Harden order import SQL with explicit public schema
This commit is contained in:
@@ -116,7 +116,7 @@ function lookup_method_id(PDO $pdo, string $table, ?string $code): ?int
|
||||
return null;
|
||||
}
|
||||
|
||||
$stmt = $pdo->prepare("SELECT id FROM {$table} WHERE code = :code LIMIT 1");
|
||||
$stmt = $pdo->prepare("SELECT id FROM public.{$table} WHERE code = :code LIMIT 1");
|
||||
$stmt->execute([':code' => $code]);
|
||||
$id = $stmt->fetchColumn();
|
||||
return $id === false ? null : (int) $id;
|
||||
@@ -211,19 +211,19 @@ function find_or_create_party(PDO $pdo, array $data): int
|
||||
}
|
||||
|
||||
if ($email !== '') {
|
||||
$findStmt = $pdo->prepare('SELECT id FROM party WHERE lower(email) = lower(:email) ORDER BY id ASC LIMIT 1');
|
||||
$findStmt = $pdo->prepare('SELECT id FROM public.party WHERE lower(email) = lower(:email) ORDER BY id ASC LIMIT 1');
|
||||
$findStmt->execute([':email' => $email]);
|
||||
$existing = $findStmt->fetchColumn();
|
||||
if ($existing !== false) {
|
||||
$partyId = (int) $existing;
|
||||
$updateStmt = $pdo->prepare('UPDATE party SET name = :name, updated_at = NOW() WHERE id = :id');
|
||||
$updateStmt = $pdo->prepare('UPDATE public.party SET name = :name, updated_at = NOW() WHERE id = :id');
|
||||
$updateStmt->execute([':id' => $partyId, ':name' => $name]);
|
||||
return $partyId;
|
||||
}
|
||||
}
|
||||
|
||||
$insertStmt = $pdo->prepare(
|
||||
'INSERT INTO party (type, name, email, status, created_at, updated_at)
|
||||
'INSERT INTO public.party (type, name, email, status, created_at, updated_at)
|
||||
VALUES (\'customer\', :name, :email, \'active\', NOW(), NOW())
|
||||
RETURNING id'
|
||||
);
|
||||
@@ -242,11 +242,11 @@ function find_or_create_party(PDO $pdo, array $data): int
|
||||
|
||||
function upsert_addresses(PDO $pdo, int $partyId, array $data): void
|
||||
{
|
||||
$delete = $pdo->prepare('DELETE FROM address WHERE party_id = :party_id AND type IN (\'billing\', \'shipping\')');
|
||||
$delete = $pdo->prepare('DELETE FROM public.address WHERE party_id = :party_id AND type IN (\'billing\', \'shipping\')');
|
||||
$delete->execute([':party_id' => $partyId]);
|
||||
|
||||
$insert = $pdo->prepare(
|
||||
'INSERT INTO address (
|
||||
'INSERT INTO public.address (
|
||||
party_id, type, first_name, last_name, street, house_number, zip, city, state_code, country_name, raw_payload, created_at, updated_at
|
||||
) VALUES (
|
||||
:party_id, :type, :first_name, :last_name, :street, :house_number, :zip, :city, :state_code, :country_name, :raw_payload::jsonb, NOW(), NOW()
|
||||
@@ -337,7 +337,7 @@ try {
|
||||
$shippingMethodId = lookup_method_id($pdo, 'shipping_method', map_shipping_code((string) ($data['Liefermethode'] ?? '')));
|
||||
|
||||
$orderStmt = $pdo->prepare(
|
||||
'INSERT INTO sales_order (
|
||||
'INSERT INTO public.sales_order (
|
||||
external_ref, party_id, order_source, order_status, payment_status, payment_method_id, shipping_method_id,
|
||||
amount_net, amount_shipping, amount_tax, amount_discount, total_amount, currency, webhook_payload, imported_at, created_at, updated_at
|
||||
) VALUES (
|
||||
@@ -382,11 +382,11 @@ try {
|
||||
}
|
||||
$orderId = (int) $orderId;
|
||||
|
||||
$deleteLines = $pdo->prepare('DELETE FROM sales_order_line WHERE sales_order_id = :sales_order_id');
|
||||
$deleteLines = $pdo->prepare('DELETE FROM public.sales_order_line WHERE sales_order_id = :sales_order_id');
|
||||
$deleteLines->execute([':sales_order_id' => $orderId]);
|
||||
|
||||
$lineInsert = $pdo->prepare(
|
||||
'INSERT INTO sales_order_line (
|
||||
'INSERT INTO public.sales_order_line (
|
||||
sales_order_id, line_no, sellable_item_id, raw_external_article_number, raw_external_title,
|
||||
qty, unit_price, line_total, created_at, updated_at
|
||||
) VALUES (
|
||||
|
||||
Reference in New Issue
Block a user