if (!$bookmark_title) {
$bookmark_title = $bookmark_url;
}
- $result = db_query("INSERT into user_bookmarks (user_id, bookmark_url, "
- . "bookmark_title) values ('".user_getid()."', '".htmlentities($bookmark_url)."', "
- . "'".htmlspecialchars($bookmark_title)."');");
+ $result = db_query_params ('INSERT into user_bookmarks (user_id, bookmark_url, bookmark_title) values ($1, $2, $3)',
+ array (user_getid(),
+ htmlentities($bookmark_url)
+ htmlspecialchars($bookmark_title)));
if (!$result) {
echo db_error();
}
* @param string The new or existing bookmark title
*/
function bookmark_edit ($bookmark_id, $bookmark_url, $bookmark_title) {
- $result = db_query("UPDATE user_bookmarks SET bookmark_url='".htmlentities($bookmark_url)."', "
- ."bookmark_title='".htmlspecialchars($bookmark_title)."' where bookmark_id='$bookmark_id' AND user_id='". user_getid() ."'");
+ $result = db_query_params ('UPDATE user_bookmarks SET bookmark_url=$1, bookmark_title=$2 WHERE bookmark_id=$3 AND user_id=$4',
+ array (htmlentities($bookmark_url),
+ htmlspecialchars($bookmark_title),
+ $bookmark_id,
+ user_getid()));
if (!$result) {
echo db_error();
return false;
* @param int The bookmark's ID
*/
function bookmark_delete ($bookmark_id) {
- db_query("DELETE from user_bookmarks WHERE bookmark_id='$bookmark_id' "
- . "and user_id='". user_getid() ."'");
+ db_query_params ('DELETE from user_bookmarks WHERE bookmark_id=$1 AND user_id=$2',
+ array ($bookmark_id,
+ user_getid()));
}
?>
if ($mode != 'compact') {
//get a list of publicly available projects
- $sql="SELECT * FROM project_group_list WHERE group_id='$group_id' AND is_public=1";
- $result = db_query ($sql);
+ $result = db_query_params ('SELECT * FROM project_group_list WHERE group_id=$1 AND is_public=1',
+ array ($group_id));
$rows = db_numrows($result);
if (!$result || $rows < 1) {
$return .= '<br /><em>There are no public subprojects available</em>';
$return .= " SCM Tree</a>";
if ($mode != 'compact') {
- $sql = "SELECT SUM(commits) AS commits,SUM(adds) AS adds from stats_cvs_group where group_id='$group_id'";
- $result = db_query($sql);
+ $result = db_query_params ('SELECT SUM(commits) AS commits,SUM(adds) AS adds from stats_cvs_group where group_id=$1',
+ array ($group_id));
$return .= ' ( <strong>'.db_result($result,0,0).'</strong> commits, <strong>'.db_result($result,0,1).'</strong> adds )';
}
}
/*
pages/day
*/
- $sql="SELECT * FROM stats_agg_pages_by_day";
-
- $result = db_query ($sql);
+ $result = db_query_params ('SELECT * FROM stats_agg_pages_by_day',
+ array ());
$rows = db_numrows($result);
if (!$result || $rows < 1) {
echo '<p> </p>';
-/*
- pages/hour
-* /
- $sql="SELECT * FROM stats_agg_pages_by_hour";
-
- $result = db_query ($sql);
- $rows = db_numrows($result);
-
- if (!$result || $rows < 1) {
- echo '<h1>Stats Problem</h1>';
- echo db_error();
- } else {
- GraphResult($result,'Page Views By Hour');
- }
- echo '<p>';
-*/
-
/*
Groups added by week
*/
- $sql="select (round((register_time/604800),0)*604800) AS time ,count(*) from groups group by time";
- $result = db_query ($sql);
+ $result = db_query_params ('select (round((register_time/604800),0)*604800) AS time ,count(*) from groups group by time',
+ array ());
$rows = db_numrows($result);
if (!$result || $rows < 1) {
/*
Users added by week
*/
- $sql="select (round((add_date/604800),0)*604800) AS time ,count(*) from users group by time";
- $result = db_query ($sql);
+ $result = db_query_params ('select (round((add_date/604800),0)*604800) AS time ,count(*) from users group by time',
+ array ());
$rows = db_numrows($result);
if (!$result || $rows < 1) {
/*
logo impressions/day
*/
- $sql="SELECT * FROM stats_agg_logo_by_day";
- $result = db_query ($sql);
+ $result = db_query_params ('SELECT * FROM stats_agg_logo_by_day',
+ array ());
$rows = db_numrows($result);
if (!$result || $rows < 1) {
/*
logo impressions/group
*/
