* FusionForge file release system
*
* Copyright 2002, Tim Perdue/GForge, LLC
+ * Copyright 2009, Roland Mas
*
* This file is part of FusionForge.
*
//
// Filename must be unique in this release
//
- $resfile=db_query("SELECT filename
- FROM frs_file
- WHERE
- filename='$name'
- AND release_id='".$this->FRSRelease->getId()."'");
+ $resfile = db_query_params ('SELECT filename FROM frs_file WHERE filename=$1 AND release_id=$2',
+ array ($name,
+ $this->FRSRelease->getId())) ;
if (!$resfile || db_numrows($resfile) > 0) {
$this->setError(_('That filename already exists in this project space').' '.db_error());
return false;
'$type_id','$processor_id','$file_size','".time()."')";
db_begin();
- $result=db_query($sql);
+ $result = db_query_params ('INSERT INTO frs_file(release_id,filename,release_time,type_id,processor_id,file_size,post_date) VALUES ($1,$2,$3,$4,$5,$6,$7)',
+ array ($this->FRSRelease->getId(),
+ $name,
+ $release_time,
+ $type_id,
+ $processor_id,
+ $file_size,
+ time ())) ;
if (!$result) {
db_rollback();
$this->setError('FRSFile::create() Error Adding Release: '.db_error());
* @return boolean success.
*/
function fetchData($file_id) {
- $sql="SELECT * FROM frs_file_vw
- WHERE file_id='$file_id'
- AND release_id='". $this->FRSRelease->getID() ."'";
- $res=db_query($sql);
+ $res = db_query_params ('SELECT * FROM frs_file_vw WHERE file_id=$1 AND release_id=$2',
+ array ($file_id,
+ $this->FRSRelease->getID())) ;
if (!$res || db_numrows($res) < 1) {
$this->setError('FRSFile::fetchData() Invalid file_id');
return false;
$this->FRSRelease->getFileName().'/'.
$this->getName();
unlink($file);
- $result = db_query("DELETE FROM frs_file WHERE file_id='".$this->getID()."'");
+ $result = db_query_params ('DELETE FROM frs_file WHERE file_id=$1',
+ array ($this->getID())) ;
if (!$result || db_affected_rows($result) < 1) {
$this->setError("frsDeleteFile()::2 ".db_error());
return false;
} else {
- $res=db_query("DELETE FROM frs_dlstats_file WHERE file_id='".$this->getID()."'");
- $res=db_query("DELETE FROM frs_dlstats_filetotal_agg WHERE file_id='".$this->getID()."'");
+ $res = db_query_params ('DELETE FROM frs_dlstats_file WHERE file_id=$1',
+ array ($this->getID())) ;
+ $res = db_query_params ('DELETE FROM frs_dlstats_filetotal_agg WHERE file_id=$1',
+ array ($this->getID())) ;
return true;
}
}
// Update database
db_begin();
- $res=db_query("UPDATE frs_file SET
- type_id='$type_id',
- processor_id='$processor_id',
- release_time='$release_time',
- release_id='$release_id'
- WHERE file_id='".$this->getID()."'");
+ $res = db_query_params ('UPDATE frs_file SET type_id=$1,processor_id=$2,release_time=$3,release_id=$4 WHERE file_id=$5',
+ array ($type_id,
+ $processor_id,
+ $release_time,
+ $release_id,
+ $this->getID())) ;
if (!$res || db_affected_rows($res) < 1) {
$this->setError('FRSFile::update() Error On Update: '.db_error());
* FusionForge file release system
*
* Copyright 2002, Tim Perdue/GForge, LLC
+ * Copyright 2009, Roland Mas
*
* This file is part of FusionForge.
