function emailArticle() {
- $param = db_escape_string($_REQUEST['param']);
+ $ids = explode(",", $_REQUEST['param']);
+ $ids_qmarks = arr_qmarks($ids);
require_once "lib/MiniTemplator.class.php";
$tpl->setVariable('TTRSS_HOST', $_SERVER["HTTP_HOST"], true);
- $result = db_query("SELECT DISTINCT link, content, title
+ $sth = $this->pdo->prepare("SELECT DISTINCT link, content, title
FROM ttrss_user_entries, ttrss_entries WHERE id = ref_id AND
- id IN ($param) AND owner_uid = " . $_SESSION["uid"]);
+ id IN ($ids_qmarks) AND owner_uid = ?");
+ $sth->execute(array_merge($ids, [$_SESSION['uid']]));
- if (db_num_rows($result) > 1) {
+ if (count($ids) > 1) {
$subject = __("[Forwarded]") . " " . __("Multiple articles");
+ } else {
+ $subject = "";
}
- while ($line = db_fetch_assoc($result)) {
+ while ($line = $sth->fetch()) {
if (!$subject)
$subject = __("[Forwarded]") . " " . htmlspecialchars($line["title"]);
git.wh0rd.org / tt-rss.git / commitdiff
