diff --git a/airtime_mvc/application/models/Schedule.php b/airtime_mvc/application/models/Schedule.php index b6cb20600..357141c08 100644 --- a/airtime_mvc/application/models/Schedule.php +++ b/airtime_mvc/application/models/Schedule.php @@ -418,7 +418,6 @@ SQL; public static function UpdateMediaPlayedStatus($p_id) { - $con = Propel::getConnection(); $sql = "UPDATE cc_schedule" ." SET media_item_played=TRUE"; // we need to update 'broadcasted' column as well @@ -431,11 +430,11 @@ SQL; $sql .= ", broadcasted=1"; } - $sql .= " WHERE id=$p_id"; + $sql .= " WHERE id=:pid"; + $map = array(":pid" => $p_id); - $retVal = $con->exec($sql); - - return $retVal; + Application_Common_Database::prepareAndExecute($sql, $map, + Application_Common_Database::EXECUTE); } public static function UpdateBrodcastedStatus($dateTime, $value) @@ -952,8 +951,9 @@ SQL; public static function deleteAll() { - $con = Propel::getConnection(); - $con->exec("TRUNCATE TABLE cc_schedule"); + $sql = "TRUNCATE TABLE cc_schedule"; + Application_Common_Database::prepareAndExecute($sql, array(), + Application_Common_Database::EXECUTE); } public static function deleteWithFileId($fileId) diff --git a/airtime_mvc/application/models/Show.php b/airtime_mvc/application/models/Show.php index f097958d0..c4233f5e5 100644 --- a/airtime_mvc/application/models/Show.php +++ b/airtime_mvc/application/models/Show.php @@ -602,8 +602,6 @@ SQL; Application_Common_Database::prepareAndExecute( $sql, array( ':showId' => $this->getId(), ':timestamp' => gmdate("Y-m-d H:i:s")), 'execute'); - - $con->exec($sql); } /** @@ -617,8 +615,6 @@ SQL; */ public function removeAllInstancesFromDate($p_date=null) { - $con = Propel::getConnection(); - $timestamp = gmdate("Y-m-d H:i:s"); if (is_null($p_date)) { @@ -628,12 +624,16 @@ SQL; $showId = $this->getId(); $sql = "DELETE FROM cc_show_instances " - ." WHERE date(starts) >= DATE '$p_date'" - ." AND starts > TIMESTAMP '$timestamp'" - ." AND show_id = $showId"; + ." WHERE date(starts) >= :date::date" + ." AND starts > :timestamp::timestamp" + ." AND show_id = :showId"; - $con->exec($sql); + $map = array(":date"=>$p_date, + ':timestamp'=>$timestamp, + ':showId'=>$showId); + $res = Application_Common_Database::prepareAndExecute($sql, $map, + Application_Common_Database::EXECUTE); } /** @@ -650,17 +650,20 @@ SQL; */ public function removeAllInstancesBeforeDate($p_date) { - $con = Propel::getConnection(); - $timestamp = gmdate("Y-m-d H:i:s"); $showId = $this->getId(); $sql = "DELETE FROM cc_show_instances " - ." WHERE date(starts) < DATE '$p_date'" - ." AND starts > TIMESTAMP '$timestamp'" - ." AND show_id = $showId"; + ." WHERE date(starts) < :date::date" + ." AND starts > :timestamp::timestamp" + ." AND show_id = :showId"; - $con->exec($sql); + $map = array(":date"=>$p_date, + ":timestamp"=>$timestamp, + ":showId"=>$showId); + + $res = Application_Common_Database::prepareAndExecute($sql, $map, + Application_Common_Database::EXECUTE); } public function getNextFutureRepeatShowTime() @@ -870,43 +873,62 @@ SQL; private function updateStartDateTime($p_data, $p_endDate) { - //need to update cc_schedule, cc_show_instances, cc_show_days - $con = Propel::getConnection(); - $date = new Application_Common_DateHelper; $timestamp = $date->getTimestamp(); //TODO fix this from overwriting info. $sql = "UPDATE cc_show_days " - ."SET start_time = TIME '$p_data[add_show_start_time]', " - ."first_show = DATE '$p_data[add_show_start_date]', "; + ."SET start_time = :start_time::time, " + ."first_show = :start_date::date, "; if (strlen ($p_endDate) == 0) { $sql .= "last_show = NULL "; } else { - $sql .= "last_show = DATE '$p_endDate' "; + $sql .= "last_show = :end_date::date"; } - $sql .= "WHERE show_id = $p_data[add_show_id]"; - $con->exec($sql); + $sql .