diff -r 5a6b6e770365 -r 68c69c656a2c web/lib/Zend/Db/Select.php --- a/web/lib/Zend/Db/Select.php Thu May 07 15:10:09 2015 +0200 +++ b/web/lib/Zend/Db/Select.php Thu May 07 15:16:02 2015 +0200 @@ -15,9 +15,9 @@ * @category Zend * @package Zend_Db * @subpackage Select - * @copyright Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com) + * @copyright Copyright (c) 2005-2015 Zend Technologies USA Inc. (http://www.zend.com) * @license http://framework.zend.com/license/new-bsd New BSD License - * @version $Id: Select.php 24833 2012-05-30 13:29:41Z adamlundrigan $ + * @version $Id$ */ @@ -38,7 +38,7 @@ * @category Zend * @package Zend_Db * @subpackage Select - * @copyright Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com) + * @copyright Copyright (c) 2005-2015 Zend Technologies USA Inc. (http://www.zend.com) * @license http://framework.zend.com/license/new-bsd New BSD License */ class Zend_Db_Select @@ -509,7 +509,7 @@ } foreach ($spec as $val) { - if (preg_match('/\(.*\)/', (string) $val)) { + if (preg_match('/^([\w]*\(([^\)]|(?1))*\))$/', (string) $val)) { $val = new Zend_Db_Expr($val); } $this->_parts[self::GROUP][] = $val; @@ -601,7 +601,7 @@ $val = trim($matches[1]); $direction = $matches[2]; } - if (preg_match('/\(.*\)/', $val)) { + if (preg_match('/^([\w]*\(([^\)]|(?1))*\))$/', (string) $val)) { $val = new Zend_Db_Expr($val); } $this->_parts[self::ORDER][] = array($val, $direction); @@ -654,7 +654,7 @@ } /** - * Get part of the structured information for the currect query. + * Get part of the structured information for the current query. * * @param string $part * @return mixed @@ -718,7 +718,7 @@ { if ($part == null) { $this->_parts = self::$_partsInit; - } else if (array_key_exists($part, self::$_partsInit)) { + } elseif (array_key_exists($part, self::$_partsInit)) { $this->_parts[$part] = self::$_partsInit[$part]; } return $this; @@ -768,7 +768,7 @@ if (empty($name)) { $correlationName = $tableName = ''; - } else if (is_array($name)) { + } elseif (is_array($name)) { // Must be array($correlationName => $tableName) or array($ident, ...) foreach ($name as $_correlationName => $_tableName) { if (is_string($_correlationName)) { @@ -782,10 +782,10 @@ } break; } - } else if ($name instanceof Zend_Db_Expr|| $name instanceof Zend_Db_Select) { + } elseif ($name instanceof Zend_Db_Expr|| $name instanceof Zend_Db_Select) { $tableName = $name; $correlationName = $this->_uniqueCorrelation('t'); - } else if (preg_match('/^(.+)\s+AS\s+(.+)$/i', $name, $m)) { + } elseif (preg_match('/^(.+)\s+AS\s+(.+)$/i', $name, $m)) { $tableName = $m[1]; $correlationName = $m[2]; } else { @@ -943,7 +943,7 @@ $alias = $m[2]; } // Check for columns that look like functions and convert to Zend_Db_Expr - if (preg_match('/\(.*\)/', $col)) { + if (preg_match('/^([\w]*\(([^\)]|(?1))*\))$/', (string) $col)) { $col = new Zend_Db_Expr($col); } elseif (preg_match('/(.+)\.(.+)/', $col, $m)) { $currentCorrelationName = $m[1]; @@ -1096,7 +1096,7 @@ } } - return $sql .= ' ' . implode(', ', $columns); + return $sql . ' ' . implode(', ', $columns); } /** @@ -1238,7 +1238,7 @@ } else { $order[] = $this->_adapter->quoteIdentifier($term[0], true) . ' ' . $term[1]; } - } else if (is_numeric($term) && strval(intval($term)) == $term) { + } elseif (is_numeric($term) && strval(intval($term)) == $term) { $order[] = (int)trim($term); } else { $order[] = $this->_adapter->quoteIdentifier($term, true);