[ros-diffs] [dgoette] 40320: continue: converting database calls to PDO
dgoette at svn.reactos.org
dgoette at svn.reactos.org
Thu Apr 2 02:42:43 CEST 2009
Author: dgoette
Date: Thu Apr 2 04:42:42 2009
New Revision: 40320
URL: http://svn.reactos.org/svn/reactos?rev=40320&view=rev
Log:
continue: converting database calls to PDO
Modified:
branches/danny-web/reactos.org/htdocs/compat/inc/comp/comp_group.php
branches/danny-web/reactos.org/htdocs/compat/inc/comp/comp_item_submit.php
branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_category_flat.php
branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_category_flat_count_grouplist.php
branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_category_grouplist_1.php
branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_category_grouplist_2.php
branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_category_tree.php
branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_category_tree_count_grouplist.php
branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_historybar.php
branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_menubar_sections.php
branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_name_flat.php
branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_vendor_flat.php
branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_vendor_flat_maintainer.php
branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_vendor_id.php
branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_vendor_id_maintainer.php
Modified: branches/danny-web/reactos.org/htdocs/compat/inc/comp/comp_group.php
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/compat/inc/comp/comp_group.php?rev=40320&r1=40319&r2=40320&view=diff
==============================================================================
--- branches/danny-web/reactos.org/htdocs/compat/inc/comp/comp_group.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/compat/inc/comp/comp_group.php [iso-8859-1] Thu Apr 2 04:42:42 2009
@@ -512,7 +512,7 @@
<blockquote>
<?php
// Query Bundles
- $stmt=DBConnections::getInstance()->prepare("SELECT * FROM rsdb_group_bundles WHERE bundle_groupid = :group_id") ;
+ $stmt=CDBConnections::getInstance()->prepare("SELECT * FROM rsdb_group_bundles WHERE bundle_groupid = :group_id") ;
$stmt->bindParam('group_id',$result_page["grpentr_id"],PDO::PARAM_STR);
$stmt->execute();
while($result_bundlelist = $stmt->fetch(PDO::FETCH_ASSOC)) {
Modified: branches/danny-web/reactos.org/htdocs/compat/inc/comp/comp_item_submit.php
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/compat/inc/comp/comp_item_submit.php?rev=40320&r1=40319&r2=40320&view=diff
==============================================================================
--- branches/danny-web/reactos.org/htdocs/compat/inc/comp/comp_item_submit.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/compat/inc/comp/comp_item_submit.php [iso-8859-1] Thu Apr 2 04:42:42 2009
@@ -526,7 +526,7 @@
$stmt=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_item_vendor WHERE vendor_name = :name ORDER BY vendor_id DESC LIMIT 1");
$stmt->bindParam('name',$RSDB_TEMP_txtvname,PDO::PARAM_STR);
$stmt->execute();
- $result_vendor_entry = $stmt->fetch(PDO::FETCH_ASSOC)
+ $result_vendor_entry = $stmt->fetch(PDO::FETCH_ASSOC);
$RSDB_TEMP_cboVendor = $result_vendor_entry['vendor_id'];
@@ -535,7 +535,7 @@
$RSDB_TEMP_cboVendor = $RSDB_TEMP_rockhide;
}
- $stmt=CDBConnection::getInstance()->prepare("INSERT INTO rsdb_groups ( grpentr_id, grpentr_name, grpentr_visible, grpentr_category, grpentr_vendor, grpentr_description, grpentr_usrid, grpentr_date ) VALUES ('', :name, '1', :category, :vendor, :description, :user_id , NOW() )";
+ $stmt=CDBConnection::getInstance()->prepare("INSERT INTO rsdb_groups ( grpentr_id, grpentr_name, grpentr_visible, grpentr_category, grpentr_vendor, grpentr_description, grpentr_usrid, grpentr_date ) VALUES ('', :name, '1', :category, :vendor, :description, :user_id , NOW() )");
$stmt->bindParam('name',$RSDB_TEMP_txtname,PDO::PARAM_STR);
$stmt->bindParam('category',$RSDB_TEMP_cboCategory,PDO::PARAM_STR);
$stmt->bindParam('vendor',$RSDB_TEMP_cboVendor,PDO::PARAM_STR);
Modified: branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_category_flat.php
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_category_flat.php?rev=40320&r1=40319&r2=40320&view=diff
==============================================================================
--- branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_category_flat.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_category_flat.php [iso-8859-1] Thu Apr 2 04:42:42 2009
@@ -35,17 +35,16 @@
-$query_count_cat=mysql_query("SELECT COUNT('cat_id')
- FROM `rsdb_categories`
- WHERE `cat_visible` = '1'
- AND `cat_path` = " . htmlentities($RSDB_SET_cat) . "
- " . $RSDB_intern_code_db_rsdb_categories . " ;");
-$result_count_cat = mysql_fetch_row($query_count_cat);
+$stmt=CDBConnection::getInstance()->prepare("SELECT COUNT(*) FROM rsdb_categories WHERE cat_visible = '1' AND cat_path = :path " . $RSDB_intern_code_db_rsdb_categories . "");
+$stmt->bindParam('path',$RSDB_SET_cat,PDO::PARAM_STR);
+$stmt->execute();
+$result_count_cat = $stmt->fetch(PDO::FETCH_NUM);
// Update the ViewCounter:
if ($RSDB_SET_cat != "" || $RSDB_SET_cat != "0") {
- $query_update_viewcounter = "UPDATE `rsdb_categories` SET `cat_viewcounter` = (cat_viewcounter + 1) WHERE `cat_id` = '" . $RSDB_SET_cat . "' LIMIT 1 ;";
- @mysql_query($query_update_viewcounter);
+ $stmt=CDBConnection::getInstance()->prepare("UPDATE rsdb_categories SET cat_viewcounter = (cat_viewcounter + 1) WHERE cat_id = :cat_id");
+ $stmt->bindParam('cat_id',$RSDB_SET_cat,PDO::PARAM_STR);
+ $stmt->execute();
}
if ($result_count_cat[0]) {
@@ -66,12 +65,9 @@
</tr>
<?php
- $query_page = mysql_query("SELECT *
- FROM `rsdb_categories`
- WHERE `cat_visible` = '1'
- AND `cat_path` = " . htmlentities($RSDB_SET_cat) . "
- " . $RSDB_intern_code_db_rsdb_categories . "
- ORDER BY `".htmlentities($RSDB_TEMP_sortby)."` ASC") ;
+ $stmt=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_categories WHERE cat_visible = '1' AND cat_path = :path " . $RSDB_intern_code_db_rsdb_categories . " ORDER BY `".htmlentities($RSDB_TEMP_sortby)."` ASC");
+ $stmt->bindParam('path',$RSDB_SET_cat,PDO::PARAM_STR);
+ $stmt->execute();
$farbe1="#E2E2E2";
$farbe2="#EEEEEE";
@@ -81,7 +77,7 @@
include('inc/tree/tree_category_flat_count_grouplist.php');
- while($result_page = mysql_fetch_array($query_page)) { // Pages
+ while($result_page = $stmt->fetch(PDO::FETCH_ASSOC)) { // Pages
?>
<tr>
<td width="25%" valign="top" bgcolor="<?php
Modified: branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_category_flat_count_grouplist.php
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_category_flat_count_grouplist.php?rev=40320&r1=40319&r2=40320&view=diff
==============================================================================
--- branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_category_flat_count_grouplist.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_category_flat_count_grouplist.php [iso-8859-1] Thu Apr 2 04:42:42 2009
@@ -51,24 +51,19 @@
$RSDB_VAR_counter_tree_grouplist = 0;
- $query_count_groups=mysql_query("SELECT COUNT('cat_id')
- FROM `rsdb_categories`
- WHERE `cat_visible` = '1'
- AND `cat_path` = " . $RSDB_SET_cat . "
- " . $RSDB_intern_code_db_rsdb_categories . " ;");
- $result_count_groups = mysql_fetch_row($query_count_groups);
+ $stmt=CDBConnection::getInstance()->prepare("SELECT COUNT(*) FROM rsdb_categories WHERE cat_visible = '1' AND cat_path = :path " . $RSDB_intern_code_db_rsdb_categories . "");
+ $stmt->bindParam('path',$RSDB_SET_cat,PDO::PARAM_STR);
+ $stmt->execute();
+ $result_count_groups = $stmt->fetch();
$RSDB_TEMP_counter_group=0;
count_group_and_category($RSDB_TEMP_cat_id_grouplista);
if ($result_count_groups[0]) {
- $query_treeview_count_groups = mysql_query("SELECT *
- FROM `rsdb_categories`
- WHERE `cat_visible` = '1'
- AND `cat_path` = " . $RSDB_TEMP_cat_id_grouplist . "
- " . $RSDB_intern_code_db_rsdb_categories . "
- ORDER BY `cat_name` ASC") ;
+ $stmt=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_categories WHERE cat_visible = '1' AND cat_path = :path " . $RSDB_intern_code_db_rsdb_categories . " ORDER BY cat_name ASC");
+ $stmt->bindParam('path',$RSDB_TEMP_cat_id_grouplist,PDO::PARAM_STR);
+ $stmt->execute();
$cellcolor1="#E2E2E2";
@@ -76,7 +71,7 @@
$cellcolorcounter="0";
- while($result_treeview_count_groups = mysql_fetch_array($query_treeview_count_groups)) { // treeview_count_groups
+ while($result_treeview_count_groups = $stmt->fetch(PDO::FETCH_ASSOC)) { // treeview_count_groups
// echo "<br><a href='".$RSDB_intern_link_category_cat.$result_treeview_count_groups['cat_id']."'>".$result_treeview_count_groups['cat_name']."</a>";
@@ -101,12 +96,9 @@
global $RSDB_TEMP_counter_group;
global $RSDB_intern_code_db_rsdb_groups;
- $query_count_group_and_category=mysql_query("SELECT COUNT('grpentr_id')
- FROM `rsdb_groups`
- WHERE `grpentr_visible` = '1'
- AND `grpentr_category` = " . $RSDB_TEMP_cat_id_group . "
- " . $RSDB_intern_code_db_rsdb_groups . " ;");
- $result_count_group_and_category = mysql_fetch_row($query_count_group_and_category);
+ $stmt=CDBConnection::getInstance()->prepare("SELECT COUNT(*) FROM rsdb_groups WHERE grpentr_visible = '1' AND grpentr_category = :category " . $RSDB_intern_code_db_rsdb_groups . "");
+ $stmt->bindParam('category',$RSDB_TEMP_cat_id_group,PDO::PARAM_STR);
+ $result_count_group_and_category = $stmt->fetch(PDO::FETCH_NUM);
// echo "->".$result_count_group_and_category[0]."<-";
if ($result_count_group_and_category[0]) {
@@ -131,13 +123,11 @@
global $RSDB_intern_code_db_rsdb_categories;
- $query_create_historybar=mysql_query("SELECT *
- FROM `rsdb_categories`
- WHERE `cat_path` = " . $RSDB_TEMP_cat_id ."
- " . $RSDB_intern_code_db_rsdb_categories . "
- AND `cat_visible` = '1' ;");
+ $stmt=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_categories WHERE cat_path = :path " . $RSDB_intern_code_db_rsdb_categories . " AND cat_visible = '1'");
+ $stmt->bindParam('path',$RSDB_TEMP_cat_id,PDO::PARAM_STR);
+ $stmt->execute();
- while($result_create_historybar=mysql_fetch_array($query_create_historybar)) {
+ while($result_create_historybar=$stmt->fetch(PDO::FETCH_ASSOC)) {
count_tree_groups_entry($result_create_historybar['cat_id'], $RSDB_TEMP_cat_level_newmain);
create_counter_groups($result_create_historybar['cat_path'], $result_create_historybar['cat_id'], 0, $RSDB_TEMP_cat_level_newmain);
}
@@ -152,13 +142,11 @@
- $query_count_tree_groups_entry=mysql_query("SELECT *
- FROM `rsdb_categories`
- WHERE `cat_id` = " . $RSDB_TEMP_entry_id ."
