diff -urpN drupal/includes/actions.inc drupal-6.x-dev-pre_pdo-0.3/includes/actions.inc
--- drupal/includes/actions.inc 2007-08-29 22:57:49.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/includes/actions.inc 2007-09-03 02:23:34.000000000 +0800
@@ -239,7 +239,7 @@ function actions_function_lookup($hash)
}
// Must be an instance; must check database.
- $aid = db_result(db_query("SELECT aid FROM {actions} WHERE MD5(aid) = '%s' AND parameters != ''", $hash));
+ $aid = db_result(db_query("SELECT aid FROM {actions} WHERE MD5(aid) = %s AND parameters != ''", $hash));
return $aid;
}
@@ -272,7 +272,7 @@ function actions_synchronize($actions_in
}
else {
// This is a new singleton that we don't have an aid for; assign one.
- db_query("INSERT INTO {actions} (aid, type, callback, parameters, description) VALUES ('%s', '%s', '%s', '%s', '%s')", $callback, $array['type'], $callback, '', $array['description']);
+ db_query("INSERT INTO {actions} (aid, type, callback, parameters, description) VALUES (%s, %s, %s, %s, %s)", $callback, $array['type'], $callback, '', $array['description']);
watchdog('actions', t("Action '%action' added.", array('%action' => filter_xss_admin($array['description']))));
}
}
@@ -285,7 +285,7 @@ function actions_synchronize($actions_in
foreach ($actions_in_db as $callback => $array) {
$orphaned[] = $callback;
- $placeholder[] = "'%s'";
+ $placeholder[] = "%s";
}
$orphans = implode(', ', $orphaned);
@@ -326,7 +326,7 @@ function actions_synchronize($actions_in
function actions_save($function, $type, $params, $desc, $aid = NULL) {
$serialized = serialize($params);
if ($aid) {
- db_query("UPDATE {actions} SET callback = '%s', type = '%s', parameters = '%s', description = '%s' WHERE aid = %d", $function, $type, $serialized, $desc, $aid);
+ db_query("UPDATE {actions} SET callback = %s, type = %s, parameters = %s, description = %s WHERE aid = %d", $function, $type, $serialized, $desc, $aid);
watchdog('actions', 'Action %action saved.', array('%action' => $desc));
}
else {
@@ -334,7 +334,7 @@ function actions_save($function, $type,
// separate table for numeric aids.
db_query('INSERT INTO {actions_aid} () VALUES ()');
$aid = db_last_insert_id('actions_aid', 'aid');
- db_query("INSERT INTO {actions} (aid, callback, type, parameters, description) VALUES (%d, '%s', '%s', '%s', '%s')", $aid, $function, $type, $serialized, $desc);
+ db_query("INSERT INTO {actions} (aid, callback, type, parameters, description) VALUES (%d, %s, %s, %s, %s)", $aid, $function, $type, $serialized, $desc);
watchdog('actions', 'Action %action created.', array('%action' => $desc));
}
diff -urpN drupal/includes/batch.inc drupal-6.x-dev-pre_pdo-0.3/includes/batch.inc
--- drupal/includes/batch.inc 2007-07-20 13:44:13.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/includes/batch.inc 2007-09-03 02:23:34.000000000 +0800
@@ -11,7 +11,7 @@
function _batch_page() {
$batch =& batch_get();
- if (isset($_REQUEST['id']) && $data = db_result(db_query("SELECT batch FROM {batch} WHERE bid = %d AND token = '%s'", $_REQUEST['id'], drupal_get_token($_REQUEST['id'])))) {
+ if (isset($_REQUEST['id']) && $data = db_result(db_query("SELECT batch FROM {batch} WHERE bid = %d AND token = %s", $_REQUEST['id'], drupal_get_token($_REQUEST['id'])))) {
$batch = unserialize($data);
}
else {
@@ -320,6 +320,6 @@ function _batch_finished() {
*/
function _batch_shutdown() {
if ($batch = batch_get()) {
- db_query("UPDATE {batch} SET batch = '%s' WHERE bid = %d", serialize($batch), $batch['id']);
+ db_query("UPDATE {batch} SET batch = %s WHERE bid = %d", serialize($batch), $batch['id']);
}
}
diff -urpN drupal/includes/bootstrap.inc drupal-6.x-dev-pre_pdo-0.3/includes/bootstrap.inc
--- drupal/includes/bootstrap.inc 2007-09-01 20:50:47.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/includes/bootstrap.inc 2007-09-03 02:23:34.000000000 +0800
@@ -385,7 +385,7 @@ function drupal_get_filename($type, $nam
// the database. This is required because this function is called both
// before we have a database connection (i.e. during installation) and
// when a database connection fails.
