Home Explore Help
Register Sign In
biotorrents
/
Gazelle
forked from Oppaitime/Gazelle
Watch 2
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 2 Wiki Activity
Browse Source

Use prepared queries on classes/script_start.php

biotorrents 4 years ago
parent
881b17cd1e
commit
d1ca9c6f18
2 changed files with 13 additions and 13 deletions
Unified View Show Diff Stats
  1. 4
    4
      classes/mysql.class.php
  2. 9
    9
      classes/script_start.php

+ 4
- 4
classes/mysql.class.php View File

22
22
23 
 * Making a query
 23 
 * Making a query
24
24
25 
-$DB->query("
25 
+$DB->prepared_query("
26 
   SELECT *
 26 
   SELECT *
27 
   FROM table...");
 27 
   FROM table...");
28
28
92 
   This class can only hold one result set at a time. Using set_query_id allows
 92 
   This class can only hold one result set at a time. Using set_query_id allows
93 
   you to set the result set that the class is using to the result set in
 93 
   you to set the result set that the class is using to the result set in
94 
   $ResultSet. This result set should have been obtained earlier by using
 94 
   $ResultSet. This result set should have been obtained earlier by using
95 
-  $DB->query().
95 
+  $DB->prepared_query().
96
96
97 
   Example:
 97 
   Example:
98
98
99 
-  $FoodRS = $DB->query("
99 
+  $FoodRS = $DB->prepared_query("
100 
       SELECT *
 100 
       SELECT *
101 
       FROM food");
 101 
       FROM food");
102 
-  $DB->query("
102 
+  $DB->prepared_query("
103 
     SELECT *
 103 
     SELECT *
104 
     FROM drink");
 104 
     FROM drink");
105 
   $Drinks = $DB->next_record();
 105 
   $Drinks = $DB->next_record();

