From 11d1a8a6935c0665671fd570d485c6f8db4fbbca Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <noreply@fakecake.org>
Date: Sun, 3 Dec 2017 10:55:41 +0300
Subject: [PATCH] plugins/af_redditimgur: use PDO

---
 plugins/af_redditimgur/init.php | 20 ++++++++++++--------
 1 file changed, 12 insertions(+), 8 deletions(-)

diff --git a/plugins/af_redditimgur/init.php b/plugins/af_redditimgur/init.php
index 82e3226a..59e3a760 100755
--- a/plugins/af_redditimgur/init.php
+++ b/plugins/af_redditimgur/init.php
@@ -1,5 +1,7 @@
 <?php
 class Af_RedditImgur extends Plugin {
+
+	/* @var PluginHost $host */
 	private $host;
 
 	function about() {
@@ -379,8 +381,8 @@ class Af_RedditImgur extends Plugin {
 			if ($this->host->get($this, "enable_content_dupcheck")) {
 
 				if ($content_link) {
-					$content_href = db_escape_string($content_link->getAttribute("href"));
-					$entry_guid = db_escape_string($article["guid_hashed"]);
+					$content_href = $content_link->getAttribute("href");
+					$entry_guid = $article["guid_hashed"];
 					$owner_uid = $article["owner_uid"];
 
 					if (DB_TYPE == "pgsql") {
@@ -389,16 +391,18 @@ class Af_RedditImgur extends Plugin {
 						$interval_qpart = "date_entered < DATE_SUB(NOW(), INTERVAL 1 DAY)";
 					}
 
-					$result = db_query("SELECT COUNT(id) AS cid
+					$sth = $this->pdo->prepare("SELECT COUNT(id) AS cid
 						FROM ttrss_entries, ttrss_user_entries WHERE
 							ref_id = id AND
 							$interval_qpart AND
-							guid != '$entry_guid' AND
-							owner_uid = '$owner_uid' AND
-							content LIKE '%href=\"$content_href\">[link]%'");
+							guid != ? AND
+							owner_uid = ? AND
+							content LIKE ?");
+
+					$sth->execute([$entry_guid, $owner_uid, "%href=\"$content_href\">[link]%"]);
 
-					if ($result) {
-						$num_found = db_fetch_result($result, 0, "cid");
+					if ($row = $sth->fetch()) {
+						$num_found = $row['cid'];
 
 						if ($num_found > 0) $article["force_catchup"] = true;
 					}
-- 
2.39.2