From 27ea00f5d477f9416db1f36bae9ab13fc250482a Mon Sep 17 00:00:00 2001
From: Rudi Grinberg <rudi.grinberg@sourcefabric.org>
Date: Tue, 4 Sep 2012 13:50:13 -0400
Subject: [PATCH 1/4] Refactored sql substition into pdo

---
 airtime_mvc/application/models/Show.php | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/airtime_mvc/application/models/Show.php b/airtime_mvc/application/models/Show.php
index 046b95739..b033e18b9 100644
--- a/airtime_mvc/application/models/Show.php
+++ b/airtime_mvc/application/models/Show.php
@@ -1620,12 +1620,17 @@ class Application_Model_Show
             $startTimeString = $today_timestamp->format("Y-m-d H:i:s");
         }
 
-        $sql = "SELECT * FROM cc_show_days
-                WHERE last_show IS NULL
-                OR first_show < '{$endTimeString}' AND last_show > '{$startTimeString}'";
+        $con->prepare("
+            SELECT * FROM cc_show_days
+            WHERE last_show IS NULL
+            OR first_show < :endTimeString AND last_show > :startTimeString");
 
-        //Logging::info($sql);
-        $res = $con->query($sql)->fetchAll();
+        $stmt = $con->execute(array(
+            ':endTimeString' => $endTimeString,
+            ':startTimeString' => $startTimeString
+        ));
+
+        $res = $stm->fetchAll();
         foreach ($res as $row) {
             Application_Model_Show::populateShow($row, $p_endTimestamp);
         }

From 330828fbdd28aa840c399e36d3dcff9ae934c887 Mon Sep 17 00:00:00 2001
From: Rudi Grinberg <rudi.grinberg@sourcefabric.org>
Date: Tue, 4 Sep 2012 13:52:33 -0400
Subject: [PATCH 2/4] Refactored sql substition into pdo

---
 airtime_mvc/application/models/Show.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/airtime_mvc/application/models/Show.php b/airtime_mvc/application/models/Show.php
index b033e18b9..ba5b3c3a2 100644
--- a/airtime_mvc/application/models/Show.php
+++ b/airtime_mvc/application/models/Show.php
@@ -1223,8 +1223,9 @@ class Application_Model_Show
             $p_populateUntilDateTime = $date;
         }
 
-        $sql = "SELECT * FROM cc_show_days WHERE show_id = $p_showId";
-        $res = $con->query($sql)->fetchAll();
+        $con->prepare("SELECT * FROM cc_show_days WHERE show_id = :show_id");
+        $con->bindParam(':show_id', $p_showId);
+        $res = $con->execute()->fetchAll();
 
         foreach ($res as $showDaysRow) {
             Application_Model_Show::populateShow($showDaysRow, $p_populateUntilDateTime);

From c840de0a7130e8c7f5f2fe40e55ecc42e9d19a4a Mon Sep 17 00:00:00 2001
From: Rudi Grinberg <rudi.grinberg@sourcefabric.org>
Date: Tue, 4 Sep 2012 14:05:26 -0400
Subject: [PATCH 3/4] Fix to the fix

---
 airtime_mvc/application/models/Show.php | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/airtime_mvc/application/models/Show.php b/airtime_mvc/application/models/Show.php
index ba5b3c3a2..11709ce32 100644
--- a/airtime_mvc/application/models/Show.php
+++ b/airtime_mvc/application/models/Show.php
@@ -1223,9 +1223,10 @@ class Application_Model_Show
             $p_populateUntilDateTime = $date;
         }
 
-        $con->prepare("SELECT * FROM cc_show_days WHERE show_id = :show_id");
-        $con->bindParam(':show_id', $p_showId);
-        $res = $con->execute()->fetchAll();
+        $stmt = $con->prepare("SELECT * FROM cc_show_days WHERE show_id = :show_id");
+        $stmt->bindParam(':show_id', $p_showId);
+
+        $res = $stmt->execute()->fetchAll();
 
         foreach ($res as $showDaysRow) {
             Application_Model_Show::populateShow($showDaysRow, $p_populateUntilDateTime);
@@ -1621,17 +1622,17 @@ class Application_Model_Show
             $startTimeString = $today_timestamp->format("Y-m-d H:i:s");
         }
 
-        $con->prepare("
+        $stmt = $con->prepare("
             SELECT * FROM cc_show_days
             WHERE last_show IS NULL
             OR first_show < :endTimeString AND last_show > :startTimeString");
 
-        $stmt = $con->execute(array(
+        $stmt->execute(array(
             ':endTimeString' => $endTimeString,
             ':startTimeString' => $startTimeString
         ));
 
-        $res = $stm->fetchAll();
+        $res = $stmt->fetchAll();
         foreach ($res as $row) {
             Application_Model_Show::populateShow($row, $p_endTimestamp);
         }

From ed7d233ca272f30c1ac50a1df10086d981b68448 Mon Sep 17 00:00:00 2001
From: Rudi Grinberg <rudi.grinberg@sourcefabric.org>
Date: Tue, 4 Sep 2012 14:45:16 -0400
Subject: [PATCH 4/4] Changed execute( array(...) ) to multiple bindParam
 calls.

---
 airtime_mvc/application/models/Show.php | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/airtime_mvc/application/models/Show.php b/airtime_mvc/application/models/Show.php
index 11709ce32..32ebef4f2 100644
--- a/airtime_mvc/application/models/Show.php
+++ b/airtime_mvc/application/models/Show.php
@@ -1627,12 +1627,15 @@ class Application_Model_Show
             WHERE last_show IS NULL
             OR first_show < :endTimeString AND last_show > :startTimeString");
 
-        $stmt->execute(array(
-            ':endTimeString' => $endTimeString,
-            ':startTimeString' => $startTimeString
-        ));
+        //$stmt->execute(array(
+            //':endTimeString' => $endTimeString,
+            //':startTimeString' => $startTimeString
+        //));
+        $stmt->bindParam(':endTimeString', $endTimeString);
+        $stmt->bindParam(':startTimeString', $startTimeString);
 
-        $res = $stmt->fetchAll();
+
+        $res = $stmt->execute()->fetchAll();
         foreach ($res as $row) {
             Application_Model_Show::populateShow($row, $p_endTimestamp);
         }