- elseif ($active_db && (($file = db_result(db_query("SELECT filename FROM {system} WHERE name = '%s' AND type = '%s'", $name, $type))) && file_exists($file))) {
+ elseif ($active_db && (($file = db_result(db_query("SELECT filename FROM {system} WHERE name = %s AND type = %s", $name, $type))) && file_exists($file))) {
$files[$type][$name] = $file;
}
else {
@@ -464,9 +464,9 @@ function variable_set($name, $value) {
global $conf;
$serialized_value = serialize($value);
- db_query("UPDATE {variable} SET value = '%s' WHERE name = '%s'", $serialized_value, $name);
+ db_query("UPDATE {variable} SET value = %s WHERE name = %s", $serialized_value, $name);
if (!db_affected_rows()) {
- @db_query("INSERT INTO {variable} (name, value) VALUES ('%s', '%s')", $name, $serialized_value);
+ @db_query("INSERT INTO {variable} (name, value) VALUES (%s, %s)", $name, $serialized_value);
}
cache_clear_all('variables', 'cache');
@@ -483,7 +483,7 @@ function variable_set($name, $value) {
function variable_del($name) {
global $conf;
- db_query("DELETE FROM {variable} WHERE name = '%s'", $name);
+ db_query("DELETE FROM {variable} WHERE name = %s", $name);
cache_clear_all('variables', 'cache');
unset($conf[$name]);
@@ -828,7 +828,7 @@ function drupal_is_denied($type, $mask)
// (allowed).
// The use of ORDER BY / LIMIT is more efficient than "MAX(status) = 0"
// in PostgreSQL <= 8.0.
- return (bool) db_result(db_query_range("SELECT CASE WHEN status=1 THEN 0 ELSE 1 END FROM {access} WHERE type = '%s' AND LOWER(mask) LIKE LOWER('%s') ORDER BY status DESC", $type, $mask, 0, 1));
+ return (bool) db_result(db_query_range("SELECT CASE WHEN status=1 THEN 0 ELSE 1 END FROM {access} WHERE type = %s AND LOWER(mask) LIKE LOWER(%s) ORDER BY status DESC", $type, $mask, 0, 1));
}
/**
diff -urpN drupal/includes/cache.inc drupal-6.x-dev-pre_pdo-0.3/includes/cache.inc
--- drupal/includes/cache.inc 2007-08-26 17:33:49.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/includes/cache.inc 2007-09-03 02:24:48.000000000 +0800
@@ -22,7 +22,7 @@ function cache_get($cid, $table = 'cache
variable_set('cache_flush', 0);
}
- $cache = db_fetch_object(db_query("SELECT data, created, headers, expire, serialized FROM {". $table ."} WHERE cid = '%s'", $cid));
+ $cache = db_fetch_object(db_query("SELECT data, created, headers, expire, serialized FROM {". $table ."} WHERE cid = %s", $cid));
if (isset($cache->data)) {
// If the data is permanent or we're not enforcing a minimum cache lifetime
// always return the cached data.
@@ -105,10 +105,11 @@ function cache_set($cid, $data, $table =
$serialized = 1;
}
$created = time();
- db_query("UPDATE {". $table ."} SET data = %b, created = %d, expire = %d, headers = '%s', serialized = %d WHERE cid = '%s'", $data, $created, $expire, $headers, $serialized, $cid);
+ db_query("UPDATE {". $table ."} SET data = %b, created = %d, expire = %d, headers = %s, serialized = %d WHERE cid = %s", NULL, $created, $expire, $headers, $serialized, $cid);
if (!db_affected_rows()) {
- @db_query("INSERT INTO {". $table ."} (cid, data, created, expire, headers, serialized) VALUES ('%s', %b, %d, %d, '%s', %d)", $cid, $data, $created, $expire, $headers, $serialized);
+ @db_query("INSERT INTO {". $table ."} (cid, data, created, expire, headers, serialized) VALUES (%s, %b, %d, %d, %s, %d)", $cid, NULL, $created, $expire, $headers, $serialized);
}
+ db_update_blob("cid = %s", $cid, db_prefix_tables('{' . $table . '}'), 'data', $data);
}
/**
@@ -169,11 +170,11 @@ function cache_clear_all($cid = NULL, $t
db_query("DELETE FROM {". $table ."}");
}
else {
- db_query("DELETE FROM {". $table ."} WHERE cid LIKE '%s%%'", $cid);
+ db_query("DELETE FROM {". $table ."} WHERE cid LIKE %s", $cid . "%");
}
}
else {
- db_query("DELETE FROM {". $table ."} WHERE cid = '%s'", $cid);
+ db_query("DELETE FROM {". $table ."} WHERE cid = %s", $cid);
}
}
}
diff -urpN drupal/includes/common.inc drupal-6.x-dev-pre_pdo-0.3/includes/common.inc
--- drupal/includes/common.inc 2007-08-30 23:53:39.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/includes/common.inc 2007-09-03 02:23:34.000000000 +0800
@@ -811,7 +811,7 @@ function valid_url($url, $absolute = FAL
* The name of the event.
*/
function flood_register_event($name) {
- db_query("INSERT INTO {flood} (event, hostname, timestamp) VALUES ('%s', '%s', %d)", $name, ip_address(), time());
+ db_query("INSERT INTO {flood} (event, hostname, timestamp) VALUES (%s, %s, %d)", $name, ip_address(), time());
}
/**
@@ -827,7 +827,7 @@ function flood_register_event($name) {
* True if the user did not exceed the hourly threshold. False otherwise.
