[Fusionforge-commits] r7451 - in branches/Branch_4_8/gforge/common/include: . system

Roland Mas lolando at libremir.placard.fr.eu.org
Sun Apr 19 22:02:57 CEST 2009


Author: lolando
Date: 2009-04-19 22:02:57 +0200 (Sun, 19 Apr 2009)
New Revision: 7451

Modified:
   branches/Branch_4_8/gforge/common/include/User.class.php
   branches/Branch_4_8/gforge/common/include/database-mysql.php
   branches/Branch_4_8/gforge/common/include/forms.php
   branches/Branch_4_8/gforge/common/include/system/UNIX.class.php
   branches/Branch_4_8/gforge/common/include/system/pgsql.class.php
   branches/Branch_4_8/gforge/common/include/tag_cloud.php
Log:
db_query_params transition (ongoing): renamed db_query to db_query_mysql in the MySQL-specific code so we can more easily detect conversions that still need to happen

Modified: branches/Branch_4_8/gforge/common/include/User.class.php
===================================================================
--- branches/Branch_4_8/gforge/common/include/User.class.php	2009-04-19 20:02:46 UTC (rev 7450)
+++ branches/Branch_4_8/gforge/common/include/User.class.php	2009-04-19 20:02:57 UTC (rev 7451)
@@ -776,7 +776,8 @@
 		}
 
 		if ($GLOBALS['sys_require_unique_email']) {
-			if (db_numrows(db_query("SELECT user_id FROM users WHERE email ILIKE '$email' OR email_new ILIKE '$email'")) > 0) {
+			if (db_numrows(db_query_params('SELECT user_id FROM users WHERE email ILIKE $1 OR email_new ILIKE $2',
+						       array ($email, $email))) > 0) {
 				$this->setError(_('User with this email already exists.'));
 			return false;
 			}
@@ -1420,8 +1421,9 @@
 			$this->setError('User::getRole : Unable to get group object');
 			return false;
 		}
-		$sql = "SELECT role_id FROM user_group WHERE user_id=".$this->getID()." AND group_id = ".$group->getID();
-		$res = db_query($sql);
+		$res = db_query_params ('SELECT role_id FROM user_group WHERE user_id=$1 AND group_id=$2',
+					array ($this->getID(),
+					       $group->getID())) ;
 		if (!$res) {
 			$this->setError('User::getRole::DB - Could Not get role_id '.db_error());
 			return false;

Modified: branches/Branch_4_8/gforge/common/include/database-mysql.php
===================================================================
--- branches/Branch_4_8/gforge/common/include/database-mysql.php	2009-04-19 20:02:46 UTC (rev 7450)
+++ branches/Branch_4_8/gforge/common/include/database-mysql.php	2009-04-19 20:02:57 UTC (rev 7451)
@@ -61,7 +61,7 @@
  *  @param		int		How many rows do you want returned
  *  @param		int		Of matching rows, return only rows starting here
  */
-function db_query($qstring, $limit = '-1', $offset = 0) {
+function db_query_mysql($qstring, $limit = '-1', $offset = 0) {
 	global $sys_dbname, $gfconn;
 
 	db_log_entry('db_query',"$qstring, $limit, $offset");
@@ -189,7 +189,7 @@
  *	may cause unexpected behavior in databases that don't
  */
 function db_begin() {
-	return db_query("BEGIN WORK");
+	return db_query_mysql("BEGIN WORK");
 }
 
 /**
@@ -199,7 +199,7 @@
  * may cause unexpected behavior in databases that don't
  */
 function db_commit() {
-	return db_query("COMMIT");
+	return db_query_mysql("COMMIT");
 }
 
 /**
@@ -209,7 +209,7 @@
  * may cause unexpected behavior in databases that don't
  */
 function db_rollback() {
-	return db_query("ROLLBACK");
+	return db_query_mysql("ROLLBACK");
 }
 
