]> git.wh0rd.org Git - tt-rss.git/commitdiff
labels: PDO
authorAndrew Dolgov <noreply@fakecake.org>
Fri, 1 Dec 2017 21:06:17 +0000 (00:06 +0300)
committerAndrew Dolgov <noreply@fakecake.org>
Fri, 1 Dec 2017 21:06:17 +0000 (00:06 +0300)
classes/labels.php

index c46f70c946da6087605123040c7733114541e6d6..9c6f22f5177989fe173959ac4d83284f1c864d4b 100644 (file)
@@ -10,24 +10,28 @@ class Labels
        }
 
        static function find_id($label, $owner_uid) {
-               $result = db_query(
-                       "SELECT id FROM ttrss_labels2 WHERE caption = '$label'
-                               AND owner_uid = '$owner_uid' LIMIT 1");
+               $pdo = Db::pdo();
 
-               if (db_num_rows($result) == 1) {
-                       return db_fetch_result($result, 0, "id");
+               $sth = $pdo->prepare("SELECT id FROM ttrss_labels2 WHERE caption = ?
+                               AND owner_uid = ? LIMIT 1");
+               $sth->execute([$label, $owner_uid]);
+
+               if ($row = $sth->fetch()) {
+                       return $row['id'];
                } else {
                        return 0;
                }
        }
 
        static function find_caption($label, $owner_uid) {
-               $result = db_query(
-                       "SELECT caption FROM ttrss_labels2 WHERE id = '$label'
-                               AND owner_uid = '$owner_uid' LIMIT 1");
+               $pdo = Db::pdo();
+
+               $sth = $pdo->prepare("SELECT caption FROM ttrss_labels2 WHERE id = ?
+                               AND owner_uid = ? LIMIT 1");
+               $sth->execute([$label, $owner_uid]);
 
-               if (db_num_rows($result) == 1) {
-                       return db_fetch_result($result, 0, "caption");
+               if ($row = $sth->fetch()) {
+                       return $row['caption'];
                } else {
                        return "";
                }
@@ -36,9 +40,13 @@ class Labels
        static function get_all_labels($owner_uid)      {
                $rv = array();
 
-               $result = db_query("SELECT id, fg_color, bg_color, caption FROM ttrss_labels2 WHERE owner_uid = '$owner_uid' ORDER BY caption");
+               $pdo = Db::pdo();
+
+               $sth = $pdo->prepare("SELECT id, fg_color, bg_color, caption FROM ttrss_labels2 
+                       WHERE owner_uid = ? ORDER BY caption");
+               $sth->execute([$owner_uid]);
 
-               while ($line = db_fetch_assoc($result)) {
+               while ($line = $sth->fetch()) {
                        array_push($rv, $line);
                }
 
@@ -46,6 +54,7 @@ class Labels
        }
 
        static function update_cache($owner_uid, $id, $labels = false, $force = false) {
+               $pdo = Db::pdo();
 
                if ($force)
                        Labels::clear_cache($id);
@@ -55,15 +64,19 @@ class Labels
 
                $labels = db_escape_string(json_encode($labels));
 
-               db_query("UPDATE ttrss_user_entries SET
-                       label_cache = '$labels' WHERE ref_id = '$id' AND  owner_uid = '$owner_uid'");
+               $sth = $pdo->prepare("UPDATE ttrss_user_entries SET
+                       label_cache = ? WHERE ref_id = ? AND owner_uid = ?");
+               $sth->execute([$labels, $id, $owner_uid]);
 
        }
 
        static function clear_cache($id)        {
 
-               db_query("UPDATE ttrss_user_entries SET
-                       label_cache = '' WHERE ref_id = '$id'");
+               $pdo = Db::pdo();
+
+               $sth = $pdo->prepare("UPDATE ttrss_user_entries SET
+                       label_cache = '' WHERE ref_id = ?");
+               $sth->execute([$id]);
 
        }
 
@@ -73,11 +86,14 @@ class Labels
 
                if (!$label_id) return;
 
-               db_query(
-                       "DELETE FROM ttrss_user_labels2
+               $pdo = Db::pdo();
+
+               $sth = $pdo->prepare("DELETE FROM ttrss_user_labels2
                        WHERE
-                               label_id = '$label_id' AND
-                               article_id = '$id'");
+                               label_id = ? AND
+                               article_id = ?");
+
+               $sth->execute([$label_id, $id]);
 
                Labels::clear_cache($id);
        }
@@ -88,18 +104,23 @@ class Labels
 
                if (!$label_id) return;
 