*/
function flood_is_allowed($name, $threshold) {
- $number = db_result(db_query("SELECT COUNT(*) FROM {flood} WHERE event = '%s' AND hostname = '%s' AND timestamp > %d", $name, ip_address(), time() - 3600));
+ $number = db_result(db_query("SELECT COUNT(*) FROM {flood} WHERE event = %s AND hostname = %s AND timestamp > %d", $name, ip_address(), time() - 3600));
return ($number < $threshold ? TRUE : FALSE);
}
diff -urpN drupal/includes/database.inc drupal-6.x-dev-pre_pdo-0.3/includes/database.inc
--- drupal/includes/database.inc 2007-08-31 03:54:21.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/includes/database.inc 2007-09-03 02:25:54.000000000 +0800
@@ -174,23 +174,25 @@ function _db_query_callback($match, $ini
}
switch ($match[1]) {
- case '%d': // We must use type casting to int to convert FALSE/NULL/(TRUE?)
- return (int) array_shift($args); // We don't need db_escape_string as numbers are db-safe
- case '%s':
- return db_escape_string(array_shift($args));
case '%%':
return '%';
+ case '%d':
+ return db_escape_decimal(array_shift($args));
case '%f':
- return (float) array_shift($args);
- case '%b': // binary data
+ return db_escape_float(array_shift($args));
+ case '%s':
+ return db_escape_string(array_shift($args));
+ case '%b': // Binary Large OBject.
return db_encode_blob(array_shift($args));
+ case '%c': // Character Large OBject.
+ return db_encode_clob(array_shift($args));
}
}
/**
* Indicates the place holders that should be replaced in _db_query_callback().
*/
-define('DB_QUERY_REGEXP', '/(%d|%s|%%|%f|%b)/');
+define('DB_QUERY_REGEXP', '/(%%|%d|%f|%s|%b|%c)/');
/**
* Helper function for db_rewrite_sql.
@@ -466,15 +468,7 @@ function _db_type_placeholder($type) {
case 'varchar':
case 'text':
case 'datetime':
- return '\'%s\'';
-
case 'numeric':
- // For 'numeric' values, we use '%s', not '\'%s\'' as with
- // string types, because numeric values should not be enclosed
- // in quotes in queries (though they can be, at least on mysql
- // and pgsql). Numerics should only have [0-9.+-] and
- // presumably no db's "escape string" function will mess with
- // those characters.
return '%s';
case 'serial':
diff -urpN drupal/includes/database.mysql-common.inc drupal-6.x-dev-pre_pdo-0.3/includes/database.mysql-common.inc
--- drupal/includes/database.mysql-common.inc 2007-08-26 16:27:09.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/includes/database.mysql-common.inc 2007-09-03 02:28:19.000000000 +0800
@@ -26,7 +26,11 @@
* you may also pass a single array containing the query arguments.
*
* Valid %-modifiers are: %s, %d, %f, %b (binary data, do not enclose
- * in '') and %%.
+ * in ''), %c (character large object, do not enclose in '') and %%.
+ *
+ * NOTE: use NULL as arguments substitution for %b and %c. This will be
+ * replaced as corresponding empty LOB value placeholder, based on the
+ * database specific representation.
*
* NOTE: using this syntax will cast NULL and FALSE values to decimal 0,
* and TRUE values to decimal 1.
@@ -216,6 +220,9 @@ function db_type_map() {
'blob:big' => 'LONGBLOB',
'blob:normal' => 'BLOB',
+ 'clob:big' => 'LONGTEXT',
+ 'clob:normal' => 'TEXT',
+
'datetime:normal' => 'DATETIME',
);
return $map;
@@ -480,6 +487,106 @@ function db_last_insert_id($table, $fiel
return db_result(db_query('SELECT LAST_INSERT_ID()'));
}
+/*
+ * Prepare user input for use in a database query, preventing SQL injection attacks.
+ */
+function db_escape_decimal($data) {
+ return (int) $data;
+}
+
+/**
+ * Prepare user input for use in a database query, preventing SQL injection attacks.
+ */
+function db_escape_float($data) {
+ return (float) $data;
+}
+
+/**
+ * Update the Binary Large Object value, based on the database specific
+ * implementation.
+ *
+ * @param $query
+ * A string containing an update condition query (where clause).
+ * @param ...
+ * A variable number of arguments which are substituted into the query
+ * WHERE condition, using printf() syntax. Instead of a variable number
+ * of query arguments, you may also pass a single array containing the
+ * query arguments.
+ *
+ * Valid %-modifiers are: %s, %d, %f and %%.
+ *
+ * NOTE: using this syntax will cast NULL and FALSE values to decimal 0,
+ * and TRUE values to decimal 1.
+ *
+ * @param $table
+ * Table to update.
+ * @param $column
+ * Column to update.