+ 9
- 9
classes/script_start.php View File

225
225
226 
     $UserSessions = $Cache->get_value("users_sessions_$UserID");
 226 
     $UserSessions = $Cache->get_value("users_sessions_$UserID");
227 
     if (!is_array($UserSessions)) {
 227 
     if (!is_array($UserSessions)) {
228 
-        $DB->query(
228 
+        $DB->prepared_query(
229 
             "
 229 
             "
230 
         SELECT
 230 
         SELECT
231 
           SessionID,
 231 
           SessionID,
250 
     // Check if user is enabled
 250 
     // Check if user is enabled
251 
     $Enabled = $Cache->get_value('enabled_'.$LoggedUser['ID']);
 251 
     $Enabled = $Cache->get_value('enabled_'.$LoggedUser['ID']);
252 
     if ($Enabled === false) {
 252 
     if ($Enabled === false) {
253 
-        $DB->query("
253 
+        $DB->prepared_query("
254 
         SELECT Enabled
 254 
         SELECT Enabled
255 
           FROM users_main
 255 
           FROM users_main
256 
           WHERE ID = '$LoggedUser[ID]'");
 256 
           WHERE ID = '$LoggedUser[ID]'");
267 
     // Up/Down stats
 267 
     // Up/Down stats
268 
     $UserStats = $Cache->get_value('user_stats_'.$LoggedUser['ID']);
 268 
     $UserStats = $Cache->get_value('user_stats_'.$LoggedUser['ID']);
269 
     if (!is_array($UserStats)) {
 269 
     if (!is_array($UserStats)) {
270 
-        $DB->query("
270 
+        $DB->prepared_query("
271 
         SELECT Uploaded AS BytesUploaded, Downloaded AS BytesDownloaded, RequiredRatio
 271 
         SELECT Uploaded AS BytesUploaded, Downloaded AS BytesDownloaded, RequiredRatio
272 
         FROM users_main
 272 
         FROM users_main
273 
           WHERE ID = '$LoggedUser[ID]'");
 273 
           WHERE ID = '$LoggedUser[ID]'");
321
321
322 
     // Update LastUpdate every 10 minutes
 322 
     // Update LastUpdate every 10 minutes
323 
     if (strtotime($UserSessions[$SessionID]['LastUpdate']) + 600 < time()) {
 323 
     if (strtotime($UserSessions[$SessionID]['LastUpdate']) + 600 < time()) {
324 
-        $DB->query("
324 
+        $DB->prepared_query("
325 
         UPDATE users_main
 325 
         UPDATE users_main
326 
         SET LastAccess = NOW()
 326 
         SET LastAccess = NOW()
327 
         WHERE ID = '$LoggedUser[ID]'
 327 
         WHERE ID = '$LoggedUser[ID]'
343 
         WHERE UserID = '$LoggedUser[ID]'
 343 
         WHERE UserID = '$LoggedUser[ID]'
344 
         AND SessionID = '".db_string($SessionID)."'";
 344 
         AND SessionID = '".db_string($SessionID)."'";
345
345
346 
-        $DB->query($SessionQuery);
346 
+        $DB->prepared_query($SessionQuery);
347 
         $Cache->begin_transaction("users_sessions_$UserID");
 347 
         $Cache->begin_transaction("users_sessions_$UserID");
348 
         $Cache->delete_row($SessionID);
 348 
         $Cache->delete_row($SessionID);
349
349
362 
     if (isset($LoggedUser['Permissions']['site_torrents_notify'])) {
 362 
     if (isset($LoggedUser['Permissions']['site_torrents_notify'])) {
363 
         $LoggedUser['Notify'] = $Cache->get_value('notify_filters_'.$LoggedUser['ID']);
 363 
         $LoggedUser['Notify'] = $Cache->get_value('notify_filters_'.$LoggedUser['ID']);
364 
         if (!is_array($LoggedUser['Notify'])) {
 364 
         if (!is_array($LoggedUser['Notify'])) {
365 
-            $DB->query("
365 
+            $DB->prepared_query("
366 
             SELECT ID, Label
 366 
             SELECT ID, Label
367 
             FROM users_notify_filters
 367 
             FROM users_notify_filters
368 
               WHERE UserID = '$LoggedUser[ID]'");
 368 
               WHERE UserID = '$LoggedUser[ID]'");
394 
     // Get stylesheets
 394 
     // Get stylesheets
395 
     $Stylesheets = $Cache->get_value('stylesheets');
 395 
     $Stylesheets = $Cache->get_value('stylesheets');
396 
     if (!is_array($Stylesheets)) {
 396 
     if (!is_array($Stylesheets)) {
397 
-        $DB->query('
397 
+        $DB->prepared_query('
398 
         SELECT
 398 
         SELECT
399 
           ID,
 399 
           ID,
400 
           LOWER(REPLACE(Name, " ", "_")) AS Name,
 400 
           LOWER(REPLACE(Name, " ", "_")) AS Name,
429 
     setcookie('keeplogged', '', time() - 60 * 60 * 24 * 365, '/', '', false);
 429 
     setcookie('keeplogged', '', time() - 60 * 60 * 24 * 365, '/', '', false);
430
430
431 
     if ($SessionID) {
 431 
     if ($SessionID) {
432 
-        G::$DB->query("
432 
+        G::$DB->prepared_query("
433 
         DELETE FROM users_sessions
 433 
         DELETE FROM users_sessions
434 
           WHERE UserID = '" . G::$LoggedUser['ID'] . "'
 434 
           WHERE UserID = '" . G::$LoggedUser['ID'] . "'
435 
           AND SessionID = '".db_string($SessionID)."'");
 435 
           AND SessionID = '".db_string($SessionID)."'");
451 
 {
 451 
 {
452 
     $UserID = G::$LoggedUser['ID'];
 452 
     $UserID = G::$LoggedUser['ID'];
453
453
454 
-    G::$DB->query("
454 
+    G::$DB->prepared_query("
455 
     DELETE FROM users_sessions
 455 
     DELETE FROM users_sessions
456 
       WHERE UserID = '$UserID'");
 456 
       WHERE UserID = '$UserID'");
457
457

Write Preview
Loading…
Cancel
Save