aboutsummaryrefslogtreecommitdiff
path: root/engine/lib
diff options
context:
space:
mode:
Diffstat (limited to 'engine/lib')
-rw-r--r--engine/lib/entities.php1
-rw-r--r--engine/lib/metadata.php24
2 files changed, 16 insertions, 9 deletions
diff --git a/engine/lib/entities.php b/engine/lib/entities.php
index 745b46ee6..e457988ec 100644
--- a/engine/lib/entities.php
+++ b/engine/lib/entities.php
@@ -388,6 +388,7 @@
$time = time();
if ($type=="") throw new InvalidParameterException("Entity type must be set.");
+ if ($owner_guid==0) throw new InvalidParameterException("owner_guid must not be 0");
return insert_data("INSERT into {$CONFIG->dbprefix}entities (type, subtype, owner_guid, access_id, time_created, time_updated) values ('$type',$subtype, $owner_guid, $access_id, $time, $time)");
}
diff --git a/engine/lib/metadata.php b/engine/lib/metadata.php
index 1111fb551..4d29bb7bc 100644
--- a/engine/lib/metadata.php
+++ b/engine/lib/metadata.php
@@ -156,7 +156,7 @@
$id = (int)$id;
$access = get_access_list();
- return row_to_elggmetadata(get_data_row("SELECT m.*, v.string as value from {$CONFIG->dbprefix}metadata m JOIN {$CONFIG->dbprefix}metastrings v on m.value_id = v.id where m.id=$id and (m.access_id in {$access} or (m.access_id = 0 and m.owner_guid = {$_SESSION['id']}))"));
+ return row_to_elggmetadata(get_data_row("SELECT m.*, n.string as name, v.string as value from {$CONFIG->dbprefix}metadata m JOIN {$CONFIG->dbprefix}metastrings v on m.value_id = v.id JOIN {$CONFIG->dbprefix}metastrings n on m.name_id = n.id where m.id=$id and (m.access_id in {$access} or (m.access_id = 0 and m.owner_guid = {$_SESSION['id']}))"));
}
/**
@@ -186,7 +186,7 @@
$id = false;
- $existing = get_data_row("SELECT * from {$CONFIG->dbprefix}metadata WHERE entity_guid = $entity_guid and name='$name' limit 1");
+ $existing = get_data_row("SELECT * from {$CONFIG->dbprefix}metadata WHERE entity_guid = $entity_guid and name_id=" . add_metastring($name) . " limit 1");
if ($existing)
{
$id = $existing->id;
@@ -196,12 +196,15 @@
}
else
{
- // Add the metastring
+ // Add the metastrings
$value = add_metastring($value);
if (!$value) return false;
+ $name = add_metastring($name);
+ if (!$name) return false;
+
// If ok then add it
- $id = insert_data("INSERT into {$CONFIG->dbprefix}metadata (entity_guid, name, value_id, value_type, owner_guid, time_created, access_id) VALUES ($entity_guid, '$name','$value','$value_type', $owner_guid, $time, $access_id)");
+ $id = insert_data("INSERT into {$CONFIG->dbprefix}metadata (entity_guid, name_id, value_id, value_type, owner_guid, time_created, access_id) VALUES ($entity_guid, '$name','$value','$value_type', $owner_guid, $time, $access_id)");
}
return $id;
@@ -238,8 +241,11 @@
$value = add_metastring($value);
if (!$value) return false;
+ $name = add_metastring($name);
+ if (!$name) return false;
+
// If ok then add it
- return update_data("UPDATE {$CONFIG->dbprefix}metadata set value_id='$value', value_type='$value_type', access_id=$access_id, owner_guid=$owner_guid where id=$id and name='$name' and (access_id in {$access} or (access_id = 0 and owner_guid = {$_SESSION['id']}))");
+ return update_data("UPDATE {$CONFIG->dbprefix}metadata set value_id='$value', value_type='$value_type', access_id=$access_id, owner_guid=$owner_guid where id=$id and name_id='$name' and (access_id in {$access} or (access_id = 0 and owner_guid = {$_SESSION['id']}))");
}
@@ -268,11 +274,11 @@
{
global $CONFIG;
- $meta_name = sanitise_string($meta_name);
+ $meta_name = get_metastring_id($meta_name);
$entity_guid = (int)$entity_guid;
$access = get_access_list();
- return row_to_elggmetadata(get_data_row("SELECT m.*, v.string as value from {$CONFIG->dbprefix}metadata m JOIN {$CONFIG->dbprefix}metastrings v on m.value_id = v.id where m.entity_guid=$entity_guid and m.name='$meta_name' and (m.access_id in {$access} or (m.access_id = 0 and m.owner_guid = {$_SESSION['id']}))"));
+ return row_to_elggmetadata(get_data_row("SELECT m.*, n.string as name, v.string as value from {$CONFIG->dbprefix}metadata m JOIN {$CONFIG->dbprefix}metastrings v on m.value_id = v.id JOIN {$CONFIG->dbprefix}metastrings n on m.name_id = n.id where m.entity_guid=$entity_guid and m.name_id='$meta_name' and (m.access_id in {$access} or (m.access_id = 0 and m.owner_guid = {$_SESSION['id']}))"));
}
/**
@@ -290,7 +296,7 @@
{
global $CONFIG;
- $meta_name = sanitise_string($meta_name);
+ $meta_name = get_metastring_id($meta_name);
$meta_value = get_metastring_id($meta_value);
$entity_type = sanitise_string($entity_type);
@@ -308,7 +314,7 @@
if ($entity_subtype)
$where[] = "e.subtype=$entity_subtype";
if ($meta_name!="")
- $where[] = "m.name='$meta_name'";
+ $where[] = "m.name_id='$meta_name'";
if ($meta_value!="")
$where[] = "m.value_id='$meta_value'";