[Fusionforge-commits] r8065 - in trunk/gforge/www/admin: . trove

Roland Mas lolando at libremir.placard.fr.eu.org
Mon Aug 31 18:35:56 CEST 2009


Author: lolando
Date: 2009-08-31 18:35:56 +0200 (Mon, 31 Aug 2009)
New Revision: 8065

Modified:
   trunk/gforge/www/admin/admin_table.php
   trunk/gforge/www/admin/database.php
   trunk/gforge/www/admin/massmail.php
   trunk/gforge/www/admin/pluginman.php
   trunk/gforge/www/admin/trove/trove_cat_add.php
   trunk/gforge/www/admin/trove/trove_cat_edit.php
   trunk/gforge/www/admin/userlist.php
Log:
Ongoing migration to db_query_params()

Modified: trunk/gforge/www/admin/admin_table.php
===================================================================
--- trunk/gforge/www/admin/admin_table.php	2009-08-31 15:40:20 UTC (rev 8064)
+++ trunk/gforge/www/admin/admin_table.php	2009-08-31 16:35:56 UTC (rev 8065)
@@ -101,23 +101,28 @@
  */
 function admin_table_confirmdelete($table, $unit, $primary_key, $id) {
 	if ($unit == "processor") {
-		$result = db_numrows(db_query("SELECT processor_id FROM frs_file WHERE processor_id = $id"));
+		$result = db_numrows(db_query_params ('SELECT processor_id FROM frs_file WHERE processor_id = $1',
+			array($id)));
 		if ($result > 0) {
-			echo '<p>'.sprintf(_('You can\'t delete the processor %1$s since it\'s currently referenced in a file release.'), db_result(db_query("select name from frs_processor where processor_id = $id"), 0, 0)).'</p>';
+			echo '<p>'.sprintf(_('You can\'t delete the processor %1$s since it\'s currently referenced in a file release.'), db_result(db_query_params ('select name from frs_processor where processor_id = $1',
+			array($id)), 0, 0)).'</p>';
 			return;
 		}
 	}
 	if ($unit == "license") {
-		$result = db_numrows(db_query("SELECT license FROM groups WHERE license = $id"));
+		$result = db_numrows(db_query_params ('SELECT license FROM groups WHERE license = $1',
+			array($id)));
 		if ($result > 0) {
-			echo '<p>'.sprintf(_('You can\'t delete the license %1$s since it\'s currently referenced in a project.'), db_result(db_query("select license_name from licenses where license_id = $id"), 0, 0)).'</p>';
+			echo '<p>'.sprintf(_('You can\'t delete the license %1$s since it\'s currently referenced in a project.'), db_result(db_query_params ('select license_name from licenses where license_id = $1',
+			array($id)), 0, 0)).'</p>';
 			return;
 		}
 	}
 	if ($unit == "supported_language") {
 		$result = db_numrows(db_query('SELECT language FROM users WHERE language='.$id));
 		if ($result > 0) {
-			echo '<p>'.sprintf(_('You can\'t delete the language %1$s since it\'s currently referenced in a user profile.'), db_result(db_query("select license_name from licenses where license_id = $id"), 0, 0)).'</p>';
+			echo '<p>'.sprintf(_('You can\'t delete the language %1$s since it\'s currently referenced in a user profile.'), db_result(db_query_params ('select license_name from licenses where license_id = $1',
+			array($id)), 0, 0)).'</p>';
 			return;
 		}
 	}

Modified: trunk/gforge/www/admin/database.php
===================================================================
--- trunk/gforge/www/admin/database.php	2009-08-31 15:40:20 UTC (rev 8064)
+++ trunk/gforge/www/admin/database.php	2009-08-31 16:35:56 UTC (rev 8065)
@@ -63,10 +63,15 @@
 		}
 
 
-		$res = db_query("
+		$res = db_query_params ('
 			INSERT INTO prdb_dbs(group_id, dbname, dbusername, dbuserpass, requestdate, dbtype, created_by, state)
-			VALUES ($group_id,'$dbname','$dbname','xxx',".time().",1,".$user->getID().",1)
-		");
+			VALUES ($group_id,$1,$2,$3,$4,1,$5,1)
+		',
+			array($dbname,
+				$dbname,
+				'xxx',
+				time(),
+				$user->getID()));
 
 		if (!$res || db_affected_rows($res) < 1) {
 			$feedback .= _('Error Adding Database') .db_error();
@@ -117,22 +122,24 @@
 
 if ($displaydb) {
 
-	$res_db = db_query("
+	$res_db = db_query_params ('
 		SELECT statename
 		FROM prdb_states
-		WHERE stateid=".$dbstate."
-	");
+		WHERE stateid=$1
+	',
+			array($dbstate));
 
