From 43f52582195b1ec92442d480496b495a1da5c6a8 Mon Sep 17 00:00:00 2001 From: Martin Konecny Date: Wed, 5 Sep 2012 17:43:45 -0400 Subject: [PATCH 1/2] CC-4348: Prepared statements - part 4 -User.php --- airtime_mvc/application/models/User.php | 41 ++++++++++--------------- 1 file changed, 16 insertions(+), 25 deletions(-) diff --git a/airtime_mvc/application/models/User.php b/airtime_mvc/application/models/User.php index 85ff5ea64..fbfb84794 100644 --- a/airtime_mvc/application/models/User.php +++ b/airtime_mvc/application/models/User.php @@ -284,45 +284,38 @@ class Application_Model_User $sql_gen = "SELECT login AS value, login AS label, id as index FROM cc_subjs "; $sql = $sql_gen; - $type = array_map( function($t) { - return "type = '{$t}'"; - }, $type); + $types = array(); + $params = array(); + for ($i=0; $iquery($sql)->fetchAll();; + return Application_Common_Database::prepareAndExecute($sql, $params, "all"); } public static function getUserCount($type=null) { $con = Propel::getConnection(); $sql = ''; - $sql_gen = "SELECT count(*) AS cnt FROM cc_subjs "; - - if (!isset($type)) { - $sql = $sql_gen; - } else { - if (is_array($type)) { - for ($i=0; $iquery($sql)->fetchColumn(0); @@ -366,13 +359,11 @@ class Application_Model_User public static function getUserData($id) { - $con = Propel::getConnection(); - $sql = "SELECT login, first_name, last_name, type, id, email, cell_phone, skype_contact, jabber_contact" ." FROM cc_subjs" - ." WHERE id = $id"; + ." WHERE id = :id"; - return $con->query($sql)->fetch(); + return Application_Common_Database::prepareAndExecute($sql, array(":id" => $id), 'single'); } public static function getCurrentUser() From 139950fac26ab124001df2dcec49a085cfcd0507 Mon Sep 17 00:00:00 2001 From: Martin Konecny Date: Wed, 5 Sep 2012 17:44:09 -0400 Subject: [PATCH 2/2] PSR fixes --- airtime_mvc/application/common/Database.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/airtime_mvc/application/common/Database.php b/airtime_mvc/application/common/Database.php index 96e6e6770..d0ee39b78 100644 --- a/airtime_mvc/application/common/Database.php +++ b/airtime_mvc/application/common/Database.php @@ -1,6 +1,7 @@ prepare($sql); foreach ($paramValueMap as $param => $v) { @@ -10,7 +11,7 @@ class Application_Common_Database{ if ($stmt->execute()) { if ($type == 'single') { $rows = $stmt->fetch(PDO::FETCH_ASSOC); - } else if ($type == 'column'){ + } elseif ($type == 'column'){ $rows = $stmt->fetchColumn(); } else { $rows = $stmt->fetchAll(PDO::FETCH_ASSOC); @@ -21,4 +22,4 @@ class Application_Common_Database{ } return $rows; } -} \ No newline at end of file +}