*/\r
public function existsCategory($id)\r
{\r
- return (quickQuery('SELECT COUNT(*) as result FROM '.sql_table('category').' WHERE catid='.intval($id)) > 0);\r
+ return (DB::getValue('SELECT COUNT(*) as result FROM '.sql_table('category').' WHERE catid='.intval($id)) > 0);\r
}\r
\r
/**\r
// 'installedPlugins' = array ($pid => $name)\r
case 'installedPlugins':\r
$this->cachedInfo['installedPlugins'] = array();\r
- $res = sql_query('SELECT pid, pfile FROM ' . sql_table('plugin'));\r
- while ( $o = sql_fetch_object($res) )\r
+ $res = DB::getResult('SELECT pid, pfile FROM ' . sql_table('plugin'));\r
+ foreach ( $res as $row )\r
{\r
- $this->cachedInfo['installedPlugins'][$o->pid] = $o->pfile;\r
+ $this->cachedInfo['installedPlugins'][$row['pid']] = $row['pfile'];\r
}\r
break;\r
}\r
. " FROM %s as e, %s as p"\r
. " WHERE e.pid=p.pid ORDER BY p.porder ASC";\r
$query = sprintf($query, sql_table('plugin_event'), sql_table('plugin'));\r
- $res = sql_query($query);\r
+ $res = DB::getResult($query);\r
\r
- while ( $o = sql_fetch_object($res) )\r
+ foreach ( $res as $row )\r
{\r
- $pluginName = $o->pfile;\r
- $eventName = $o->event;\r
+ $pluginName = $row['pfile'];\r
+ $eventName = $row['event'];\r
$this->subscriptions[$eventName][] = $pluginName;\r
}\r
return;\r
}\r
\r
// check if ticket is a valid one\r
- $query = 'SELECT COUNT(*) as result FROM ' . sql_table('tickets') . ' WHERE member=' . intval($memberId). ' and ticket=\''.sql_real_escape_string($ticket).'\'';\r
+ $query = sprintf('SELECT COUNT(*) as result FROM %s WHERE member=%d and ticket=%s',\r
+ sql_table('tickets'),\r
+ intval($memberId),\r
+ DB::quoteValue($ticket)\r
+ );\r
\r
/*\r
* NOTE:\r
* leaving the keys in the database is not a real problem, since they're member-specific and\r
* only valid for a period of one hour]\r
*/\r
- if ( quickQuery($query) != 1 )\r
+ if ( DB::getValue($query) != 1 )\r
{\r
return FALSE;\r
}\r
$oldTime = time() - 60 * 60;\r
$query = "DELETE FROM %s WHERE ctime < '%s';";\r
$query = sprintf($query, sql_table('tickets'), date('Y-m-d H:i:s',$oldTime));\r
- sql_query($query);\r
+ DB::execute($query);\r
return;\r
}\r
\r
\r
// add in database as non-active\r
$query = "INSERT INTO %s (ticket, member, ctime)"\r
- . " VALUES ('%s', %d, '%s');";\r
- $query = sprintf($query, sql_table('tickets'), sql_real_escape_string($ticket), (integer) $memberId, date('Y-m-d H:i:s',time()));\r
+ . " VALUES (%s, %d, '%s');";\r
+ $query = sprintf($query, sql_table('tickets'), DB::quoteValue($ticket), (integer) $memberId, date('Y-m-d H:i:s',time()));\r
\r
- if ( sql_query($query) )\r
+ if ( DB::execute($query) )\r
{\r
$ok = true;\r
}\r