From 6ca8a9ce8238f1396e1996d21e0450aea80ad061 Mon Sep 17 00:00:00 2001
From: Jocelyn Fiat <git@djoce.net>
Date: Fri, 19 Jun 2015 17:42:02 +0200
Subject: [PATCH] Fixed parts of SQL statements handling (mostly for SQL script
 execution).

---
 examples/demo/demo-safe.ecf                   |  2 +
 .../scripts/oauth2_consumers_initialize.sql   | 10 ++--
 examples/demo/site/scripts/user.sql           | 24 ++++----
 .../modules/login/templates/block_login.tpl   |  8 +--
 src/persistence/sql/cms_storage_sql_i.e       | 57 +++++++++++++++----
 5 files changed, 68 insertions(+), 33 deletions(-)

diff --git a/examples/demo/demo-safe.ecf b/examples/demo/demo-safe.ecf
index 0112f9c..906a38f 100644
--- a/examples/demo/demo-safe.ecf
+++ b/examples/demo/demo-safe.ecf
@@ -20,7 +20,9 @@
 	<library name="cms_model" location="..\..\library\model\cms_model-safe.ecf" readonly="false"/>
 	<library name="cms_auth_module" location="..\..\modules\auth\auth-safe.ecf" readonly="false"/>
 	<library name="cms_node_module" location="..\..\modules\node\node-safe.ecf" readonly="false"/>
+	<!--
 	<library name="persistence_store_mysql" location="..\..\library\persistence\store_mysql\store_mysql-safe.ecf" readonly="false"/>
+	-->
 	<library name="persistence_store_odbc" location="..\..\library\persistence\store_odbc\store_odbc-safe.ecf" readonly="false"/>
 	<library name="wsf" location="$ISE_LIBRARY\contrib\library\web\framework\ewf\wsf\wsf-safe.ecf"/>
 	<library name="wsf_extension" location="$ISE_LIBRARY\contrib\library\web\framework\ewf\wsf\wsf_extension-safe.ecf" readonly="false"/>
diff --git a/examples/demo/site/scripts/oauth2_consumers_initialize.sql b/examples/demo/site/scripts/oauth2_consumers_initialize.sql
index 69cd233..a600e71 100644
--- a/examples/demo/site/scripts/oauth2_consumers_initialize.sql
+++ b/examples/demo/site/scripts/oauth2_consumers_initialize.sql
@@ -1,7 +1,7 @@
-	-- Change the values `TO_COMPLETE` based on your API.
+	-- Change the values TO_COMPLETE based on your API.
 	-- API SECTET KEY AND API PUBLIC KEY 
+INSERT INTO oauth2_consumers (name, api_secret, api_key, scope, protected_resource_url, callback_name, extractor, authorize_url, endpoint) 
+VALUES ('google', 'TO-COMPLETE', 'TO-COMPLETE', 'email', 'https://www.googleapis.com/plus/v1/people/me', 'callback_google', 'json','https://accounts.google.com/o/oauth2/auth?response_type=code&client_id=$CLIENT_ID&redirect_uri=$REDIRECT_URI','https://accounts.google.com/o/oauth2/token');
 
-INSERT INTO `oauth2_consumers` ("name", "api_secret", "api_key", "scope", "protected_resource_url", "callback_name", "extractor", "authorize_url", "endpoint") 
-VALUES ("google", 'TO-COMPLETE', 'TO-COMPLETE', 'email', 'https://www.googleapis.com/plus/v1/people/me', "callback_google", "json","https://accounts.google.com/o/oauth2/auth?response_type=code&client_id=$CLIENT_ID&redirect_uri=$REDIRECT_URI","https://accounts.google.com/o/oauth2/token");
-INSERT INTO "oauth2_consumers" ("name", "api_secret", "api_key", "scope", "protected_resource_url", "callback_name", "extractor", "authorize_url", "endpoint" ) 
-VALUES ("facebook", 'TO-COMPLETE', 'TO-COMPLETE', 'email', 'https://graph.facebook.com/me', "callback_facebook","text","https://www.facebook.com/dialog/oauth?response_type=code&client_id=$CLIENT_ID&redirect_uri=$REDIRECT_URI","https://graph.facebook.com/oauth/access_token");
+INSERT INTO oauth2_consumers (name, api_secret, api_key, scope, protected_resource_url, callback_name, extractor, authorize_url, endpoint ) 
+VALUES ('facebook', 'TO-COMPLETE', 'TO-COMPLETE', 'email', 'https://graph.facebook.com/me', 'callback_facebook','text','https://www.facebook.com/dialog/oauth?response_type=code&client_id=$CLIENT_ID&redirect_uri=$REDIRECT_URI','https://graph.facebook.com/oauth/access_token');
diff --git a/examples/demo/site/scripts/user.sql b/examples/demo/site/scripts/user.sql
index 6e286af..03c7166 100644
--- a/examples/demo/site/scripts/user.sql
+++ b/examples/demo/site/scripts/user.sql
@@ -30,19 +30,19 @@ CREATE TABLE `role_permissions`(
   `module` VARCHAR(255)
 );
 