- AND `cat_visible` = '1'
- " . $RSDB_intern_code_db_rsdb_categories . " ;");
+ $stmt=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_categories WHERE cat_id = :cat_id AND cat_visible = '1' " . $RSDB_intern_code_db_rsdb_categories . "");
+ $stmt->bindParam('cat_id',$RSDB_TEMP_entry_id,PDO::PARAM_STR);
+ $stmt->execute();
- $result_count_tree_groups_entry=mysql_fetch_array($query_count_tree_groups_entry);
+ $result_count_tree_groups_entry=$stmt->fetch(PDO::FETCH_ASSOC);
// echo "<a href='".$RSDB_intern_link_category_cat.$result_count_tree_groups_entry['cat_id']."'>".$result_count_tree_groups_entry['cat_name']."</a>";
Modified: branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_category_grouplist_1.php
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_category_grouplist_1.php?rev=40320&r1=40319&r2=40320&view=diff
==============================================================================
--- branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_category_grouplist_1.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_category_grouplist_1.php [iso-8859-1] Thu Apr 2 04:42:42 2009
@@ -34,12 +34,10 @@
}
-$query_count_groups=mysql_query("SELECT COUNT('grpentr_id')
- FROM `rsdb_groups`
- WHERE `grpentr_visible` = '1'
- AND `grpentr_category` = " . mysql_real_escape_string($RSDB_SET_cat) . "
- " . $RSDB_intern_code_db_rsdb_groups . " ;");
-$result_count_groups = mysql_fetch_row($query_count_groups);
+$stmt=CDBConnection::getInstance()->prepare("SELECT COUNT(*) FROM rsdb_groups WHERE grpentr_visible = '1' AND grpentr_category = :category " . $RSDB_intern_code_db_rsdb_groups . "");
+$stmt->bindParam('category',$RSDB_SET_cat,PDO::PARAM_STR);
+$stmt->execute();
+$result_count_groups = $stmt->fetch(PDO::FETCH_NUM);
if ($result_count_groups[0]) {
?>
@@ -69,18 +67,15 @@
</tr>
<?php
- $query_page = mysql_query("SELECT *
- FROM `rsdb_groups`
- WHERE `grpentr_visible` = '1'
- AND `grpentr_category` = " . mysql_real_escape_string($RSDB_SET_cat) . "
- " . $RSDB_intern_code_db_rsdb_groups . "
- ORDER BY `grpentr_name` ASC") ;
+ $stmt=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_groups WHERE grpentr_visible = '1' AND grpentr_category = :category " . $RSDB_intern_code_db_rsdb_groups . " ORDER BY grpentr_name ASC");
+ $stmt->bindParam('category',$RSDB_SET_cat,PDO::PARAM_STR);
+ $stmt->execute();
$farbe1="#E2E2E2";
$farbe2="#EEEEEE";
$zaehler="0";
- while($result_page = mysql_fetch_array($query_page)) { // Pages
+ while($result_page = $stmt->fetch(PDO::FETCH_ASSOC)) { // Pages
?>
<tr>
<td valign="top" bgcolor="<?php
@@ -96,26 +91,20 @@
}
?>" > <div align="left"><font size="2" face="Arial, Helvetica, sans-serif"><b><a href="<?php echo $RSDB_intern_link_group_EX.$result_page['grpentr_id'].$RSDB_URI_slash; ?>">
<?php
- $query_entry_vendor = mysql_query("SELECT *
- FROM `rsdb_item_vendor`
- WHERE `vendor_id` = " . mysql_real_escape_string($result_page['grpentr_vendor']) ." ;") ;
- $result_entry_vendor = mysql_fetch_array($query_entry_vendor);
+ $stmt_vendor=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_item_vendor WHERE vendor_id = :vendor_id");
+ $stmt_vendor->bindParam('vendor_id',$result_page['grpentr_vendor'],PDO::PARAM_STR);
+ $stmt_vendor->execute();
+ $result_entry_vendor = $stmt->fetch(PDO::FETCH_ASSOC);
/*
echo $result_entry_vendor['vendor_name']." ";
*/
?>
<?php echo $result_page['grpentr_name']; ?></a></b><?php
echo " <i>";
- $query_entry_appver = mysql_query("SELECT DISTINCT (
- `comp_appversion`
- ), `comp_osversion` , `comp_id` , `comp_name`
- FROM `rsdb_item_comp`
- WHERE `comp_visible` = '1'
- AND `comp_groupid` = '". mysql_real_escape_string($result_page['grpentr_id']) ."'
- GROUP BY `comp_appversion`
- ORDER BY `comp_appversion` ASC
- LIMIT 0 , 15 ;") ;
- while($result_entry_appver = mysql_fetch_array($query_entry_appver)) {
+ $stmt_comp=CDBConnection::getInstance()->prepare("SELECT DISTINCT(comp_appversion), comp_osversion, comp_id, comp_name FROM rsdb_item_comp WHERE comp_visible = '1' AND comp_groupid = :group_id GROUP BY comp_appversion ORDER BY comp_appversion ASC LIMIT 15");
+ $stmt_comp->bindParam('group_id',$result_page['grpentr_id'],PDO::PARAM_STR);
+ $stmt_comp->execute();
+ while($result_entry_appver = $stmt_comp->fetch(PDO::FETCH_ASSOC)) {
if ($result_entry_appver['comp_name'] > $result_page['grpentr_name']) {
echo "<a href=\"".$RSDB_intern_link_group_EX.$result_page['grpentr_id'].$RSDB_URI_slash2."&group2=".$result_entry_appver['comp_appversion']."\">".substr($result_entry_appver['comp_name'], strlen($result_page['grpentr_name'])+1 )."</a>, ";
}
@@ -149,49 +138,41 @@
$counter_forumentries = 0;
$counter_screenshots = 0;
- $query_group_sum_items = mysql_query("SELECT *
- FROM `rsdb_item_comp`
- WHERE `comp_groupid` = " . mysql_real_escape_string($result_page['grpentr_id']) . "
- AND `comp_visible` = '1'
- ORDER BY `comp_groupid` DESC ;") ;
- while($result_group_sum_items = mysql_fetch_array($query_group_sum_items)) {
+ $stmt_item=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_item_comp WHERE comp_groupid = :group_id AND comp_visible = '1' ORDER BY comp_groupid DESC");
+ $stmt_item->bindParam('group_id',$result_page['grpentr_id'],PDO::PARAM_STR);
+ $stmt_item->execute();
+ while($result_group_sum_items = $stmt_item->fetch(PDO::FETCH_ASSOC)) {
$counter_items++;
if ($counter_awards_best < $result_group_sum_items['comp_award']) {
$counter_awards_best = $result_group_sum_items['comp_award'];
}
- $query_count_stars_sum = mysql_query("SELECT *
- FROM `rsdb_item_comp_testresults`
- WHERE `test_visible` = '1'
- AND `test_comp_id` = " . $result_group_sum_items['comp_id'] . "
- ORDER BY `test_comp_id` ASC") ;
-
- while($result_count_stars_sum = mysql_fetch_array($query_count_stars_sum)) {
- $counter_stars_install_sum += $result_count_stars_sum['test_result_install'];
- $counter_stars_function_sum += $result_count_stars_sum['test_result_function'];
- $counter_stars_user_sum++;
- }
+ $stmt_tests=CDBConnection::getInstance()->prepare("SELECT SUM(test_result_install) AS install_sum, SUM(test_result_function) AS function_sum, COUNT(*) AS user_sum FROM rsdb_item_comp_testresults WHERE test_visible = '1' AND test_comp_id = :comp_id");
+ $stmt_tests->bindParam('comp_id',$result_group_sum_items['comp_id'],PDO::PARAM_STR);
+ $stmt_tests->execute();
+ $tmp=$stmt_tests->fetch(PDO::FETCH_ASSOC);
+
+ $counter_stars_install_sum += $tmp['install_sum'];
+ $counter_stars_function_sum += $tmp['function_sum'];
+ $counter_stars_user_sum += $tmp['user_sum'];
- $query_count_testentries=mysql_query("SELECT COUNT('test_id')
- FROM `rsdb_item_comp_testresults`
- WHERE `test_visible` = '1'
- AND `test_comp_id` = '".mysql_real_escape_string($result_group_sum_items['comp_id'])."' ;");
- $result_count_testentries = mysql_fetch_row($query_count_testentries);
+ $stmt_count=CDBConnection::getInstance()->prepare("SELECT COUNT(*) FROM rsdb_item_comp_testresults WHERE test_visible = '1' AND test_comp_id = :comp_id");
+ $stmt_count->bindParam('comp_id',$result_group_sum_items['comp_id'],PDO::PARAM_STR);
+ $stmt_count->execute();
+ $result_count_testentries = $stmt_count->fetch(PDO::FETCH_NUM);
$counter_testentries += $result_count_testentries[0];
// Forum entries:
- $query_count_forumentries=mysql_query("SELECT COUNT('fmsg_id')
- FROM `rsdb_item_comp_forum`
- WHERE `fmsg_visible` = '1'
- AND `fmsg_comp_id` = '".mysql_real_escape_string($result_group_sum_items['comp_id'])."' ;");
- $result_count_forumentries = mysql_fetch_row($query_count_forumentries);
+ $stmt_count=CDBConnection::getInstance()->prepare("SELECT COUNT(*) FROM rsdb_item_comp_forum WHERE fmsg_visible = '1' AND fmsg_comp_id = :comp_id");
+ $stmt_count->bindParam('comp_id',$result_group_sum_items['comp_id'],PDO::PARAM_STR);
+ $stmt_count->execute();
+ $result_count_forumentries = $stmt_count->fetch(PDO::FETCH_NUM);
$counter_forumentries += $result_count_forumentries[0];
// Screenshots:
- $query_count_screenshots=mysql_query("SELECT COUNT('media_id')
- FROM `rsdb_object_media`
- WHERE `media_visible` = '1'
- AND `media_groupid` = '".mysql_real_escape_string($result_group_sum_items['comp_media'])."' ;");
- $result_count_screenshots = mysql_fetch_row($query_count_screenshots);
+ $stmt_count=CDBConnection::getInstance()->prepare("SELECT COUNT(*) FROM rsdb_object_media WHERE media_visible = '1' AND media_groupid = :group_id");
+ $stmt_count->bindParam('group_id',$result_group_sum_items['comp_media'],PDO::PARAM_STR);
+ $stmt_count->execute();
+ $result_count_screenshots = $stmt_count->fetch(PDO::FETCH_NUM);
$counter_screenshots += $result_count_screenshots[0];
}
?>
Modified: branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_category_grouplist_2.php
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_category_grouplist_2.php?rev=40320&r1=40319&r2=40320&view=diff
==============================================================================
--- branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_category_grouplist_2.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_category_grouplist_2.php [iso-8859-1] Thu Apr 2 04:42:42 2009
@@ -34,12 +34,10 @@
}
-$query_count_groups=mysql_query("SELECT COUNT('grpentr_id')
- FROM `rsdb_groups`
- WHERE `grpentr_visible` = '1'
- AND `grpentr_category` = " . $RSDB_SET_cat . "
- " . $RSDB_intern_code_db_rsdb_groups . " ;");
-$result_count_groups = mysql_fetch_row($query_count_groups);
+$stmt=CDBConnection::getInstance()->prepare("SELECT COUNT(*) FROM rsdb_groups WHERE grpentr_visible = '1' AND grpentr_category = :category " . $RSDB_intern_code_db_rsdb_groups . "");
+$stmt->bindParam('category',$RSDB_SET_cat,PDO::PARAM_STR);
+$stmt->execute();
+$result_count_groups = $stmt->fetch(PDO::FETCH_NUM);
if ($result_count_groups[0]) {
?>
@@ -52,18 +50,15 @@
</tr>
<?php
- $query_page = mysql_query("SELECT *
- FROM `rsdb_groups`
- WHERE `grpentr_visible` = '1'
- AND `grpentr_category` = " . $RSDB_SET_cat . "
- " . $RSDB_intern_code_db_rsdb_groups . "
- ORDER BY `grpentr_order` ASC") ;
+ $stmt=CDBConnecion::getInstance()->prepare("SELECT * FROM rsdb_groups WHERE grpentr_visible = '1' AND grpentr_category = :category " . $RSDB_intern_code_db_rsdb_groups . " ORDER BY grpentr_order ASC");
+ $stmt->bindParam('category',$RSDB_SET_cat,PDO::PARAM_STR);
+ $stmt->execute();
$farbe1="#E2E2E2";
$farbe2="#EEEEEE";
$zaehler="0";
- while($result_page = mysql_fetch_array($query_page)) { // Pages
+ while($result_page = $stmt->fetch(PDO::FETCH_ASSOC)) { // Pages
?>
<tr>
<td valign="top" bgcolor="<?php
@@ -97,24 +92,19 @@
$counter_items = 0;
- $query_group_sum_items = @mysql_query("SELECT *
- FROM `rsdb_item_".mysql_escape_string($RSDB_intern_code_view_shortname)."`
- WHERE `".mysql_escape_string($RSDB_intern_code_view_shortname)."_groupid` = " . $result_page['grpentr_id'] . "
- AND `".mysql_escape_string($RSDB_intern_code_view_shortname)."_visible` = '1'
- ORDER BY `".mysql_escape_string($RSDB_intern_code_view_shortname)."_groupid` DESC ;") ;
- while($result_group_sum_items = @mysql_fetch_array($query_group_sum_items)) {
+ $stmt_item=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_item_".$RSDB_intern_code_view_shortname." WHERE ".$RSDB_intern_code_view_shortname."_groupid = :group_id AND ".$RSDB_intern_code_view_shortname."_visible` = '1' ORDER BY ".$RSDB_intern_code_view_shortname."_groupid DESC");
+ $stmt_item->bindParam('group_id',$result_page['grpentr_id'],PDO::PARAM_STR);