- $sql="SELECT group_id,sum(count) as count FROM stats_agg_logo_by_group GROUP BY group_id";
- $result = db_query ($sql);
+ $result = db_query_params ('SELECT group_id,sum(count) as count FROM stats_agg_logo_by_group GROUP BY group_id',
+ array ());
$rows = db_numrows($result);
if (!$result || $rows < 1) {
/*
Browser
*/
- $sql="SELECT * FROM stats_agg_pages_by_browser";
- $result = db_query ($sql);
+ $result = db_query_params ('SELECT * FROM stats_agg_pages_by_browser',
+ array ());
$rows = db_numrows($result);
if (!$result || $rows < 1) {
/*
Platform
*/
- $sql="SELECT * FROM stats_agg_pages_by_platform";
- $result = db_query ($sql);
+ $result = db_query_params ('SELECT * FROM stats_agg_pages_by_platform',
+ array ());
$rows = db_numrows($result);
if (!$result || $rows < 1) {
/*
Browser/ver
*/
- $sql="SELECT * FROM stats_agg_pages_by_plat_brow_ver";
- $result = db_query ($sql);
+ $result = db_query_params ('SELECT * FROM stats_agg_pages_by_plat_brow_ver',
+ array ());
$rows = db_numrows($result);
if (!$result || $rows < 1) {
*/
function trove_genfullpaths($mynode,$myfullpath,$myfullpathids) {
// first generate own path
- $res_update = db_query('UPDATE trove_cat SET fullpath=\''
- .$myfullpath.'\',fullpath_ids=\''
- .$myfullpathids.'\' WHERE trove_cat_id='.$mynode);
+ $res_update = db_query_params ('UPDATE trove_cat SET fullpath=$1,fullpath_ids=$2 WHERE trove_cat_id=$3',
+ array ($myfullpath,
+ $myfullpathids,
+ $mynode));
// now generate paths for all children by recursive call
if($mynode!=0)
{
- $res_child = db_query("
+ $res_child = db_query_params ('
SELECT trove_cat_id,fullname
FROM trove_cat
- WHERE parent='$mynode'
- AND trove_cat_id!=0;
- ", -1, 0, SYS_DB_TROVE);
+ WHERE parent=$1
+ AND trove_cat_id != 0',
+ array ($mynode));
while ($row_child = db_fetch_array($res_child)) {
trove_genfullpaths($row_child['trove_cat_id'],
*/
function trove_updaterootparent($mynode,$rootnode) {
// first generate own path
- if($mynode!=$rootnode) $res_update = db_query('UPDATE trove_cat SET root_parent=' .$rootnode. ' WHERE trove_cat_id='.$mynode);
- else $res_update = db_query('UPDATE trove_cat SET root_parent=0 WHERE trove_cat_id='.$mynode);
+ if($mynode!=$rootnode) $res_update = db_query_params ('UPDATE trove_cat SET root_parent=$1 WHERE trove_cat_id=$2',
+ array ($rootnode,
+ $mynode));
+ else $res_update = db_query_params ('UPDATE trove_cat SET root_parent=0 WHERE trove_cat_id=$1',
+ array ($mynode));
// now generate paths for all children by recursive call
if($mynode!=0)
{
- $res_child = db_query("
+ $res_child = db_query_params ('
SELECT trove_cat_id
FROM trove_cat
- WHERE parent='$mynode'
- AND trove_cat_id!=0;
- ", -1, 0, SYS_DB_TROVE);
+ WHERE parent=$1
+ AND trove_cat_id!=0',
+ array ($mynode));
while ($row_child = db_fetch_array($res_child)) {
trove_updaterootparent($row_child['trove_cat_id'],$rootnode);
if ((!$group_id) || (!$trove_cat_id)) return 1;
// verify trove category exists
- $res_verifycat = db_query("
+ $res_verifycat = db_query_params ('
SELECT trove_cat_id,fullpath_ids
FROM trove_cat
- WHERE trove_cat_id='$trove_cat_id'
- ", -1, 0, SYS_DB_TROVE);
+ WHERE trove_cat_id=$1',
+ array ($trove_cat_id));
if (db_numrows($res_verifycat) != 1) return 1;
$row_verifycat = db_fetch_array($res_verifycat);
}
// must first make sure that this is not a subnode of anything current
- $res_topnodes = db_query("
+ $res_topnodes = db_query_params ('
SELECT trove_cat.trove_cat_id AS trove_cat_id,
trove_cat.fullpath_ids AS fullpath_ids
FROM trove_cat,trove_group_link
WHERE trove_cat.trove_cat_id=trove_group_link.trove_cat_id
- AND trove_group_link.group_id='$group_id'
- AND trove_cat.root_parent='$rootnode'");
+ AND trove_group_link.group_id=$1
+ AND trove_cat.root_parent=$2',
+ array ($group_id,
+ $rootnode));
while($row_topnodes = db_fetch_array($res_topnodes)) {
$pathids = explode(' :: ',$row_topnodes['fullpath_ids']);
FROM trove_group_link
WHERE group_id=$1
AND trove_cat_root=$2',