*
require_once $gfcommon.'frs/FRSRelease.class.php';
function &get_frs_packages($Group) {
- $res=db_query("SELECT * FROM frs_package WHERE group_id='".$Group->getID()."'");
+ $res = db_query_params ('SELECT * FROM frs_package WHERE group_id=$1',
+ array ($Group->getID())) ;
if (db_numrows($res) < 1) {
return false;
}
if ($data) {
//the db result handle was passed in
} else {
- $res=db_query("SELECT * FROM frs_package
- WHERE package_id='$package_id'");
+ $res = db_query_params ('SELECT * FROM frs_package WHERE package_id=$1',
+ array ($package_id)) ;
if (db_numrows($res)<1) {
$FRSPACKAGE_OBJ['_'.$package_id.'_']=false;
return false;
return false;
}
- $res=db_query("SELECT * FROM frs_package WHERE group_id='".$this->Group->getID()."'
- AND name='".htmlspecialchars($name)."'");
+ $res = db_query_params ('SELECT * FROM frs_package WHERE group_id=$1 AND name=$2',
+ array ($this->Group->getID(),
+ htmlspecialchars($name))) ;
if (db_numrows($res)) {
$this->setError('FRSPackage::create() Error Adding Package: Name Already Exists');
return false;
}
- $sql="INSERT INTO frs_package(group_id,name,status_id,is_public)
- VALUES ('".$this->Group->getId()."','".htmlspecialchars($name)."','1','$is_public')";
-
db_begin();
- $result=db_query($sql);
+ $result = db_query_params ('INSERT INTO frs_package(group_id,name,status_id,is_public) VALUES ($1,$2,$3,$4)',
+ array ($this->Group->getId(),
+ htmlspecialchars($name),
+ 1,
+ $is_public)) ;
if (!$result) {
db_rollback();
$this->setError('FRSPackage::create() Error Adding Package: '.db_error());
* @return boolean success.
*/
function fetchData($package_id) {
- $res=db_query("SELECT * FROM frs_package
- WHERE package_id='$package_id'
- AND group_id='". $this->Group->getID() ."'");
+ $res = db_query_params ('SELECT * FROM frs_package WHERE package_id=$1 AND group_id=$2',
+ array ($package_id,
+ $this->Group->getID())) ;
if (!$res || db_numrows($res) < 1) {
$this->setError('FRSPackage::fetchData() Invalid package_id'.db_error());
return false;
$this->setError(_('You can only monitor if you are logged in'));
return false;
}
- $sql="SELECT * FROM filemodule_monitor
- WHERE user_id='".user_getid()."'
- AND filemodule_id='".$this->getID()."';";
- $result = db_query($sql);
+ $result = db_query_params ('SELECT * FROM filemodule_monitor WHERE user_id=$1 AND filemodule_id=$2',
+ array (user_getid(),
+ $this->getID())) ;
if (!$result || db_numrows($result) < 1) {
/*
User is not already monitoring thread, so
insert a row so monitoring can begin
*/
- $sql="INSERT INTO filemodule_monitor (filemodule_id,user_id)
- VALUES ('".$this->getID()."','".user_getid()."')";
-
- $result = db_query($sql);
+ $result = db_query_params ('INSERT INTO filemodule_monitor (filemodule_id,user_id) VALUES ($1,$2)',
+ array ($this->getID(),
+ user_getid()));
if (!$result) {
$this->setError('Unable to add monitor: '.db_error());
$this->setError(_('You can only monitor if you are logged in'));
return false;
}
- $sql="DELETE FROM filemodule_monitor
- WHERE user_id='".user_getid()."'
- AND filemodule_id='".$this->getID()."';";
- return db_query($sql);
+ return db_query_params ('DELETE FROM filemodule_monitor WHERE user_id=$1 AND filemodule_id=$2',
+ array (user_getid(),
+ $this->getID())) ;
}
/**
* @return int the count
*/
function getMonitorCount() {
- $sql = "select count(*) as count from filemodule_monitor where filemodule_id = ".$this->getID();
- $res = db_result(db_query($sql), 0, 0);
+ $res = db_result(db_query_params ('select count(*) as count from filemodule_monitor where filemodule_id=$1',
+ array ($this->getID())), 0, 0);
if ($res < 0) {
$this->setError('FRSPackage::getMonitorCount() Error On querying monitor count: '.db_error());
return false;
WHERE user_id='".user_getid()."'