-               $result = db_query(
-                       "SELECT
+               $pdo = Db::pdo();
+
+               $sth = $pdo->prepare("SELECT
                                article_id FROM ttrss_labels2, ttrss_user_labels2
                        WHERE
                                label_id = id AND
-                               label_id = '$label_id' AND
-                               article_id = '$id' AND owner_uid = '$owner_uid'
+                               label_id = ? AND
+                               article_id = ? AND owner_uid = ?
                        LIMIT 1");
 
-               if (db_num_rows($result) == 0) {
-                       db_query("INSERT INTO ttrss_user_labels2
-                               (label_id, article_id) VALUES ('$label_id', '$id')");
+               $sth->execute([$label_id, $id, $owner_uid]);
+
+               if (!$sth->fetch()) {
+                       $sth = $pdo->prepare("INSERT INTO ttrss_user_labels2
+                               (label_id, article_id) VALUES (?, ?)");
+
+                       $sth->execute([$label_id, $id]);
                }
 
                Labels::clear_cache($id);
@@ -109,53 +130,64 @@ class Labels
        static function remove($id, $owner_uid) {
                if (!$owner_uid) $owner_uid = $_SESSION["uid"];
 
-               db_query("BEGIN");
+               $pdo = Db::pdo();
 
-               $result = db_query("SELECT caption FROM ttrss_labels2
-                       WHERE id = '$id'");
+               $pdo->beginTransaction();
 
-               $caption = db_fetch_result($result, 0, "caption");
+               $sth = $pdo->prepare("SELECT caption FROM ttrss_labels2
+                       WHERE id = ?");
+               $sth->execute([$id]);
 
-               $result = db_query("DELETE FROM ttrss_labels2 WHERE id = '$id'
-                       AND owner_uid = " . $owner_uid);
+               $row = $sth->fetch();
+               $caption = $row['caption'];
 
-               if (db_affected_rows($result) != 0 && $caption) {
+               $sth = $pdo->prepare("DELETE FROM ttrss_labels2 WHERE id = ?
+                       AND owner_uid = ?");
+               $sth->execute([$id, $owner_uid]);
+
+               if ($sth->rowCount() != 0 && $caption) {
 
                        /* Remove access key for the label */
 
                        $ext_id = LABEL_BASE_INDEX - 1 - $id;
 
-                       db_query("DELETE FROM ttrss_access_keys WHERE
-                               feed_id = '$ext_id' AND owner_uid = $owner_uid");
+                       $sth = $pdo->prepare("DELETE FROM ttrss_access_keys WHERE
+                               feed_id = ? AND owner_uid = ?");
+                       $sth->execute([$ext_id, $owner_uid]);
 
                        /* Remove cached data */
 
-                       db_query("UPDATE ttrss_user_entries SET label_cache = ''
-                               WHERE label_cache LIKE '%$caption%' AND owner_uid = " . $owner_uid);
+                       $sth = $pdo->prepare("UPDATE ttrss_user_entries SET label_cache = ''
+                               WHERE label_cache LIKE ? AND owner_uid = ?");
+                       $sth->execute(["%$caption%", $owner_uid]);
 
                }
 
-               db_query("COMMIT");
+               $pdo->commit();
        }
 
        static function create($caption, $fg_color = '', $bg_color = '', $owner_uid = false)    {
 
                if (!$owner_uid) $owner_uid = $_SESSION['uid'];
 
-               db_query("BEGIN");
+               $pdo = Db::pdo();
+
+               $pdo->beginTransaction();
+
+               $sth = $pdo->prepare("SELECT id FROM ttrss_labels2
+                       WHERE caption = ? AND owner_uid = ?");
+               $sth->execute([$caption, $owner_uid]);
 
-               $result = db_query("SELECT id FROM ttrss_labels2
-                       WHERE caption = '$caption' AND owner_uid = $owner_uid");
+               if (!$sth->fetch()) {
+                       $sth = $pdo->prepare("INSERT INTO ttrss_labels2 
+                               (caption,owner_uid,fg_color,bg_color) VALUES (?, ?, ?, ?)");
 
-               if (db_num_rows($result) == 0) {
-                       $result = db_query(
-                               "INSERT INTO ttrss_labels2 (caption,owner_uid,fg_color,bg_color)
-                                       VALUES ('$caption', '$owner_uid', '$fg_color', '$bg_color')");
+                       $sth->execute([$caption, $owner_uid, $fg_color, $bg_color]);
 
-                       $result = db_affected_rows($result) != 0;
+                       $result = $sth->rowCount();
                }
 
-               db_query("COMMIT");
+               $pdo->commit();
 
                return $result;
        }