-CREATE TABLE "users_activations" (
-  "aid" INTEGER  PRIMARY KEY AUTOINCREMENT NOT NULL CHECK ("aid" >= 0),
-  "token" VARCHAR(255) NOT NULL,
-  "uid" INTEGER NOT NULL CHECK ("uid" >= 0),
-  "created" DATETIME NOT NULL,
-  CONSTRAINT "token" UNIQUE  ("token")
+CREATE TABLE `users_activations` (
+  `aid` INTEGER  PRIMARY KEY AUTO_INCREMENT NOT NULL CHECK (`aid` >= 0),
+  `token` VARCHAR(255) NOT NULL,
+  `uid` INTEGER NOT NULL CHECK (`uid` >= 0),
+  `created` DATETIME NOT NULL,
+  CONSTRAINT `token` UNIQUE  (`token`)
 );
 
-CREATE TABLE "users_password_recovery" (
-  "aid" INTEGER  PRIMARY KEY AUTOINCREMENT NOT NULL CHECK ("aid" >= 0),
-  "token" VARCHAR(255) NOT NULL,
-  "uid" INTEGER NOT NULL CHECK ("uid" >= 0),
-  "created" DATETIME NOT NULL,
-  CONSTRAINT "token" UNIQUE  ("token")
+CREATE TABLE `users_password_recovery` (
+  `aid` INTEGER  PRIMARY KEY AUTO_INCREMENT NOT NULL CHECK (`aid` >= 0),
+  `token` VARCHAR(255) NOT NULL,
+  `uid` INTEGER NOT NULL CHECK (`uid` >= 0),
+  `created` DATETIME NOT NULL,
+  CONSTRAINT `token` UNIQUE  (`token`)
 );
 
