Index: blog.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/blog/blog.module,v
retrieving revision 1.309
diff -u -p -r1.309 blog.module
--- blog.module	22 Jul 2008 20:00:55 -0000	1.309
+++ blog.module	31 Aug 2008 12:28:17 -0000
@@ -77,7 +77,7 @@ function blog_form(&$node) {
   global $nid;
   $iid = isset($_GET['iid']) ? (int)$_GET['iid'] : 0;
   $type = node_get_types('type', $node);
-
+  
   if (empty($node->body)) {
     // If the user clicked a "blog it" link, we load the data from the
     // database and quote it in the blog.
@@ -85,14 +85,20 @@ function blog_form(&$node) {
       $node->body = '<em>' . $blog->body . '</em> [' . l($blog->name, "node/$nid") . ']';
     }
 
-    if ($iid && $item = db_fetch_object(db_query('SELECT i.*, f.title as ftitle, f.link as flink FROM {aggregator_item} i, {aggregator_feed} f WHERE i.iid = %d AND i.fid = f.fid', $iid))) {
+    if ($iid && $item = db_query('SELECT i.*, f.title as ftitle, f.link as flink FROM {aggregator_item} i, {aggregator_feed} f WHERE i.iid = :iid AND i.fid = f.fid', array(':iid' => $iid))->fetch()) {
       $node->title = $item->title;
       // Note: $item->description has been validated on aggregation.
       $node->body = '<a href="' . check_url($item->link) . '">' . check_plain($item->title) . '</a> - <em>' . $item->description . '</em> [<a href="' . check_url($item->flink) . '">' . check_plain($item->ftitle) . "</a>]\n";
     }
   }
-
-  $form['title'] = array('#type' => 'textfield', '#title' => check_plain($type->title_label), '#required' => TRUE, '#default_value' => !empty($node->title) ? $node->title : NULL, '#weight' => -5);
+  
+  $form['title'] = array(
+    '#type' => 'textfield',
+    '#title' => check_plain($type->title_label),
+    '#required' => TRUE,
+    '#default_value' => !empty($node->title) ? $node->title : NULL,
+    '#weight' => -5, 
+  );
   $form['body_field'] = node_body_field($node, $type->body_label, $type->min_word_count);
 
   return $form;
@@ -178,7 +184,11 @@ function blog_page_user_access($account)
  * Helper function to determine if a user has blog posts already.
  */
 function _blog_post_exists($account) {
-  return (bool)db_result(db_query_range(db_rewrite_sql("SELECT 1 FROM {node} n WHERE n.type = 'blog' AND n.uid = %d AND n.status = 1"), $account->uid, 0, 1));
+  return (bool)db_query_range(db_rewrite_sql("SELECT 1 FROM {node} n WHERE n.type = :type AND n.uid = :uid AND n.status = :status", array(
+    ':type' => 'blog',
+    ':uid' => $account->uid,
+    ':status' => 1,
+    )), 0, 1)->fetch();
 }
 
 /**
@@ -194,7 +204,10 @@ function blog_block($op = 'list', $delta
   }
   elseif ($op == 'view') {
     if (user_access('access content')) {
-      $result = db_query_range(db_rewrite_sql("SELECT n.nid, n.title, n.created FROM {node} n WHERE n.type = 'blog' AND n.status = 1 ORDER BY n.created DESC"), 0, 10);
+      $result = db_query_range(db_rewrite_sql("SELECT n.nid, n.title, n.created FROM {node} n WHERE n.type = :type AND n.status = :status ORDER BY n.created DESC"), array(
+        ':type' => 'blog',
+        ':status' => 1,
+      ), 0, 10);
       if ($node_title_list = node_title_list($result)) {
         $block['content'] = $node_title_list;
         $block['content'] .= theme('more_link', url('blog'), t('Read the latest blog entries.'));