+ $stmt_item->execute();
+ while($result_group_sum_items = $stmt_item->fetch(PDO::FETCH_ASSOC)) {
$counter_items++;
- $query_count_stars_sum = @mysql_query("SELECT *
- FROM `".mysql_escape_string($RSDB_intern_code_view_shortname)."_item_".mysql_escape_string($RSDB_intern_code_view_shortname)."_testresults`
- WHERE `test_visible` = '1'
- AND `test_comp_id` = " . $result_group_sum_items[$RSDB_intern_code_view_shortname.'_id'] . "
- ORDER BY `test_comp_id` ASC") ;
-
- while($result_count_stars_sum = @mysql_fetch_array($query_count_stars_sum)) {
- $counter_stars_install_sum += $result_count_stars_sum['test_result_install'];
- $counter_stars_function_sum += $result_count_stars_sum['test_result_function'];
- $counter_stars_user_sum++;
- }
+ $stmt_tests=CDBConnection::getInstance()->prepare("SELECT SUM(test_result_install) AS install_sum, SUM(test_result_function) AS function_sum, COUNT(*) AS user_sum FROM ".$RSDB_intern_code_view_shortname."_item_".$RSDB_intern_code_view_shortname."_testresults WHERE test_visible = '1' AND test_comp_id = :comp_id ORDER BY test_comp_id ASC");
+ $stmt_tests->bindParam('comp_id',$result_group_sum_items[$RSDB_intern_code_view_shortname.'_id'],PDO::PARAM_STR);
+ $stmt_tests->execute();
+ $tmp=$stmt_tests->fetch(PDO::FETCH_ASSOC);
+
+ $counter_stars_install_sum += $tmp['install_sum'];
+ $counter_stars_function_sum += $tmp['function_sum'];
+ $counter_stars_user_sum += $tmp['user_sum'];
}
echo $counter_items;
Modified: branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_category_tree.php
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_category_tree.php?rev=40320&r1=40319&r2=40320&view=diff
==============================================================================
--- branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_category_tree.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_category_tree.php [iso-8859-1] Thu Apr 2 04:42:42 2009
@@ -36,17 +36,16 @@
-$query_count_cat=mysql_query("SELECT COUNT('cat_id')
- FROM `rsdb_categories`
- WHERE `cat_visible` = '1'
- AND `cat_path` = " . htmlentities($RSDB_SET_cat) . "
- " . $RSDB_intern_code_db_rsdb_categories . " ;");
-$result_count_cat = mysql_fetch_row($query_count_cat);
+$stmt=CDBConnection::getInstance()->prepare("SELECT COUNT(*) FROM rsdb_categories WHERE cat_visible = '1' AND cat_path = :path " . $RSDB_intern_code_db_rsdb_categories . "");
+$stmt->bindParam('path',$RSDB_SET_cat,PDO::PARAM_STR);
+$stmt->execute();
+$result_count_cat = $stmt->fetch(PDO::FETCH_NUM);
// Update the ViewCounter:
if ($RSDB_SET_cat != "" || $RSDB_SET_cat != "0") {
- $query_update_viewcounter = "UPDATE `rsdb_categories` SET `cat_viewcounter` = (cat_viewcounter + 1) WHERE `cat_id` = '" . $RSDB_SET_cat . "' LIMIT 1 ;";
- @mysql_query($query_update_viewcounter);
+ $stmt=CDBConnection::getInstance()->prepare("UPDATE rsdb_categories SET cat_viewcounter = (cat_viewcounter + 1) WHERE cat_id = :cat_id");
+ $stmt->bindParam('cat_id',$RSDB_SET_cat,PDO::PARAM_STR);
+ $stmt->execute();
}
if ($result_count_cat[0]) {
@@ -74,12 +73,9 @@
<?php
- $query_treeview = mysql_query("SELECT *
- FROM `rsdb_categories`
- WHERE `cat_visible` = '1'
- AND `cat_path` = " . htmlentities($RSDB_SET_cat) . "
- " . $RSDB_intern_code_db_rsdb_categories . "
- ORDER BY `".htmlentities($RSDB_TEMP_sortby)."` ASC") ;
+ $stmt=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_categories WHERE cat_visible = '1' AND cat_path = :path " . $RSDB_intern_code_db_rsdb_categories . " ORDER BY ".$RSDB_TEMP_sortby." ASC");
+ $stmt->bindParam('path',$RSDB_SET_cat,PDO::PARAM_STR);
+ $stmt->execute();
$cellcolor1="#E2E2E2";
@@ -88,7 +84,7 @@
include('inc/tree/tree_category_tree_count_grouplist.php');
- while($result_treeview = mysql_fetch_array($query_treeview)) { // TreeView
+ while($result_treeview = $stmt->fetch(PDO::FETCH_ASSOC)) { // TreeView
?>
<tr>
@@ -112,12 +108,10 @@
for ($guesslevel=1; ; $guesslevel++) {
// echo $guesslevel."#";
- $query_category_tree_guesslevel= mysql_query("SELECT *
- FROM `rsdb_categories`
- WHERE `cat_id` = " . $RSDB_TEMP_cat_current_id_guess ."
- AND `cat_visible` = '1'
- " . $RSDB_intern_code_db_rsdb_categories . " ;");
- $result_category_tree_guesslevel=mysql_fetch_array($query_category_tree_guesslevel);
+ $stmt_cat=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_categories WHERE cat_id = :cat_id AND cat_visible = '1' " . $RSDB_intern_code_db_rsdb_categories . "");
+ $stmt_cat->bindParam('cat_id',$RSDB_TEMP_cat_current_id_guess,PDO::PARAM_STR);
+ $stmt_cat->execute();
+ $result_category_tree_guesslevel=$stmt_cat->fetch(PDO::FETCH_ASSOC);
// echo $result_category_tree_guesslevel['cat_name'];
$RSDB_TEMP_cat_current_id_guess = $result_category_tree_guesslevel['cat_path'];
@@ -166,15 +160,12 @@
global $RSDB_intern_code_db_rsdb_categories;
global $RSDB_TEMP_sortby;
- $query_create_historybar=mysql_query("SELECT *
- FROM `rsdb_categories`
- WHERE `cat_path` = " . $RSDB_TEMP_cat_id ."
- AND `cat_visible` = '1'
- " . $RSDB_intern_code_db_rsdb_categories . "
- ORDER BY `".$RSDB_TEMP_sortby."` ASC ;");
+ $stmt=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_categories WHERE cat_path = :path AND cat_visible = '1' " . $RSDB_intern_code_db_rsdb_categories . " ORDER BY ".$RSDB_TEMP_sortby." ASC");
+ $stmt->bindParam('path',$RSDB_TEMP_cat_id,PDO::PARAM_STR);
+ $stmt->execute();
//$result_create_historybar=mysql_fetch_array($query_create_historybar);
- while($result_create_historybar=mysql_fetch_array($query_create_historybar)) {
+ while($result_create_historybar=$stmt->fetch(PDO::FETCH_ASSOC)) {
//echo " catlev: ".$result_create_historybar['cat_level']." | curlev: ".$RSDB_TEMP_cat_level."<br>";
/* if ($result_create_historybar['cat_level'] > $RSDB_TEMP_cat_level) {
@@ -205,13 +196,11 @@
// global $RSDB_TEMP_cat_icon;
- $query_create_tree_entry=mysql_query("SELECT *
- FROM `rsdb_categories`
- WHERE `cat_id` = " . $RSDB_TEMP_entry_id ."
- AND `cat_visible` = '1'
- " . $RSDB_intern_code_db_rsdb_categories . " ;");
+ $stmt=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_categories WHERE cat_id = :cat_id AND cat_visible = '1' " . $RSDB_intern_code_db_rsdb_categories . "");
+ $stmt->bindParam('cat_id',$RSDB_TEMP_entry_id,PDO::PARAM_STR);
+ $stmt->execute();
- $result_create_tree_entry=mysql_fetch_array($query_create_tree_entry);
+ $result_create_tree_entry=$stmt->fetch(PDO::FETCH_ASSOC);
/* if ($result_create_tree_entry['cat_icon'] != "") {
$RSDB_TEMP_cat_icon = $result_create_tree_entry['cat_icon'];
@@ -227,12 +216,10 @@
// count the levels -> current category level
for ($guesslevel=1; ; $guesslevel++) {
// echo $guesslevel."#";
- $query_category_tree_guesslevel= mysql_query("SELECT *
- FROM `rsdb_categories`
- WHERE `cat_id` = " . $RSDB_TEMP_cat_current_id_guess ."
- AND `cat_visible` = '1'
- " . $RSDB_intern_code_db_rsdb_categories . " ;");
- $result_category_tree_guesslevel=mysql_fetch_array($query_category_tree_guesslevel);
+ $stmt=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_categories WHERE cat_id = :cat_id AND cat_visible = '1' " . $RSDB_intern_code_db_rsdb_categories . "");
+ $stmt->bindParam('cat_id',$RSDB_TEMP_cat_current_id_guess,PDO::PARAM_STR);
+ $stmt->execute();
+ $result_category_tree_guesslevel=$stmt->fetch(PDO::FETCH_ASSOC);
// echo $result_category_tree_guesslevel['cat_name'];
$RSDB_TEMP_cat_current_id_guess = $result_category_tree_guesslevel['cat_path'];
Modified: branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_category_tree_count_grouplist.php
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_category_tree_count_grouplist.php?rev=40320&r1=40319&r2=40320&view=diff
==============================================================================
--- branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_category_tree_count_grouplist.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_category_tree_count_grouplist.php [iso-8859-1] Thu Apr 2 04:42:42 2009
@@ -55,12 +55,10 @@
global $RSDB_TEMP_counter_group;
global $RSDB_intern_code_db_rsdb_groups;
- $query_count_group_and_category=mysql_query("SELECT COUNT('grpentr_id')
- FROM `rsdb_groups`
- WHERE `grpentr_visible` = '1'
- AND `grpentr_category` = " . $RSDB_TEMP_cat_id_group . "
- " . $RSDB_intern_code_db_rsdb_groups . " ;");
- $result_count_group_and_category = mysql_fetch_row($query_count_group_and_category);
+ $stmt=CDBConnection::getInstance()->prepare("SELECT COUNT(*) FROM rsdb_groups WHERE grpentr_visible = '1' AND grpentr_category = :category " . $RSDB_intern_code_db_rsdb_groups . "");
+ $stmt->bindParam('category',$RSDB_TEMP_cat_id_group,PDO::PARAM_STR);
+ $stmt->execute();
+ $result_count_group_and_category = $stmt->fetch(PDO::FETCH_NUM);
// echo "->".$result_count_group_and_category[0]."<-";
if ($result_count_group_and_category[0]) {
@@ -78,4 +76,4 @@
}
-?>
+?>
Modified: branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_historybar.php
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_historybar.php?rev=40320&r1=40319&r2=40320&view=diff
==============================================================================
--- branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_historybar.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_historybar.php [iso-8859-1] Thu Apr 2 04:42:42 2009
@@ -62,12 +62,10 @@
if ($RSDB_SET_cat != "") {
if ($RSDB_SET_item != "" && $RSDB_viewpage != false) {
- $query_itemid = mysql_query("SELECT *
- FROM `rsdb_item_" . $RSDB_intern_code_view_shortname ."`
- WHERE `" . $RSDB_intern_code_view_shortname . "_visible` = '1'
- AND `" . $RSDB_intern_code_view_shortname . "_id` = " . $RSDB_SET_item . "
- ORDER BY `" . $RSDB_intern_code_view_shortname . "_name` ASC") ;
- $result_itempid = @mysql_fetch_array($query_itemid);
+ $stmt=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_item_" . $RSDB_intern_code_view_shortname ." WHERE " . $RSDB_intern_code_view_shortname . "_visible = '1' AND " . $RSDB_intern_code_view_shortname . "_id = :item_id ORDER BY " . $RSDB_intern_code_view_shortname . "_name ASC");
+ $stmt->bindParam('item_id',$RSDB_SET_item,PDO::PARAM_STR);
+ $stmt->execute();
+ $result_itempid = $stmt->fetch(PDO::FETCH_ASSOC);
if ($result_itempid[$RSDB_intern_code_view_shortname.'_groupid'] == "" || $result_itempid[$RSDB_intern_code_view_shortname . '_groupid'] == "0") {
//die("");
//echo "die1";
@@ -77,25 +75,20 @@
}
if ($RSDB_SET_group != "" && $RSDB_viewpage != false) {
//echo "+++++".$RSDB_SET_group;
- $query_groupid = mysql_query("SELECT *
- FROM `rsdb_groups`
- WHERE `grpentr_visible` = '1'
- AND `grpentr_id` = " . $RSDB_SET_group . "
- " . $RSDB_intern_code_db_rsdb_groups . "
- ORDER BY `grpentr_name` ASC") ;
- $result_groupid = mysql_fetch_array($query_groupid);
+ $stmt=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_groups WHERE grpentr_visible = '1' AND grpentr_id = :group_id " . $RSDB_intern_code_db_rsdb_groups . " ORDER BY grpentr_name ASC") ;
+ $stmt->bindParam('group_id',$RSDB_SET_group,PDO::PARAM_STR);
+ $stmt->execute();
+ $result_groupid = $stmt->fetch(PDO::FETCH_ASSOC);
if ($result_groupid['grpentr_category'] == "" || $result_groupid['grpentr_category'] == "0") {
//die("");
//echo "die2";
$RSDB_viewpage = false;
}
if ($RSDB_viewpage != false) {
- $query_category_treehistory_groupid= mysql_query("SELECT *
- FROM `rsdb_categories`
- WHERE `cat_id` = " . $result_groupid['grpentr_category'] ."
- AND `cat_visible` = '1'
- " . $RSDB_intern_code_db_rsdb_categories . " ;");
- $result_category_treehistory_groupid=mysql_fetch_array($query_category_treehistory_groupid);
+ $stmt=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_categories WHERE cat_id = :cat_id AND cat_visible = '1' " . $RSDB_intern_code_db_rsdb_categories . "");
+ $stmt->bindParam('cat_id',$result_groupid['grpentr_category'],PDO::PARAM_STR);
+ $stmt->execute();
+ $result_category_treehistory_groupid=$stmt->fetch(PDO::FETCH_ASSOC);
$RSDB_TEMP_cat_path = $result_category_treehistory_groupid['cat_path'];
$RSDB_TEMP_cat_id = $result_category_treehistory_groupid['cat_id'];
@@ -109,12 +102,10 @@
}
elseif ($RSDB_viewpage != false) {
//echo "hjall";
- $query_category_treehistory= mysql_query("SELECT *
- FROM `rsdb_categories`
- WHERE `cat_id` = " . $RSDB_SET_cat ."
- AND `cat_visible` = '1'
- " . $RSDB_intern_code_db_rsdb_categories . " ;");
- $result_category_treehistory=mysql_fetch_array($query_category_treehistory);
+ $stmt=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_categories WHERE cat_id = :cat_id AND cat_visible = '1' " . $RSDB_intern_code_db_rsdb_categories . "");
+ $stmt->bindParam('cat_id',$RSDB_SET_cat,PDO::PARAM_STR);
+ $stmt->execute();
+ $result_category_treehistory=$stmt->fetch(PDO::FETCH_ASSOC);
$RSDB_TEMP_cat_path = $result_category_treehistory['cat_path'];
$RSDB_TEMP_cat_id = $result_category_treehistory['cat_id'];
@@ -130,12 +121,10 @@
// count the levels -> current category level
for ($guesslevel=1; ; $guesslevel++) {
// echo $guesslevel."#";
- $query_category_tree_guesslevel= mysql_query("SELECT *
- FROM `rsdb_categories`
- WHERE `cat_id` = " . $RSDB_TEMP_cat_current_id_guess ."
- AND `cat_visible` = '1'
- " . $RSDB_intern_code_db_rsdb_categories . " ;");
- $result_category_tree_guesslevel=@mysql_fetch_array($query_category_tree_guesslevel);
+ $stmt=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_categories WHERE cat_id = :cat_id AND cat_visible = '1' " . $RSDB_intern_code_db_rsdb_categories . "");
+ $stmt->bindParam('cat_id',$RSDB_TEMP_cat_current_id_guess,PDO::PARAM_STR);
+ $stmt->execute();
+ $result_category_tree_guesslevel=$stmt->fetch(PDO::FETCH_ASSOC);
// echo $result_category_tree_guesslevel['cat_name'];
$RSDB_TEMP_cat_current_id_guess = $result_category_tree_guesslevel['cat_path'];
@@ -153,12 +142,10 @@
// echo "<br>Ring0: ".$i." ";
for ($k=1; $k < ($RSDB_intern_catlevel+1-$i); $k++) {
// echo $k."|";
- $query_category_tree_temp= mysql_query("SELECT *
- FROM `rsdb_categories`
- WHERE `cat_id` = " . $RSDB_TEMP_cat_current_id ."
- AND `cat_visible` = '1'
- " . $RSDB_intern_code_db_rsdb_categories . " ;");
- $result_category_tree_temp=mysql_fetch_array($query_category_tree_temp);
+ $stmt=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_categories WHERE cat_id = :cat_id AND `cat_visible` = '1' " . $RSDB_intern_code_db_rsdb_categories . "");
+ $stmt->bindParam('cat_id',$RSDB_TEMP_cat_current_id,PDO::PARAM_STR);
+ $stmt->execute();
+ $result_category_tree_temp=$stmt->fetch(PDO::FETCH_ASSOC);
$RSDB_TEMP_cat_current_id = $result_category_tree_temp['cat_path'];
// echo "K:".$k."|E:".($result_category_treehistory['cat_level']+1-$i);
@@ -185,22 +172,17 @@
}
if ($RSDB_SET_group != "" && $RSDB_viewpage != false) {
- $query_current_group = mysql_query("SELECT *
- FROM `rsdb_groups`
- WHERE `grpentr_visible` = '1'
- AND `grpentr_id` = " . $RSDB_SET_group . "
- " . $RSDB_intern_code_db_rsdb_groups . "
- ORDER BY `grpentr_name` ASC") ;
- $result_current_group = mysql_fetch_array($query_current_group);
+ $stmt=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_groups WHERE grpentr_visible = '1' AND grpentr_id = :group_id " . $RSDB_intern_code_db_rsdb_groups . " ORDER BY grpentr_name ASC");
+ $stmt->bindParam('group_id',$RSDB_SET_group,PDO::PARAM_STR);
+ $stmt->execute();
+ $result_current_group = $stmt->fetch(PDO::FETCH_ASSOC);
echo " <font size='2'>→</font> <a href='".$RSDB_intern_link_group_EX.$RSDB_SET_group.$RSDB_URI_slash."'>".$result_current_group['grpentr_name']."</a>";
}
if ($RSDB_SET_item != "" && $RSDB_viewpage != false) {
- $query_current_group = mysql_query("SELECT *
- FROM `rsdb_item_" . $RSDB_intern_code_view_shortname ."`
- WHERE `" . $RSDB_intern_code_view_shortname . "_visible` = '1'
- AND `" . $RSDB_intern_code_view_shortname . "_id` = " . $RSDB_SET_item . "
- ORDER BY `" . $RSDB_intern_code_view_shortname . "_name` ASC") ;
- $result_current_group = mysql_fetch_array($query_current_group);
+ $stmt=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_item_" . $RSDB_intern_code_view_shortname ." WHERE " . $RSDB_intern_code_view_shortname . "_visible = '1' AND " . $RSDB_intern_code_view_shortname . "_id = :item_id ORDER BY " . $RSDB_intern_code_view_shortname . "_name ASC");
+ $stmt->bindParam('item_id',$RSDB_SET_item,PDO::PARAM_STR);
+ $stmt->execute();
+ $result_current_group = $stmt->fetch(PDO::PARAM_STR);
echo " <font size='2'>→</font> <a href='".$RSDB_intern_link_item2_id_EX.$RSDB_SET_item.$RSDB_URI_slash."'>".$result_current_group[$RSDB_intern_code_view_shortname .'_name'];
switch ($RSDB_SET_view) {
@@ -254,24 +236,20 @@
if ($RSDB_SET_sec == "name" || $RSDB_SET_sec == "vendor") {
if ($RSDB_SET_sec == "name") {
if ($RSDB_SET_item != "") {
- $query_itemid = mysql_query("SELECT *
- FROM `rsdb_item_" . $RSDB_intern_code_view_shortname ."`
- WHERE `" . $RSDB_intern_code_view_shortname . "_visible` = '1'
- AND `" . $RSDB_intern_code_view_shortname . "_id` = " . $RSDB_SET_item . "
- ORDER BY `" . $RSDB_intern_code_view_shortname . "_name` ASC") ;
- $result_itempid = @mysql_fetch_array($query_itemid);
+ $stmt=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_item_" . $RSDB_intern_code_view_shortname ." WHERE " . $RSDB_intern_code_view_shortname . "_visible = '1' AND " . $RSDB_intern_code_view_shortname . "_id = :item_id ORDER BY " . $RSDB_intern_code_view_shortname . "_name ASC") ;
+ $stmt->bindParam('item_id',$RSDB_SET_item,PDO::PARAM_STR);
+ $stmt->execute();
+ $result_itempid = $stmt->fetch(PDO::FETCH_ASSOC);
if ($result_itempid[$RSDB_intern_code_view_shortname.'_groupid'] == "" || $result_itempid[$RSDB_intern_code_view_shortname . '_groupid'] == "0") {
$RSDB_viewpage = false;
}
$RSDB_SET_group = $result_itempid[$RSDB_intern_code_view_shortname . '_groupid'];
}
if ($RSDB_SET_group != "") {
- $query_groupid = mysql_query("SELECT *
- FROM `rsdb_groups`
- WHERE `grpentr_visible` = '1'
- AND `grpentr_id` = " . $RSDB_SET_group . "
- ORDER BY `grpentr_id` ASC") ;
- $result_groupid = mysql_fetch_array($query_groupid);
+ $stmt=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_groups WHERE grpentr_visible = '1' AND grpentr_id = :group_id ORDER BY grpentr_id ASC");
+ $stmt->bindParam('group_id',$RSDB_SET_group,PDO::PARAM_STR);
+ $stmt->execute();
+ $result_groupid = $stmt->fetch(PDO::FETCH_ASSOC);
$RSDB_SET_letter = strtolower(substr($result_groupid['grpentr_name'], 0, 1));
}
?>
@@ -289,12 +267,10 @@
echo "</a>";
if ($RSDB_SET_item != "" && $RSDB_viewpage != false) {
- $query_itemid = mysql_query("SELECT *
- FROM `rsdb_item_" . $RSDB_intern_code_view_shortname ."`
- WHERE `" . $RSDB_intern_code_view_shortname . "_visible` = '1'
- AND `" . $RSDB_intern_code_view_shortname . "_id` = " . $RSDB_SET_item . "
- ORDER BY `" . $RSDB_intern_code_view_shortname . "_name` ASC") ;
- $result_itempid = mysql_fetch_array($query_itemid);
+ $stmt=CDBConnection::getInstance("SELECT * FROM rsdb_item_" . $RSDB_intern_code_view_shortname ." WHERE " . $RSDB_intern_code_view_shortname . "_visible = '1' AND " . $RSDB_intern_code_view_shortname . "_id = :item_id ORDER BY " . $RSDB_intern_code_view_shortname . "_name ASC");
+ $stmt->bindParam('item_id',$RSDB_SET_item,PDO::PARAM_STR);
+ $stmt->execute();
+ $result_itempid = $stmt->fetch(PDO::FETCH_ASSOC);
if ($result_itempid[$RSDB_intern_code_view_shortname.'_groupid'] == "" || $result_itempid[$RSDB_intern_code_view_shortname . '_groupid'] == "0") {
//die("");
$RSDB_viewpage = false;
@@ -302,13 +278,10 @@
$RSDB_SET_group = $result_itempid[$RSDB_intern_code_view_shortname . '_groupid'];
}
if ($RSDB_SET_group != "" && $RSDB_viewpage != false) {
- $query_current_group = mysql_query("SELECT *
- FROM `rsdb_groups`
- WHERE `grpentr_visible` = '1'
- AND `grpentr_id` = " . $RSDB_SET_group . "
- " . $RSDB_intern_code_db_rsdb_groups . "
- ORDER BY `grpentr_name` ASC") ;
- $result_current_group = mysql_fetch_array($query_current_group);
+ $stmt=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_groups WHERE grpentr_visible = '1' AND grpentr_id = :group_id " . $RSDB_intern_code_db_rsdb_groups . " ORDER BY grpentr_name ASC");
+ $stmt->bindParam('group_id',$RSDB_SET_group,PDO::PARAM_STR);
+ $stmt->execute();
+ $result_current_group = $stmt->fetch(PDO::FETCH_ASSOC);
if ($result_current_group['grpentr_category'] == "" || $result_current_group['grpentr_category'] == "0") {
//die("");
$RSDB_viewpage = false;
@@ -316,12 +289,10 @@
echo " <font size='2'>→</font> <a href='".$RSDB_intern_link_group_EX.$RSDB_SET_group.$RSDB_URI_slash."'>".$result_current_group['grpentr_name']."</a>";
}
if ($RSDB_SET_item != "" && $RSDB_viewpage != false) {
- $query_current_group = mysql_query("SELECT *
- FROM `rsdb_item_" . $RSDB_intern_code_view_shortname ."`
- WHERE `" . $RSDB_intern_code_view_shortname . "_visible` = '1'
- AND `" . $RSDB_intern_code_view_shortname . "_id` = " . $RSDB_SET_item . "
- ORDER BY `" . $RSDB_intern_code_view_shortname . "_name` ASC") ;
- $result_current_group = mysql_fetch_array($query_current_group);
+ $stmt=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_item_" . $RSDB_intern_code_view_shortname ." WHERE " . $RSDB_intern_code_view_shortname . "_visible = '1' AND " . $RSDB_intern_code_view_shortname . "_id = :item_id ORDER BY " . $RSDB_intern_code_view_shortname . "_name ASC");
+ $stmt->bindParam('item_id',$RSDB_SET_item,PDO::PARAM_STR);
+ $stmt->execute();
+ $result_current_group = $stmt->fetch(PDO::FETCH_ASSOC);
echo " <font size='2'>→</font> <a href='".$RSDB_intern_link_item_EX.$RSDB_SET_item.$RSDB_URI_slash."'>".$result_current_group[$RSDB_intern_code_view_shortname .'_name'];
switch ($RSDB_SET_view) {
@@ -349,11 +320,10 @@
elseif ($RSDB_SET_sec == "vendor") {
if ($RSDB_SET_vendor != "") {