diff --git a/examples/demo/site/themes/bootstrap/modules/login/templates/block_login.tpl b/examples/demo/site/themes/bootstrap/modules/login/templates/block_login.tpl
index dda41b5..0549b24 100644
--- a/examples/demo/site/themes/bootstrap/modules/login/templates/block_login.tpl
+++ b/examples/demo/site/themes/bootstrap/modules/login/templates/block_login.tpl
@@ -1,6 +1,6 @@
  	<div class="primary-tabs">
  		{unless isset="$user"}
-			<h3>Login or <a href="/account/roc-register">Register</a></h3>
+			<h3>Login or <a href="{$site_url/}account/roc-register">Register</a></h3>
 		<div>
 			<div>	
 			    <form action method="POST">
@@ -21,14 +21,14 @@
 		<div>
 			<div>
 				<p>
-					<a href="/account/new-password">Forgot password?</a>
+					<a href="{$site_url/}account/new-password">Forgot password?</a>
 				</p>
 			</div>
 		</div>	
 		<div>
 			{foreach item="item" from="$oauth_consumers"}
-				<a href="/account/login-with-oauth/{$item/}">Login with {$item/}</a><br>
+				<a href="{$site_url/}account/login-with-oauth/{$item/}">Login with {$item/}</a><br>
 			{/foreach}	
 		</div>    	
 		{/unless}
-	</div>
\ No newline at end of file
+	</div>
diff --git a/src/persistence/sql/cms_storage_sql_i.e b/src/persistence/sql/cms_storage_sql_i.e
index 6c779fa..e0fe382 100644
--- a/src/persistence/sql/cms_storage_sql_i.e
+++ b/src/persistence/sql/cms_storage_sql_i.e
@@ -76,7 +76,13 @@ feature -- Operation
 				i := a_sql_statement.index_of (':', i)
 				if i = 0 then
 					i := n -- exit
-				elseif a_sql_statement.at (i-1).is_equal ('%'') or else  a_sql_statement.at (i-1).is_equal ('%"') or else a_sql_statement.at (i-1).is_equal (' ') or else a_sql_statement.at (i-1).is_equal ('=') then
+				elseif
+					a_sql_statement [i-1] = '%''
+					or else  a_sql_statement [i-1] = '%"'
+					or else a_sql_statement [i-1] = ' '
+					or else a_sql_statement [i-1] = '='
+					or else a_sql_statement [i-1] = '('
+				then
 					from
 						j := i + 1
 					until
@@ -177,6 +183,7 @@ feature -- Helper
 		local
 			i: INTEGER
 			err: BOOLEAN
+			cl: CELL [INTEGER]
 		do
 			reset_error
 			sql_begin_transaction
@@ -184,16 +191,17 @@ feature -- Helper
 --			sql_change (a_sql_script, Void)
 			from
 				i := 1
+				create cl.put (0)
 			until
 				i > a_sql_script.count or err
 			loop
-				if attached next_sql_statement (a_sql_script, i) as s then
+				if attached next_sql_statement (a_sql_script, i, cl) as s then
 					if not s.is_whitespace then
 						sql_change (sql_statement (s), Void)
 						err := err or has_error
 						reset_error
 					end
-					i := i + s.count
+					i := i + cl.item
 				else
 					i := a_sql_script.count + 1
 				end
@@ -382,11 +390,12 @@ feature -- Conversion
 
 feature {NONE} -- Implementation
 
-	next_sql_statement (a_script: STRING; a_start_index: INTEGER): detachable STRING
+	next_sql_statement (a_script: STRING; a_start_index: INTEGER; a_offset: CELL [INTEGER]): detachable STRING
 		local
 			i,j,n: INTEGER
 			c: CHARACTER
 			l_end: INTEGER
+			l_removals: detachable ARRAYED_LIST [TUPLE [start_index,end_index: INTEGER]]
 		do
 			from
 				i := a_start_index
@@ -400,21 +409,32 @@ feature {NONE} -- Implementation
 					if i < n and then a_script[i + 1] = '-' then
 							-- Commented line "--" until New Line
 						j := a_script.index_of ('%N', i)
-						if j > 0 then
-							i := j
+						if j = 0 then
+							j := n
 						else
-							i := n
+							j := j + 1 -- include %N
 						end
+						if l_removals = Void then
+							create l_removals.make (1)
+						end
+						l_removals.force ([i,j])
+						i := j
 					end
 				when '/' then
 					if i < n and then a_script[i + 1] = '*' then
 							-- Commented text "/*" until closing "*/"
 						j := a_script.substring_index ("*/", i)
-						if j > 0 then
-							i := j
+
+						if j = 0 then
+							j := n
 						else
-							i := n
+							j := j + 1 -- Include '/'
 						end
+						if l_removals = Void then
+							create l_removals.make (1)
+						end
+						l_removals.force ([i,j])
+						i := j
 					end
 				when '`', '"', '%'' then
 					from
@@ -428,6 +448,8 @@ feature {NONE} -- Implementation
 							if a_script [j - 1] /= '\' then
 								l_end := j
 							end
+						else
+							l_end := i
 						end
 					end
 					if l_end > 0 then
@@ -440,9 +462,20 @@ feature {NONE} -- Implementation
 				end
 				i := i + 1
 			end
-			i := a_script.index_of (';', a_start_index)
-			if i > a_start_index then
+--			i := a_script.index_of (';', a_start_index)
+			if i <= n and i > a_start_index then
 				Result := a_script.substring (a_start_index, i)
+				a_offset.replace (Result.count)
+				if l_removals /= Void then
+					j := 0
+					across
+						l_removals as ic
+					loop
+						Result.remove_substring (ic.item.start_index - j, ic.item.end_index - j)
+						j := j + ic.item.end_index - ic.item.start_index + 1
+					end
+					a_offset.replace (a_offset.item - j)
+				end
 			end
 		end