[Fusionforge-commits] r8160 - trunk/gforge/www/include

Roland Mas lolando at libremir.placard.fr.eu.org
Thu Sep 24 15:34:46 CEST 2009


Author: lolando
Date: 2009-09-24 15:34:46 +0200 (Thu, 24 Sep 2009)
New Revision: 8160

Modified:
   trunk/gforge/www/include/bookmarks.php
   trunk/gforge/www/include/project_summary.php
   trunk/gforge/www/include/stats_function.php
   trunk/gforge/www/include/trove.php
   trunk/gforge/www/include/user_home.php
   trunk/gforge/www/include/vote_function.php
Log:
db_query_params() migration

Modified: trunk/gforge/www/include/bookmarks.php
===================================================================
--- trunk/gforge/www/include/bookmarks.php	2009-09-24 13:34:37 UTC (rev 8159)
+++ trunk/gforge/www/include/bookmarks.php	2009-09-24 13:34:46 UTC (rev 8160)
@@ -18,9 +18,10 @@
 	if (!$bookmark_title) {
 		$bookmark_title = $bookmark_url;
 	}
-	$result = db_query("INSERT into user_bookmarks (user_id, bookmark_url, "
-		. "bookmark_title) values ('".user_getid()."', '".htmlentities($bookmark_url)."', "
-		. "'".htmlspecialchars($bookmark_title)."');");
+	$result = db_query_params ('INSERT into user_bookmarks (user_id, bookmark_url, bookmark_title) values ($1, $2, $3)',
+				   array (user_getid(),
+					  htmlentities($bookmark_url)
+					  htmlspecialchars($bookmark_title)));
 	if (!$result) {
 		echo db_error();
 	}
@@ -34,8 +35,11 @@
  * @param		string	The new or existing bookmark title
  */
 function bookmark_edit ($bookmark_id, $bookmark_url, $bookmark_title) {
-	$result = db_query("UPDATE user_bookmarks SET bookmark_url='".htmlentities($bookmark_url)."', "
-		."bookmark_title='".htmlspecialchars($bookmark_title)."' where bookmark_id='$bookmark_id' AND user_id='". user_getid() ."'");
+	$result = db_query_params ('UPDATE user_bookmarks SET bookmark_url=$1, bookmark_title=$2 WHERE bookmark_id=$3 AND user_id=$4',
+				   array (htmlentities($bookmark_url),
+					  htmlspecialchars($bookmark_title),
+					  $bookmark_id,
+					  user_getid()));
 	if (!$result) {
 		echo db_error();
 		return false;
@@ -50,8 +54,9 @@
  * @param		int		The bookmark's ID
  */
 function bookmark_delete ($bookmark_id) {
-	db_query("DELETE from user_bookmarks WHERE bookmark_id='$bookmark_id' "
-		. "and user_id='". user_getid() ."'");
+	db_query_params ('DELETE from user_bookmarks WHERE bookmark_id=$1 AND user_id=$2',
+			 array ($bookmark_id,
+				user_getid()));
 }
 
 ?>

Modified: trunk/gforge/www/include/project_summary.php
===================================================================
--- trunk/gforge/www/include/project_summary.php	2009-09-24 13:34:37 UTC (rev 8159)
+++ trunk/gforge/www/include/project_summary.php	2009-09-24 13:34:46 UTC (rev 8160)
@@ -197,8 +197,8 @@
 
 		if ($mode != 'compact') {
 			//get a list of publicly available projects
-			$sql="SELECT * FROM project_group_list WHERE group_id='$group_id' AND is_public=1";
-			$result = db_query ($sql);
+			$result = db_query_params ('SELECT * FROM project_group_list WHERE group_id=$1 AND is_public=1',
+						   array ($group_id));
 			$rows = db_numrows($result);
 			if (!$result || $rows < 1) {
 				$return .= '<br /><em>There are no public subprojects available</em>';
@@ -237,8 +237,8 @@
 		$return .= "&nbsp;SCM&nbsp;Tree</a>";
 
 		if ($mode != 'compact') {
-			$sql = "SELECT SUM(commits) AS commits,SUM(adds) AS adds from stats_cvs_group where group_id='$group_id'";
-			$result = db_query($sql);
+			$result = db_query_params ('SELECT SUM(commits) AS commits,SUM(adds) AS adds from stats_cvs_group where group_id=$1',
+						   array ($group_id));
 			$return .= ' ( <strong>'.db_result($result,0,0).'</strong> commits, <strong>'.db_result($result,0,1).'</strong> adds )';
 		}
 	}

Modified: trunk/gforge/www/include/stats_function.php
===================================================================
--- trunk/gforge/www/include/stats_function.php	2009-09-24 13:34:37 UTC (rev 8159)
+++ trunk/gforge/www/include/stats_function.php	2009-09-24 13:34:46 UTC (rev 8160)
@@ -17,9 +17,8 @@
 /*
 	pages/day
 */
-	$sql="SELECT * FROM stats_agg_pages_by_day";
-
-	$result = db_query ($sql);
+	$result = db_query_params ('SELECT * FROM stats_agg_pages_by_day',
+				   array ());
 	$rows = db_numrows($result);
 
 	if (!$result || $rows < 1) {
@@ -49,27 +48,10 @@
 	echo '<p>&nbsp;</p>';
 
 /*
-	pages/hour
-* /
-	$sql="SELECT * FROM stats_agg_pages_by_hour";
-
-	$result = db_query ($sql);
-	$rows = db_numrows($result);
-
-	if (!$result || $rows < 1) {
-		echo '<h1>Stats Problem</h1>';
-		echo db_error();
-	} else {
-		GraphResult($result,'Page Views By Hour');
-	}
-	echo '<p>';
-*/
-
-/*
 	Groups added by week
 */
-	$sql="select (round((register_time/604800),0)*604800) AS time ,count(*) from groups group by time";
-	$result = db_query ($sql);
+	$result = db_query_params ('select (round((register_time/604800),0)*604800) AS time ,count(*) from groups group by time',
+				   array ());
 	$rows = db_numrows($result);
 
 	if (!$result || $rows < 1) {
@@ -91,8 +73,8 @@
 /*
 	Users added by week
 */
-	$sql="select (round((add_date/604800),0)*604800) AS time ,count(*) from users group by time";
-	$result = db_query ($sql);
+	$result = db_query_params ('select (round((add_date/604800),0)*604800) AS time ,count(*) from users group by time',
+				   array ());
 	$rows = db_numrows($result);
 
 	if (!$result || $rows < 1) {
@@ -121,9 +103,9 @@
 /*
 	logo impressions/day
 */
-	$sql="SELECT * FROM stats_agg_logo_by_day";
 
-	$result = db_query ($sql);
+	$result = db_query_params ('SELECT * FROM stats_agg_logo_by_day',
+				   array ());
 	$rows = db_numrows($result);
 
 	if (!$result || $rows < 1) {
@@ -138,9 +120,9 @@
 /*
 	logo impressions/group
 */
-	$sql="SELECT group_id,sum(count) as count FROM stats_agg_logo_by_group GROUP BY group_id";
 
-	$result = db_query ($sql);
+	$result = db_query_params ('SELECT group_id,sum(count) as count FROM stats_agg_logo_by_group GROUP BY group_id',
+				   array ());
 	$rows = db_numrows($result);
 
 	if (!$result || $rows < 1) {
@@ -162,9 +144,9 @@
 /*
 	Browser
 */
-	$sql="SELECT * FROM stats_agg_pages_by_browser";
 
-	$result = db_query ($sql);
+	$result = db_query_params ('SELECT * FROM stats_agg_pages_by_browser',
+				   array ());
 	$rows = db_numrows($result);
 
 	if (!$result || $rows < 1) {
@@ -178,9 +160,9 @@
 /*
 	Platform
 */
-	$sql="SELECT * FROM stats_agg_pages_by_platform";
 