- $query_itemid = mysql_query("SELECT *
- FROM `rsdb_item_vendor`
- WHERE `vendor_id` = " . $RSDB_SET_vendor . "
- ORDER BY `vendor_name` ASC") ;
- $result_itempid = @mysql_fetch_array($query_itemid);
+ $stmt=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_item_vendor WHERE vendor_id = :vendor_id ORDER BY vendor_name ASC");
+ $stmt->bindParam('vendor_id',$RSDB_SET_vendor,PDO::PARAM_STR);
+ $stmt->execute();
+ $result_itempid = $stmt->fetch(PDO::FETCH_ASSOC);
if ($result_itempid['vendor_id'] == "" || $result_itempid['vendor_id'] == "0") {
$RSDB_viewpage = false;
}
@@ -376,11 +346,10 @@
echo "</a></font>";
if ($RSDB_SET_vendor != "" && $RSDB_viewpage != false) {
- $query_itemid = mysql_query("SELECT *
- FROM `rsdb_item_vendor`
- WHERE `vendor_id` = " . $RSDB_SET_vendor . "
- ORDER BY `vendor_name` ASC") ;
- $result_itempid = mysql_fetch_array($query_itemid);
+ $stmt=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_item_vendor WHERE vendor_id = :vendor_id ORDER BY vendor_name ASC");
+ $stmt->bindParam('vendor_id',$RSDB_SET_vendor,PDO::PARAM_STR);
+ $stmt->execute();
+ $result_itempid = $stmt->fetch(PDO::FETCH_ASSOC);
if ($result_itempid['vendor_id'] == "" || $result_itempid['vendor_id'] == "0") {
//die("");
$RSDB_viewpage = false;
@@ -389,13 +358,10 @@
echo " <font size='2'>→</font> <a href='".$RSDB_intern_link_vendor_id_EX.$RSDB_SET_vendor.$RSDB_URI_slash."'>".$result_itempid['vendor_name']."</a>";
}
if ($RSDB_SET_group != "" && $RSDB_viewpage != false) {
- $query_current_group = mysql_query("SELECT *
- FROM `rsdb_groups`
- WHERE `grpentr_visible` = '1'
- AND `grpentr_id` = " . $RSDB_SET_group . "
- " . $RSDB_intern_code_db_rsdb_groups . "
- ORDER BY `grpentr_name` ASC") ;
- $result_current_group = mysql_fetch_array($query_current_group);
+ $stmt=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_groups WHERE grpentr_visible = '1' AND grpentr_id = :group_id " . $RSDB_intern_code_db_rsdb_groups . " ORDER BY grpentr_name ASC");
+ $stmt->bindParam('group_id',$RSDB_SET_group,PDO::PARAM_STR);
+ $stmt->execute();
+ $result_current_group = $stmt->fetch(PDO::FETCH_ASSOC);
if ($result_current_group['grpentr_category'] == "" || $result_current_group['grpentr_category'] == "0") {
//die("");
$RSDB_viewpage = false;
@@ -403,11 +369,10 @@
echo " <font size='2'>→</font> <a href='".$RSDB_intern_link_name_group_EX.$RSDB_SET_group.$RSDB_URI_slash."'>".$result_current_group['grpentr_name']."</a>";
}
if ($RSDB_SET_item != "" && $RSDB_viewpage != false) {
- $query_current_group = mysql_query("SELECT *
- FROM `rsdb_item_vendor`
- WHERE `vendor_id` = " . $RSDB_SET_vendor . "
- ORDER BY `vendor_name` ASC") ;
- $result_current_group = mysql_fetch_array($query_current_group);
+ $stmt=CDBCOnnection::getInstance()->prepare("SELECT * FROM rsdb_item_vendor WHERE vendor_id = :vendor_id ORDER BY vendor_name ASC");
+ $stmt->bindParam('group_id',$RSDB_SET_vendor,PDO::PARAM_STR);
+ $stmt->execute();
+ $result_current_group = $stmt->fetch(PDO::PARAM_STR);
echo " <font size='2'>→</font> <a href='".$RSDB_intern_link_name_item_EX.$RSDB_SET_item.$RSDB_URI_slash."'>".$result_current_group['vendor_name'];
echo "</a>";
}
@@ -649,4 +614,4 @@
echo "<br />";
break;
}
-?>
+?>
Modified: branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_menubar_sections.php
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_menubar_sections.php?rev=40320&r1=40319&r2=40320&view=diff
==============================================================================
--- branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_menubar_sections.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_menubar_sections.php [iso-8859-1] Thu Apr 2 04:42:42 2009
@@ -53,11 +53,10 @@
$result_count_group['cat_media']=1;
}
else {
- $query_count_group=mysql_query("SELECT *
- FROM `rsdb_categories`
- WHERE `cat_id` = ". $RSDB_SET_cat ."
- AND `cat_visible` = '1' ;");
- $result_count_group = mysql_fetch_array($query_count_group);
+ $stmt=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_categories WHERE cat_id = :cat_id AND cat_visible = '1'");
+ $stmt->bindParam('cat_id',$RSDB_SET_cat,PDO::PARAM_STR);
+ $stmt->execute();
+ $result_count_group = $stmt->fetch(PDO::FETCH_ASSOC);
}
$RSDB_compare_string = 'cat';
}
@@ -83,11 +82,10 @@
$RSDB_compare_string = 'item';
}
elseif ($RSDB_SET_group != "") {
- $query_count_group=mysql_query("SELECT *
- FROM `rsdb_groups`
- WHERE `grpentr_id` = ". $RSDB_SET_group ."
- AND `grpentr_visible` = '1' ;");
- $result_count_group = mysql_fetch_array($query_count_group);
+ $stmt=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_groups WHERE grpentr_id = :group_id AND grpentr_visible = '1'");
+ $stmt->bindParam('group_id',$RSDB_SET_group,PDO::PARAM_STR);
+ $stmt->execute();
+ $result_count_group = $stmt->fetch(PDO::FETCH_ASSOC);
$RSDB_compare_string = 'grpentr';
}
}
@@ -125,4 +123,4 @@
</table>
</td>
</tr>
-</table>
+</table>
Modified: branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_name_flat.php
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_name_flat.php?rev=40320&r1=40319&r2=40320&view=diff
==============================================================================
--- branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_name_flat.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_name_flat.php [iso-8859-1] Thu Apr 2 04:42:42 2009
@@ -39,12 +39,10 @@
$RSDB_SET_letter = "%";
}
-$query_count_cat=mysql_query("SELECT COUNT('cat_id')
- FROM `rsdb_groups`
- WHERE `grpentr_visible` = '1'
- AND `grpentr_name` LIKE '" . $RSDB_SET_letter . "%'
- " . $RSDB_intern_code_db_rsdb_groups . " ;");
-$result_count_cat = mysql_fetch_row($query_count_cat);
+$stmt=CDBConnection::getInstance()->prepare("SELECT COUNT(*) FROM rsdb_groups WHERE grpentr_visible = '1' AND grpentr_name LIKE :starts_with " . $RSDB_intern_code_db_rsdb_groups . "");
+$stmt->bindValue('starts_with',$RSDB_SET_letter.'%',PDO::PARAM_STR);
+$stmt->execute();
+$result_count_cat = $stmt->fetch(PDO::FETCH_NUM);
if ($result_count_cat[0]) {
echo "<p align='center'>";
@@ -102,20 +100,16 @@
</tr>
<?php
- $query_page = mysql_query("SELECT *
- FROM `rsdb_groups`
- WHERE `grpentr_visible` = '1'
- AND `grpentr_name` LIKE '" . $RSDB_SET_letter . "%'
- " . $RSDB_intern_code_db_rsdb_groups . "
- ORDER BY `grpentr_name` ASC
- LIMIT " . $RSDB_SET_curpos . " , " . $RSDB_intern_items_per_page . " ;") ;
+ $stmt=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_groups WHERE grpentr_visible = '1' AND grpentr_name LIKE :starts_with " . $RSDB_intern_code_db_rsdb_groups . " ORDER BY grpentr_name ASC LIMIT ".intval($RSDB_intern_items_per_page)." OFFSET ".intval($RSDB_SET_curpos));
+ $stmt->bindValue('starts_with',$RSDB_SET_letter.'%',PDO::PARAM_STR);
+ $stmt->execute();
$farbe1="#E2E2E2";
$farbe2="#EEEEEE";
$zaehler="0";
//$farbe="#CCCCC";
- while($result_page = mysql_fetch_array($query_page)) { // Pages
+ while($result_page = $stmt->fetch(PDO::FETCH_ASSOC)) { // Pages
?>
<tr>
<td valign="top" bgcolor="<?php
@@ -132,10 +126,10 @@
?>" > <div align="left"><font face="Arial, Helvetica, sans-serif"> <a href="<?php echo $RSDB_intern_link_group_EX.$result_page['grpentr_id'].$RSDB_URI_slash; ?>"><b><?php echo $result_page['grpentr_name']; ?></b></a></font></div></td>
<td valign="top" bgcolor="<?php echo $farbe; ?>"> <div align="left"><font size="2" face="Arial, Helvetica, sans-serif"> <?php
- $query_entry_vendor = mysql_query("SELECT *
- FROM `rsdb_item_vendor`
- WHERE `vendor_id` = " . $result_page['grpentr_vendor'] ." ;") ;
- $result_entry_vendor = mysql_fetch_array($query_entry_vendor);
+ $stmt=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_item_vendor WHERE vendor_id = :vendor_id");
+ $stmt->bindParam('vendor_id',$result_page['grpentr_vendor'],PDO::PARAM_STR);
+ $stmt->execute();
+ $result_entry_vendor = $stmt->fetch(PDO::FETCH_ASSOC);
echo '<a href="'.$RSDB_intern_link_vendor_sec.$result_entry_vendor['vendor_id'].'">'.$result_entry_vendor['vendor_name'].'</a>';
?></font><font face="Arial, Helvetica, sans-serif"></font>
@@ -163,49 +157,40 @@
$counter_forumentries = 0;
$counter_screenshots = 0;
- $query_group_sum_items = mysql_query("SELECT *
- FROM `rsdb_item_comp`
- WHERE `comp_groupid` = " . mysql_real_escape_string($result_page['grpentr_id']) . "
- AND `comp_visible` = '1'
- ORDER BY `comp_groupid` DESC ;") ;
- while($result_group_sum_items = mysql_fetch_array($query_group_sum_items)) {
+ $stmt=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_item_comp WHERE comp_groupid = :group_id AND comp_visible = '1' ORDER BY comp_groupid DESC");
+ $stmt->bindParam('group_id',$result_page['grpentr_id'],PDO::PARAM_STR);
+ $stmt->execute();
+ while($result_group_sum_items = $stmt->fetch(PDO::FETCH_ASSOC)) {
$counter_items++;
if ($counter_awards_best < $result_group_sum_items['comp_award']) {
$counter_awards_best = $result_group_sum_items['comp_award'];
}
- $query_count_stars_sum = mysql_query("SELECT *
- FROM `rsdb_item_comp_testresults`
- WHERE `test_visible` = '1'
- AND `test_comp_id` = " . $result_group_sum_items['comp_id'] . "
- ORDER BY `test_comp_id` ASC") ;
-
- while($result_count_stars_sum = mysql_fetch_array($query_count_stars_sum)) {
- $counter_stars_install_sum += $result_count_stars_sum['test_result_install'];
- $counter_stars_function_sum += $result_count_stars_sum['test_result_function'];
- $counter_stars_user_sum++;
- }
-
- $query_count_testentries=mysql_query("SELECT COUNT('test_id')
- FROM `rsdb_item_comp_testresults`
- WHERE `test_visible` = '1'
- AND `test_comp_id` = '".mysql_real_escape_string($result_group_sum_items['comp_id'])."' ;");
- $result_count_testentries = mysql_fetch_row($query_count_testentries);
+ $stmt_sub=CDBConnection::getInstance()->prepare("SELECT SUM(test_result_install) AS install_sum, SUM(test_result_function) AS function_sum, COUNT(*) AS user_sum FROM rsdb_item_comp_testresults WHERE test_visible = '1' AND test_comp_id = :comp_id ORDER BY test_comp_id ASC");
+ $stmt_sub->bindParam('comp_id',$result_group_sum_items['comp_id'],PDO::PARAM_STR);
+ $stmt_sub->execute();
+ $tmp=$stmt_sub->fetchOnce(PDO::FETCH_ASSOC);
+ $counter_stars_install_sum += $tmp['install_sum'];
+ $counter_stars_function_sum += $tmp['function_sum'];
+ $counter_stars_user_sum += $tmp['user_sum'];
+
