClassPeerName . '::' . $aField['FLD_NAME'] . ' . ", ' . ($aField['FLD_TYPE'] == 'DOUBLE' ? $double : $float) . ')");'; + $precision = ($aField['FLD_TYPE'] == 'DOUBLE' ? $double : $float); + $oCriteria->addAsColumn($aField['FLD_NAME'], "ROUND({$columnConstant}, {$precision})"); } - - $field = '$oCriteria->addAsColumn("' . $aField['FLD_NAME'] . $round; + } else { + $oCriteria->addSelectColumn($columnConstant); } - eval($field); } } + $oCriteriaCount = clone $oCriteria; - eval('$count = ' . $sClassPeerName . '::doCount($oCriteria);'); + $count = call_user_func([$sClassPeerName, 'doCount'], $oCriteriaCount); if ($filter != '' && is_string($filter)) { - $stringOr = ''; - $closure = ''; + $firstCriterion = null; $types = ['INTEGER', 'BIGINT', 'SMALLINT', 'TINYINT', 'DECIMAL', 'DOUBLE', 'FLOAT', 'REAL', 'BOOLEAN']; + foreach ($aData['FIELDS'] as $aField) { if (($appUid == false && $aField['FLD_NAME'] != 'APP_UID') || ($appUid == true)) { + $columnConstant = constant($sClassPeerName . '::' . $aField['FLD_NAME']); + if (in_array($aField['FLD_TYPE'], $types)) { if (is_numeric($filter)) { - $stringOr = $stringOr . '$a = $oCriteria->getNewCriterion(' . $sClassPeerName . '::' . $aField['FLD_NAME'] . ', "' . $filter . '", Criteria::EQUAL)' . $closure . ';'; - $closure = '->addOr($a)'; + $criterion = $oCriteria->getNewCriterion($columnConstant, $filter, Criteria::EQUAL); } } else { - $stringOr = $stringOr . '$a = $oCriteria->getNewCriterion(' . $sClassPeerName . '::' . $aField['FLD_NAME'] . ', "%' . $filter . '%", Criteria::LIKE)' . $closure . ';'; - $closure = '->addOr($a)'; + $criterion = $oCriteria->getNewCriterion($columnConstant, "%" . $filter . "%", Criteria::LIKE); + } + + if (isset($criterion)) { + if ($firstCriterion === null) { + $firstCriterion = $criterion; + } else { + $firstCriterion->addOr($criterion); + } } } } - $stringOr = $stringOr . '$oCriteria->add($a);'; - eval($stringOr); + if ($firstCriterion !== null) { + $oCriteria->add($firstCriterion); + } } + if ($search !== '' && is_string($search)) { try { $object = G::json_decode($search); if (isset($object->where)) { - $stringAnd = ""; - $closure = ""; + $mainCriterion = null; $fields = $object->where; + foreach ($fields as $key => $value) { + $columnName = G::toUpper($key); + $columnConstantName = $sClassPeerName . '::' . $columnName; + if (is_string($value)) { - $stringAnd = $stringAnd . '$a = $oCriteria->getNewCriterion(' . $sClassPeerName . '::' . G::toUpper($key) . ', "' . $value . '", Criteria::EQUAL)' . $closure . ';'; - $closure = '->addAnd($a)'; - } - if (is_object($value)) { - $defined = defined("Base" . $sClassPeerName . "::" . G::toUpper($key)); - if ($defined === false) { + $criterion = $oCriteria->getNewCriterion(constant($columnConstantName), $value, Criteria::EQUAL); + } elseif (is_object($value)) { + if (!defined("Base" . $sClassPeerName . "::" . $columnName) && !defined($columnConstantName)) { throw new Exception(G::loadTranslation("ID_FIELD_NOT_FOUND") . ": " . $key . ""); } - if (isset($value->neq) && $defined) { - $stringAnd = $stringAnd . '$a = $oCriteria->getNewCriterion(' . $sClassPeerName . '::' . G::toUpper($key) . ', "' . $value->neq . '", Criteria::NOT_EQUAL)' . $closure . ';'; - $closure = '->addAnd($a)'; + + if (isset($value->neq)) { + $criterion = $oCriteria->getNewCriterion(constant($columnConstantName), $value->neq, Criteria::NOT_EQUAL); + } elseif (isset($value->like)) { + $criterion = $oCriteria->getNewCriterion(constant($columnConstantName), $value->like, Criteria::LIKE); + } elseif (isset($value->nlike)) { + $criterion = $oCriteria->getNewCriterion(constant($columnConstantName), $value->nlike, Criteria::NOT_LIKE); } - if (isset($value->like) && $defined) { - $stringAnd = $stringAnd . '$a = $oCriteria->getNewCriterion(' . $sClassPeerName . '::' . G::toUpper($key) . ', "' . $value->like . '", Criteria::LIKE)' . $closure . ';'; - $closure = '->addAnd($a)'; - } - if (isset($value->nlike) && $defined) { - $stringAnd = $stringAnd . '$a = $oCriteria->getNewCriterion(' . $sClassPeerName . '::' . G::toUpper($key) . ', "' . $value->nlike . '", Criteria::NOT_LIKE)' . $closure . ';'; - $closure = '->addAnd($a)'; + } + + if (isset($criterion)) { + if ($mainCriterion === null) { + $mainCriterion = $criterion; + } else { + $mainCriterion->addAnd($criterion); } } } - if (!empty($stringAnd)) { - $stringAnd = $stringAnd . '$oCriteria->add($a);'; - eval($stringAnd); + if ($mainCriterion !== null) { + $oCriteria->add($mainCriterion); } } } catch (Exception $oError) { throw($oError); } } + + if ($filter != '' && is_string($filter) || $search !== '' && is_string($search)) { $oCriteriaCount = clone $oCriteria; - eval('$count = ' . $sClassPeerName . '::doCount($oCriteria);'); + $count = call_user_func([$sClassPeerName, 'doCount'], $oCriteria); } $filter = new InputFilter(); $sClassPeerName = $filter->validateInput($sClassPeerName); if (isset($_POST['sort'])) { - $_POST['sort'] = $filter->validateInput($_POST['sort']); - $_POST['dir'] = $filter->validateInput($_POST['dir']); + $_POST['sort'] = $inputFilter->validateInput($_POST['sort']); + $_POST['dir'] = $inputFilter->validateInput($_POST['dir']); + + $sortColumn = $_POST['sort']; + + $orderByColumn = $keyOrderUppercase ? $sortColumn : constant($sClassPeerName . '::' . $sortColumn); + if ($_POST['dir'] == 'ASC') { - if ($keyOrderUppercase) { - eval('$oCriteria->addAscendingOrderByColumn("' . $_POST['sort'] . '");'); - } else { - eval('$oCriteria->addAscendingOrderByColumn(' . $sClassPeerName . '::' . $_POST['sort'] . ');'); - } + $oCriteria->addAscendingOrderByColumn($orderByColumn); } else { - if ($keyOrderUppercase) { - eval('$oCriteria->addDescendingOrderByColumn("' . $_POST['sort'] . '");'); - } else { - eval('$oCriteria->addDescendingOrderByColumn(' . $sClassPeerName . '::' . $_POST['sort'] . ');'); - } + $oCriteria->addDescendingOrderByColumn($orderByColumn); } } @@ -555,7 +568,7 @@ class AdditionalTables extends BaseAdditionalTables if (isset($start)) { $oCriteria->setOffset($start); } - eval('$rs = ' . $sClassPeerName . '::doSelectRS($oCriteria);'); + $rs = call_user_func([$sClassPeerName, 'doSelectRS'], $oCriteria); $rs->setFetchmode(ResultSet::FETCHMODE_ASSOC); $rows = array();