 /**
@@ -355,13 +355,13 @@
 	global $_sys_db_transaction_level;
 	if ($_sys_db_transaction_level > 0) {
 		echo "Open transaction detected!!!";
-		db_query("ROLLBACK");
+		db_query_mysql("ROLLBACK");
 	}
 }
 
 function db_drop_table_if_exists ($tn) {
 	$sql = "DROP TABLE IF EXISTS $tn;";
-	$rel = db_query ($sql);
+	$rel = db_query_mysql ($sql);
 	echo db_error();
 }
 

Modified: branches/Branch_4_8/gforge/common/include/forms.php
===================================================================
--- branches/Branch_4_8/gforge/common/include/forms.php	2009-04-19 20:02:46 UTC (rev 7450)
+++ branches/Branch_4_8/gforge/common/include/forms.php	2009-04-19 20:02:57 UTC (rev 7451)
@@ -39,7 +39,7 @@
 		$key = md5(microtime() + rand() + $_SERVER["REMOTE_ADDR"]);
 	    if ( $sys_database_type == "mysql" ) {
 			$sql = "SELECT * FROM form_keys WHERE `key`='".$key."'";
-			$res=db_query($sql);
+			$res=db_query_mysql($sql);
 		} else {
 			$res = db_query_params ('SELECT * FROM form_keys WHERE key=$1', array ($key));
 		}
@@ -48,7 +48,7 @@
 		}
 	}
 	if ( $sys_database_type == "mysql" ) {
-		$res = db_query("INSERT INTO form_keys (`key`,is_used,creation_date) VALUES ('".$key."',0,".time().")");
+		$res = db_query_mysql("INSERT INTO form_keys (`key`,is_used,creation_date) VALUES ('".$key."',0,".time().")");
 	} else {
 		$res = db_query_params('INSERT INTO form_keys (key,is_used,creation_date) VALUES ($1, 0, $2)', array ($key,time()));
 	}
@@ -80,7 +80,7 @@
 	db_begin();
 	if ( $sys_database_type == "mysql" ) {
 		$sql = "SELECT * FROM form_keys WHERE `key`='$key' and is_used=0 FOR UPDATE";
-		$res=db_query($sql);
+		$res=db_query_mysql($sql);
 	} else {
 		$res = db_query_params ('SELECT * FROM form_keys WHERE key=$1 and is_used=0 FOR UPDATE', array ($key));
 	}
@@ -90,7 +90,7 @@
 	}
 	if ( $sys_database_type == "mysql" ) {
 		$sql = "UPDATE form_keys SET is_used=1 WHERE `key`='$key'";
-		$res=db_query($sql);
+		$res=db_query_mysql($sql);
 	} else {
 		$res = db_query_params ('UPDATE form_keys SET is_used=1 WHERE key=$1', array ($key));
 	}
@@ -115,7 +115,7 @@
 	db_begin();
 	if ( $sys_database_type == "mysql" ) {
 		$sql = "SELECT * FROM form_keys WHERE `key`='$key' FOR UPDATE";
-		$res=db_query($sql);
+		$res=db_query_mysql($sql);
 	} else {
 		$res = db_query_params ('SELECT * FROM form_keys WHERE key=$1 FOR UPDATE', array ($key));
 	}
@@ -125,7 +125,7 @@
 	}
 	if ( $sys_database_type == "mysql" ) {
 		$sql = "UPDATE form_keys SET is_used=0 WHERE `key`='$key'";
-		$res=db_query($sql);
+		$res=db_query_mysql($sql);
 	} else {
 		$res = db_query_params ('UPDATE form_keys SET is_used=0 WHERE key=$1', array ($key));
 	}

Modified: branches/Branch_4_8/gforge/common/include/system/UNIX.class.php
===================================================================
--- branches/Branch_4_8/gforge/common/include/system/UNIX.class.php	2009-04-19 20:02:46 UTC (rev 7450)
+++ branches/Branch_4_8/gforge/common/include/system/UNIX.class.php	2009-04-19 20:02:57 UTC (rev 7451)
@@ -52,11 +52,15 @@
 		if (!$user) {
 			return false;
 		} else {
-			$res=db_query("UPDATE users SET
-			unix_uid=user_id+".$this->UID_ADD.",
-			unix_gid=user_id+".$this->UID_ADD.",
-			unix_status='A'
-			WHERE user_id=$user_id");
+			$res = db_query_params ('UPDATE users SET
+			unix_uid=user_id+$1,
+			unix_gid=user_id+$2,
+			unix_status=$3
+			WHERE user_id=$4',
+						array ($this->UID_ADD,
+						       $this->UID_ADD,
+						       'A',
+						       $user_id)) ;
 	                if (!$res) {
 	                        $this->setError('ERROR - Could Not Update User UID/GID: '.db_error());
 	                        return false;
@@ -73,7 +77,9 @@
  	*
  	*/
 	function sysRemoveUser($user_id) {
-		$res=db_query("UPDATE users SET unix_status='N' WHERE user_id=$user_id");
+		$res = db_query_params ('UPDATE users SET unix_status=$1 WHERE user_id=$2',
+					array ('N',
+					       $user_id));
 		if (!$res) {
 			$this->setError('ERROR - Could Not Update User Unix Status: '.db_error());
 			return false;

Modified: branches/Branch_4_8/gforge/common/include/system/pgsql.class.php
===================================================================
--- branches/Branch_4_8/gforge/common/include/system/pgsql.class.php	2009-04-19 20:02:46 UTC (rev 7450)
+++ branches/Branch_4_8/gforge/common/include/system/pgsql.class.php	2009-04-19 20:02:57 UTC (rev 7451)
@@ -90,42 +90,46 @@
 		if (!$user) {
 			return false;
 		} else {
-			$res=db_query("UPDATE users SET
-			unix_uid=user_id+".$this->UID_ADD.",
-			unix_gid=user_id+".$this->UID_ADD.",
-			unix_status='A'
-			WHERE user_id=$user_id");
+			$res = db_query_params ('UPDATE users SET
+			unix_uid=user_id+$1,
+			unix_gid=user_id+$2,
+			unix_status=$3
+			WHERE user_id=$4',
+						array ($this->UID_ADD,
+						       $this->UID_ADD,
+						       'A',
+						       $user_id)) ;
 	                if (!$res) {
 	                        $this->setError('ERROR - Could Not Update User UID/GID: '.db_error());
 	                        return false;
 			} else {
-				$query="DELETE FROM nss_usergroups WHERE user_id=$user_id";
-				$res1=db_query($query);
+				$res1 = db_query_params ('DELETE FROM nss_usergroups WHERE user_id=$1',
+							 array ($user_id)) ;
 	                	if (!$res1) {
 					$this->setError('ERROR - Could Not Delete Group Member(s): '.db_error());
 	                        	return false;
 				}
 				// This is group used for user, not a real project
-				$query="DELETE FROM nss_groups WHERE name IN
-					(SELECT user_name FROM users WHERE user_id=$user_id)";
-				$res2=db_query($query);
+				$res2 = db_query_params ('DELETE FROM nss_groups WHERE name IN
+					(SELECT user_name FROM users WHERE user_id=$1)',
+							 array ($user_id));
 	                	if (!$res2) {
 	                        	$this->setError('ERROR - Could Not Delete Group GID: '.db_error());
 	                        	return false;
 				}
-				$query="INSERT INTO nss_groups
+				$res3 = db_query_params ('INSERT INTO nss_groups
 					(user_id, group_id,name, gid)
 					SELECT user_id, 0, user_name, unix_gid
-					FROM users WHERE user_id=$user_id"; 
-				$res3=db_query($query);
+					FROM users WHERE user_id=$1',
+							 array ($user_id));
 	                	if (!$res3) {
 	                        	$this->setError('ERROR - Could Not Update Group GID: '.db_error());
 	                        	return false;
 				}
-				$query="INSERT INTO nss_usergroups (
+				$res4 = db_query_params ('INSERT INTO nss_usergroups (
 					SELECT
 						users.unix_uid AS uid,
-						groups.group_id + ".$this->GID_ADD." AS gid,
+						groups.group_id + $1 AS gid,
 						users.user_id AS user_id,
 						groups.group_id AS group_id,
 						users.user_name AS user_name,
@@ -136,38 +140,44 @@
 					AND
 						groups.group_id=user_group.group_id
 					AND
-						users.user_id=$user_id
+						users.user_id=$2
 					AND
-						groups.status = 'A'
+						groups.status=$3
 					AND
-						users.unix_status='A'
+						users.unix_status=$4
 					AND
-						users.status = 'A'
+						users.status=$5
 					UNION
 					SELECT
 						users.unix_uid AS uid,
-						groups.group_id + ".$this->SCM_UID_ADD." AS gid,
+						groups.group_id + $6 AS gid,
 						users.user_id AS user_id,
 						groups.group_id AS group_id,
 						users.user_name AS user_name,
-						'scm_' || groups.unix_group_name AS unix_group_name
+						$7 || groups.unix_group_name AS unix_group_name
 					FROM users,groups,user_group
 					WHERE 
 						users.user_id=user_group.user_id
 					AND
 						groups.group_id=user_group.group_id
 					AND
-						users.user_id=$user_id
+						users.user_id=$8
 					AND
-						groups.status = 'A'
+						groups.status=$9
 					AND
-						users.unix_status='A'
+						users.unix_status=$10
 					AND
-						users.status = 'A'
+						users.status=$11
 					AND
 						user_group.cvs_flags > 0)
-				";
-				$res4=db_query($query);
+				',
+							 array ($this->GID_ADD,
+								$user_id,
+								'A', 'A', 'A',
+								$this->SCM_UID_ADD,
+								'scm_',
+								$user_id,
+								'A', 'A', 'A')) ;
 	                	if (!$res4) {
 	                        	$this->setError('ERROR - Could Not Update Group Member(s): '.db_error());