+ $stmt_sub=CDBConnection::getInstance()->prepare("SELECT COUNT(*) FROM rsdb_item_comp_testresults WHERE test_visible = '1' AND test_comp_id = :comp_id");
+ $stmt_sub->bindParam('comp_id',$result_group_sum_items['comp_id'],PDO::PARAM_STR);
+ $stmt_sub->execute();
+ $result_count_testentries = $stmt->fetch(PDO::FETCH_NUM);
$counter_testentries += $result_count_testentries[0];
// Forum entries:
- $query_count_forumentries=mysql_query("SELECT COUNT('fmsg_id')
- FROM `rsdb_item_comp_forum`
- WHERE `fmsg_visible` = '1'
- AND `fmsg_comp_id` = '".mysql_real_escape_string($result_group_sum_items['comp_id'])."' ;");
- $result_count_forumentries = mysql_fetch_row($query_count_forumentries);
+ $stmt=CDBCOnnection::getInstance()->prepare("SELECT COUNT(*) FROM rsdb_item_comp_forum WHERE fmsg_visible = '1' AND fmsg_comp_id = :comp_id");
+ $stmt->bindParam('comp_id',$result_group_sum_items['comp_id'],PDO::PARAM_STR);
+ $stmt->execute();
+ $result_count_forumentries = $stmt->fetch(PDO::FETCH_NUM);
$counter_forumentries += $result_count_forumentries[0];
// Screenshots:
- $query_count_screenshots=mysql_query("SELECT COUNT('media_id')
- FROM `rsdb_object_media`
- WHERE `media_visible` = '1'
- AND `media_groupid` = '".mysql_real_escape_string($result_group_sum_items['comp_media'])."' ;");
- $result_count_screenshots = mysql_fetch_row($query_count_screenshots);
+ $stmt=CDBConnection::getInstance()->prepare("SELECT COUNT(*) FROM rsdb_object_media WHERE media_visible = '1' AND media_groupid = :group_id");
+ $stmt->bindParam('group_id',$result_group_sum_items['comp_media'],PDO::PARAM_STR);
+ $stmt->execute();
+ $result_count_screenshots = $stmt->fetch(PDO::FETCH_NUM);
$counter_screenshots += $result_count_screenshots[0];
}
?>
@@ -219,24 +204,19 @@
$counter_items = 0;
- $query_group_sum_items = mysql_query("SELECT *
- FROM `rsdb_item_comp`
- WHERE `comp_groupid` = " . $result_page['grpentr_id'] . "
- AND `comp_visible` = '1'
- ORDER BY `comp_groupid` DESC ;") ;
- while($result_group_sum_items = mysql_fetch_array($query_group_sum_items)) {
+ $stmt=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_item_comp WHERE comp_groupid = :group_id AND comp_visible = '1' ORDER BY comp_groupid DESC");
+ $stmt->bindParam('group_id',$result_page['grpentr_id'],PDO::PARAM_STR);
+ $stmt->execute();
+ while($result_group_sum_items = $stmt->fetch(PDO::FETCH_ASSOC)) {
$counter_items++;
- $query_count_stars_sum = mysql_query("SELECT *
- FROM `rsdb_item_comp_testresults`
- WHERE `test_visible` = '1'
- AND `test_comp_id` = " . $result_group_sum_items['comp_id'] . "
- ORDER BY `test_comp_id` ASC") ;
-
- while($result_count_stars_sum = mysql_fetch_array($query_count_stars_sum)) {
- $counter_stars_install_sum += $result_count_stars_sum['test_result_install'];
- $counter_stars_function_sum += $result_count_stars_sum['test_result_function'];
- $counter_stars_user_sum++;
- }
+ $stmt_test=CDBConnection::getInstance()->prepare("SELECT SUM(test_result_install) AS install_sum, SUM(test_result_function) AS function_sum, COUNT(*) AS user_sum FROM rsdb_item_comp_testresults WHERE test_visible = '1' AND test_comp_id = :comp_id ORDER BY test_comp_id ASC");
+ $stmt_test->bindParam('comp_id',$result_group_sum_items['comp_id'],PDO::PARAM_STR);
+ $stmt_test->execute();
+ $stmt_test->fetchOnce(PDO::FETCH_ASSOC);
+
+ $counter_stars_install_sum += $tmp['install_sum'];
+ $counter_stars_function_sum += $tmp['function_sum'];
+ $counter_stars_user_sum += $tmp['user_sum'];
}
echo $counter_items;
Modified: branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_vendor_flat.php
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_vendor_flat.php?rev=40320&r1=40319&r2=40320&view=diff
==============================================================================
--- branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_vendor_flat.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_vendor_flat.php [iso-8859-1] Thu Apr 2 04:42:42 2009
@@ -39,11 +39,10 @@
$RSDB_SET_letter = "%";
}
-$query_count_cat=mysql_query("SELECT COUNT('cat_id')
- FROM `rsdb_item_vendor`
- WHERE `vendor_name` LIKE '" . $RSDB_SET_letter . "%'
- AND `vendor_visible` = '1' ;");
-$result_count_cat = mysql_fetch_row($query_count_cat);
+$stmt=CDBConnection::getInstance()->prepare("SELECT COUNT(*) FROM rsdb_item_vendor WHERE vendor_name LIKE :starts_with AND vendor_visible = '1'");
+$stmt->bindValue('starts_with',$RSDB_SET_letter.'%',PDO::PARAM_STR);
+$stmt->execute();
+$result_count_cat = $stmt->fetchOnce(PDO::FETCH_NUM);
if ($result_count_cat[0]) {
echo "<p align='center'>";
@@ -71,19 +70,17 @@
</tr>
<?php
- $query_page = mysql_query("SELECT *
- FROM `rsdb_item_vendor`
- WHERE `vendor_name` LIKE '" . mysql_real_escape_string($RSDB_SET_letter) . "%'
- AND `vendor_visible` = '1'
- ORDER BY `vendor_name` ASC
- LIMIT " . mysql_real_escape_string($RSDB_SET_curpos) . " , " . mysql_real_escape_string($RSDB_intern_items_per_page) . " ;") ;
+ $stmt=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_item_vendor WHERE vendor_name LIKE :starts_with AND vendor_visible = '1' ORDER BY vendor_name ASC LIMIT :limit OFFSET :offset");
+ $stmt->bindValue('starts_with',$RSDB_SET_letter.'%',PDO::PARAM_STR);
+ $stmt->bindParam('limit',$RSDB_intern_items_per_page,PDO::PARAM_INT);
+ $stmt->bindParam('offset',$RSDB_SET_curpos,PDO::PARAM_INT);
$farbe1="#E2E2E2";
$farbe2="#EEEEEE";
$zaehler="0";
//$farbe="#CCCCC";
- while($result_page = mysql_fetch_array($query_page)) { // Pages
+ while($result_page = $stmt->fetch(PDO::FETCH_ASSOC)) { // Pages
?>
<tr>
<td valign="top" bgcolor="<?php
Modified: branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_vendor_flat_maintainer.php
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_vendor_flat_maintainer.php?rev=40320&r1=40319&r2=40320&view=diff
==============================================================================
--- branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_vendor_flat_maintainer.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_vendor_flat_maintainer.php [iso-8859-1] Thu Apr 2 04:42:42 2009
@@ -36,12 +36,10 @@
if (usrfunc_IsModerator($RSDB_intern_user_id)) {
- $query_maintainer_vendor = mysql_query("SELECT *
- FROM `rsdb_item_vendor`
- WHERE `vendor_visible` = '1'
- AND `vendor_id` = '".mysql_real_escape_string($RSDB_SET_vendor)."'
- LIMIT 1 ;") ;
- $result_maintainer_vendor = mysql_fetch_array($query_maintainer_vendor);
+ $stmt=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_item_vendor WHERE vendor_visible = '1' AND vendor_id = :vendor_id LIMIT 1");
+ $stmt->bindParam('vendor_id',$RSDB_SET_vendor,PDO::PARAM_STR);
+ $stmt->execute();
+ $result_maintainer_vendor = $stmt->fetchOnce(PDO::FETCH_ASSOC);
$RSDB_referrer="";
$RSDB_usragent="";
@@ -75,9 +73,15 @@
if ($RSDB_TEMP_pmod == "ok" && $RSDB_SET_sec == "vendor" && $RSDB_TEMP_vendname != "" && $RSDB_TEMP_txturl != "" && usrfunc_IsModerator($RSDB_intern_user_id)) {
// Submit vendor entry:
- $update_group_entry = "INSERT INTO `rsdb_item_vendor` ( `vendor_id` , `vendor_name` , `vendor_visible` , `vendor_fullname` , `vendor_url` , `vendor_email` , `vendor_infotext` , `vendor_usrid` , `vendor_usrip` , `vendor_date` , `vendor_checked` )
- VALUES ('', '". mysql_real_escape_string($RSDB_TEMP_vendname) ."', '1', '". mysql_real_escape_string($RSDB_TEMP_fullname) ."', '". mysql_real_escape_string($RSDB_TEMP_txturl) ."', '". mysql_real_escape_string($RSDB_TEMP_txtemail) ."', '". mysql_real_escape_string($RSDB_TEMP_txtinfo) ."', '".mysql_real_escape_string($RSDB_intern_user_id)."', '".mysql_real_escape_string($RSDB_ipaddr)."', NOW( ) , 'yes')";
- mysql_query($update_group_entry);
+ $stmt=CDBConnection::getInstance()->prepare("INSERT INTO rsdb_item_vendor ( vendor_id, vendor_name, vendor_visible, vendor_fullname, vendor_url, vendor_email, vendor_infotext, vendor_usrid, vendor_usrip, vendor_date, vendor_checked ) VALUES ('', :name, '1', :fullname, :url, :email, :info, :user_id, :ip, NOW() , 'yes')");
+ $stmt->bindParam('name',$RSDB_TEMP_vendname,PDO::PARAM_STR);
+ $stmt->bindParam('fullname',$RSDB_TEMP_fullname,PDO::PARAM_STR);
+ $stmt->bindParam('url',$RSDB_TEMP_txturl,PDO::PARAM_STR);
+ $stmt->bindParam('email',$RSDB_TEMP_txtemail,PDO::PARAM_STR);
+ $stmt->bindParam('info',$RSDB_TEMP_txtinfo,PDO::PARAM_STR);
+ $stmt->bindParam('user_id',$RSDB_intern_user_id,PDO::PARAM_STR);
+ $stmt->bindParam('ip',$RSDB_ipaddr,PDO::PARAM_STR);
+ $stmt->execute();
add_log_entry("low", "tree_vendor", "submit", "[Vendor] Submit entry", @usrfunc_GetUsername($RSDB_intern_user_id)." submitted the following vendor: \n\nVendor-Name: ".htmlentities($RSDB_TEMP_vendname)."\n\Fullname: ".htmlentities($RSDB_TEMP_fullname)." \n\nUrl: ".htmlentities($RSDB_TEMP_txturl)." \n\E-Mail: ".htmlentities($RSDB_TEMP_txtemail)." \n\Info: ".htmlentities($RSDB_TEMP_txtinfo), "0");
?>
@@ -89,9 +93,15 @@
// Special request:
if ($RSDB_TEMP_pmod == "ok" && $RSDB_TEMP_txtreq1 != "" && $RSDB_TEMP_txtreq2 != "" && usrfunc_IsModerator($RSDB_intern_user_id)) {
- $report_submit="INSERT INTO `rsdb_logs` ( `log_id` , `log_date` , `log_usrid` , `log_usrip` , `log_level` , `log_action` , `log_title` , `log_description` , `log_category` , `log_badusr` , `log_referrer` , `log_browseragent` , `log_read` , `log_taskdone_usr` )
- VALUES ('', NOW( ) , '".mysql_real_escape_string($RSDB_intern_user_id)."', '".mysql_escape_string($RSDB_ipaddr)."', 'low', 'request', '".mysql_escape_string($RSDB_TEMP_txtreq1)."', '".mysql_escape_string($RSDB_TEMP_txtreq2)."', 'user_moderator', '0', '".mysql_escape_string($RSDB_referrer)."', '".mysql_escape_string($RSDB_usragent)."', ';', '0');";
- $db_report_submit=mysql_query($report_submit);
+ $stmt=CDBConnection::getInstance()->prepare("INSERT INTO rsdb_logs (log_id, log_date, log_usrid, log_usrip, log_level, log_action, log_title, log_description, log_category, log_badusr, log_referrer, log_browseragent, log_read, log_taskdone_usr )
+ VALUES ('', NOW() , :user_id, :ip, 'low', 'request', :title, :description, 'user_moderator', '0', :referrer, :user_agent, ';', '0')");
+ $stmt->bindParam('user_id',$RSDB_intern_user_id,PDO::PARAM_STR);
+ $stmt->bindParam('ip',$RSDB_ipaddr,PDO::PARAM_STR);
+ $stmt->bindParam('title',$RSDB_TEMP_txtreq1,PDO::PARAM_STR);
+ $stmt->bindParam('description',$RSDB_TEMP_txtreq2,PDO::PARAM_STR);