+ * @param $value
+ * Values to update.
+ * @return
+ * A database query result resource, or FALSE if the query was not
+ * executed correctly.
+ */
+function db_update_blob($query) {
+ $args = func_get_args();
+ $value = array_pop($args);
+ $column = array_pop($args);
+ $table = array_pop($args);
+ array_shift($args);
+
+ if (isset($args[0]) and is_array($args[0])) { // 'All arguments in one array' syntax
+ $args = $args[0];
+ }
+ _db_query_callback($args, TRUE);
+ $query = preg_replace_callback(DB_QUERY_REGEXP, '_db_query_callback', $query);
+ $query = 'UPDATE ' . $table . ' SET ' . $column . ' = ' . db_encode_blob($value) . ' WHERE ' . $query;
+ return _db_query($query);
+}
+
+/**
+ * Update the Character Large Object value, based on the database specific
+ * implementation.
+ *
+ * @param $query
+ * A string containing an update condition query (where clause).
+ * @param ...
+ * A variable number of arguments which are substituted into the query
+ * WHERE condition, using printf() syntax. Instead of a variable number
+ * of query arguments, you may also pass a single array containing the
+ * query arguments.
+ *
+ * Valid %-modifiers are: %s, %d, %f and %%.
+ *
+ * NOTE: using this syntax will cast NULL and FALSE values to decimal 0,
+ * and TRUE values to decimal 1.
+ *
+ * @param $table
+ * Table to update.
+ * @param $column
+ * Column to update.
+ * @param $value
+ * Values to update.
+ * @return
+ * A database query result resource, or FALSE if the query was not
+ * executed correctly.
+ */
+function db_update_clob($query) {
+ $args = func_get_args();
+ $value = array_pop($args);
+ $column = array_pop($args);
+ $table = array_pop($args);
+ array_shift($args);
+
+ if (isset($args[0]) and is_array($args[0])) { // 'All arguments in one array' syntax
+ $args = $args[0];
+ }
+ _db_query_callback($args, TRUE);
+ $query = preg_replace_callback(DB_QUERY_REGEXP, '_db_query_callback', $query);
+ $query = 'UPDATE ' . $table . ' SET ' . $column . ' = ' . db_encode_clob($value) . ' WHERE ' . $query;
+ return _db_query($query);
+}
+
/**
* @} End of "ingroup schemaapi".
- */
\ No newline at end of file
+ */
diff -urpN drupal/includes/database.mysqli.inc drupal-6.x-dev-pre_pdo-0.3/includes/database.mysqli.inc
--- drupal/includes/database.mysqli.inc 2007-08-30 02:38:55.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/includes/database.mysqli.inc 2007-09-03 02:29:30.000000000 +0800
@@ -243,7 +243,11 @@ function db_affected_rows() {
* using printf() syntax. The query arguments can be enclosed in one
* array instead.
* Valid %-modifiers are: %s, %d, %f, %b (binary data, do not enclose
- * in '') and %%.
+ * in ''), %c (character large object, do not enclose in '') and %%.
+ *
+ * NOTE: use NULL as arguments substitution for %b and %c. This will be
+ * replaced as corresponding empty LOB value placeholder, based on the
+ * database specific representation.
*
* NOTE: using this syntax will cast NULL and FALSE values to decimal 0,
* and TRUE values to decimal 1.
@@ -292,7 +296,11 @@ function db_query_range($query) {
* using printf() syntax. The query arguments can be enclosed in one
* array instead.
* Valid %-modifiers are: %s, %d, %f, %b (binary data, do not enclose
- * in '') and %%.
+ * in ''), %c (character large object, do not enclose in '') and %%.
+ *
+ * NOTE: use NULL as arguments substitution for %b and %c. This will be
+ * replaced as corresponding empty LOB value placeholder, based on the
+ * database specific representation.
*
* NOTE: using this syntax will cast NULL and FALSE values to decimal 0,
* and TRUE values to decimal 1.
@@ -319,16 +327,24 @@ function db_query_temporary($query) {
}
/**
+ * Prepare user input for use in a database query, preventing SQL injection attacks.
+ */
+function db_escape_string($data) {
+ global $active_db;
+ return "'" . mysqli_real_escape_string($active_db, $data) . "'";
+}
+
+/**
* Returns a properly formatted Binary Large Object value.
*
* @param $data
* Data to encode.
* @return
- * Encoded data.
+ * Encoded data, or empty LOB value placeholder for NULL $data.
*/
function db_encode_blob($data) {
global $active_db;
- return "'". mysqli_real_escape_string($active_db, $data) ."'";
+ return !is_null($data) ? "'". mysqli_real_escape_string($active_db, $data) ."'" : "''";
}
/**
@@ -344,11 +360,28 @@ function db_decode_blob($data) {
}
/**
- * Prepare user input for use in a database query, preventing SQL injection attacks.
+ * Returns a properly formatted Character Large OBject value.
+ *
+ * @param $data
+ * Data to encode.
+ * @return
+ * Encoded data, or empty LOB value placeholder for NULL $data.
