Commit 2d588496 authored by mattwire's avatar mattwire

Escape SQL update for updatecontactids

parent aa1cd141
......@@ -106,8 +106,8 @@ function civicrm_api3_stripe_customer_updatecontactids($params) {
'return' => "id",
'email' => $dao->email,
]);
} catch (Exception $e) {
}
catch (Exception $e) {
// Most common problem is duplicates.
if(preg_match("/Expected one Contact but found/", $e->getMessage())) {
// If we find more than one, first try to find it via a related subscription record
......@@ -119,7 +119,7 @@ function civicrm_api3_stripe_customer_updatecontactids($params) {
JOIN civicrm_contact c ON c.id = rc.contact_id
WHERE c.is_deleted = 0 AND customer_id = %0
ORDER BY start_date DESC LIMIT 1";
$dao_contribution = CRM_Core_DAO::executeQuery($sql, array(0 => array($dao->id, 'String')));
$dao_contribution = CRM_Core_DAO::executeQuery($sql, [0 => [$dao->id, 'String']]);
$dao_contribution->fetch();
if ($dao_contribution->id) {
$contactId = $dao_contribution->id;
......@@ -132,7 +132,7 @@ function civicrm_api3_stripe_customer_updatecontactids($params) {
WHERE e.email = %0 AND c.is_deleted = 0 AND is_test = 0 AND
trxn_id LIKE 'ch_%' AND contribution_status_id = 1
ORDER BY receive_date DESC LIMIT 1";
$dao_contribution = CRM_Core_DAO::executeQuery($sql, array(0 => array($dao->email, 'String')));
$dao_contribution = CRM_Core_DAO::executeQuery($sql, [0 => [$dao->email, 'String']]);
$dao_contribution->fetch();
if ($dao_contribution->id) {
$contactId = $dao_contribution->id;
......@@ -141,14 +141,20 @@ function civicrm_api3_stripe_customer_updatecontactids($params) {
}
if (empty($contactId)) {
// Still no luck. Log it and move on.
Civi::log()
->debug('Stripe Upgrader: No contact ID found for stripe customer with email: ' . $dao->email);
Civi::log()->debug('Stripe Upgrader: No contact ID found for stripe customer with email: ' . $dao->email);
$counts['failed']++;
continue;
}
}
CRM_Core_DAO::executeQuery("UPDATE `civicrm_stripe_customers` SET contact_id={$contactId} WHERE email='{$dao->email}'");
$sqlParams = [
1 => [$contactId, 'Integer'],
2 => [$dao->email, 'String'],
];
$sql = 'UPDATE civicrm_stripe_customers SET contact_id=%1 WHERE email=%2';
CRM_Core_DAO::executeQuery($sql, $sqlParams);
$counts['updated']++;
}
return civicrm_api3_create_success($counts);
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment