MARGE:masterブランチのマージ（マージできない分について、データベースハンドラーを書き換え）

[nucleus-jp/nucleus-next.git] / nucleus / libs / COMMENTS.php

diff --git a/nucleus/libs/COMMENTS.php b/nucleus/libs/COMMENTS.php
index 751ae33..851080d 100644 (file)
--- a/nucleus/libs/COMMENTS.php
+++ b/nucleus/libs/COMMENTS.php
@@ -84,8 +84,8 @@ class Comments
                                   . ' WHERE c.citem=' . $this->itemid\r
                                   . ' ORDER BY c.ctime';\r
 \r
-                       $comments = sql_query($query);\r
-                       $this->commentcount = sql_num_rows($comments);\r
+                       $comments = DB::getResult($query);\r
+                       $this->commentcount = $comments->rowCount();\r
                }\r
 \r
                // if no result was found\r
@@ -103,7 +103,7 @@ class Comments
 \r
                $parser->parse($template['COMMENTS_HEADER']);\r
 \r
-               while ( $comment = sql_fetch_assoc($comments) ) {\r
+               foreach ( $comments as $comment ) {\r
                        $comment['timestamp'] = strtotime($comment['ctime']);\r
                        $handler->setCurrentComment($comment);\r
                        $handler->setHighlight($highlight);\r
@@ -114,7 +114,7 @@ class Comments
 \r
                $parser->parse($template['COMMENTS_FOOTER']);\r
 \r
-               sql_free_result($comments);\r
+               $comments->closeCursor();\r
 \r
                return $this->commentcount;\r
        }\r
@@ -126,10 +126,9 @@ class Comments
                $query =  'SELECT COUNT(*)'\r
                           . ' FROM '.sql_table('comment').' as c'\r
                           . ' WHERE c.citem='. $this->itemid;\r
-               $res = sql_query($query);\r
-               $arr = sql_fetch_row($res);\r
+               $res = DB::getValue($query);\r
 \r
-               return $arr[0];\r
+               return $res;\r
        }\r
 \r
        /**\r
@@ -323,12 +322,12 @@ class Comments
                \r
                $manager->notify('PreAddComment', array('comment' => &$comment, 'spamcheck' => &$spamcheck) );\r
                \r
-               $name           = sql_real_escape_string($comment['user']);\r
-               $url            = sql_real_escape_string($comment['userid']);\r
-               $email      = sql_real_escape_string($comment['email']);\r
-               $body           = sql_real_escape_string($comment['body']);\r
-               $host           = sql_real_escape_string($comment['host']);\r
-               $ip                     = sql_real_escape_string($comment['ip']);\r
+               $name           = DB::quoteValue($comment['user']);\r
+               $url            = DB::quoteValue($comment['userid']);\r
+               $email      = DB::quoteValue($comment['email']);\r
+               $body           = DB::quoteValue($comment['body']);\r
+               $host           = DB::quoteValue($comment['host']);\r
+               $ip                     = DB::quoteValue($comment['ip']);\r
                $memberid       = intval($comment['memberid']);\r
                $timestamp      = date('Y-m-d H:i:s', $comment['timestamp']);\r
                $itemid         = $this->itemid;\r
@@ -336,12 +335,12 @@ class Comments
                $qSql       = 'SELECT COUNT(*) AS result '\r
                                        . 'FROM ' . sql_table('comment')\r
                                        . ' WHERE '\r
-                                       .      'cmail   = "' . $url . '"'\r
-                                       . ' AND cmember = "' . $memberid . '"'\r
-                                       . ' AND cbody   = "' . $body . '"'\r
-                                       . ' AND citem   = "' . $itemid . '"'\r
-                                       . ' AND cblog   = "' . $blogid . '"';\r
-               $result     = (integer) quickQuery($qSql);\r
+                                       .      'cmail   = ' . $url\r
+                                       . ' AND cmember = ' . $memberid\r
+                                       . ' AND cbody   = ' . $body\r
+                                       . ' AND citem   = ' . $itemid\r
+                                       . ' AND cblog   = ' . $blogid;\r
+               $result     = (integer) DB::getValue($qSql);\r
                \r
                if ( $result > 0 )\r
                {\r
@@ -349,12 +348,12 @@ class Comments
                }\r
                \r
                $query = 'INSERT INTO '.sql_table('comment').' (CUSER, CMAIL, CEMAIL, CMEMBER, CBODY, CITEM, CTIME, CHOST, CIP, CBLOG) '\r
-                          . "VALUES ('$name', '$url', '$email', $memberid, '$body', $itemid, '$timestamp', '$host', '$ip', '$blogid')";\r
+                          . "VALUES ($name, $url, $email, $memberid, $body, $itemid, '$timestamp', $host, $ip, '$blogid')";\r
                \r
-               sql_query($query);\r
+               DB::execute($query);\r
                \r
                // post add comment\r
-               $commentid = sql_insert_id();\r
+               $commentid = DB::getInsertId();\r
                $manager->notify('PostAddComment', array('comment' => &$comment, 'commentid' => &$commentid, 'spamcheck' => &$spamcheck) );\r
                \r
                // succeeded !\r