-	$result = db_query ($sql);
+	$result = db_query_params ('SELECT * FROM stats_agg_pages_by_platform',
+				   array ());
 	$rows = db_numrows($result);
 
 	if (!$result || $rows < 1) {
@@ -194,9 +176,9 @@
 /*
 	Browser/ver
 */
-	$sql="SELECT * FROM stats_agg_pages_by_plat_brow_ver";
 
-	$result = db_query ($sql);
+	$result = db_query_params ('SELECT * FROM stats_agg_pages_by_plat_brow_ver',
+				   array ());
 	$rows = db_numrows($result);
 
 	if (!$result || $rows < 1) {

Modified: trunk/gforge/www/include/trove.php
===================================================================
--- trunk/gforge/www/include/trove.php	2009-09-24 13:34:37 UTC (rev 8159)
+++ trunk/gforge/www/include/trove.php	2009-09-24 13:34:46 UTC (rev 8160)
@@ -25,18 +25,19 @@
  */
 function trove_genfullpaths($mynode,$myfullpath,$myfullpathids) {
 	// first generate own path
-	$res_update = db_query('UPDATE trove_cat SET fullpath=\''
-		.$myfullpath.'\',fullpath_ids=\''
-		.$myfullpathids.'\' WHERE trove_cat_id='.$mynode);
+	$res_update = db_query_params ('UPDATE trove_cat SET fullpath=$1,fullpath_ids=$2 WHERE trove_cat_id=$3',
+				       array ($myfullpath,
+					      $myfullpathids,
+					      $mynode));
 	// now generate paths for all children by recursive call
 	if($mynode!=0)
 	{
-		$res_child = db_query("
+		$res_child = db_query_params ('
 			SELECT trove_cat_id,fullname
 			FROM trove_cat
-			WHERE parent='$mynode'
-			AND trove_cat_id!=0;
-		", -1, 0, SYS_DB_TROVE);
+			WHERE parent=$1
+			AND trove_cat_id != 0',
+					      array ($mynode));
 
 		while ($row_child = db_fetch_array($res_child)) {
 			trove_genfullpaths($row_child['trove_cat_id'],
@@ -56,17 +57,20 @@
  */
 function trove_updaterootparent($mynode,$rootnode) {
 	// first generate own path
-	if($mynode!=$rootnode) $res_update = db_query('UPDATE trove_cat SET root_parent=' .$rootnode. ' WHERE trove_cat_id='.$mynode);
-	else $res_update = db_query('UPDATE trove_cat SET root_parent=0 WHERE trove_cat_id='.$mynode);
+	if($mynode!=$rootnode) $res_update = db_query_params ('UPDATE trove_cat SET root_parent=$1 WHERE trove_cat_id=$2',
+							      array ($rootnode,
+								     $mynode));
+	else $res_update = db_query_params ('UPDATE trove_cat SET root_parent=0 WHERE trove_cat_id=$1',
+					    array ($mynode));
 	// now generate paths for all children by recursive call
 	if($mynode!=0)
 	{
-		$res_child = db_query("
+		$res_child = db_query_params ('
 			SELECT trove_cat_id
 			FROM trove_cat
-			WHERE parent='$mynode'
-			AND trove_cat_id!=0;
-		", -1, 0, SYS_DB_TROVE);
+			WHERE parent=$1
+			AND trove_cat_id!=0',
+					      array ($mynode));
 
 		while ($row_child = db_fetch_array($res_child)) {
 			trove_updaterootparent($row_child['trove_cat_id'],$rootnode);
@@ -88,11 +92,11 @@
 	if ((!$group_id) || (!$trove_cat_id)) return 1;
 
