diff --git a/application/default/controllers/FilelistController.php b/application/default/controllers/FilelistController.php index 8ff9f483..c389eecb 100644 --- a/application/default/controllers/FilelistController.php +++ b/application/default/controllers/FilelistController.php @@ -1,11 +1,14 @@ db=Zend_Registry::get('db'); + } + function indexAction() { $uuid=$this->_request->getParam('uuid'); - $filelist=new FilelistTable(); - $adapter=$filelist->getAdapter(); - $db=$adapter->query("select f.filename,f.id,s.uuid,f.depth from datafile f,dataset s where s.id=f.dsid and s.uuid='$uuid' and f.depth=1 and f.filename<>'/uuid.txt' order by f.isdir desc,f.filename"); - $files=$db->fetchAll(); + $sql="select f.filename,f.id,s.uuid,f.depth from datafile f,dataset s where s.id=f.dsid and s.uuid=? and f.depth=1 and f.filename<>'/uuid.txt' order by f.isdir desc,f.filename"; + $files=$this->db->fetchAll($this->db->quoteInto($sql,$uuid)); /* $documents=array(); $i=0; foreach($files as $file) { @@ -30,10 +33,8 @@ class FilelistController extends Zend_Controller_Action { //$depth=substr_count($subPath,'/'); $depth=$this->_request->getParam('depth'); $depth++; - $filelist=new FilelistTable(); - $adapter=$filelist->getAdapter(); - $db=$adapter->query("select f.filename,f.id,s.uuid,f.depth from datafile f,dataset s where s.id=f.dsid and s.uuid='".$uuid."' and f.depth=".$depth." and f.filename<>'/uuid.txt' and f.filename ilike (select filename from datafile where id=".$subpath.")||'%' order by f.isdir desc,f.filename"); - $files=$db->fetchAll(); + $sql="select f.filename,f.id,s.uuid,f.depth from datafile f,dataset s where s.id=f.dsid and s.uuid='".$uuid."' and f.depth=".$depth." and f.filename<>'/uuid.txt' and f.filename ilike (select filename from datafile where id=?)||'%' order by f.isdir desc,f.filename"; + $files=$db->fetchAll($this->db->quoteInto($sql,$subpath)); /* $documents=array(); $i=0;