);
- // add slashes for sql queries
- $bname = DB::quoteValue($bname);
- $bshortname = DB::quoteValue($bshortname);
- $btimeoffset = DB::quoteValue($btimeoffset);
- $bdesc = DB::quoteValue($bdesc);
- $bdefskin = DB::quoteValue($bdefskin);
-
// create blog
- $query = 'INSERT INTO '.sql_table('blog')." (bname, bshortname, bdesc, btimeoffset, bdefskin) VALUES ($bname, $bshortname, $bdesc, $btimeoffset, $bdefskin)";
+ $query = sprintf('INSERT INTO %s (bname, bshortname, bdesc, btimeoffset, bdefskin) VALUES (%s, %s, %s, %s, %s)',
+ sql_table('blog'),
+ DB::quoteValue($bname),
+ DB::quoteValue($bshortname),
+ DB::quoteValue($bdesc),
+ DB::quoteValue($btimeoffset),
+ DB::quoteValue($bdefskin)
+ );
DB::execute($query);
$blogid = DB::getInsertId();
$blog =& $manager->getBlog($blogid);
// create new category
$catdefname = (defined('_EBLOGDEFAULTCATEGORY_NAME') ? _EBLOGDEFAULTCATEGORY_NAME : 'General');
$catdefdesc = (defined('_EBLOGDEFAULTCATEGORY_DESC') ? _EBLOGDEFAULTCATEGORY_DESC : 'Items that do not fit in other categories');
- $sql = 'INSERT INTO %s (cblog, cname, cdesc) VALUES (%d, %s, %s)';
- DB::execute(sprintf($sql, sql_table('category'), $blogid, DB::quoteValue($catdefname), DB::quoteValue($catdefdesc)));
+ $query = sprintf('INSERT INTO %s (cblog, cname, cdesc) VALUES (%d, %s, %s)',
+ sql_table('category'),
+ $blogid,
+ DB::quoteValue($catdefname),
+ DB::quoteValue($catdefdesc)
+ );
+ DB::execute($query);
$catid = DB::getInsertId();
// set as default category
// create team member
$memberid = $member->getID();
- $query = 'INSERT INTO '.sql_table('team')." (tmember, tblog, tadmin) VALUES ($memberid, $blogid, 1)";
+ $query = sprintf('INSERT INTO %s (tmember, tblog, tadmin) VALUES (%d, %d, 1)', sql_table('team'), $memberid, $blogid);
DB::execute($query);
$itemdeftitle = (defined('_EBLOG_FIRSTITEM_TITLE') ? _EBLOG_FIRSTITEM_TITLE : 'First Item');