Index: modules/contact/contact.admin.inc
===================================================================
RCS file: /cvs/drupal/drupal/modules/contact/contact.admin.inc,v
retrieving revision 1.7
diff -u -p -r1.7 contact.admin.inc
--- modules/contact/contact.admin.inc	5 Feb 2009 19:26:21 -0000	1.7
+++ modules/contact/contact.admin.inc	7 Mar 2009 22:22:57 -0000
@@ -18,13 +18,13 @@ function contact_admin_categories() {
   $result = db_query('SELECT cid, category, recipients, selected FROM {contact} ORDER BY weight, category');

   // Loop through the categories and add them to the table.
-  while ($category = db_fetch_object($result)) {
-    $rows[] = array(
-      $category->category,
-      $category->recipients,
-      ($category->selected ? t('Yes') : t('No')),
-      l(t('edit'), 'admin/build/contact/edit/' . $category->cid),
-      l(t('delete'), 'admin/build/contact/delete/' . $category->cid),
+  foreach ($result as $record) {
+    $row[] = array(
+      $record->category,
+      $record->recipients,
+      ($record->selected ? t('Yes') : t('No')),
+      l(t('edit'), 'admin/build/contact/edit/' . $record->cid),
+      l(t('delete'), 'admin/build/contact/delete/' . $record->cid),
     );
   }

@@ -109,7 +109,9 @@ function contact_admin_edit_validate($fo
 function contact_admin_edit_submit($form, &$form_state) {
   if ($form_state['values']['selected']) {
     // Unselect all other contact categories.
-    db_query('UPDATE {contact} SET selected = 0');
+    db_update('contact')
+      ->fields(array('selected' => '0'))
+      ->execute();
   }
   $recipients = explode(',', $form_state['values']['recipients']);
   foreach ($recipients as $key => $recipient) {
@@ -151,7 +153,9 @@ function contact_admin_delete(&$form_sta
  */
 function contact_admin_delete_submit($form, &$form_state) {
   $contact = $form_state['values']['contact'];
-  db_query("DELETE FROM {contact} WHERE cid = %d", $contact['cid']);
+  db_delete('contact')
+    ->condition('cid', $contact['cid'])
+    ->execute();
   drupal_set_message(t('Category %category has been deleted.', array('%category' => $contact['category'])));
   watchdog('mail', 'Contact form: category %category deleted.', array('%category' => $contact['category']), WATCHDOG_NOTICE);

Index: modules/contact/contact.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/contact/contact.module,v
retrieving revision 1.111
diff -u -p -r1.111 contact.module
--- modules/contact/contact.module	9 Oct 2008 15:15:51 -0000	1.111
+++ modules/contact/contact.module	7 Mar 2009 22:22:57 -0000
@@ -131,7 +131,8 @@ function _contact_user_tab_access($accou
  * Load the data for a single contact category.
  */
 function contact_load($cid) {
-  $contact = db_fetch_array(db_query("SELECT * FROM {contact} WHERE cid = %d", $cid));
+  $contact = db_query("SELECT cid, category, recipients, reply, weight, selected FROM {contact} WHERE cid = :cid", array(':cid' => $cid))
+    ->fetchAssoc();
   return empty($contact) ? FALSE : $contact;
 }

Index: modules/contact/contact.pages.inc
===================================================================
RCS file: /cvs/drupal/drupal/modules/contact/contact.pages.inc,v
retrieving revision 1.15
diff -u -p -r1.15 contact.pages.inc
--- modules/contact/contact.pages.inc	13 Oct 2008 00:33:02 -0000	1.15
+++ modules/contact/contact.pages.inc	7 Mar 2009 22:22:57 -0000
@@ -28,11 +28,16 @@ function contact_mail_page() {

   $form = $categories = array();

-  $result = db_query('SELECT cid, category, selected FROM {contact} ORDER BY weight, category');
-  while ($category = db_fetch_object($result)) {
-    $categories[$category->cid] = $category->category;
-    if ($category->selected) {
-      $default_category = $category->cid;
+  $result = db_select('contact')
+    ->fields('contact', array('cid', 'category', 'selected'))
+    ->orderby('weight')
+    ->orderby('category')
+    ->execute();
+
+  foreach ($result as $record) {
+    $categories[$record->cid] = $record->category;
+    if ($record->selected) {
+      $default_category = $record->cid;
     }
   }

Index: modules/contact/contact.test
===================================================================
RCS file: /cvs/drupal/drupal/modules/contact/contact.test,v
retrieving revision 1.14
diff -u -p -r1.14 contact.test
--- modules/contact/contact.test	30 Dec 2008 16:43:16 -0000	1.14
+++ modules/contact/contact.test	7 Mar 2009 22:22:57 -0000
@@ -65,7 +65,7 @@ class ContactSitewideTestCase extends Dr
     // Test update contact form category.
     $categories = $this->getCategories();
     $category_id = $this->updateCategory($categories, $category = $this->randomName(16), $recipients_str = implode(',', array($recipients[0], $recipients[1])), $reply = $this->randomName(30), FALSE);
-    $category_array = db_fetch_array(db_query('SELECT category, recipients, reply, selected FROM {contact} WHERE cid = %d', array($category_id)));
+    $category_array = db_query("SELECT category, recipients, reply, selected FROM {contact} WHERE cid = :cid", array(':cid' => $category_id))->fetchAssoc();
     $this->assertEqual($category_array['category'], $category);
     $this->assertEqual($category_array['recipients'], $recipients_str);
     $this->assertEqual($category_array['reply'], $reply);
@@ -88,7 +88,9 @@ class ContactSitewideTestCase extends Dr
     $this->assertRaw(t('Category %category has been added.', array('%category' => $category)), t('Category successfully added.'));

     // Clear flood table in preparation for flood test and allow other checks to complete.
-    $this->assertTrue(db_query('DELETE FROM {flood}'), t('Flood table emptied.'));
+    db_delete('flood')->execute();
+    $num_records_after = db_query("SELECT COUNT(*) FROM {flood}")->fetchField();
+    $this->assertIdentical($num_records_after, '0', t('Flood table emptied.'));

     // Check to see that anonymous user cannot see contact page without permission.
     $this->setPermission('anonymous user', array('access site-wide contact form' => FALSE));
@@ -125,7 +127,9 @@ class ContactSitewideTestCase extends Dr
     $this->assertText(t('Message field is required.'), t('Message required.'));

     // Test contact form with no default category selected.
-    db_query('UPDATE {contact} SET selected = 0');
+    db_update('contact')
+      ->fields(array('selected' => 0))
+      ->execute();
     $this->drupalGet('contact');
     $this->assertRaw(t('- Please choose -'), t('Without selected categories the visitor is asked to chose a category.'));

@@ -208,7 +212,7 @@ class ContactSitewideTestCase extends Dr
   function deleteCategories() {
     $categories = $this->getCategories();
     foreach ($categories as $category) {
-      $category_name = db_result(db_query('SELECT category FROM {contact} WHERE cid = %d', array($category)));
+      $category_name = db_query("SELECT category FROM {contact} WHERE cid = :cid", array(':cid' => $category))->fetchField();
       $this->drupalPost('admin/build/contact/delete/' . $category, array(), t('Delete'));
       $this->assertRaw(t('Category %category has been deleted.', array('%category' => $category_name)), t('Category deleted sucessfully.'));
     }
@@ -220,11 +224,7 @@ class ContactSitewideTestCase extends Dr
    * @return array Category ids.
    */
   function getCategories() {
-    $result = db_query('SELECT cid FROM {contact}');
-    $categories = array();
-    while ($category = db_result($result)) {
-      $categories[] = $category;
-    }
+    $categories = db_query('SELECT cid FROM {contact}')->fetchCol();
     return $categories;
   }

@@ -236,7 +236,7 @@ class ContactSitewideTestCase extends Dr
    */
   function setPermission($role, $permissions) {
     // Get role id (rid) for specified role.
-    $rid = db_result(db_query("SELECT rid FROM {role} WHERE name = '%s'", array($role)));
+    $rid = db_query("SELECT rid FROM {role} WHERE name = :name", array(':name' => $role))->fetchField();
     if ($rid === FALSE) {
       $this->fail(t(' [permission] Role "' . $role . '" not found.'));
     }
@@ -302,7 +302,9 @@ class ContactPersonalTestCase extends Dr
     $this->assertText(t('The message has been sent.'), t('Message sent.'));

     // Clear flood table in preparation for flood test and allow other checks to complete.
-    $this->assertTrue(db_query('DELETE FROM {flood}'), t('Flood table emptied.'));
+    db_delete('flood')->execute();
+    $num_records_flood = db_query("SELECT COUNT(*) FROM {flood}")->fetchField();
+    $this->assertIdentical($num_records_flood, '0', t('Flood table emptied.'));

     // Submit contact form with correct values and check flood interval.
     for ($i = 0; $i < $flood_control; $i++) {