 	// verify trove category exists
-	$res_verifycat = db_query("
+	$res_verifycat = db_query_params ('
 		SELECT trove_cat_id,fullpath_ids
 		FROM trove_cat
-		WHERE trove_cat_id='$trove_cat_id'
-	", -1, 0, SYS_DB_TROVE);
+		WHERE trove_cat_id=$1',
+					  array ($trove_cat_id));
 
 	if (db_numrows($res_verifycat) != 1) return 1;
 	$row_verifycat = db_fetch_array($res_verifycat);
@@ -103,13 +107,15 @@
 	}
 
 	// must first make sure that this is not a subnode of anything current
-	$res_topnodes = db_query("
+	$res_topnodes = db_query_params ('
 		SELECT trove_cat.trove_cat_id AS trove_cat_id,
 			trove_cat.fullpath_ids AS fullpath_ids
 		FROM trove_cat,trove_group_link
 		WHERE trove_cat.trove_cat_id=trove_group_link.trove_cat_id
-		AND trove_group_link.group_id='$group_id'
-		AND trove_cat.root_parent='$rootnode'");
+		AND trove_group_link.group_id=$1
+		AND trove_cat.root_parent=$2',
+					 array ($group_id,
+						$rootnode));
 
 	while($row_topnodes = db_fetch_array($res_topnodes)) {
 		$pathids = explode(' :: ',$row_topnodes['fullpath_ids']);
@@ -129,25 +135,27 @@
 		FROM trove_group_link
 		WHERE group_id=$1
 		AND trove_cat_root=$2',
-			array($group_id,
-				$rootnode));
+					  array($group_id,
+						$rootnode));
 
 	while ($row_checksubs = db_fetch_array($res_checksubs)) {
 		// check against all subnodeids
 		for ($i=0;$i<count($subnodeids);$i++) {
 			if ($subnodeids[$i] == $row_checksubs['trove_cat_id']) {
 				// then delete subnode
-				db_query('DELETE FROM trove_group_link WHERE '
-					.'group_id='.$group_id.' AND trove_cat_id='
-					.$subnodeids[$i]);
+				db_query_params ('DELETE FROM trove_group_link WHERE group_id=$1 AND trove_cat_id=$2',
+						 array ($group_id,
+							$subnodeids[$i]));
 			}
 		}
 	}
 
 	// if we got this far, must be ok
-	db_query('INSERT INTO trove_group_link (trove_cat_id,trove_cat_version,'
-		.'group_id,trove_cat_root) VALUES ('.$trove_cat_id.','
-		.time().','.$group_id.','.$rootnode.')');
+	db_query_params ('INSERT INTO trove_group_link (trove_cat_id,trove_cat_version,group_id,trove_cat_root) VALUES ($1,$2,$3,$4)',
+			 array ($trove_cat_id,
+				time(),
+				$group_id,
+				$rootnode));
 	return 0;
 }
 
@@ -165,7 +173,7 @@
 			SELECT parent
 			FROM trove_cat
 			WHERE trove_cat_id=$1',
-			array($current_cat));
+					    array($current_cat));
 
 		$row_par = db_fetch_array($res_par);
 		$parent = $row_par["parent"];

Modified: trunk/gforge/www/include/user_home.php
===================================================================
--- trunk/gforge/www/include/user_home.php	2009-09-24 13:34:37 UTC (rev 8159)
+++ trunk/gforge/www/include/user_home.php	2009-09-24 13:34:46 UTC (rev 8160)
@@ -111,8 +111,8 @@
 
 		*/
 
-		$res=db_query("SELECT count(*) from user_diary ".
-			"WHERE user_id='". $user_id ."' AND is_public=1");
+		$res = db_query_params ('SELECT count(*) from user_diary WHERE user_id=$1 AND is_public=1',
+					array ($user_id));
 		echo _('Diary/Note entries:').' '.db_result($res,0,0).'
 		<p/>'.util_make_link ('/developer/diary.php?diary_user='.$user_id,_('View Diary & Notes')).'</p>
 		<p/>';

