librefm-commits
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Librefm-commits] [1221] use mdb2->quote for quoting strings for db


From: Clint Adams
Subject: [Librefm-commits] [1221] use mdb2->quote for quoting strings for db
Date: Wed, 06 May 2009 03:40:48 +0000

Revision: 1221
          http://svn.sv.gnu.org/viewvc/?view=rev&root=librefm&revision=1221
Author:   clint
Date:     2009-05-06 03:40:48 +0000 (Wed, 06 May 2009)
Log Message:
-----------
use mdb2->quote for quoting strings for db

Modified Paths:
--------------
    trunk/gnukebox/nowplaying/1.2/index.php
    trunk/gnukebox/submissions/1.2/index.php

Modified: trunk/gnukebox/nowplaying/1.2/index.php
===================================================================
--- trunk/gnukebox/nowplaying/1.2/index.php     2009-05-06 03:30:45 UTC (rev 
1220)
+++ trunk/gnukebox/nowplaying/1.2/index.php     2009-05-06 03:40:48 UTC (rev 
1221)
@@ -61,12 +61,12 @@
 getTrackCreateIfNew($artist, $album, $track, $mbid);
 
 //Expire old tracks
-$mdb2->query("DELETE FROM Now_Playing WHERE expires < " . time());
+$mdb2->exec("DELETE FROM Now_Playing WHERE expires < " . time());
 
 //Delete this user's last playing song (if any)
-$mdb2->query("DELETE FROM Now_Playing WHERE sessionid = '" . $sess . "'");
+$mdb2->exec("DELETE FROM Now_Playing WHERE sessionid = " . $mdb2->quote($sess, 
"text"));
 
-$mdb2->query("INSERT INTO Now_Playing (sessionid, artist, album, track, 
expires, mbid) VALUES ("
+$mdb2->exec("INSERT INTO Now_Playing (sessionid, artist, album, track, 
expires, mbid) VALUES ("
        . $sess . ", "
        . $artist . ", "
        . $album . ", "

Modified: trunk/gnukebox/submissions/1.2/index.php
===================================================================
--- trunk/gnukebox/submissions/1.2/index.php    2009-05-06 03:30:45 UTC (rev 
1220)
+++ trunk/gnukebox/submissions/1.2/index.php    2009-05-06 03:40:48 UTC (rev 
1221)
@@ -166,7 +166,7 @@
                }
 
                // Destroy now_playing since it is almost certainly obsolescent
-               $mdb2->exec("DELETE FROM Now_Playing WHERE sessionid = '" . 
$session_id . "'");
+               $mdb2->exec("DELETE FROM Now_Playing WHERE sessionid = " . 
$mdb2->quote($session_id, "text"));
        }
 }
 





reply via email to

[Prev in Thread] Current Thread [Next in Thread]