Nickbur / Sunrise-CMS

administration/model/design/sticker.php

<?php

/* 	Divine CMS - Open source CMS for widespread use.
    Copyright (c) 2019 Mykola Burakov (burakov.work@gmail.com)

    See SOURCE.txt for other and additional information.

    This file is part of Divine CMS.

    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program. If not, see <http://www.gnu.org/licenses/>. */

class ModelDesignSticker extends \Divine\Engine\Core\Model

PSR1 recommends that each class must be in a namespace of at least one level to avoid collisions.

{
    public function addSticker($data)

Expected 2 blank lines before function; 0 found

    {
        $this->db->query("
			INSERT INTO sticker 
			SET name = '" . $this->db->escape($data['name']) . "', 
				status = '" . (int)$data['status'] . "'
			");

        $sticker_id = $this->db->getLastId();

        if (isset($data['image'])) {
            $this->db->query("
				UPDATE sticker 
				SET image = '" . $this->db->escape(html_entity_decode($data['image'], ENT_QUOTES, 'UTF-8')) . "' 
				WHERE sticker_id = '" . (int)$sticker_id . "'
			");
        }
    }

    public function editSticker($sticker_id, $data)
    {
        $this->db->query("
			UPDATE sticker 
			SET name = '" . $this->db->escape($data['name']) . "', 
				status = '" . (int)$data['status'] . "' 
			WHERE sticker_id = '" . (int)$sticker_id . "'
		");
    
        if (isset($data['image'])) {
            $this->db->query("
				UPDATE sticker 
				SET image = '" . $this->db->escape(html_entity_decode($data['image'], ENT_QUOTES, 'UTF-8')) . "' 
				WHERE sticker_id = '" . (int)$sticker_id . "'
			");
        }
    }

    public function deleteSticker($sticker_id)
    {
        $this->db->query("
			DELETE 
			FROM sticker 
			WHERE sticker_id = '" . (int)$sticker_id . "'
		");
    }

    public function getSticker($sticker_id)
    {
        $query = $this->db->query("
			SELECT DISTINCT * 
			FROM sticker 
			WHERE sticker_id = '" . (int)$sticker_id . "'
		");

        return $query->row;
    }

    public function getStickers($data = array())
    {
        $sql = "

The string literal \n SELECT * \n FROM sticker\n does not require double quotes, as per coding-style, please use single quotes.

			SELECT * 
			FROM sticker
		";

        $sort_data = array(
            'name',
            'status'
        );

        if (isset($data['sort']) && in_array($data['sort'], $sort_data)) {
            $sql .= " ORDER BY " . $data['sort'];

The string literal ORDER BY does not require double quotes, as per coding-style, please use single quotes.

        } else {
            $sql .= " ORDER BY name";

The string literal ORDER BY name does not require double quotes, as per coding-style, please use single quotes.

        }

        if (isset($data['order']) && ($data['order'] == 'DESC')) {
            $sql .= " DESC";

The string literal DESC does not require double quotes, as per coding-style, please use single quotes.

        } else {
            $sql .= " ASC";

The string literal ASC does not require double quotes, as per coding-style, please use single quotes.

        }

        if (isset($data['start']) || isset($data['limit'])) {
            if ($data['start'] < 0) {
                $data['start'] = 0;
            }

            if ($data['limit'] < 1) {
                $data['limit'] = 20;
            }

            $sql .= " LIMIT " . (int)$data['start'] . "," . (int)$data['limit'];

The string literal LIMIT does not require double quotes, as per coding-style, please use single quotes.

The string literal , does not require double quotes, as per coding-style, please use single quotes.

        }

        $query = $this->db->query($sql);

        return $query->rows;
    }
    
    public function getStickersProduct($data = array())

The parameter $data is not used and could be removed.

    {
        $sql = "

The string literal \n SELECT * \n FROM sticker\n does not require double quotes, as per coding-style, please use single quotes.

			SELECT * 
			FROM sticker
		";
            
        $query = $this->db->query($sql);
    
        return $query->rows;
    }

    public function getProductSticker($product_id)
    {
        $stickers = array();

        $query = $this->db->query("
			SELECT sticker_id, 
				position 
			FROM product_to_sticker 
			WHERE product_id = '" . (int)$product_id . "' 
			GROUP BY position
		");
        
        foreach ($query->rows as $sticker) {
            $stickers[$sticker['position']] = $sticker['sticker_id'];
        }

        return $stickers;
    }

    public function getTotalStickers()
    {
        $query = $this->db->query("

The string literal \n SELECT COUNT(*) AS total \n FROM sticker\n does not require double quotes, as per coding-style, please use single quotes.

			SELECT COUNT(*) AS total 
			FROM sticker
		");

        return $query->row['total'];
    }
    
    public function validateDelete($selected)
    {
        $query = $this->db->query("

The string literal \n SELECT COUNT(*) AS total \n FROM product_to_sticker \n WHERE sticker_id IN ( does not require double quotes, as per coding-style, please use single quotes.

			SELECT COUNT(*) AS total 
			FROM product_to_sticker 
			WHERE sticker_id IN (". $selected .")

The string literal )\n does not require double quotes, as per coding-style, please use single quotes.

		");

        return $query->row['total'];
    }
}