= "WHERE show_id = :show_id"; + + $map = array(":start_time" => $p_data['add_show_start_time'], + ':start_date' => $p_data['add_show_start_date'], + ':end_date' => $p_endDate, + ':show_id' => $p_data['add_show_id'], + ); + + $res = Application_Common_Database::prepareAndExecute($sql, $map, + Application_Common_Database::EXECUTE); $dtOld = new DateTime($this->getStartDate()." ".$this->getStartTime(), new DateTimeZone("UTC")); - $dtNew = new DateTime($p_data['add_show_start_date']." ".$p_data['add_show_start_time'], new DateTimeZone(date_default_timezone_get())); + $dtNew = new DateTime($p_data['add_show_start_date']." ".$p_data['add_show_start_time'], + new DateTimeZone(date_default_timezone_get())); $diff = $dtOld->getTimestamp() - $dtNew->getTimestamp(); $sql = "UPDATE cc_show_instances " - ."SET starts = starts + INTERVAL '$diff sec', " - ."ends = ends + INTERVAL '$diff sec' " - ."WHERE show_id = $p_data[add_show_id] " - ."AND starts > TIMESTAMP '$timestamp'"; - $con->exec($sql); + ."SET starts = starts + :diff1::interval, " + ."ends = ends + :diff2::interval " + ."WHERE show_id = :show_id " + ."AND starts > :timestamp::timestamp"; + $map = array( + ":diff1"=>"$diff sec", + ":diff2"=>"$diff sec", + ":show_id"=>$p_data['add_show_id'], + ":timestamp"=>$timestamp, + ); + $res = Application_Common_Database::prepareAndExecute($sql, $map, + Application_Common_Database::EXECUTE); $showInstanceIds = $this->getAllFutureInstanceIds(); if (count($showInstanceIds) > 0 && $diff != 0) { $showIdsImploded = implode(",", $showInstanceIds); $sql = "UPDATE cc_schedule " - ."SET starts = starts + INTERVAL '$diff sec', " - ."ends = ends + INTERVAL '$diff sec' " - ."WHERE instance_id IN ($showIdsImploded)"; - $con->exec($sql); + ."SET starts = starts + :diff1::interval, " + ."ends = ends + :diff2::interval " + ."WHERE instance_id IN (:show_ids)"; + $map = array( + ":diff1"=>"$diff sec", + ":diff2"=>"$diff sec", + ":show_ids"=>$showIdsImploded, + ); + $res = Application_Common_Database::prepareAndExecute($sql, $map, + Application_Common_Database::EXECUTE); } } diff --git a/airtime_mvc/application/models/StreamSetting.php b/airtime_mvc/application/models/StreamSetting.php index 58c8fb496..1cc2eae3c 100644 --- a/airtime_mvc/application/models/StreamSetting.php +++ b/airtime_mvc/application/models/StreamSetting.php @@ -265,11 +265,12 @@ class Application_Model_StreamSetting */ public static function setIndividualStreamSetting($data) { - $con = Propel::getConnection(); - foreach ($data as $keyname => $v) { - $sql = "UPDATE cc_stream_setting SET value='$v' WHERE keyname='$keyname'"; - $con->exec($sql); + $sql = "UPDATE cc_stream_setting SET value=:v WHERE keyname=:keyname"; + $map = array(":v" => $v, ":keyname"=>$keyname); + + $res = Application_Common_Database::prepareAndExecute($sql, $map, + Application_Common_Database::EXECUTE); } } diff --git a/airtime_mvc/application/models/Subjects.php b/airtime_mvc/application/models/Subjects.php index 8977bcd12..cd220da88 100644 --- a/airtime_mvc/application/models/Subjects.php +++ b/airtime_mvc/application/models/Subjects.php @@ -20,20 +20,25 @@ class Application_Model_Subjects public static function increaseLoginAttempts($login) { - $con = Propel::getConnection(); $sql = "UPDATE cc_subjs SET login_attempts = login_attempts+1" - ." WHERE login='$login'"; - $res = $con->exec($sql); + ." WHERE login=:login"; + + $map = array(":login" => $login); + + $res = Application_Common_Database::prepareAndExecute($sql, $map, + Application_Common_Database::EXECUTE); return (intval($res) > 0); } public static function resetLoginAttempts($login) { - $con = Propel::getConnection(); $sql = "UPDATE cc_subjs SET login_attempts = '0'" - ." WHERE login='$login'"; - $res = $con->exec($sql); + ." WHERE login=:login"; + $map = array(":login" => $login); + + $res = Application_Common_Database::prepareAndExecute($sql, $map, + Application_Common_Database::EXECUTE); return true; }