- array($group_id,
- $rootnode));
+ array($group_id,
+ $rootnode));
while ($row_checksubs = db_fetch_array($res_checksubs)) {
// check against all subnodeids
for ($i=0;$i<count($subnodeids);$i++) {
if ($subnodeids[$i] == $row_checksubs['trove_cat_id']) {
// then delete subnode
- db_query('DELETE FROM trove_group_link WHERE '
- .'group_id='.$group_id.' AND trove_cat_id='
- .$subnodeids[$i]);
+ db_query_params ('DELETE FROM trove_group_link WHERE group_id=$1 AND trove_cat_id=$2',
+ array ($group_id,
+ $subnodeids[$i]));
}
}
}
// if we got this far, must be ok
- db_query('INSERT INTO trove_group_link (trove_cat_id,trove_cat_version,'
- .'group_id,trove_cat_root) VALUES ('.$trove_cat_id.','
- .time().','.$group_id.','.$rootnode.')');
+ db_query_params ('INSERT INTO trove_group_link (trove_cat_id,trove_cat_version,group_id,trove_cat_root) VALUES ($1,$2,$3,$4)',
+ array ($trove_cat_id,
+ time(),
+ $group_id,
+ $rootnode));
return 0;
}
SELECT parent
FROM trove_cat
WHERE trove_cat_id=$1',
- array($current_cat));
+ array($current_cat));
$row_par = db_fetch_array($res_par);
$parent = $row_par["parent"];
*/
- $res=db_query("SELECT count(*) from user_diary ".
- "WHERE user_id='". $user_id ."' AND is_public=1");
+ $res = db_query_params ('SELECT count(*) from user_diary WHERE user_id=$1 AND is_public=1',
+ array ($user_id));
echo _('Diary/Note entries:').' '.db_result($res,0,0).'
<p/>'.util_make_link ('/developer/diary.php?diary_user='.$user_id,_('View Diary & Notes')).'</p>
<p/>';
* @param string The rating type
*/
function vote_get_rating ($id,$flag) {
- $sql="SELECT response FROM survey_rating_aggregate WHERE type='$flag' AND id='$id'";
- $result=db_query($sql);
+ $result = db_query_params ('SELECT response FROM survey_rating_aggregate WHERE type=$1 AND id=$2',
+ array ($flag,
+ $id));
if (!$result || (db_numrows($result) < 1) || (db_result($result,0,0)==0)) {
return '0';
} else {
Select this survey from the database
*/
-$sql="SELECT * FROM surveys WHERE survey_id='$survey_id' and group_id = '$group_id'";
-
-$result=db_query($sql);
+ $result = db_query_params ('SELECT * FROM surveys WHERE survey_id=$1 and group_id = $2',
+ array ($survey_id,
+ $group_id));
if (db_numrows($result) > 0) {
echo '
Build the questions on the HTML form
*/
- $sql="SELECT * FROM survey_questions WHERE question_id='".$quest_array[$i]."'";
- $result=db_query($sql);
+ $result = db_query_params ('SELECT * FROM survey_questions WHERE question_id=$1',
+ array ($quest_array[$i]));
$question_type=db_result($result, 0, 'question_type');
if ($question_type == '4') {
WHERE rated_by=$1
AND user_id=$2
',
- array($by_id,
- $user_id));
+ array($by_id,
+ $user_id));
$prev_vote = util_result_columns_to_assoc($res);
while (list($k,$v) = each($prev_vote)) {
if ($v == 0) {
*/
function vote_show_user_rating($user_id) {
global $USER_RATING_QUESTIONS;
- $sql="SELECT rate_field,(avg(rating)+3) AS avg_rating,count(*) as count
-FROM user_ratings
-WHERE user_id='$user_id'
-GROUP BY rate_field";
- $res=db_query($sql);
+ $res = db_query_params ('SELECT rate_field,(avg(rating)+3) AS avg_rating,count(*) as count
+FROM user_ratings
+WHERE user_id=$1
+GROUP BY rate_field',
+ array ($user_id));
$rows=db_numrows($res);
if (!$res || $rows < 1) {
<td>'.db_result($res,$i,'avg_rating').' (By '. db_result($res,$i,'count') .' Users)</td></tr>';
}
- $res=db_query_params ('SELECT ranking,metric,importance_factor FROM user_metric WHERE user_id=$1',
- array($user_id));
+ $res = db_query_params ('SELECT ranking,metric,importance_factor FROM user_metric WHERE user_id=$1',
+ array($user_id));
if ($res && db_numrows($res) > 0) {
echo '<tr><td colspan="2"><strong>Trusted Overall Rating</strong></td></tr>';
echo '<tr><td>Sitewide Ranking:</td><td><strong>'. db_result($res,0,'ranking') .'</strong></td></tr>
DELETE FROM user_ratings
WHERE rated_by=$1
',
- array($user_id));
+ array($user_id));
}
// Local Variables: