...
 
Commits (3)
......@@ -14,17 +14,15 @@ namespace T3o\TerFe2\Controller\Eid;
* The TYPO3 project - inspiring people to share!
*/
use TYPO3\CMS\Core\Database\ConnectionPool;
use TYPO3\CMS\Core\Utility\GeneralUtility;
/**
* Class \T3o\TerFe2\Controller\Eid\ExtensionController
*/
class ExtensionController
{
/**
* @var \TYPO3\CMS\Core\Database\DatabaseConnection
*/
protected $databaseConnection;
/**
* @var array
*/
......@@ -32,8 +30,6 @@ class ExtensionController
public function __construct()
{
$this->databaseConnection = $GLOBALS['TYPO3_DB'];
$this->jsonArray = array(
'meta' => null,
'data' => null
......@@ -59,11 +55,23 @@ class ExtensionController
*/
protected function findAllWithRepositoryUrlAsPackageSource()
{
$extensions = $this->databaseConnection->exec_SELECTgetRows(
'*',
'tx_terfe2_domain_model_extension',
'hidden = 0 and deleted = 0 and repository_clone_url <> ""'
);
$frontendUserConnection = GeneralUtility::makeInstance(ConnectionPool::class)
->getConnectionForTable('tx_terfe2_domain_model_extension');
$queryBuilder = $frontendUserConnection->createQueryBuilder();
$queryBuilder
->select('*')
->from('tx_terfe2_domain_model_extension')
->where(
$queryBuilder->expr()->eq('hidden', 0),
$queryBuilder->expr()->eq('deleted', 0),
$queryBuilder->expr()->neq('repository_clone_url', '')
);
$statement = $queryBuilder->execute();
$statement->execute();
$extensions = $statement->fetchAll(\PDO::FETCH_ASSOC);
foreach ($extensions as $extension) {
$this->jsonArray['data'][$extension['ext_key']] = array(
......
......@@ -14,7 +14,8 @@ namespace T3o\TerFe2\Controller;
* The TYPO3 project - inspiring people to share!
*/
use TYPO3\CMS\Extbase\Persistence\Generic\QuerySettingsInterface;
use TYPO3\CMS\Core\Database\ConnectionPool;
use TYPO3\CMS\Core\Utility\GeneralUtility;
/**
* Controller for the extension object
......@@ -561,12 +562,22 @@ class ExtensionController extends \T3o\TerFe2\Controller\AbstractController
if (empty($this->frontendUser['username'])) {
return false;
}
$isAllowedToUploadKey = $GLOBALS['TYPO3_DB']->exec_SELECTcountRows(
'uid',
'tx_ter_extensionkeys',
'ownerusername LIKE "' . $GLOBALS['TYPO3_DB']->quoteStr($this->frontendUser['username'], 'foo') . '"
AND extensionkey LIKE "' . $GLOBALS['TYPO3_DB']->quoteStr($extensionKey, 'foo') . '"'
);
$tableName = 'tx_ter_extensionkeys';
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)
->getQueryBuilderForTable($tableName);
$queryBuilder->getRestrictions()->removeAll();
$statement = $queryBuilder
->count('uid')
->from($tableName)
->where(
$queryBuilder->expr()->eq('ownerusername', $this->frontendUser['username']),
$queryBuilder->expr()->eq('extensionkey', $extensionKey)
)
->execute();
$statement->execute();
$isAllowedToUploadKey = $statement->fetchColumn(0);
return !empty($isAllowedToUploadKey);
}
......@@ -585,13 +596,23 @@ class ExtensionController extends \T3o\TerFe2\Controller\AbstractController
if (empty($extensionKey) || empty($versionString)) {
return false;
}
$versionExistsForExtension = $GLOBALS['TYPO3_DB']->exec_SELECTcountRows(
'uid',
'tx_ter_extensions',
'extensionkey = "' . $GLOBALS['TYPO3_DB']->quoteStr($extensionKey, 'foo') . '"
AND version LIKE "' . $GLOBALS['TYPO3_DB']->quoteStr($versionString, 'foo') . '"'
);
return empty($versionExistsForExtension);
$tableName = 'tx_ter_extensions';
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)
->getQueryBuilderForTable($tableName);
$queryBuilder->getRestrictions()->removeAll();
$statement = $queryBuilder
->count('uid')
->from($tableName)
->where(
$queryBuilder->expr()->eq('extensionkey', $extensionKey),
$queryBuilder->expr()->like('version', $versionString)
)
->execute();
$statement->execute();
$versionUidForExtension = $statement->fetchColumn(0);
return empty($versionUidForExtension);
}
/**
......