Home Explore Help
Register Sign In
NSHkD
/
Gazelle
forked from Oppaitime/Gazelle
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Fix old default torrent search code that would corrupt user settings

spaghetti 6 years ago
parent
fbf77bcf54
commit
a5c5951cfa
1 changed files with 8 additions and 12 deletions
Unified View Show Diff Stats
  1. 8
    12
      sections/torrents/browse.php

+ 8
- 12
sections/torrents/browse.php View File

47 
   $DB->query("
 47 
   $DB->query("
48 
     SELECT SiteOptions
 48 
     SELECT SiteOptions
49 
     FROM users_info
 49 
     FROM users_info
50 
-    WHERE UserID = '".db_string($LoggedUser['ID'])."'");
50 
+    WHERE UserID = ?", $LoggedUser['ID']);
51 
   list($SiteOptions) = $DB->next_record(MYSQLI_NUM, false);
 51 
   list($SiteOptions) = $DB->next_record(MYSQLI_NUM, false);
52 
-  if (!empty($SiteOptions)) {
53 
-    $SiteOptions = unserialize($SiteOptions);
54 
-  } else {
55 
-    $SiteOptions = [];
56 
-  }
52 
+  $SiteOptions = json_decode($SiteOptions, true) ?? [];
57 
   $SiteOptions['DefaultSearch'] = preg_replace($UnsetRegexp, '', $_SERVER['QUERY_STRING']);
 53 
   $SiteOptions['DefaultSearch'] = preg_replace($UnsetRegexp, '', $_SERVER['QUERY_STRING']);
58 
   $DB->query("
 54 
   $DB->query("
59 
     UPDATE users_info
 55 
     UPDATE users_info
60 
-    SET SiteOptions = '".db_string(serialize($SiteOptions))."'
61 
-    WHERE UserID = '".db_string($LoggedUser['ID'])."'");
56 
+    SET SiteOptions = ?
57 
+    WHERE UserID = ?", json_encode($SiteOptions), $LoggedUser['ID']);
62 
   $Cache->begin_transaction("user_info_heavy_$UserID");
 58 
   $Cache->begin_transaction("user_info_heavy_$UserID");
63 
   $Cache->update_row(false, ['DefaultSearch' => $SiteOptions['DefaultSearch']]);
 59 
   $Cache->update_row(false, ['DefaultSearch' => $SiteOptions['DefaultSearch']]);
64 
   $Cache->commit_transaction(0);
 60 
   $Cache->commit_transaction(0);
68 
   $DB->query("
 64 
   $DB->query("
69 
     SELECT SiteOptions
 65 
     SELECT SiteOptions
70 
     FROM users_info
 66 
     FROM users_info
71 
-    WHERE UserID = '".db_string($LoggedUser['ID'])."'");
67 
+    WHERE UserID = ?", $LoggedUser['ID']);
72 
   list($SiteOptions) = $DB->next_record(MYSQLI_NUM, false);
 68 
   list($SiteOptions) = $DB->next_record(MYSQLI_NUM, false);
73 
-  $SiteOptions = unserialize($SiteOptions);
69 
+  $SiteOptions = json_decode($SiteOptions, true) ?? [];
74 
   $SiteOptions['DefaultSearch'] = '';
 70 
   $SiteOptions['DefaultSearch'] = '';
75 
   $DB->query("
 71 
   $DB->query("
76 
     UPDATE users_info
 72 
     UPDATE users_info
77 
-    SET SiteOptions = '".db_string(serialize($SiteOptions))."'
78 
-    WHERE UserID = '".db_string($LoggedUser['ID'])."'");
73 
+    SET SiteOptions = ?
74 
+    WHERE UserID = ?", json_encode($SiteOptions), $LoggedUser['ID']);
79 
   $Cache->begin_transaction("user_info_heavy_$UserID");
 75 
   $Cache->begin_transaction("user_info_heavy_$UserID");
80 
   $Cache->update_row(false, ['DefaultSearch' => '']);
 76 
   $Cache->update_row(false, ['DefaultSearch' => '']);
81 
   $Cache->commit_transaction(0);
 77 
   $Cache->commit_transaction(0);

Write Preview
Loading…
Cancel
Save