 	                        	return false;
@@ -207,21 +217,23 @@
  	*
  	*/
 	function sysRemoveUser($user_id) {
-		$res=db_query("UPDATE users SET unix_status='N' WHERE user_id=$user_id");
+		$res = db_query_params ('UPDATE users SET unix_status=$1 WHERE user_id=$2',
+					array ('N',
+					       $user_id)) ;
 		if (!$res) {
 			$this->setError('ERROR - Could Not Update User Unix Status: '.db_error());
 			return false;
 		} else {
-			$query="DELETE FROM nss_usergroups WHERE user_id=$user_id";
-			$res1=db_query($query);
+			$res1 = db_query_params ('DELETE FROM nss_usergroups WHERE user_id=$1',
+						 array ($user_id));
 			if (!$res1) {
 				$this->setError('ERROR - Could Not Delete Group Member(s): '.db_error());
 				return false;
 			}
 			// This is group used for user, not a real project
-			$query="DELETE FROM nss_groups WHERE name IN
-				(SELECT user_name FROM users WHERE user_id=$user_id)";
-			$res2=db_query($query);
+			$res2 = db_query_params ('DELETE FROM nss_groups WHERE name IN
+				(SELECT user_name FROM users WHERE user_id=$1)',
+						 array ($user_id)) ;
 			if (!$res2) {
 				$this->setError('ERROR - Could Not Delete Group GID: '.db_error());
 				return false;
@@ -259,8 +271,8 @@
 		if (!$group){
 			return false;
 		} else {
-			$query="SELECT group_id FROM nss_groups WHERE group_id=$group_id";
-			$res=db_query($query);
+			$res = db_query_params ('SELECT group_id FROM nss_groups WHERE group_id=$1',
+						aarray ($group_id));
 			if (db_numrows($res) == 0){
 				return false;
 			} else {
@@ -281,44 +293,46 @@
 		if (!$group) {
 			return false;
 		} else {
-				$query="DELETE FROM nss_usergroups WHERE group_id=$group_id";
-				$res1=db_query($query);
+				$res1 = db_query_params ('DELETE FROM nss_usergroups WHERE group_id=$1',
+							 array ($group_id));
 	                	if (!$res1) {
 					$this->setError('ERROR - Could Not Delete Group Member(s): '.db_error());
 	                        	return false;
 				}
-				$query="DELETE FROM nss_groups WHERE group_id=$group_id";
-				$res3=db_query($query);
+				$res3 = db_query_params ('DELETE FROM nss_groups WHERE group_id=$1',
+							 array ($group_id)) ;
 	                	if (!$res3) {
 	                        	$this->setError('ERROR - Could Not Delete Group GID: '.db_error());
 	                        	return false;
 				}
-				$query="INSERT INTO nss_groups
+				$res4 = db_query_params ('INSERT INTO nss_groups
 					(user_id, group_id, name, gid)
-        				SELECT 0, group_id, unix_group_name, group_id +".$this->GID_ADD."
+        				SELECT 0, group_id, unix_group_name, group_id + $1
 					FROM groups
-					WHERE group_id=$group_id
-					"; 
-				$res4=db_query($query);
+					WHERE group_id=$2',
+							 array ($this->GID_ADD,
+								$group_id)) ;
 	                	if (!$res4) {
 	                        	$this->setError('ERROR - Could Not Insert Group GID: '.db_error());
 	                        	return false;
 				}
-				$query="INSERT INTO nss_groups
+				$res5 = db_query_params ('INSERT INTO nss_groups
 					(user_id, group_id, name, gid)
-        				SELECT 0, group_id, 'scm_' || unix_group_name, group_id +".$this->SCM_UID_ADD."
+        				SELECT 0, group_id, $1 || unix_group_name, group_id + $2
 					FROM groups
-					WHERE group_id=$group_id
-					"; 
-				$res5=db_query($query);
+					WHERE group_id=$3',
+							 array ('scm_',
+								$this->SCM_UID_ADD,
+								$group_id)) ;
+								
 	                	if (!$res5) {
 	                        	$this->setError('ERROR - Could Not Insert SCM Group GID: '.db_error());
 	                        	return false;
 				}
-				$query="INSERT INTO nss_usergroups (
+				$res6 = db_query_params ('INSERT INTO nss_usergroups (
 					SELECT
 						users.unix_uid AS uid,
-						groups.group_id + ".$this->GID_ADD." AS gid,
+						groups.group_id + $1 AS gid,
 						users.user_id AS user_id,
 						groups.group_id AS group_id,
 						users.user_name AS user_name,
@@ -329,38 +343,45 @@
 					AND
 						groups.group_id=user_group.group_id
 					AND
-						groups.group_id=$group_id
+						groups.group_id=$2
 					AND
-						groups.status = 'A'
+						groups.status=$3
 					AND
