plugin base class: init pdo object

author Andrew Dolgov <noreply@fakecake.org>

Sun, 3 Dec 2017 06:43:18 +0000 (09:43 +0300)

committer Andrew Dolgov <noreply@fakecake.org>

Sun, 3 Dec 2017 06:43:18 +0000 (09:43 +0300)
author Andrew Dolgov <noreply@fakecake.org>
Sun, 3 Dec 2017 06:43:18 +0000 (09:43 +0300)
committer Andrew Dolgov <noreply@fakecake.org>
Sun, 3 Dec 2017 06:43:18 +0000 (09:43 +0300)
diff --git a/classes/plugin.php b/classes/plugin.php

index fb4e08fb15d7f1a924e07d03b03d10901faa5e4a..69060b28daf3357ee56c66b58c0662532a251e0e 100644 (file)
--- a/classes/plugin.php
+++ b/classes/plugin.php
@@ -10,6 +10,10 @@ abstract class Plugin {
         abstract function about();
         // return array(1.0, "plugin", "No description", "No author", false);
  
+       function __construct() {
+               $this->pdo = Db::pdo();
+       }
+
         function flags() {
                 /* associative array, possible keys:
                         needs_curl = boolean
diff --git a/plugins/share/init.php b/plugins/share/init.php

index 133f0944749eae17885d4eb2b6e633c9e155fdc3..84bc78eb4ed6508c139885eb5b5bb2fea6865078 100644 (file)
--- a/plugins/share/init.php
+++ b/plugins/share/init.php
@@ -8,6 +8,7 @@ class Share extends Plugin {
                         "fox");
         }
  
+       /* @var PluginHost $host */
         function init($host) {
                 $this->host = $host;
  
@@ -25,10 +26,11 @@ class Share extends Plugin {
  
  
         function unshare() {
-               $id = db_escape_string($_REQUEST['id']);
+               $id = $_REQUEST['id'];
  
-               db_query("UPDATE ttrss_user_entries SET uuid = '' WHERE int_id = '$id'
-                       AND owner_uid = " . $_SESSION['uid']);
+               $sth = $this->pdo->prepare("UPDATE ttrss_user_entries SET uuid = '' WHERE int_id = ?
+                       AND owner_uid = ?");
+               $sth->execute([$id, $_SESSION['uid']]);
  
                 print "OK";
         }
@@ -48,20 +50,21 @@ class Share extends Plugin {
  
         // Silent
         function clearArticleKeys() {
-               db_query("UPDATE ttrss_user_entries SET uuid = '' WHERE
-                       owner_uid = " . $_SESSION["uid"]);
+               $sth = $this->pdo->prepare("UPDATE ttrss_user_entries SET uuid = '' WHERE
+                       owner_uid = ?");
+               $sth->execute([$_SESSION['uid']]);
  
                 return;
         }
  
  
         function newkey() {
-               $id = db_escape_string($_REQUEST['id']);
+               $id = $_REQUEST['id'];
+               $uuid = uniqid_short();
  
-               $uuid = db_escape_string(uniqid_short());
-
-               db_query("UPDATE ttrss_user_entries SET uuid = '$uuid' WHERE int_id = '$id'
-                       AND owner_uid = " . $_SESSION['uid']);
+               $sth = $this->pdo->prepare("UPDATE ttrss_user_entries SET uuid = ? WHERE int_id = ?
+                       AND owner_uid = ?");
+               $sth->execute([$uuid, $id, $_SESSION['uid']]);
  
                 print json_encode(array("link" => $uuid));
         }
@@ -76,21 +79,22 @@ class Share extends Plugin {
         }
  
         function shareArticle() {
-               $param = db_escape_string($_REQUEST['param']);
+               $param = $_REQUEST['param'];
  
-               $result = db_query("SELECT uuid FROM ttrss_user_entries WHERE int_id = '$param'
-                       AND owner_uid = " . $_SESSION['uid']);
+               $sth = $this->pdo->prepare("SELECT uuid FROM ttrss_user_entries WHERE int_id = ?
+                       AND owner_uid = ?");
+               $sth->execute([$param, $_SESSION['uid']]);
  
-               if (db_num_rows($result) == 0) {
-                       print "Article not found.";
-               } else {
+               if ($row = $sth->fetch()) {
  
-                       $uuid = db_fetch_result($result, 0, "uuid");
+                       $uuid = $row['uuid'];
  
                         if (!$uuid) {
-                               $uuid = db_escape_string(uniqid_short());
-                               db_query("UPDATE ttrss_user_entries SET uuid = '$uuid' WHERE int_id = '$param'
-                                       AND owner_uid = " . $_SESSION['uid']);
+                               $uuid = uniqid_short();
+
+                               $sth = $this->pdo->prepare("UPDATE ttrss_user_entries SET uuid = ? WHERE int_id = ?
+                                       AND owner_uid = ?");
+                               $sth->execute([$uuid, $param, $_SESSION['uid']]);
                         }
  
                         print __("You can share this article by the following unique URL:") . "<br/>";
@@ -106,6 +110,10 @@ class Share extends Plugin {
                                 label_create(__('Shared'), $_SESSION["uid"]);
  
                         label_add_article($ref_id, __('Shared'), $_SESSION['uid']); */
+
+
+               } else {
+                       print "Article not found.";
                 }
  
                 print "<div align='center'>";
author	Andrew Dolgov <noreply@fakecake.org>
	Sun, 3 Dec 2017 06:43:18 +0000 (09:43 +0300)
committer	Andrew Dolgov <noreply@fakecake.org>
	Sun, 3 Dec 2017 06:43:18 +0000 (09:43 +0300)
classes/plugin.php		patch \| blob \| blame \| history
plugins/share/init.php		patch \| blob \| blame \| history