Skip to content

Refactor SQL queries: enforce parameterized bindings and consistent style#91

Merged
solverat merged 6 commits into1.xfrom
fix_sql_statements
Mar 5, 2026
Merged

Refactor SQL queries: enforce parameterized bindings and consistent style#91
solverat merged 6 commits into1.xfrom
fix_sql_statements

Conversation

@solverat
Copy link
Contributor

@solverat solverat commented Feb 23, 2026

Audit and cleanup of all raw SQL queries across the codebase (~840 query sites).

  • Replace executeQuery() with executeStatement() for all DML (INSERT/UPDATE/DELETE)
  • Eliminate $db->quote() value embedding in favor of ? / :name parameter bindings
  • Refactor buildConditionPartsFromDescriptor() to return [$conditions, $params] instead of inlining quoted values
  • Replace string concatenation for dynamic table names with sprintf()
  • Apply consistent style: single-quoted PHP strings, SQL keywords uppercase, multi-line formatting for long queries, no trailing semicolons

Deprecations

  • OpenDxp\Db\Helper::fetchPairs => No replacement
  • OpenDxp\Db\Helper::selectAndDeleteWhere => No replacement
  • OpenDxp\Db\Helper::quoteInto => Use parameterized queries with ? or :name placeholders instead.

@solverat solverat self-assigned this Feb 23, 2026
@solverat solverat added the enhancement New feature or request label Feb 23, 2026
@github-actions
Copy link

github-actions bot commented Feb 23, 2026

Review Checklist

  • Target branch (1.0 for bug fixes, others 1.x)
  • Tests (if it's testable code, there should be a test for it - get help)
  • Docs (every functionality needs to be documented, see here)
  • Migration incl. install.sql (e.g. if the database schema changes, ...)
  • Upgrade notes (deprecations, important information, migration hints, ...)
  • Label
  • Milestone

@solverat solverat added this to the 1.2.3 milestone Feb 27, 2026
@solverat solverat removed the request for review from scrummer February 27, 2026 11:55
@solverat
Refactor classes to improve SQL query consistency and replace `fetchO…
588ad47 
…ne`/`fetchFirstColumn` with multiline formatting for readability
@solverat solverat marked this pull request as ready for review February 27, 2026 14:00
@solverat
Refactor Asset/Dao.php to improve SQL query consistency, use parame…
7fbcfde 
…terized bindings, and standardize permission checks.
@solverat solverat merged commit 67ed0b5 into 1.x Mar 5, 2026
12 checks passed
@solverat solverat deleted the fix_sql_statements branch March 5, 2026 08:02
@github-actions github-actions bot locked and limited conversation to collaborators Mar 5, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@benwalch benwalch benwalch approved these changes

Assignees

@solverat solverat

Labels

enhancement New feature or request

Projects

None yet

Milestone

1.2.3

Development

Successfully merging this pull request may close these issues.

2 participants

@solverat @benwalch