-						users.unix_status='A'
+						users.unix_status=$4
 					AND
-						users.status = 'A'
+						users.status=$5
 					UNION
 					SELECT
 						users.unix_uid AS uid,
-						groups.group_id + ".$this->SCM_UID_ADD." AS gid,
+						groups.group_id + $6 AS gid,
 						users.user_id AS user_id,
 						groups.group_id AS group_id,
 						users.user_name AS user_name,
-						'scm_' || groups.unix_group_name AS unix_group_name
+						$7 || groups.unix_group_name AS unix_group_name
 					FROM users,groups,user_group
 					WHERE 
 						groups.group_id=user_group.group_id
 					AND
 						users.user_id=user_group.user_id
 					AND
-						groups.group_id=$group_id
+						groups.group_id=$8
 					AND
-						groups.status = 'A'
+						groups.status=$9
 					AND
-						users.unix_status='A'
+						users.unix_status=$10
 					AND
-						users.status = 'A'
+						users.status=$11
 					AND
-						user_group.cvs_flags > 0);
-				";
-				$res6=db_query($query);
+						user_group.cvs_flags > 0)',
+							 array ($this->GID_ADD,
+								$group_id,
+								'A', 'A', 'A',
+								$this->SCM_UID_ADD,
+								'scm_',
+								$group_id,
+								'A', 'A', 'A',
+								
+)) ;;
 	                	if (!$res6) {
 	                        	$this->setError('ERROR - Could Not Update Group Member(s): '.db_error());
 	                        	return false;
@@ -377,19 +398,17 @@
  	*
  	*/
 	function sysRemoveGroup($group_id) {
-		$query="DELETE FROM nss_usergroups WHERE group_id=$group_id";
-//echo "<h2>SYS::sysRemoveGroup: $query</h2>";
-		$res1=db_query($query);
+		$res1 = db_query_params ('DELETE FROM nss_usergroups WHERE group_id=$1',
+					 array ($group_id)) ;
 		if (!$res1) {
 			$this->setError('ERROR - Could Not Delete Group Member(s): '.db_error());
 			return false;
 		}
-		$query="DELETE FROM nss_groups WHERE group_id=$group_id ";
-//echo "<h2>SYS::sysRemoveGroup: $query</h2>";
-		$res3=db_query($query);
-	              	if (!$res3) {
-	                      	$this->setError('ERROR - Could Not Delete Group GID: '.db_error());
-	                      	return false;
+		$res3 = db_query_params ('DELETE FROM nss_groups WHERE group_id=$1',
+					 array ($group_id)) ;
+		if (!$res3) {
+			$this->setError('ERROR - Could Not Delete Group GID: '.db_error());
+			return false;
 		}
 		return true;
 	}
@@ -404,45 +423,38 @@
  	*
  	*/
 	function sysGroupAddUser($group_id,$user_id,$cvs_only=0) {
-		if ($cvs_only) {
-			$query="DELETE FROM nss_usergroups WHERE user_id=$user_id AND group_id=$group_id
-			AND unix_group_name LIKE 'scm_%'";
-		} else {
-			$query="DELETE FROM nss_usergroups WHERE user_id=$user_id AND group_id=$group_id";
-		}
-//echo "<h2>SYS::sysGroupAddUser DELETE: $query</h2>";
-		$res0=db_query($query);
-		if (!$res0) {
-			$this->setError('ERROR - Could Not Delete Group Member(s): '.db_error());
+		if (! sysGroupRemoveUser($group_id,$user_id,$cvs_only))
 			return false;
-		}
-		$query="INSERT INTO nss_usergroups (
+		$res1 = db_query_params ('INSERT INTO nss_usergroups (
 			SELECT
 				users.unix_uid AS uid,
-				groups.group_id + ".$this->SCM_UID_ADD." AS gid,
+				groups.group_id + $1 AS gid,
 				users.user_id AS user_id,
 				groups.group_id AS group_id,
 				users.user_name AS user_name,
-				'scm_' || groups.unix_group_name AS unix_group_name
+				$2 || groups.unix_group_name AS unix_group_name
 			FROM users,groups,user_group
 			WHERE 
 				users.user_id=user_group.user_id
 			AND
 				groups.group_id=user_group.group_id
 			AND
-				users.user_id=$user_id
+				users.user_id=$3
 			AND
-				groups.group_id=$group_id
+				groups.group_id=$4
 			AND
-				groups.status = 'A'
+				groups.status$5
 			AND
-				users.unix_status='A'
+				users.unix_status=$6
 			AND
-				users.status = 'A'
+				users.status=$7
 			AND
-				user_group.cvs_flags > 0) ";
-//echo "<h2>SYS::sysGroupAddUser ADDCVS: $query</h2>";
-		$res1=db_query($query);
+				user_group.cvs_flags > 0)',
+					 array ($this->SCM_UID_ADD,
+						'scm_',
+						$user_id,
+						$group_id,
+						'A', 'A', 'A')) ;
 		if (!$res1) {
 			$this->setError('ERROR - Could Not Add SCM Member(s): '.db_error());
 			return false;
@@ -452,10 +464,10 @@
 			return true;
 		}
 
