[Fusionforge-commits] r7454 - branches/Branch_4_8/gforge/common/tracker
Roland Mas
lolando at libremir.placard.fr.eu.org
Sun Apr 19 22:03:26 CEST 2009
Author: lolando
Date: 2009-04-19 22:03:26 +0200 (Sun, 19 Apr 2009)
New Revision: 7454
Modified:
branches/Branch_4_8/gforge/common/tracker/ArtifactCanned.class.php
branches/Branch_4_8/gforge/common/tracker/ArtifactFile.class.php
Log:
db_query_params transition: common/tracker (incomplete)
Modified: branches/Branch_4_8/gforge/common/tracker/ArtifactCanned.class.php
===================================================================
--- branches/Branch_4_8/gforge/common/tracker/ArtifactCanned.class.php 2009-04-19 20:03:17 UTC (rev 7453)
+++ branches/Branch_4_8/gforge/common/tracker/ArtifactCanned.class.php 2009-04-19 20:03:26 UTC (rev 7454)
@@ -4,6 +4,7 @@
*
* Copyright 1999-2001, VA Linux Systems, Inc.
* Copyright 2002-2004, GForge, LLC
+ * Copyright 2009, Roland Mas
*
* This file is part of FusionForge.
*
@@ -96,13 +97,11 @@
$this->setPermissionDeniedError();
return false;
}
+ $result = db_query_params ('INSERT INTO artifact_canned_responses (group_artifact_id,title,body) VALUES ($1,$2,$3)',
+ array ($this->ArtifactType->getID(),
+ htmlspecialchars($title),
+ htmlspecialchars($body))) ;
- $sql="INSERT INTO artifact_canned_responses (group_artifact_id,title,body)
- VALUES ('".$this->ArtifactType->getID()."',
- '". htmlspecialchars($title) ."','". htmlspecialchars($body) ."')";
-
- $result=db_query($sql);
-
if ($result && db_affected_rows($result) > 0) {
$this->clearError();
return true;
@@ -128,7 +127,8 @@
* @return boolean success.
*/
function fetchData($id) {
- $res=db_query("SELECT * FROM artifact_canned_responses WHERE id='$id'");
+ $res = db_query_params ('SELECT * FROM artifact_canned_responses WHERE id=$1',
+ array ($id)) ;
if (!$res || db_numrows($res) < 1) {
$this->setError('ArtifactCanned: Invalid ArtifactCanned ID');
return false;
@@ -195,7 +195,13 @@
SET title='". htmlspecialchars($title) ."',body='". htmlspecialchars($body) ."'
WHERE group_artifact_id='". $this->ArtifactType->getID() ."' AND id='". $this->getID() ."'";
- $result=db_query($sql);
+ $result = db_query_params ('UPDATE artifact_canned_responses
+ SET title=$1,body=$2,
+ WHERE group_artifact_id=$3 AND id=$4',
+ array (htmlspecialchars($title),
+ htmlspecialchars($body),
+ $this->ArtifactType->getID(),
+ $this->getID())) ;
if ($result && db_affected_rows($result) > 0) {
return true;
Modified: branches/Branch_4_8/gforge/common/tracker/ArtifactFile.class.php
===================================================================
--- branches/Branch_4_8/gforge/common/tracker/ArtifactFile.class.php 2009-04-19 20:03:17 UTC (rev 7453)
+++ branches/Branch_4_8/gforge/common/tracker/ArtifactFile.class.php 2009-04-19 20:03:26 UTC (rev 7454)
@@ -3,6 +3,7 @@
* FusionForge trackers
*
* Copyright 1999-2001, VA Linux Systems, Inc.
+ * Copyright 2009, Roland Mas
*
* This file is part of FusionForge.
*
@@ -35,9 +36,10 @@
global $ARTIFACTFILE_OBJ;
if (!isset($ARTIFACTFILE_OBJ["_".$artifact_file_id."_"])) {
if ($data) {
- //the db result handle was passed in
+ //the db result handle was passed in
} else {
- $res=db_query("SELECT * FROM artifact_file_user_vw WHERE id='$artifact_file_id'");
+ $res = db_query_params ('SELECT * FROM artifact_file_user_vw WHERE id=$1',
+ array ($artifact_file_id)) ;
if (db_numrows($res) <1 ) {
$ARTIFACTFILE_OBJ["_".$artifact_file_id."_"]=false;
return false;
@@ -145,11 +147,17 @@
db_begin();
- $res=db_query("INSERT INTO artifact_file
+ $res = db_query_params ('INSERT INTO artifact_file
(artifact_id,description,bin_data,filename,filesize,filetype,adddate,submitted_by)
- VALUES
- ('".$this->Artifact->getID()."','$description','". base64_encode($bin_data) ."','$filename',
- '$filesize','$filetype','". time() ."','$userid')");
+ VALUES ($1,$2,$3,$4,$5,$6,$7,$8)',
+ array ($this->Artifact->getID(),
+ $description,
+ base64_encode($bin_data),
+ $filename,
+ $filesize,
+ $filetype,
+ time(),
+ $userid)) ;
$id=db_insertid($res,'artifact_file','id');
@@ -187,7 +195,8 @@
$this->setPermissionDeniedError();
return false;
}
- $res=db_query("DELETE FROM artifact_file WHERE id='". $this->getID() ."'");
+ $res = db_query_params ('DELETE FROM artifact_file WHERE id=$1',
+ array ($this->getID())) ;
if (!$res || db_affected_rows($res) < 1) {
$this->setError('ArtifactFile: Unable to Delete');
return false;
@@ -204,7 +213,8 @@
* @return boolean success.
*/
function fetchData($id) {
- $res=db_query("SELECT * FROM artifact_file_user_vw WHERE id='$id'");
+ $res = db_query_params ('SELECT * FROM artifact_file_user_vw WHERE id=$1',
+ array ($id)) ;
if (!$res || db_numrows($res) < 1) {
$this->setError('ArtifactFile: Invalid ArtifactFile ID');
return false;
More information about the Fusionforge-commits
mailing list