*/
-function db_escape_string($text) {
+function db_encode_clob($data) {
global $active_db;
- return mysqli_real_escape_string($active_db, $text);
+ return !is_null($data) ? "'". mysqli_real_escape_string($active_db, $data) ."'" : "''";
+}
+
+/**
+ * Returns text from a Character Large OBject value.
+ *
+ * @param $data
+ * Data to decode.
+ * @return
+ * Decoded data.
+ */
+function db_decode_clob($data) {
+ return $data;
}
/**
@@ -376,7 +409,7 @@ function db_table_exists($table) {
* Check if a column exists in the given table.
*/
function db_column_exists($table, $column) {
- return db_fetch_object(db_query("SHOW COLUMNS FROM {%s} LIKE '%s'", $table, $column)) ? TRUE : FALSE;
+ return db_fetch_object(db_query("SHOW COLUMNS FROM {%s} LIKE %s", $table, $column)) ? TRUE : FALSE;
}
/**
diff -urpN drupal/includes/database.mysql.inc drupal-6.x-dev-pre_pdo-0.3/includes/database.mysql.inc
--- drupal/includes/database.mysql.inc 2007-08-30 02:38:55.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/includes/database.mysql.inc 2007-09-03 02:29:40.000000000 +0800
@@ -244,7 +244,11 @@ function db_affected_rows() {
* using printf() syntax. The query arguments can be enclosed in one
* array instead.
* Valid %-modifiers are: %s, %d, %f, %b (binary data, do not enclose
- * in '') and %%.
+ * in ''), %c (character large object, do not enclose in '') and %%.
+ *
+ * NOTE: use NULL as arguments substitution for %b and %c. This will be
+ * replaced as corresponding empty LOB value placeholder, based on the
+ * database specific representation.
*
* NOTE: using this syntax will cast NULL and FALSE values to decimal 0,
* and TRUE values to decimal 1.
@@ -293,7 +297,11 @@ function db_query_range($query) {
* using printf() syntax. The query arguments can be enclosed in one
* array instead.
* Valid %-modifiers are: %s, %d, %f, %b (binary data, do not enclose
- * in '') and %%.
+ * in ''), %c (character large object, do not enclose in '') and %%.
+ *
+ * NOTE: use NULL as arguments substitution for %b and %c. This will be
+ * replaced as corresponding empty LOB value placeholder, based on the
+ * database specific representation.
*
* NOTE: using this syntax will cast NULL and FALSE values to decimal 0,
* and TRUE values to decimal 1.
@@ -320,16 +328,24 @@ function db_query_temporary($query) {
}
/**
+ * Prepare user input for use in a database query, preventing SQL injection attacks.
+ */
+function db_escape_string($data) {
+ global $active_db;
+ return "'" . mysql_real_escape_string($data, $active_db) . "'";
+}
+
+/**
* Returns a properly formatted Binary Large OBject value.
*
* @param $data
* Data to encode.
* @return
- * Encoded data.
+ * Encoded data, or empty LOB value placeholder for NULL $data.
*/
function db_encode_blob($data) {
global $active_db;
- return "'". mysql_real_escape_string($data, $active_db) ."'";
+ return !is_null($data) ? "'". mysql_real_escape_string($data, $active_db) ."'" : "''";
}
/**
@@ -345,11 +361,28 @@ function db_decode_blob($data) {
}
/**
- * Prepare user input for use in a database query, preventing SQL injection attacks.
+ * Returns a properly formatted Character Large OBject value.
+ *
+ * @param $data
+ * Data to encode.
+ * @return
+ * Encoded data, or empty LOB value placeholder for NULL $data.
*/
-function db_escape_string($text) {
+function db_encode_clob($data) {
global $active_db;
- return mysql_real_escape_string($text, $active_db);
+ return !is_null($data) ? "'". mysql_real_escape_string($data, $active_db) ."'" : "''";
+}
+
+/**
+ * Returns text from a Character Large Object value.
+ *
+ * @param $data
+ * Data to decode.
+ * @return
+ * Decoded data.
+ */
+function db_decode_clob($data) {
+ return $data;
}
/**
@@ -377,7 +410,7 @@ function db_table_exists($table) {
* Check if a column exists in the given table.
*/
function db_column_exists($table, $column) {
- return db_fetch_object(db_query("SHOW COLUMNS FROM {%s} LIKE '%s'", $table, $column)) ? TRUE : FALSE;
+ return db_fetch_object(db_query("SHOW COLUMNS FROM {%s} LIKE %s", $table, $column)) ? TRUE : FALSE;
}
/**
diff -urpN drupal/includes/database.pgsql.inc drupal-6.x-dev-pre_pdo-0.3/includes/database.pgsql.inc
--- drupal/includes/database.pgsql.inc 2007-08-30 02:38:55.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/includes/database.pgsql.inc 2007-09-03 02:30:34.000000000 +0800
@@ -120,7 +120,11 @@ function db_connect($url) {
* you may also pass a single array containing the query arguments.
