]> git.wh0rd.org Git - tt-rss.git/commitdiff
plugins/embed_original: use PDO
authorAndrew Dolgov <noreply@fakecake.org>
Sun, 3 Dec 2017 07:58:13 +0000 (10:58 +0300)
committerAndrew Dolgov <noreply@fakecake.org>
Sun, 3 Dec 2017 07:58:13 +0000 (10:58 +0300)
plugins/embed_original/init.php

index a74905f8f65009f369d5373cc33e374dffe4f000..1925d141dce47e14ab3755e9460e5dae99057f90 100644 (file)
@@ -1,5 +1,7 @@
 <?php
 class Embed_Original extends Plugin {
+
+       /* @var PluginHost $host */
        private $host;
 
        function init($host) {
@@ -34,17 +36,17 @@ class Embed_Original extends Plugin {
        }
 
        function getUrl() {
-               $id = db_escape_string($_REQUEST['id']);
+               $id = $_REQUEST['id'];
 
-               $result = db_query("SELECT link
+               $sth = $this->pdo->prepare("SELECT link
                                FROM ttrss_entries, ttrss_user_entries
-                               WHERE id = '$id' AND ref_id = id AND owner_uid = " .$_SESSION['uid']);
-
-               $url = "";
-
-               if (db_num_rows($result) != 0) {
-                       $url = db_fetch_result($result, 0, "link");
+                               WHERE id = ? AND ref_id = id AND owner_uid = ?");
+               $sth->execute([$id, $_SESSION['uid']]);
 
+               if ($row = $sth->fetch()) {
+                       $url = $row['link'];
+               } else {
+                       $url = "";
                }
 
                print json_encode(array("url" => $url, "id" => $id));