Modified: trunk/gforge/www/include/vote_function.php
===================================================================
--- trunk/gforge/www/include/vote_function.php	2009-09-24 13:34:37 UTC (rev 8159)
+++ trunk/gforge/www/include/vote_function.php	2009-09-24 13:34:46 UTC (rev 8160)
@@ -60,8 +60,9 @@
  * @param		string	The rating type
  */
 function vote_get_rating ($id,$flag) {
-	$sql="SELECT response FROM survey_rating_aggregate WHERE type='$flag' AND id='$id'";
-	$result=db_query($sql);
+	$result = db_query_params ('SELECT response FROM survey_rating_aggregate WHERE type=$1 AND id=$2',
+				   array ($flag,
+					  $id));
 	if (!$result || (db_numrows($result) < 1) || (db_result($result,0,0)==0)) {
 		return '0';
 	} else {
@@ -130,10 +131,10 @@
 	Select this survey from the database
 */
 
-$sql="SELECT * FROM surveys WHERE survey_id='$survey_id' and group_id = '$group_id'";
+	$result = db_query_params ('SELECT * FROM surveys WHERE survey_id=$1 and group_id = $2',
+				   array ($survey_id,
+					  $group_id));
 
-$result=db_query($sql);
-
 if (db_numrows($result) > 0) {
 	echo '
 		<h3>'.db_result($result, 0, 'survey_title').'</h3>
@@ -157,8 +158,8 @@
 			Build the questions on the HTML form
 		*/
 
-		$sql="SELECT * FROM survey_questions WHERE question_id='".$quest_array[$i]."'";
-		$result=db_query($sql);
+		$result = db_query_params ('SELECT * FROM survey_questions WHERE question_id=$1',
+					   array ($quest_array[$i]));
 		$question_type=db_result($result, 0, 'question_type');
 
 		if ($question_type == '4') {
@@ -377,8 +378,8 @@
 			WHERE rated_by=$1
 			AND user_id=$2
 		',
-			array($by_id,
-				$user_id));
+					array($by_id,
+					      $user_id));
 		$prev_vote = util_result_columns_to_assoc($res);
 		while (list($k,$v) = each($prev_vote)) {
 			if ($v == 0) {
@@ -415,11 +416,11 @@
  */
 function vote_show_user_rating($user_id) {
 	global $USER_RATING_QUESTIONS;
-	$sql="SELECT rate_field,(avg(rating)+3) AS avg_rating,count(*) as count 
-FROM user_ratings 
-WHERE user_id='$user_id' 
-GROUP BY rate_field";
-	$res=db_query($sql);
+	$res = db_query_params ('SELECT rate_field,(avg(rating)+3) AS avg_rating,count(*) as count
+FROM user_ratings
+WHERE user_id=$1
+GROUP BY rate_field',
+				array ($user_id));
 	$rows=db_numrows($res);
 	if (!$res || $rows < 1) {
 
@@ -436,8 +437,8 @@
 			<td>'.db_result($res,$i,'avg_rating').' (By '. db_result($res,$i,'count') .' Users)</td></tr>';
 		}
 
-		$res=db_query_params ('SELECT ranking,metric,importance_factor FROM user_metric WHERE user_id=$1',
-			array($user_id));
+		$res = db_query_params ('SELECT ranking,metric,importance_factor FROM user_metric WHERE user_id=$1',
+					array($user_id));
 		if ($res && db_numrows($res) > 0) {
 			echo '<tr><td colspan="2"><strong>Trusted Overall Rating</strong></td></tr>';
 			echo '<tr><td>Sitewide Ranking:</td><td><strong>'. db_result($res,0,'ranking') .'</strong></td></tr>
@@ -459,7 +460,7 @@
 		DELETE FROM user_ratings
 		WHERE rated_by=$1
 	',
-			array($user_id));
+			 array($user_id));
 }
 
 // Local Variables:




More information about the Fusionforge-commits mailing list