*
* Valid %-modifiers are: %s, %d, %f, %b (binary data, do not enclose
- * in '') and %%.
+ * in ''), %c (character large object, do not enclose in '') and %%.
+ *
+ * NOTE: use NULL as arguments substitution for %b and %c. This will be
+ * replaced as corresponding empty LOB value placeholder, based on the
+ * database specific representation.
*
* NOTE: using this syntax will cast NULL and FALSE values to decimal 0,
* and TRUE values to decimal 1.
@@ -272,7 +276,11 @@ function db_affected_rows() {
* using printf() syntax. Instead of a variable number of query arguments,
* you may also pass a single array containing the query arguments.
* Valid %-modifiers are: %s, %d, %f, %b (binary data, do not enclose
- * in '') and %%.
+ * in ''), %c (character large object, do not enclose in '') and %%.
+ *
+ * NOTE: use NULL as arguments substitution for %b and %c. This will be
+ * replaced as corresponding empty LOB value placeholder, based on the
+ * database specific representation.
*
* NOTE: using this syntax will cast NULL and FALSE values to decimal 0,
* and TRUE values to decimal 1.
@@ -321,7 +329,11 @@ function db_query_range($query) {
* using printf() syntax. The query arguments can be enclosed in one
* array instead.
* Valid %-modifiers are: %s, %d, %f, %b (binary data, do not enclose
- * in '') and %%.
+ * in ''), %c (character large object, do not enclose in '') and %%.
+ *
+ * NOTE: use NULL as arguments substitution for %b and %c. This will be
+ * replaced as corresponding empty LOB value placeholder, based on the
+ * database specific representation.
*
* NOTE: using this syntax will cast NULL and FALSE values to decimal 0,
* and TRUE values to decimal 1.
@@ -348,16 +360,38 @@ function db_query_temporary($query) {
}
/**
+ * Prepare user input for use in a database query, preventing SQL injection attacks.
+ */
+function db_escape_decimal($data) {
+ return (int) $data;
+}
+
+/**
+ * Prepare user input for use in a database query, preventing SQL injection attacks.
+ */
+function db_escape_float($data) {
+ return (float) $data;
+}
+
+/**
+ * Prepare user input for use in a database query, preventing SQL injection attacks.
+ * Note: This function requires PostgreSQL 7.2 or later.
+ */
+function db_escape_string($data) {
+ return "'" . pg_escape_string($data) . "'";
+}
+
+/**
* Returns a properly formatted Binary Large OBject value.
- * In case of PostgreSQL encodes data for insert into bytea field.
+ * In case of PostgreSQL encodes data for insert or update into bytea field.
*
* @param $data
* Data to encode.
* @return
- * Encoded data.
+ * Encoded data, or empty LOB value placeholder for NULL $data.
*/
function db_encode_blob($data) {
- return "'". pg_escape_bytea($data) ."'";
+ return !is_null($data) ? "'". pg_escape_bytea($data) ."'" : "''";
}
/**
@@ -374,11 +408,116 @@ function db_decode_blob($data) {
}
/**
- * Prepare user input for use in a database query, preventing SQL injection attacks.
- * Note: This function requires PostgreSQL 7.2 or later.
+ * Returns a properly formatted Character Large OBject value.
+ * In case of PostgreSQL encodes data for insert or update into text field.
+ *
+ * @param $data
+ * Data to encode.
+ * @return
+ * Encoded data, or empty LOB value placeholder for NULL $data.
+ */
+function db_encode_clob($data) {
+ return !is_null($data) ? "'". pg_escape_string($data) ."'" : "''";
+
+}
+
+/**
+ * Returns text from a Character Large OBject value.
+ * In case of PostgreSQL decodes data after select from bytea field.
+ *
+ * @param $data
+ * Data to decode.
+ * @return
+ * Decoded data.
*/
-function db_escape_string($text) {
- return pg_escape_string($text);
+function db_decode_clob($data) {
+ return $data;
+}
+
+/**
+ * Update the Binary Large Object value, based on the database specific
+ * implementation.
+ *
+ * @param $query
+ * A string containing an update condition query (where clause).
+ * @param ...
+ * A variable number of arguments which are substituted into the query
+ * WHERE condition, using printf() syntax. Instead of a variable number
+ * of query arguments, you may also pass a single array containing the
+ * query arguments.
+ *
+ * Valid %-modifiers are: %s, %d, %f and %%.
+ *
+ * NOTE: using this syntax will cast NULL and FALSE values to decimal 0,
+ * and TRUE values to decimal 1.
+ *
+ * @param $table
+ * Table to update.
+ * @param $column
+ * Column to update.
+ * @param $value
+ * Values to update.
+ * @return
+ * A database query result resource, or FALSE if the query was not
+ * executed correctly.
