[Fusionforge-commits] r7454 - branches/Branch_4_8/gforge/common/tracker

Roland Mas lolando at libremir.placard.fr.eu.org
Sun Apr 19 22:03:26 CEST 2009


Author: lolando
Date: 2009-04-19 22:03:26 +0200 (Sun, 19 Apr 2009)
New Revision: 7454

Modified:
   branches/Branch_4_8/gforge/common/tracker/ArtifactCanned.class.php
   branches/Branch_4_8/gforge/common/tracker/ArtifactFile.class.php
Log:
db_query_params transition: common/tracker (incomplete)

Modified: branches/Branch_4_8/gforge/common/tracker/ArtifactCanned.class.php
===================================================================
--- branches/Branch_4_8/gforge/common/tracker/ArtifactCanned.class.php	2009-04-19 20:03:17 UTC (rev 7453)
+++ branches/Branch_4_8/gforge/common/tracker/ArtifactCanned.class.php	2009-04-19 20:03:26 UTC (rev 7454)
@@ -4,6 +4,7 @@
  *
  * Copyright 1999-2001, VA Linux Systems, Inc.
  * Copyright 2002-2004, GForge, LLC
+ * Copyright 2009, Roland Mas
  *
  * This file is part of FusionForge.
  *
@@ -96,13 +97,11 @@
 			$this->setPermissionDeniedError();
 			return false;
 		}
+		$result = db_query_params ('INSERT INTO artifact_canned_responses (group_artifact_id,title,body) VALUES ($1,$2,$3)',
+					   array ($this->ArtifactType->getID(),
+						  htmlspecialchars($title),
+						  htmlspecialchars($body))) ;
 
-		$sql="INSERT INTO artifact_canned_responses (group_artifact_id,title,body) 
-			VALUES ('".$this->ArtifactType->getID()."',
-			'". htmlspecialchars($title) ."','". htmlspecialchars($body) ."')";
-
-		$result=db_query($sql);
-
 		if ($result && db_affected_rows($result) > 0) {
 			$this->clearError();
 			return true;
@@ -128,7 +127,8 @@
 	 *	@return	boolean	success.
 	 */
 	function fetchData($id) {
-		$res=db_query("SELECT * FROM artifact_canned_responses WHERE id='$id'");
+		$res = db_query_params ('SELECT * FROM artifact_canned_responses WHERE id=$1',
+					array ($id)) ;
 		if (!$res || db_numrows($res) < 1) {
 			$this->setError('ArtifactCanned: Invalid ArtifactCanned ID');
 			return false;
@@ -195,7 +195,13 @@
 			SET title='". htmlspecialchars($title) ."',body='". htmlspecialchars($body) ."'
 			WHERE group_artifact_id='". $this->ArtifactType->getID() ."' AND id='". $this->getID() ."'";
 
-		$result=db_query($sql);
+		$result = db_query_params ('UPDATE artifact_canned_responses
+			SET title=$1,body=$2,
+			WHERE group_artifact_id=$3 AND id=$4',
+					   array (htmlspecialchars($title),
+						  htmlspecialchars($body),
+						  $this->ArtifactType->getID(),
+						  $this->getID())) ;
 
 		if ($result && db_affected_rows($result) > 0) {
 			return true;

Modified: branches/Branch_4_8/gforge/common/tracker/ArtifactFile.class.php
===================================================================
--- branches/Branch_4_8/gforge/common/tracker/ArtifactFile.class.php	2009-04-19 20:03:17 UTC (rev 7453)
+++ branches/Branch_4_8/gforge/common/tracker/ArtifactFile.class.php	2009-04-19 20:03:26 UTC (rev 7454)
@@ -3,6 +3,7 @@
  * FusionForge trackers
  *
  * Copyright 1999-2001, VA Linux Systems, Inc.
+ * Copyright 2009, Roland Mas
  *
  * This file is part of FusionForge.
  *
@@ -35,9 +36,10 @@
 	global $ARTIFACTFILE_OBJ;
 	if (!isset($ARTIFACTFILE_OBJ["_".$artifact_file_id."_"])) {
 		if ($data) {
-		//the db result handle was passed in
+			//the db result handle was passed in
 		} else {
-			$res=db_query("SELECT * FROM artifact_file_user_vw WHERE id='$artifact_file_id'");
+			$res = db_query_params ('SELECT * FROM artifact_file_user_vw WHERE id=$1',
+						array ($artifact_file_id)) ;
 			if (db_numrows($res) <1 ) {
 				$ARTIFACTFILE_OBJ["_".$artifact_file_id."_"]=false;
 				return false;
@@ -145,11 +147,17 @@
 
 		db_begin();
 
-		$res=db_query("INSERT INTO artifact_file
+		$res = db_query_params ('INSERT INTO artifact_file
 			(artifact_id,description,bin_data,filename,filesize,filetype,adddate,submitted_by)
-			VALUES 
-			('".$this->Artifact->getID()."','$description','". base64_encode($bin_data) ."','$filename',
-			'$filesize','$filetype','". time() ."','$userid')"); 
+			VALUES ($1,$2,$3,$4,$5,$6,$7,$8)',
+					array ($this->Artifact->getID(),
+					       $description,
+					       base64_encode($bin_data),
+					       $filename,
+					       $filesize,
+					       $filetype,
+					       time(),
+					       $userid)) ; 
 
 		$id=db_insertid($res,'artifact_file','id');
 
@@ -187,7 +195,8 @@
 			$this->setPermissionDeniedError();
 			return false;
 		}
-		$res=db_query("DELETE FROM artifact_file WHERE id='". $this->getID() ."'");
+		$res = db_query_params ('DELETE FROM artifact_file WHERE id=$1',
+					array ($this->getID())) ;
 		if (!$res || db_affected_rows($res) < 1) {
 			$this->setError('ArtifactFile: Unable to Delete');
 			return false;
@@ -204,7 +213,8 @@
 	 *	@return	boolean	success.
 	 */
 	function fetchData($id) {
-		$res=db_query("SELECT * FROM artifact_file_user_vw WHERE id='$id'");
+		$res = db_query_params ('SELECT * FROM artifact_file_user_vw WHERE id=$1',
+					array ($id)) ;
 		if (!$res || db_numrows($res) < 1) {
 			$this->setError('ArtifactFile: Invalid ArtifactFile ID');
 			return false;




More information about the Fusionforge-commits mailing list