mirror/litebans-php
1
0
Fork 0
mirror of https://gitlab.com/ruany/litebans-php.git synced 2025-05-23 16:32:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Use bindParam instead of execute parameters

Browse Source
This commit is contained in:
ruan 2018-09-22 14:34:07 +02:00
parent c8eb678db9
commit f35efe70de
No known key found for this signature in database
GPG Key ID: 0D2EC1C52E469C0B
3 changed files with 9 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
check.php
View File

@ -18,8 +18,9 @@ class Check {
$history = $page->settings->table['history']; $history = $page->settings->table['history'];
try { try {
$stmt = $page->conn->prepare("SELECT name,uuid FROM $history WHERE $column=? ORDER BY date LIMIT 1"); $stmt = $page->conn->prepare("SELECT name,uuid FROM $history WHERE $column=:val ORDER BY date LIMIT 1");
if ($stmt->execute(array($name))) { $stmt->bindParam(':val', $name, PDO::PARAM_STR);
if ($stmt->execute()) {
if ($row = $stmt->fetch()) { if ($row = $stmt->fetch()) {
$name = $row['name']; $name = $row['name'];
$uuid = $row['uuid']; $uuid = $row['uuid'];

5
inc/page.php
View File

@ -270,8 +270,9 @@ class Page {
$result = null; $result = null;
$history = $this->settings->table['history']; $history = $this->settings->table['history'];
$stmt = $this->conn->prepare("SELECT name FROM $history WHERE uuid=? ORDER BY date DESC LIMIT 1"); $stmt = $this->conn->prepare("SELECT name FROM $history WHERE uuid=:uuid ORDER BY date DESC LIMIT 1");
if ($stmt->execute(array($uuid)) && $row = $stmt->fetch()) { $stmt->bindParam(":uuid", $uuid, PDO::PARAM_STR);
if ($stmt->execute() && $row = $stmt->fetch()) {
$result = $row['name']; $result = $row['name'];
} }
$stmt->closeCursor(); $stmt->closeCursor();

5
info.php
View File

@ -129,11 +129,12 @@ $id = (int)$id;
$type = $page->type; $type = $page->type;
$table = $page->table; $table = $page->table;
$sel = $page->get_selection($table); $sel = $page->get_selection($table);
$query = "SELECT $sel FROM $table WHERE id=? LIMIT 1"; $query = "SELECT $sel FROM $table WHERE id=:id LIMIT 1";
$st = $page->conn->prepare($query); $st = $page->conn->prepare($query);
$st->bindParam(":id", $id, PDO::PARAM_INT);
if ($st->execute(array($id))) { if ($st->execute()) {
($row = $st->fetch()) or die(str_replace("{type}", $type, $page->t("info.error.id.no-result"))); ($row = $st->fetch()) or die(str_replace("{type}", $type, $page->t("info.error.id.no-result")));
$st->closeCursor(); $st->closeCursor();