+ */
+function db_update_blob($query) {
+ $args = func_get_args();
+ $value = array_pop($args);
+ $column = array_pop($args);
+ $table = array_pop($args);
+ array_shift($args);
+
+ if (isset($args[0]) and is_array($args[0])) { // 'All arguments in one array' syntax
+ $args = $args[0];
+ }
+ _db_query_callback($args, TRUE);
+ $query = preg_replace_callback(DB_QUERY_REGEXP, '_db_query_callback', $query);
+ $query = 'UPDATE ' . $table . ' SET ' . $column . ' = ' . db_encode_blob($value) . ' WHERE ' . $query;
+ return _db_query($query);
+}
+
+/**
+ * Update the Character Large Object value, based on the database specific
+ * implementation.
+ *
+ * @param $query
+ * A string containing an update condition query (where clause).
+ * @param ...
+ * A variable number of arguments which are substituted into the query
+ * WHERE condition, using printf() syntax. Instead of a variable number
+ * of query arguments, you may also pass a single array containing the
+ * query arguments.
+ *
+ * Valid %-modifiers are: %s, %d, %f and %%.
+ *
+ * NOTE: using this syntax will cast NULL and FALSE values to decimal 0,
+ * and TRUE values to decimal 1.
+ *
+ * @param $table
+ * Table to update.
+ * @param $column
+ * Column to update.
+ * @param $value
+ * Values to update.
+ * @return
+ * A database query result resource, or FALSE if the query was not
+ * executed correctly.
+ */
+function db_update_clob($query) {
+ $args = func_get_args();
+ $value = array_pop($args);
+ $column = array_pop($args);
+ $table = array_pop($args);
+ array_shift($args);
+
+ if (isset($args[0]) and is_array($args[0])) { // 'All arguments in one array' syntax
+ $args = $args[0];
+ }
+ _db_query_callback($args, TRUE);
+ $query = preg_replace_callback(DB_QUERY_REGEXP, '_db_query_callback', $query);
+ $query = 'UPDATE ' . $table . ' SET ' . $column . ' = ' . db_encode_clob($value) . ' WHERE ' . $query;
+ return _db_query($query);
}
/**
@@ -408,7 +547,7 @@ function db_table_exists($table) {
* Check if a column exists in the given table.
*/
function db_column_exists($table, $column) {
- return db_result(db_query("SELECT COUNT(pg_attribute.attname) FROM pg_class, pg_attribute WHERE pg_attribute.attrelid = pg_class.oid AND pg_class.relname = '{". db_escape_table($table) ."}' AND attname='%s'", $column));
+ return db_result(db_query("SELECT COUNT(pg_attribute.attname) FROM pg_class, pg_attribute WHERE pg_attribute.attrelid = pg_class.oid AND pg_class.relname = '{". db_escape_table($table) ."}' AND attname=%s", $column));
}
/**
@@ -485,6 +624,9 @@ function db_type_map() {
'blob:big' => 'bytea',
'blob:normal' => 'bytea',
+ 'clob:big' => 'text',
+ 'clob:normal' => 'text',
+
'datetime:normal' => 'timestamp',
'serial:tiny' => 'serial',
diff -urpN drupal/includes/file.inc drupal-6.x-dev-pre_pdo-0.3/includes/file.inc
--- drupal/includes/file.inc 2007-07-26 01:41:27.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/includes/file.inc 2007-09-03 02:23:34.000000000 +0800
@@ -574,7 +574,7 @@ function file_save_upload($source, $vali
}
// If we made it this far it's safe to record this file in the database.
- db_query("INSERT INTO {files} (uid, filename, filepath, filemime, filesize, status, timestamp) VALUES (%d, '%s', '%s', '%s', %d, %d, %d)", $user->uid, $file->filename, $file->filepath, $file->filemime, $file->filesize, FILE_STATUS_TEMPORARY, time());
+ db_query("INSERT INTO {files} (uid, filename, filepath, filemime, filesize, status, timestamp) VALUES (%d, %s, %s, %s, %d, %d, %d)", $user->uid, $file->filename, $file->filepath, $file->filemime, $file->filesize, FILE_STATUS_TEMPORARY, time());
$file->fid = db_last_insert_id('files', 'fid');
// Add file to the cache.
diff -urpN drupal/includes/form.inc drupal-6.x-dev-pre_pdo-0.3/includes/form.inc
--- drupal/includes/form.inc 2007-08-26 15:31:48.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/includes/form.inc 2007-09-03 02:23:34.000000000 +0800
@@ -2199,7 +2199,7 @@ function batch_process($redirect = NULL,
$batch['error_message'] = $t('Please continue to the error page', array('@error_url' => url($url, array('query' => array('id' => $batch['id'], 'op' => 'finished')))));
// Actually store the batch data and the token generated form the batch id.