 	$row_db = db_fetch_array($res_db);
 
 	print '<hr /><h3>' ._('Displaying Databases of Type:') .$row_db['statename'].' </h3><ul>';
 
-	$res_db = db_query("
+	$res_db = db_query_params ('
 		SELECT *
 		FROM prdb_dbs
-		WHERE state=".$dbstate."
+		WHERE state=$1
 		ORDER BY dbname
-	");
+	',
+			array($dbstate));
 
 	while ($row_db = db_fetch_array($res_db)) {
 		print '<li>'.util_make_link ('/project/admin/database.php?group_id='.$row_db['group_id'],$row_db['dbname']).'</li>';

Modified: trunk/gforge/www/admin/massmail.php
===================================================================
--- trunk/gforge/www/admin/massmail.php	2009-08-31 15:40:20 UTC (rev 8064)
+++ trunk/gforge/www/admin/massmail.php	2009-08-31 16:35:56 UTC (rev 8065)
@@ -60,10 +60,14 @@
 		);
 	}
 
-	$res = db_query("
+	$res = db_query_params ('
 		INSERT INTO massmail_queue(type,subject,message,queued_date)
-		VALUES ('$mail_type','$mail_subject','$mail_message',".time().")
-	");
+		VALUES ($1,$2,$3,$4)
+	',
+			array($mail_type,
+				$mail_subject,
+				$mail_message,
+				time()));
 
 	if (!$res || db_affected_rows($res)<1) {
 		form_release_key(getStringFromRequest('form_key'));

Modified: trunk/gforge/www/admin/pluginman.php
===================================================================
--- trunk/gforge/www/admin/pluginman.php	2009-08-31 15:40:20 UTC (rev 8064)
+++ trunk/gforge/www/admin/pluginman.php	2009-08-31 16:35:56 UTC (rev 8065)
@@ -62,8 +62,9 @@
 	
 	if ((getStringFromRequest('action')=='deactivate')) {
 		if (getStringFromRequest('delusers')) {
-			$sql = "DELETE FROM user_plugin WHERE plugin_id = (SELECT plugin_id FROM plugins WHERE plugin_name = '$pluginname')";
-			$res = db_query($sql);
+
+			$res = db_query_params ('DELETE FROM user_plugin WHERE plugin_id = (SELECT plugin_id FROM plugins WHERE plugin_name = $1)',
+			array($pluginname));
 			if (!$res) {
 				exit_error("SQL ERROR",db_error());
 			} else {
@@ -71,8 +72,9 @@
 			}
 		}
 		if (getStringFromRequest('delgroups')) {
-			$sql = "DELETE FROM group_plugin WHERE plugin_id = (SELECT plugin_id FROM plugins WHERE plugin_name = '$pluginname')";
-			$res = db_query($sql);
+
+			$res = db_query_params ('DELETE FROM group_plugin WHERE plugin_id = (SELECT plugin_id FROM plugins WHERE plugin_name = $1)',
+			array($pluginname));
 			if (!$res) {
 				exit_error("SQL ERROR",db_error());
 			} else {
@@ -224,8 +226,9 @@
 		$msg = _('Active');
 		$status="active";
 		$link = "<a href=\"javascript:change('" . getStringFromServer('PHP_SELF') . "?update=$filename&amp;action=deactivate";
-		$sql = "SELECT  u.user_name FROM plugins p, user_plugin up, users u WHERE p.plugin_name = '$filename' and up.user_id = u.user_id and p.plugin_id = up.plugin_id";
-		$res = db_query($sql);
+
+		$res = db_query_params ('SELECT  u.user_name FROM plugins p, user_plugin up, users u WHERE p.plugin_name = $1 and up.user_id = u.user_id and p.plugin_id = up.plugin_id',
+			array($filename));
 		if ($res) {
 			if (db_numrows($res)>0) {
 				// tell the form to delete the users, so that we don't re-do the query
@@ -239,8 +242,9 @@
 				$users = "none";
 			}
 		}
-		$sql = "SELECT g.group_name FROM plugins p, group_plugin gp, groups g WHERE plugin_name = '$filename' and gp.group_id = g.group_id and p.plugin_id = gp.plugin_id";
-		$res = db_query($sql);
+
+		$res = db_query_params ('SELECT g.group_name FROM plugins p, group_plugin gp, groups g WHERE plugin_name = $1 and gp.group_id = g.group_id and p.plugin_id = gp.plugin_id',
+			array($filename));
 		if ($res) {
 			if (db_numrows($res)>0) {
 				// tell the form to delete the groups, so that we don't re-do the query