+ $stmt->bindParam('referrer',$RSDB_referrer,PDO::PARAM_STR);
+ $stmt->bindParam('user_agent',$RSDB_usragent,PDO::PARAM_STR);
+ $stmt->execute();
}
?>
@@ -196,9 +206,10 @@
if (array_key_exists("done", $_POST)) $RSDB_TEMP_done=htmlspecialchars($_POST["done"]);
if ($RSDB_TEMP_padmin == "ok" && $RSDB_TEMP_done != "" && usrfunc_IsAdmin($RSDB_intern_user_id)) {
- $update_log_entry = "UPDATE `rsdb_logs` SET
- `log_taskdone_usr` = '". mysql_real_escape_string($RSDB_intern_user_id) ."' WHERE `log_id` = '". mysql_real_escape_string($RSDB_TEMP_done) ."' LIMIT 1 ;";
- mysql_query($update_log_entry);
+ $stmt=CDBConnection::getInstance()->prepare("UPDATE rsdb_logs SET log_taskdone_usr = :user_id WHERE log_id = :log_id LIMIT 1");
+ $stmt->bindParam('user_id',$RSDB_intern_user_id,PDO::PARAM_STR);
+ $stmt->bindParam('log_id',$RSDB_TEMP_done,PDO::PARAM_STR);
+ $stmt->execute();
}
?>
@@ -219,14 +230,9 @@
$cellcolor1="#E2E2E2";
$cellcolor2="#EEEEEE";
$cellcolorcounter="0";
- $query_entry_sprequest = mysql_query("SELECT *
- FROM `rsdb_logs`
- WHERE `log_level` LIKE 'low'
- AND `log_action` LIKE 'request'
- AND `log_category` LIKE 'user_moderator'
- ORDER BY `log_date` DESC
- LIMIT 0, 30;") ;
- while($result_entry_sprequest = mysql_fetch_array($query_entry_sprequest)) {
+ $stmt=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_logs WHERE log_level LIKE 'low' AND log_action LIKE 'request' AND log_category LIKE 'user_moderator' ORDER BY log_date DESC LIMIT 30");
+ $stmt->execute();
+ while($result_entry_sprequest = $stmt->fetch(PDO::FETCH_ASSOC)) {
?>
<tr valign="top" bgcolor="<?php
$cellcolorcounter++;
@@ -281,4 +287,4 @@
</script>
<?php
}
-?>
+?>
Modified: branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_vendor_id.php
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_vendor_id.php?rev=40320&r1=40319&r2=40320&view=diff
==============================================================================
--- branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_vendor_id.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_vendor_id.php [iso-8859-1] Thu Apr 2 04:42:42 2009
@@ -35,13 +35,11 @@
- $query_page = mysql_query("SELECT *
- FROM `rsdb_item_vendor`
- WHERE `vendor_id` = ". htmlentities($RSDB_SET_vendor) ."
- AND `vendor_visible` = '1'
- ORDER BY `vendor_name` ASC") ;
-
- $result_page = mysql_fetch_array($query_page);
+ $stmt=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_item_vendor WHERE vendor_id = :vendor_id AND vendor_visible = '1' ORDER BY vendor_name ASC");
+ $stmt->bindParam('vendor_id',$RSDB_SET_vendor,PDO::PARAM_STR);
+ $stmt->execute();
+
+ $result_page = $stmt->fetchOnce(PDO::FETCH_ASSOC);
if ($result_page['vendor_id']) {
?>
@@ -172,18 +170,15 @@
</tr>
<?php
- $query_page = mysql_query("SELECT *
- FROM `rsdb_groups`
- WHERE `grpentr_vendor` = " . htmlentities($RSDB_SET_vendor) . "
- AND `grpentr_visible` = '1'
- ". $RSDB_intern_code_db_rsdb_groups ."
- ORDER BY `grpentr_name` ASC ;") ;
+ $stmt=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_groups WHERE grpentr_vendor = :vendor_id AND grpentr_visible = '1' ". $RSDB_intern_code_db_rsdb_groups ." ORDER BY grpentr_name ASC");
+ $stmt->bindParam('vendor_id',$RSDB_SET_vendor,PDO::PARAM_STR);
+ $stmt->execute();
$farbe1="#E2E2E2";
$farbe2="#EEEEEE";
$zaehler="0";
- while($result_page = mysql_fetch_array($query_page)) { // Pages
+ while($result_page = $stmt->fetch(PDO::FETCH_ASSOC)) { // Pages
?>
<tr>
<td valign="top" bgcolor="<?php
@@ -200,10 +195,10 @@
?>" >
<div align="left"><font size="2" face="Arial, Helvetica, sans-serif"><b><a href="<?php echo $RSDB_intern_link_vendor2_group.$result_page['grpentr_id']; ?>">
<?php
- $query_entry_vendor = mysql_query("SELECT *
- FROM `rsdb_item_vendor`
- WHERE `vendor_id` = " . mysql_real_escape_string($result_page['grpentr_vendor']) ." ;") ;
- $result_entry_vendor = mysql_fetch_array($query_entry_vendor);
+ $stmt_item=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_item_vendor WHERE vendor_id = :vendor_id");
+ $stmt_item->bindParam('vendor_id',$result_page['grpentr_vendor'],PDO::PARAM_STR);
+ $stmt_item->execute();
+ $result_entry_vendor = $stmt->fetch(PDO::FETCH_ASSOC);
/*
echo $result_entry_vendor['vendor_name']." ";
*/
@@ -211,16 +206,10 @@
<?php echo $result_page['grpentr_name']; ?></a></b>
<?php
echo " <i>";
- $query_entry_appver = mysql_query("SELECT DISTINCT (
- `comp_appversion`
- ), `comp_osversion` , `comp_id` , `comp_name`
- FROM `rsdb_item_comp`
- WHERE `comp_visible` = '1'
- AND `comp_groupid` = '". mysql_real_escape_string($result_page['grpentr_id']) ."'
- GROUP BY `comp_appversion`
- ORDER BY `comp_appversion` ASC
- LIMIT 0 , 15 ;") ;
- while($result_entry_appver = mysql_fetch_array($query_entry_appver)) {
+ $stmt_item=CDBConnection::getInstance()->prepare("SELECT DISTINCT (comp_appversion), comp_osversion, comp_id, comp_name FROM rsdb_item_comp WHERE comp_visible = '1' AND comp_groupid = :group_id GROUP BY comp_appversion ORDER BY comp_appversion ASC LIMIT 15");
+ $stmt_item->bindParam('group_id',$result_page['grpentr_id'],PDO::PARAM_STR);
+ $stmt_item->execute();
+ while($result_entry_appver = $stmt_item->fetch(PDO::FETCH_ASSOC)) {
if ($result_entry_appver['comp_name'] > $result_page['grpentr_name']) {
echo "<a href=\"".$RSDB_intern_link_group.$result_page['grpentr_id']."&group2=".$result_entry_appver['comp_appversion']."\">".substr($result_entry_appver['comp_name'], strlen($result_page['grpentr_name'])+1 )."</a>, ";
}
@@ -252,49 +241,41 @@
$counter_forumentries = 0;
$counter_screenshots = 0;
- $query_group_sum_items = mysql_query("SELECT *
- FROM `rsdb_item_comp`
- WHERE `comp_groupid` = " . mysql_real_escape_string($result_page['grpentr_id']) . "
- AND `comp_visible` = '1'
- ORDER BY `comp_groupid` DESC ;") ;
- while($result_group_sum_items = mysql_fetch_array($query_group_sum_items)) {
+ $stmt_comp=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_item_comp WHERE comp_groupid = :group_id AND comp_visible = '1' ORDER BY comp_groupid DESC");
+ $stmt_comp->bindParam('group_id',$result_page['grpentr_id'],PDO::PARAM_STR);
+ $stmt_comp->execute();
+ while($result_group_sum_items = $stmt_comp->fetch(PDO::FETCH_ASSOC)) {
$counter_items++;
if ($counter_awards_best < $result_group_sum_items['comp_award']) {
$counter_awards_best = $result_group_sum_items['comp_award'];
}
- $query_count_stars_sum = mysql_query("SELECT *
- FROM `rsdb_item_comp_testresults`
- WHERE `test_visible` = '1'
- AND `test_comp_id` = " . $result_group_sum_items['comp_id'] . "
- ORDER BY `test_comp_id` ASC") ;
-
- while($result_count_stars_sum = mysql_fetch_array($query_count_stars_sum)) {
- $counter_stars_install_sum += $result_count_stars_sum['test_result_install'];
- $counter_stars_function_sum += $result_count_stars_sum['test_result_function'];
- $counter_stars_user_sum++;
- }
+ $stmt_results=CDBConnection::getInstance()->prepare("SELECT SUM(test_result_install) AS install_sum, SUM(test_result_function) AS function_sum, COUNT(*) AS user_sum FROM rsdb_item_comp_testresults WHERE test_visible = '1' AND test_comp_id = :comp_id ORDER BY test_comp_id ASC");
+ $stmt_results->bindParam('comp_id',$result_group_sum_items['comp_id'],PDO::PARAM_STR);
+ $stmt_results->execute();
+ $tmp=$stmt_results->fetchOnce(PDO::FETCH_ASSOC);
+
+ $counter_stars_install_sum += $tmp['install_sum'];
+ $counter_stars_function_sum += $tmp['function_sum'];
+ $counter_stars_user_sum += $tmp['user_sum'];
- $query_count_testentries=mysql_query("SELECT COUNT('test_id')
- FROM `rsdb_item_comp_testresults`
- WHERE `test_visible` = '1'
- AND `test_comp_id` = '".mysql_real_escape_string($result_group_sum_items['comp_id'])."' ;");
- $result_count_testentries = mysql_fetch_row($query_count_testentries);
+ $stmt_count=CDBConnection::getInstance()->prepare("SELECT COUNT(*) FROM rsdb_item_comp_testresults WHERE test_visible = '1' AND test_comp_id = :comp_id");
+ $stmt_count->bindParam('comp_id',$result_group_sum_items['comp_id'],PDO::PARAM_STR);
+ $stmt_count->execute();
+ $result_count_testentries = $stmt_count->fetchOnce(PDO::FETCH_NUM);
$counter_testentries += $result_count_testentries[0];
// Forum entries:
- $query_count_forumentries=mysql_query("SELECT COUNT('fmsg_id')
- FROM `rsdb_item_comp_forum`
- WHERE `fmsg_visible` = '1'
- AND `fmsg_comp_id` = '".mysql_real_escape_string($result_group_sum_items['comp_id'])."' ;");
- $result_count_forumentries = mysql_fetch_row($query_count_forumentries);
+ $stmt_count=CDBConnection::getInstance()->prepare("SELECT COUNT(*) FROM rsdb_item_comp_forum WHERE fmsg_visible = '1' AND fmsg_comp_id = :comp_id");
+ $stmt->bindParam('comp_id',$result_group_sum_items['comp_id'],PDO::PARAM_STR);
+ $stmt->execute();
+ $result_count_forumentries = $stmt->fetchOnce(PDO::FETCH_NUM);
$counter_forumentries += $result_count_forumentries[0];
// Screenshots:
- $query_count_screenshots=mysql_query("SELECT COUNT('media_id')
- FROM `rsdb_object_media`
- WHERE `media_visible` = '1'
- AND `media_groupid` = '".mysql_real_escape_string($result_group_sum_items['comp_media'])."' ;");
- $result_count_screenshots = mysql_fetch_row($query_count_screenshots);
+ $stmt_count=CDBConnection::getInstance()->prepare("SELECT COUNT(*) FROM rsdb_object_media WHERE media_visible = '1' AND media_groupid = :group_id");
+ $stmt_count->bindParam('group_id',$result_group_sum_items['comp_media'],PDO::PARAM_STR);
+ $stmt_count->execute();
+ $result_count_screenshots = $stmt_count->fetchOnce(PDO::FETCH_ASSOC);
$counter_screenshots += $result_count_screenshots[0];
}
?>
Modified: branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_vendor_id_maintainer.php
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_vendor_id_maintainer.php?rev=40320&r1=40319&r2=40320&view=diff
==============================================================================
--- branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_vendor_id_maintainer.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/compat/inc/tree/tree_vendor_id_maintainer.php [iso-8859-1] Thu Apr 2 04:42:42 2009
@@ -36,12 +36,10 @@
if (usrfunc_IsModerator($RSDB_intern_user_id)) {
- $query_maintainer_vendor = mysql_query("SELECT *
- FROM `rsdb_item_vendor`
- WHERE `vendor_visible` = '1'
- AND `vendor_id` = '".mysql_real_escape_string($RSDB_SET_vendor)."'
