[Fusionforge-commits] r8158 - trunk/gforge/www/developer

Roland Mas lolando at libremir.placard.fr.eu.org
Thu Sep 24 15:34:28 CEST 2009


Author: lolando
Date: 2009-09-24 15:34:28 +0200 (Thu, 24 Sep 2009)
New Revision: 8158

Modified:
   trunk/gforge/www/developer/diary.php
   trunk/gforge/www/developer/monitor.php
Log:
db_query_params() migration

Modified: trunk/gforge/www/developer/diary.php
===================================================================
--- trunk/gforge/www/developer/diary.php	2009-09-24 13:34:19 UTC (rev 8157)
+++ trunk/gforge/www/developer/diary.php	2009-09-24 13:34:28 UTC (rev 8158)
@@ -40,8 +40,9 @@
 	<h2>'._('Diary And Notes For').': '. $user_obj->getRealName() .'</h2>';
 
 	if ($diary_id) {
-		$sql="SELECT * FROM user_diary WHERE user_id='$diary_user' AND id='$diary_id' AND is_public=1";
-		$res=db_query($sql);
+		$res = db_query_params ('SELECT * FROM user_diary WHERE user_id=$1 AND id=$2 AND is_public=1',
+					array ($diary_user,
+					       $diary_id));
 
 		echo $HTML->boxTop(_('Date').": ".date(_('Y-m-d H:i'), db_result($res,$i,'date_posted')));
 		if (!$res || db_numrows($res) < 1) {
@@ -63,9 +64,8 @@
 		List all diary entries
 
 	*/
-	$sql="SELECT * FROM user_diary WHERE user_id='$diary_user' AND is_public=1 ORDER BY id DESC";
-
-	$result=db_query($sql);
+	$result = db_query_params ('SELECT * FROM user_diary WHERE user_id=$1 AND is_public=1 ORDER BY id DESC',
+				   array ($diary_user));
 	$rows=db_numrows($result);
 	if (!$result || $rows < 1) {
 		echo '

Modified: trunk/gforge/www/developer/monitor.php
===================================================================
--- trunk/gforge/www/developer/monitor.php	2009-09-24 13:34:19 UTC (rev 8157)
+++ trunk/gforge/www/developer/monitor.php	2009-09-24 13:34:28 UTC (rev 8158)
@@ -48,19 +48,18 @@
 		echo '
 			<h2>'._('Monitor a User').'</h2>';
 
-		$sql="SELECT * FROM user_diary_monitor WHERE user_id='".user_getid()."' AND monitored_user='$diary_user';";
-
-		$result = db_query($sql);
-
+		$result = db_query_params ('SELECT * FROM user_diary_monitor WHERE user_id=$1 AND monitored_user=$2;',
+					   array (user_getid(),
+						  $diary_user));
 		if (!$result || db_numrows($result) < 1) {
 			/*
 				User is not already monitoring thread, so 
 				insert a row so monitoring can begin
 			*/
-			$sql="INSERT INTO user_diary_monitor (monitored_user,user_id) VALUES ('$diary_user','".user_getid()."')";
+			$result = db_query_params ('INSERT INTO user_diary_monitor (monitored_user,user_id) VALUES ($1,$2)',
+						   array ($diary_user,
+							  user_getid ()));
 
-			$result = db_query($sql);
-
 			if (!$result) {
 				echo "<span class=\"error\">"._('Error inserting into user_diary_monitor')."</span>";
 			} else {
@@ -69,9 +68,9 @@
 			}
 
 		} else {
-
-			$sql="DELETE FROM user_diary_monitor WHERE user_id='".user_getid()."' AND monitored_user='$diary_user';";
-			$result = db_query($sql);
+			$result = db_query_params ('DELETE FROM user_diary_monitor WHERE user_id=$1 AND monitored_user=$2',
+						   array (user_getid(),
+							  $diary_user));
 			echo "<span class=\"feedback\">"._('Monitoring has been turned off')."</span>";
 			echo _('You will not receive any more emails from this user');
 	




More information about the Fusionforge-commits mailing list