*/
//Check to see if they are the creator of this package_version
- $result=db_query("SELECT * FROM snippet_package_version ".
- "WHERE submitted_by='".user_getid()."' AND ".
- "snippet_package_version_id='$snippet_package_version_id'");
+ $result=db_query_params("SELECT * FROM snippet_package_version ".
+ "WHERE submitted_by=$1 AND ".
+ "snippet_package_version_id=$2", array(user_getid(), $snippet_package_version_id));
if (!$result || db_numrows($result) < 1) {
echo '<h1>Error - Only the creator of a package version can delete snippets from it.</h1>';
snippet_footer(array());
*/
//find this snippet id and make sure the current user created it
- $result=db_query("SELECT * FROM snippet_version ".
- "WHERE snippet_version_id='$snippet_version_id' AND submitted_by='".user_getid()."'");
+ $result=db_query_params("SELECT * FROM snippet_version ".
+ "WHERE snippet_version_id=$1 AND submitted_by=$2", array($snippet_version_id, user_getid()));
if (!$result || db_numrows($result) < 1) {
echo '<h1>Error - That snippet doesn\'t exist.</h1>';
snippet_footer(array());
$snippet_id=db_result($result,0,'snippet_id');
//do the delete
- $result=db_query("DELETE FROM snippet_version ".
- "WHERE snippet_version_id='$snippet_version_id' AND submitted_by='".user_getid()."'");
+ $result=db_query_params("DELETE FROM snippet_version ".
+ "WHERE snippet_version_id=$1 AND submitted_by=$2", array($snippet_version_id, user_getid()));
//see if any versions of this snippet are left
- $result=db_query("SELECT * FROM snippet_version WHERE snippet_id='$snippet_id'");
+ $result=db_query_params("SELECT * FROM snippet_version WHERE snippet_id=$1", array($snippet_id));
if (!$result || db_numrows($result) < 1) {
//since no version of this snippet exist, delete the main snippet entry,
//even if this person is not the creator of the original snippet
- $result=db_query("DELETE FROM snippet WHERE snippet_id='$snippet_id'");
+ $result=db_query_params("DELETE FROM snippet WHERE snippet_id=$1",array($snippet_id));
}
echo '<h1>Snippet Removed</h1>';
*/
//make sure they own this version of the package
- $result=db_query("SELECT * FROM snippet_package_version ".
- "WHERE submitted_by='".user_getid()."' AND ".
- "snippet_package_version_id='$snippet_package_version_id'");
+ $result=db_query_params("SELECT * FROM snippet_package_version ".
+ "WHERE submitted_by=$1 AND ".
+ "snippet_package_version_id=$2", array(user_getid(), $snippet_package_version_id));
if (!$result || db_numrows($result) < 1) {
//they don't own it or it's not found
echo '<h1>Error - Only the creator of a package version can delete it.</h1>';
$snippet_package_id=db_result($result,0,'snippet_package_id');
//do the version delete
- $result=db_query("DELETE FROM snippet_package_version ".
- "WHERE submitted_by='".user_getid()."' AND ".
- "snippet_package_version_id='$snippet_package_version_id'");
+ $result=db_query_params("DELETE FROM snippet_package_version ".
+ "WHERE submitted_by=$1 AND ".
+ "snippet_package_version_id=$2", array(user_getid(), $snippet_package_version_id));
//delete snippet_package_items
- $result=db_query("DELETE FROM snippet_package_item ".
- "WHERE snippet_package_version_id='$snippet_package_version_id'");
+ $result=db_query_params("DELETE FROM snippet_package_item ".
+ "WHERE snippet_package_version_id=$1", array($snippet_package_version_id));
//see if any versions of this package remain
- $result=db_query("SELECT * FROM snippet_package_version ".
- "WHERE snippet_package_id='$snippet_package_id'");
+ $result=db_query_params("SELECT * FROM snippet_package_version ".
+ "WHERE snippet_package_id=$1", array($snippet_package_id));
if (!$result || db_numrows($result) < 1) {
//since no versions of this package remain,
//delete the main package even if the user didn't create it
- $result=db_query("DELETE FROM snippet_package WHERE snippet_package_id='$snippet_package_id'");
+ $result=db_query_params("DELETE FROM snippet_package WHERE snippet_package_id=$1", array($snippet_package_id));
}
echo '<h1>Package Removed</h1>';
snippet_footer(array());