- LIMIT 1 ;") ;
- $result_maintainer_vendor = mysql_fetch_array($query_maintainer_vendor);
+ $stmt=CDBConnection::getInstance()->prepapare("SELECT * FROM rsdb_item_vendor WHERE vendor_visible = '1' AND vendor_id = :vendor_id LIMIT 1");
+ $stmt->bindParam('vendor_id',$RSDB_SET_vendor,PDO::PARAM_STR);
+ $stmt->execute();
+ $result_maintainer_vendor = $stmt->fetchOnce(PDO::FETCH_ASSOC);
$RSDB_referrer="";
$RSDB_usragent="";
@@ -75,13 +73,14 @@
// Edit application group data:
if ($RSDB_TEMP_pmod == "ok" && $RSDB_SET_vendor != "" && $RSDB_TEMP_vendname != "" && $RSDB_TEMP_txturl != "" && usrfunc_IsModerator($RSDB_intern_user_id)) {
// Update group entry:
- $update_group_entry = "UPDATE `rsdb_item_vendor` SET `vendor_name` = '". mysql_real_escape_string($RSDB_TEMP_vendname) ."',
- `vendor_fullname` = '". mysql_real_escape_string($RSDB_TEMP_fullname) ."',
- `vendor_url` = '". mysql_real_escape_string($RSDB_TEMP_txturl) ."',
- `vendor_email` = '". mysql_real_escape_string($RSDB_TEMP_txtemail) ."',
- `vendor_infotext` = '". mysql_real_escape_string($RSDB_TEMP_txtinfo) ."'
- WHERE `vendor_id` = '". mysql_real_escape_string($RSDB_SET_vendor) ."' LIMIT 1 ;";
- mysql_query($update_group_entry);
+ $stmt=CDBConnection::getInstance()->prepare("UPDATE rsdb_item_vendor SET vendor_name = :name, vendor_fullname = :fullname, vendor_url = :url, vendor_email = :email, vendor_infotext = :info WHERE vendor_id = :vendor_id LIMIT 1");
+ $stmt->bindParam('name',$RSDB_TEMP_vendname,PDO::PARAM_STR);
+ $stmt->bindParam('fullname',$RSDB_TEMP_fullname,PDO::PARAM_STR);
+ $stmt->bindParam('url',$RSDB_TEMP_txturl,PDO::PARAM_STR);
+ $stmt->bindParam('email',$RSDB_TEMP_txtemail,PDO::PARAM_STR);
+ $stmt->bindParam('info',$RSDB_TEMP_txtinfo,PDO::PARAM_STR);
+ $stmt->bindParam('vendor_id',$RSDB_SET_vendor,PDO::PARAM_STR);
+ $stmt->execute();
add_log_entry("low", "tree_vendor", "edit", "[Vendor] Edit entry", @usrfunc_GetUsername($RSDB_intern_user_id)." changed the group data from: \n\nVendor-Name: ".htmlentities($result_maintainer_vendor['vendor_name'])." - ".htmlentities($result_maintainer_vendor['vendor_fullname'])." - ".$result_maintainer_vendor['vendor_id']."\n\nUrl: ".htmlentities($result_maintainer_vendor['vendor_url'])." \n\E-Mail: ".$result_maintainer_vendor['vendor_email']." \n\Info: ".$result_maintainer_vendor['vendor_infotext']." \n\n\nTo: \n\nVendor-Name: ".htmlentities($RSDB_TEMP_vendname)."\n\Fullname: ".htmlentities($RSDB_TEMP_fullname)." \n\nUrl: ".htmlentities($RSDB_TEMP_txturl)." \n\E-Mail: ".htmlentities($RSDB_TEMP_txtemail)." \n\Info: ".htmlentities($RSDB_TEMP_txtinfo), "0");
?>
@@ -93,15 +92,20 @@
// Special request:
if ($RSDB_TEMP_pmod == "ok" && $RSDB_TEMP_txtreq1 != "" && $RSDB_TEMP_txtreq2 != "" && usrfunc_IsModerator($RSDB_intern_user_id)) {
- $report_submit="INSERT INTO `rsdb_logs` ( `log_id` , `log_date` , `log_usrid` , `log_usrip` , `log_level` , `log_action` , `log_title` , `log_description` , `log_category` , `log_badusr` , `log_referrer` , `log_browseragent` , `log_read` , `log_taskdone_usr` )
- VALUES ('', NOW( ) , '".mysql_real_escape_string($RSDB_intern_user_id)."', '".mysql_escape_string($RSDB_ipaddr)."', 'low', 'request', '".mysql_escape_string($RSDB_TEMP_txtreq1)."', '".mysql_escape_string($RSDB_TEMP_txtreq2)."', 'user_moderator', '0', '".mysql_escape_string($RSDB_referrer)."', '".mysql_escape_string($RSDB_usragent)."', ';', '0');";
- $db_report_submit=mysql_query($report_submit);
+ $stmt=CDBConnection::getInstance()->prepare("INSERT INTO rsdb_logs (log_id, log_date, log_usrid, log_usrip, log_level, log_action, log_title, log_description, log_category, log_badusr, log_referrer, log_browseragent, log_read, log_taskdone_usr) VALUES ('', NOW(), :user_id, :ip, 'low', 'request', :title, :description, 'user_moderator', '0', :referrer, :user_agent, ';', '0')");
+ $stmt->bindParam('user_id',$RSDB_intern_user_id,PDO::PARAM_STR);
+ $stmt->bindParam('ip',$RSDB_ipaddr,PDO::PARAM_STR);
+ $stmt->bindParam('title',$RSDB_TEMP_txtreq1,PDO::PARAM_STR);
+ $stmt->bindParam('description',$RSDB_TEMP_txtreq2,PDO::PARAM_STR);
+ $stmt->bindParam('referrer',$RSDB_referrer,PDO::PARAM_STR);
+ $stmt->bindParam('user_agent',$RSDB_usragent,PDO::PARAM_STR);
+ $stmt->execute();
}
// Report spam:
if ($RSDB_TEMP_pmod == "ok" && $RSDB_TEMP_txtspam != "" && usrfunc_IsModerator($RSDB_intern_user_id)) {
- $update_log_entry = "UPDATE `rsdb_item_vendor` SET
- `vendor_visible` = '3' WHERE `vendor_id` = '". mysql_real_escape_string($RSDB_SET_vendor) ."' LIMIT 1 ;";
- mysql_query($update_log_entry);
+ $stmt=CDBConnection::getInstance()->prepare("UPDATE rsdb_item_vendor SET vendor_visible = '3' WHERE vendor_id = :vendor_id LIMIT 1");
+ $stmt->bindParam('vendor_id',$RSDB_SET_vendor,PDO::PARAM_STR);
+ $stmt->execute();
add_log_entry("low", "tree_vendor", "report_spam", "[Vendor] Spam/ads report", @usrfunc_GetUsername($RSDB_intern_user_id)." wrote: \n".htmlentities($RSDB_TEMP_txtspam)." \n\n\n\nUser: ". at usrfunc_GetUsername($result_maintainer_vendor['vendor_usrid'])." - ".$result_maintainer_vendor['vendor_usrid']."\n\nVendor-Name: ".htmlentities($result_maintainer_vendor['vendor_name'])." - ".$result_maintainer_vendor['vendor_id']."\n\nUrl: ".htmlentities($result_maintainer_vendor['vendor_url'])." \n\E-Mail: ".$result_maintainer_vendor['vendor_email']." \n\Info: ".$result_maintainer_vendor['vendor_infotext'], $result_maintainer_vendor['vendor_usrid']);
}
// Verified:
@@ -113,9 +117,10 @@
}
if ($result_maintainer_vendor['vendor_checked'] == "1" || $result_maintainer_vendor['vendor_checked'] == "no") {
if ($RSDB_TEMP_pmod == "ok" && $RSDB_TEMP_verified == "done" && usrfunc_IsModerator($RSDB_intern_user_id)) {
- $update_log_entry = "UPDATE `rsdb_item_vendor` SET
- `vendor_checked` = '". mysql_real_escape_string($temp_verified) ."' WHERE `vendor_id` = '". mysql_real_escape_string($RSDB_SET_vendor) ."' LIMIT 1 ;";
- mysql_query($update_log_entry);
+ $stmt=CDBConnection::getInstance()->prepare("UPDATE rsdb_item_vendor SET vendor_checked = :checked WHERE vendor_id = :vendor_id LIMIT 1");
+ $stmt->bindParam('checked',$temp_verified,PDO::PARAM_STR);
+ $stmt->bindParam('vendor_id',$RSDB_SET_vendor,PDO::PARAM_STR);
+ $stmt->execute();
add_log_entry("low", "tree_vendor", "verified", "[Vendor] Verified", @usrfunc_GetUsername($RSDB_intern_user_id)." has verified the following vendor: \n\n\n\nUser: ". at usrfunc_GetUsername($result_maintainer_vendor['vendor_usrid'])." - ".$result_maintainer_vendor['vendor_usrid']."\n\nVendor-Name: ".htmlentities($result_maintainer_vendor['vendor_name'])." - ".$result_maintainer_vendor['vendor_id']."\n\nUrl: ".htmlentities($result_maintainer_vendor['vendor_url'])." \n\E-Mail: ".$result_maintainer_vendor['vendor_email']." \n\Info: ".$result_maintainer_vendor['vendor_infotext'], "0");
}
}
@@ -354,9 +359,10 @@
if (array_key_exists("done", $_POST)) $RSDB_TEMP_done=htmlspecialchars($_POST["done"]);
if ($RSDB_TEMP_padmin == "ok" && $RSDB_TEMP_done != "" && usrfunc_IsAdmin($RSDB_intern_user_id)) {
- $update_log_entry = "UPDATE `rsdb_logs` SET
- `log_taskdone_usr` = '". mysql_real_escape_string($RSDB_intern_user_id) ."' WHERE `log_id` = '". mysql_real_escape_string($RSDB_TEMP_done) ."' LIMIT 1 ;";
- mysql_query($update_log_entry);
+ $stmt=CDBConnection::getInstance()->prepare"UPDATE rsdb_logs SET log_taskdone_usr = :user_id WHERE log_id = :log_id LIMIT 1");
+ $stmt->bindParam('user_id',$RSDB_intern_user_id,PDO::PARAM_STR);
+ $stmt->bindParam('log_id',$RSDB_TEMP_done,PDO::PARAM_STR);
+ $stmt->execute();
}
?>
@@ -377,14 +383,9 @@
$cellcolor1="#E2E2E2";
$cellcolor2="#EEEEEE";
$cellcolorcounter="0";
- $query_entry_sprequest = mysql_query("SELECT *
- FROM `rsdb_logs`
- WHERE `log_level` LIKE 'low'
- AND `log_action` LIKE 'request'
- AND `log_category` LIKE 'user_moderator'
- ORDER BY `log_date` DESC
- LIMIT 0, 30;") ;
- while($result_entry_sprequest = mysql_fetch_array($query_entry_sprequest)) {
+ $stmt=CDBConnection::getInstance()->prepare("SELECT * FROM rsdb_logs WHERE log_level LIKE 'low' AND log_action LIKE 'request' AND log_category LIKE 'user_moderator' ORDER BY log_date DESC LIMIT 30;");
+ $stmt->execute();
+ while($result_entry_sprequest = $stmt->fetch(PDO::FETCH_ASSOC)) {
?>
<tr valign="top" bgcolor="<?php
$cellcolorcounter++;
@@ -439,4 +440,4 @@
</script>
<?php
}
-?>
+?>
More information about the Ros-diffs
mailing list