AND filemodule_id='".$this->getID()."';";
- $result = db_query($sql);
+ $result = db_query_params ('SELECT * FROM filemodule_monitor WHERE user_id=$1 AND filemodule_id=$2',
+ array (user_getid(),
+ $this->getID())) ;
if (!$result || db_numrows($result) < 1) {
return false;
* @return array The array of user_id's.
*/
function &getMonitorIDs() {
- $res=db_query("SELECT user_id
- FROM filemodule_monitor
- WHERE filemodule_id='".$this->getID()."'");
+ $res = db_query_params ('SELECT user_id FROM filemodule_monitor WHERE filemodule_id=$1',
+ array ($this->getID())) ;
return util_result_column_to_array($res);
}
return false;
}
if($this->getName()!=htmlspecialchars($name)) {
- $res=db_query("SELECT * FROM frs_package WHERE group_id='".$this->Group->getID()."'
- AND name='".htmlspecialchars($name)."'");
+ $res = db_query_params ('SELECT * FROM frs_package WHERE group_id=$1 AND name=$2',
+ array ($this->Group->getID(),
+ htmlspecialchars($name))) ;
if (db_numrows($res)) {
$this->setError('FRSPackage::update() Error Updating Package: Name Already Exists');
return false;
}
}
db_begin();
- $res=db_query("UPDATE frs_package SET
- name='".htmlspecialchars($name)."',
- status_id='$status'
- WHERE group_id='".$this->Group->getID()."'
- AND package_id='".$this->getID()."'");
+ $res = db_query_params ('UPDATE frs_package SET name=$1, status_id=$2 WHERE group_id=$3 AND package_id=$4',
+ array (htmlspecialchars($name),
+ $status,
+ $this->Group->getID(),
+ $this->getID())) ;
if (!$res || db_affected_rows($res) < 1) {
db_rollback();
$this->setError('FRSPackage::update() Error On Update: '.db_error());
function &getReleases() {
if (!is_array($this->package_releases) || count($this->package_releases) < 1) {
$this->package_releases=array();
- $res=db_query("SELECT * FROM frs_release WHERE package_id='".$this->getID()."'");
+ $res = db_query_params ('SELECT * FROM frs_release WHERE package_id=$1',
+ array ($this->getID())) ;
while ($arr = db_fetch_array($res)) {
$this->package_releases[]=new FRSRelease($this,$arr['release_id'],$arr);
}
}
exec('rm -rf '.$dir);
- db_query("DELETE FROM frs_package WHERE package_id='".$this->getID()."'
- AND group_id='".$this->Group->getID()."'");
+ db_query_params ('DELETE FROM frs_package WHERE package_id=$1 AND group_id=$2',
+ array ($this->getID(),
+ $this->Group->getID())) ;
return true;
}
* FusionForge file release system
*
* Copyright 2002, Tim Perdue/GForge, LLC
+ * Copyright 2009, Roland Mas
*
* This file is part of FusionForge.
*
if ($data) {
//the db result handle was passed in
} else {
- $res=db_query("SELECT * FROM frs_release WHERE
- release_id='$release_id'");
+ $res = db_query_params ('SELECT * FROM frs_release WHERE release_id=$1',
+ array ($release_id)) ;
if (db_numrows($res)<1 ) {
$FRSRELEASE_OBJ['_'.$release_id.'_']=false;
return false;
if (!$release_date) {
$release_date=time();
}
- $res=db_query("SELECT * FROM frs_release WHERE package_id='".$this->FRSPackage->getID()."'