-		$query="INSERT INTO nss_usergroups (
+		$res2 = db_query_params ('INSERT INTO nss_usergroups (
 			SELECT
 				users.unix_uid AS uid,
-				groups.group_id + ".$this->GID_ADD." AS gid,
+				groups.group_id + $1 AS gid,
 				users.user_id AS user_id,
 				groups.group_id AS group_id,
 				users.user_name AS user_name,
@@ -466,17 +478,19 @@
 			AND
 				groups.group_id=user_group.group_id
 			AND
-				users.user_id=$user_id
+				users.user_id=$2
 			AND
-				groups.group_id=$group_id
+				groups.group_id=$3
 			AND
-				groups.status = 'A'
+				groups.status=$4
 			AND
-				users.unix_status='A'
+				users.unix_status=$5
 			AND
-				users.status = 'A') ";
-//echo "<h2>SYS::sysGroupAddUser ADDSYS: $query</h2>";
-		$res2=db_query($query);
+				users.status=$6)',
+					 array ($this->GID_ADD,
+						$user_id,
+						$group_id,
+						'A', 'A', 'A'));
 		if (!$res2) {
 			$this->setError('ERROR - Could Not Add Shell Group Member(s): '.db_error());
 			return false;
@@ -496,13 +510,15 @@
  	*/
 	function sysGroupRemoveUser($group_id,$user_id,$cvs_only=0) {
 		if ($cvs_only) {
-			$query="DELETE FROM nss_usergroups WHERE group_id=$group_id AND user_id=$user_id
-			AND unix_group_name LIKE 'scm_%'";
+			$res1 = db_query_params ('DELETE FROM nss_usergroups WHERE user_id=$1 AND group_id=$2 AND unix_group_name LIKE $3',
+						 array ($user_id,
+							$group_id,
+							'scm_%')) ;
 		} else {
-			$query="DELETE FROM nss_usergroups WHERE group_id=$group_id AND user_id=$user_id";
+			$res1 = db_query_params ('DELETE FROM nss_usergroups WHERE user_id=$1 AND group_id=$2',
+						 array ($user_id,
+							$group_id)) ;
 		}
-//echo "<h2>SYS::sysGroupRemoveUser REM: $query</h2>";
-		$res1=db_query($query);
 		if (!$res1) {
 			$this->setError('ERROR - Could Not Delete Group Member(s): '.db_error());
 			return false;

Modified: branches/Branch_4_8/gforge/common/include/tag_cloud.php
===================================================================
--- branches/Branch_4_8/gforge/common/include/tag_cloud.php	2009-04-19 20:02:46 UTC (rev 7450)
+++ branches/Branch_4_8/gforge/common/include/tag_cloud.php	2009-04-19 20:02:57 UTC (rev 7451)
@@ -98,11 +98,12 @@
 
 	$return = '';
 
-	$res = db_query("SELECT name,count(*) AS count
+	$res = db_query_params ('SELECT name,count(*) AS count
 					 FROM project_tags, groups
 					 WHERE project_tags.group_id = groups.group_id
-					 AND status = 'A' AND is_public=1 AND type_id=1 AND register_time > 0
-					 GROUP BY name ORDER BY count DESC");
+					 AND status = $1 AND is_public=1 AND type_id=1 AND register_time > 0
+					 GROUP BY name ORDER BY count DESC',
+				array ('A')) ;
 	if (db_numrows($res) > 0) {
 		$count_min = 0;
 		$count_max = 0;




More information about the Fusionforge-commits mailing list