* The $items, $blogs, ... arrays map an id to an object (for plugins, the name is used\r
* rather than an ID)\r
*/\r
- var $items;\r
- var $blogs;\r
- var $plugins;\r
- var $karma;\r
- var $templates;\r
- var $members;\r
+ private $items;\r
+ private $blogs;\r
+ private $plugins;\r
+ private $karma;\r
+ private $templates;\r
+ private $members;\r
\r
/**\r
* cachedInfo to avoid repeated SQL queries (see pidInstalled/pluginInstalled/getPidFromName)\r
*/\r
public function existsCategory($id)\r
{\r
- return (quickQuery('SELECT COUNT(*) as result FROM '.sql_table('category').' WHERE catid='.intval($id)) > 0);\r
+ return (DB::getValue('SELECT COUNT(*) as result FROM '.sql_table('category').' WHERE catid='.intval($id)) > 0);\r
}\r
\r
/**\r
}\r
\r
/**\r
+ * Manager::getPluginNameFromPid()\r
+ * \r
+ * @param string $pid ID for plugin\r
+ * @return string name of plugin\r
+ */\r
+ public function getPluginNameFromPid($pid)\r
+ {\r
+ if ( !array_key_exists($pid, $this->cachedInfo['installedPlugins']) )\r
+ {\r
+ $query = 'SELECT pfile FROM %s WHERE pid=%d;';\r
+ $query = sprintf($query, sql_table('plugin'), (integer) $pid);\r
+ return DB::getValue($query);\r
+ }\r
+ return $this->cachedInfo['installedPlugins'][$pid];\r
+ }\r
+ \r
+ /**\r
* Manager::getUpperCaseName()\r
* Retrieve the name of a plugin in the right capitalisation\r
* \r
// 'installedPlugins' = array ($pid => $name)\r
case 'installedPlugins':\r
$this->cachedInfo['installedPlugins'] = array();\r
- $res = sql_query('SELECT pid, pfile FROM ' . sql_table('plugin'));\r
- while ( $o = sql_fetch_object($res) )\r
+ $res = DB::getResult('SELECT pid, pfile FROM ' . sql_table('plugin'));\r
+ foreach ( $res as $row )\r
{\r
- $this->cachedInfo['installedPlugins'][$o->pid] = $o->pfile;\r
+ $this->cachedInfo['installedPlugins'][$row['pid']] = $row['pfile'];\r
}\r
break;\r
}\r
. " FROM %s as e, %s as p"\r
. " WHERE e.pid=p.pid ORDER BY p.porder ASC";\r
$query = sprintf($query, sql_table('plugin_event'), sql_table('plugin'));\r
- $res = sql_query($query);\r
+ $res = DB::getResult($query);\r
\r
- while ( $o = sql_fetch_object($res) )\r
+ foreach ( $res as $row )\r
{\r
- $pluginName = $o->pfile;\r
- $eventName = $o->event;\r
+ $pluginName = $row['pfile'];\r
+ $eventName = $row['event'];\r
$this->subscriptions[$eventName][] = $pluginName;\r
}\r
return;\r
}\r
\r
/**\r
+ * Manager::getNumberOfSubscribers()\r
+ * \r
+ * @param string $event name of events\r
+ * @return integer number of event subscriber\r
+ */\r
+ public function getNumberOfSubscribers($event)\r
+ {\r
+ $query = 'SELECT COUNT(*) as count FROM %s WHERE event=%s;';\r
+ $query = sprintf($query, sql_table('plugin_event'), DB::quoteValue($event));\r
+ return (integer) DB::getValue($query);\r
+ }\r
+ \r
+ /**\r
* Manager::addTicketToUrl()\r
* GET requests: Adds ticket to URL (URL should NOT be html-encoded!, ticket is added at the end)\r
* \r
public function addTicketToUrl($url)\r
{\r
$ticketCode = 'ticket=' . $this->_generateTicket();\r
- if ( i18n::strpos($filename, '/') === FALSE )\r
+ if ( i18n::strpos($url, '?') === FALSE )\r
{\r
$ticketCode = "{$url}?{$ticketCode}";\r
}\r
}\r
\r
// check if ticket is a valid one\r
- $query = 'SELECT COUNT(*) as result FROM ' . sql_table('tickets') . ' WHERE member=' . intval($memberId). ' and ticket=\''.sql_real_escape_string($ticket).'\'';\r
+ $query = sprintf('SELECT COUNT(*) as result FROM %s WHERE member=%d and ticket=%s',\r
+ sql_table('tickets'),\r
+ intval($memberId),\r
+ DB::quoteValue($ticket)\r
+ );\r
\r
/*\r
* NOTE:\r
* leaving the keys in the database is not a real problem, since they're member-specific and\r
* only valid for a period of one hour]\r
*/\r
- if ( quickQuery($query) != 1 )\r
+ if ( DB::getValue($query) != 1 )\r
{\r
return FALSE;\r
}\r
{\r
// remove tickets older than 1 hour\r
$oldTime = time() - 60 * 60;\r
- $query = "DELETE FROM %s WHERE ctime < '%s';";\r
- $query = sprintf($query, sql_table('tickets'), date('Y-m-d H:i:s',$oldTime));\r
- sql_query($query);\r
+ $query = 'DELETE FROM %s WHERE ctime < %s';\r
+ $query = sprintf($query, sql_table('tickets'), DB::formatDateTime($oldTime));\r
+ DB::execute($query);\r
return;\r
}\r
\r
$ticket = md5(uniqid(rand(), true));\r
\r
// add in database as non-active\r
- $query = "INSERT INTO %s (ticket, member, ctime)"\r
- . " VALUES ('%s', %d, '%s');";\r
- $query = sprintf($query, sql_table('tickets'), sql_real_escape_string($ticket), (integer) $memberId, date('Y-m-d H:i:s',time()));\r
+ $query = 'INSERT INTO %s (ticket, member, ctime) VALUES (%s, %d, %s)';\r
+ $query = sprintf($query, sql_table('tickets'), DB::quoteValue($ticket), (integer) $memberId, DB::formatDateTime());\r
\r
- if ( sql_query($query) )\r
+ if ( DB::execute($query) !== FALSE )\r
{\r
$ok = true;\r
}\r
OSDN Git Service