Modified: trunk/gforge/www/admin/trove/trove_cat_add.php
===================================================================
--- trunk/gforge/www/admin/trove/trove_cat_add.php	2009-08-31 15:40:20 UTC (rev 8064)
+++ trunk/gforge/www/admin/trove/trove_cat_add.php	2009-08-31 16:35:56 UTC (rev 8065)
@@ -43,18 +43,24 @@
 	$newroot = trove_getrootcat($form_parent);
 
 	if ($form_shortname) {
-		$res = db_query("
+		$res = db_query_params ('
 			INSERT INTO trove_cat 
 				(shortname,fullname,description,parent,version,root_parent)
 			VALUES (
-				'".htmlspecialchars($form_shortname)."',
-				'".htmlspecialchars($form_fullname)."',
-				'".htmlspecialchars($form_description)."',
-				'$form_parent',
-				'".date("Ymd",time())."01',
-				'$newroot'
+				$1,
+				$2,
+				$3,
+				$4,
+                                $5,
+				$6
 			)
-		");
+		',
+			array(htmlspecialchars($form_shortname),
+			      htmlspecialchars($form_fullname),
+			      htmlspecialchars($form_description),
+			      $form_parent,
+			      date("Ymd",time()).'01',
+			      $newroot));
 
 		if (!$res || db_affected_rows($res)<1) {
 			form_release_key(getStringFromRequest("form_key"));

Modified: trunk/gforge/www/admin/trove/trove_cat_edit.php
===================================================================
--- trunk/gforge/www/admin/trove/trove_cat_edit.php	2009-08-31 15:40:20 UTC (rev 8064)
+++ trunk/gforge/www/admin/trove/trove_cat_edit.php	2009-08-31 16:35:56 UTC (rev 8065)
@@ -49,16 +49,23 @@
 				   db_error()
 			);
 		} else {
-			$res = db_query("
+			$res = db_query_params ('
 				UPDATE trove_cat
-				SET	shortname='".htmlspecialchars($form_shortname)."',
-					fullname='".htmlspecialchars($form_fullname)."',
-					description='".htmlspecialchars($form_description)."',
-					parent='$form_parent',
-					version='".date("Ymd",time())."01',
-					root_parent='$newroot'
-				WHERE trove_cat_id='$form_trove_cat_id'
-			");
+				SET	shortname=$1,
+					fullname=$2,
+					description=$3,
+					parent=$4,
+					version=$5,
+					root_parent=$6
+				WHERE trove_cat_id=$7
+			',
+			array(htmlspecialchars($form_shortname),
+			      htmlspecialchars($form_fullname),
+			      htmlspecialchars($form_description),
+			      $form_parent,
+			      date("Ymd",time()).'01',
+			      $newroot,
+			      $form_trove_cat_id));
 		}
 
 		if (!$res || db_affected_rows($res)<1) {
@@ -119,7 +126,8 @@
 
 <?php
 // generate list of possible parents (a category can't be a parent of itself)
-$res_parent = db_query("SELECT shortname,fullname,trove_cat_id FROM trove_cat WHERE trove_cat_id <> ".$trove_cat_id);
+$res_parent = db_query_params ('SELECT shortname,fullname,trove_cat_id FROM trove_cat WHERE trove_cat_id <> $1',
+			array($trove_cat_id));
 
 // Place the root node at the start of the list
 print('<option value="0"');

Modified: trunk/gforge/www/admin/userlist.php
===================================================================
--- trunk/gforge/www/admin/userlist.php	2009-08-31 15:40:20 UTC (rev 8064)
+++ trunk/gforge/www/admin/userlist.php	2009-08-31 16:35:56 UTC (rev 8065)
@@ -162,10 +162,11 @@
 	print "<strong>" . group_getname($group_id) . "</strong></p>";
 
 
-	$result = db_query("SELECT users.user_id AS user_id,users.user_name AS user_name,users.status AS status, users.add_date AS add_date "
-		. "FROM users,user_group "
-		. "WHERE users.user_id=user_group.user_id AND "
-		. "user_group.group_id='$group_id' ORDER BY users.user_name");
+	$result = db_query_params ('SELECT users.user_id AS user_id,users.user_name AS user_name,users.status AS status, users.add_date AS add_date 
+FROM users,user_group 
+WHERE users.user_id=user_group.user_id AND 
+user_group.group_id=$1 ORDER BY users.user_name',
+			array($group_id));
 	show_users_list ($result);
 
 	/*




More information about the Fusionforge-commits mailing list