- AND name='".htmlspecialchars($name)."'");
+ $res = db_query_params ('SELECT * FROM frs_release WHERE package_id=$1 AND name=$2',
+ array ($this->FRSPackage->getID(),
+ htmlspecialchars($name))) ;
if (db_numrows($res)) {
$this->setError('FRSRelease::create() Error Adding Release: Name Already Exists');
return false;
}
- $sql="INSERT INTO frs_release(package_id,notes,changes,
- preformatted,name,release_date,released_by,status_id)
- VALUES ('".$this->FRSPackage->getId()."','".htmlspecialchars($notes)."','".htmlspecialchars($changes)."',
- '$preformatted','".htmlspecialchars($name)."','$release_date','".user_getid()."','1')";
-
db_begin();
- $result=db_query($sql);
+ $result=db_query_params ('INSERT INTO frs_release(package_id,notes,changes,preformatted,name,release_date,released_by,status_id) VALUES ($1,$2,$3,$4,$5,$6,$7,$8)',
+ array ($this->FRSPackage->getId(),
+ htmlspecialchars($notes),
+ htmlspecialchars($changes),
+ $preformatted,
+ htmlspecialchars($name),
+ $release_date,
+ user_getid(),
+ 1)) ;
if (!$result) {
db_rollback();
$this->setError('FRSRelease::create() Error Adding Release: '.db_error());
* @return boolean success.
*/
function fetchData($release_id) {
- $sql="SELECT * FROM frs_release
- WHERE release_id='$release_id'
- AND package_id='". $this->FRSPackage->getID() ."'";
- $res=db_query($sql);
+ $res = db_query_params ('SELECT * FROM frs_release WHERE release_id=$1 AND package_id=$2',
+ array ($release_id,
+ $this->FRSPackage->getID())) ;
if (!$res || db_numrows($res) < 1) {
$this->setError('FRSRelease::fetchData() Invalid release_id');
return false;
function &getFiles() {
if (!is_array($this->release_files) || count($this->release_files) < 1) {
$this->release_files=array();
- $res=db_query("SELECT * FROM frs_file_vw WHERE release_id='".$this->getID()."'");
+ $res = db_query_params ('SELECT * FROM frs_file_vw WHERE release_id=$1',
+ array ($this->getID())) ;
while ($arr = db_fetch_array($res)) {
$this->release_files[]=new FRSFile($this,$arr['file_id'],$arr);
}
}
exec('rm -rf '.$dir);
- db_query("DELETE FROM frs_release WHERE release_id='".$this->getID()."'
- AND package_id='".$this->FRSPackage->getID()."'");
+ db_query_params ('DELETE FROM frs_release WHERE release_id=$1 AND package_id=$2',
+ array ($this->getID(),
+ $this->FRSPackage->getID())) ;
return true;
}
}
if($this->getName()!=htmlspecialchars($name)) {
- $res=db_query("SELECT * FROM frs_release WHERE package_id='".$this->FRSPackage->getID()."'
- AND name='".htmlspecialchars($name)."'");
+ $res = db_query_params ('SELECT * FROM frs_release WHERE package_id=$1 AND name=$2',
+ array ($this->FRSPackage->getID(),
+ htmlspecialchars($name))) ;
if (db_numrows($res)) {
$this->setError('FRSRelease::create() Error Adding Release: Name Already Exists');
return false;
}
}
db_begin();
- $res=db_query("UPDATE frs_release
- SET
- name='".htmlspecialchars($name)."',
- status_id='$status',
- notes='".htmlspecialchars($notes)."',
- changes='".htmlspecialchars($changes)."',
- preformatted='$preformatted',
- release_date='$release_date',
- released_by='". user_getid() ."'
- WHERE package_id='".$this->FRSPackage->getID()."'
- AND release_id='".$this->getID()."'");
+ $res = db_query_params ('UPDATE frs_release SET name=$1,status_id=$2,notes=$3,
+ changes=$4,preformatted=$5,release_date=$6,released_by=$7
+ WHERE package_id=$8 AND release_id=$9',
+ array (htmlspecialchars($name),
+ $status,
+ htmlspecialchars($notes),
+ htmlspecialchars($changes),
+ $preformatted,
+ $release_date,
+ user_getid(),
+ $this->FRSPackage->getID(),
+ $this->getID())) ;
if (!$res || db_affected_rows($res) < 1) {
db_rollback();