- db_query("UPDATE {batch} SET token = '%s', batch = '%s' WHERE bid = %d", drupal_get_token($batch['id']), serialize($batch), $batch['id']);
+ db_query("UPDATE {batch} SET token = %s, batch = %s WHERE bid = %d", drupal_get_token($batch['id']), serialize($batch), $batch['id']);
drupal_goto($batch['url'], 'op=start&id='. $batch['id']);
}
diff -urpN drupal/includes/install.inc drupal-6.x-dev-pre_pdo-0.3/includes/install.inc
--- drupal/includes/install.inc 2007-08-31 03:54:21.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/includes/install.inc 2007-09-03 02:23:34.000000000 +0800
@@ -70,7 +70,7 @@ function drupal_get_installed_schema_ver
if (!$versions) {
$versions = array();
- $result = db_query("SELECT name, schema_version FROM {system} WHERE type = '%s'", 'module');
+ $result = db_query("SELECT name, schema_version FROM {system} WHERE type = %s", 'module');
while ($row = db_fetch_object($result)) {
$versions[$row->name] = $row->schema_version;
}
@@ -88,7 +88,7 @@ function drupal_get_installed_schema_ver
* The new schema version.
*/
function drupal_set_installed_schema_version($module, $version) {
- db_query("UPDATE {system} SET schema_version = %d WHERE name = '%s'", $version, $module);
+ db_query("UPDATE {system} SET schema_version = %d WHERE name = %s", $version, $module);
}
/**
@@ -312,7 +312,7 @@ function drupal_install_profile($profile
module_invoke('system', 'install');
$system_versions = drupal_get_schema_versions('system');
$system_version = $system_versions ? max($system_versions) : SCHEMA_INSTALLED;
- db_query("INSERT INTO {system} (filename, name, type, owner, status, throttle, bootstrap, schema_version) VALUES('%s', '%s', '%s', '%s', %d, %d, %d, %d)", $system_path .'/system.module', 'system', 'module', '', 1, 0, 0, $system_version);
+ db_query("INSERT INTO {system} (filename, name, type, owner, status, throttle, bootstrap, schema_version) VALUES(%s, %s, %s, %s, %d, %d, %d, %d)", $system_path .'/system.module', 'system', 'module', '', 1, 0, 0, $system_version);
// Now that we've installed things properly, bootstrap the full Drupal environment
drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL);
@@ -369,7 +369,7 @@ function drupal_uninstall_module($module
}
$paths[$index] = implode('/', $parts);
}
- $placeholders = implode(', ', array_fill(0, count($paths), "'%s'"));
+ $placeholders = implode(', ', array_fill(0, count($paths), "%s"));
$result = db_query('SELECT * FROM {menu_links} WHERE router_path IN ('. $placeholders .') AND external = 0 ORDER BY depth DESC', $paths);
// Remove all such items. Starting from those with the greatest depth will
diff -urpN drupal/includes/locale.inc drupal-6.x-dev-pre_pdo-0.3/includes/locale.inc
--- drupal/includes/locale.inc 2007-09-01 20:50:47.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/includes/locale.inc 2007-09-03 02:23:34.000000000 +0800
@@ -114,7 +114,7 @@ function locale_languages_overview_form_
$language->enabled = 0;
}
$language->weight = $form_state['values']['weight'][$langcode];
- db_query("UPDATE {languages} SET enabled = %d, weight = %d WHERE language = '%s'", $language->enabled, $language->weight, $langcode);
+ db_query("UPDATE {languages} SET enabled = %d, weight = %d WHERE language = %s", $language->enabled, $language->weight, $langcode);
$languages[$langcode] = $language;
}
drupal_set_message(t('Configuration saved.'));
@@ -193,7 +193,7 @@ function locale_languages_custom_form()
* Language code of the language to edit.
*/
function locale_languages_edit_form(&$form_state, $langcode) {
- if ($language = db_fetch_object(db_query("SELECT * FROM {languages} WHERE language = '%s'", $langcode))) {
+ if ($language = db_fetch_object(db_query("SELECT * FROM {languages} WHERE language = %s", $langcode))) {
$form = array();
_locale_languages_common_controls($form, $language);
$form['submit'] = array(
@@ -285,7 +285,7 @@ function _locale_languages_common_contro
function locale_languages_predefined_form_validate($form, &$form_state) {
$langcode = $form_state['values']['langcode'];
- if ($duplicate = db_result(db_query("SELECT COUNT(*) FROM {languages} WHERE language = '%s'", $langcode)) != 0) {
+ if ($duplicate = db_result(db_query("SELECT COUNT(*) FROM {languages} WHERE language = %s", $langcode)) != 0) {
form_set_error('langcode', t('The language %language (%code) already exists.', array('%language' => $form_state['values']['name'], '%code' => $langcode)));
}
@@ -336,13 +336,13 @@ function locale_languages_edit_form_vali
if (!empty($form_state['values']['domain']) && !empty($form_state['values']['prefix'])) {
form_set_error('prefix', t('Domain and path prefix values should not be set at the same time.'));
}
- if (!empty($form_state['values']['domain']) && $duplicate = db_fetch_object(db_query("SELECT language FROM {languages} WHERE domain = '%s' AND language != '%s'", $form_state['values']['domain'], $form_state['values']['langcode']))) {
+ if (!empty($form_state['values']['domain']) && $duplicate = db_fetch_object(db_query("SELECT language FROM {languages} WHERE domain = %s AND language != %s", $form_state['values']['domain'], $form_state['values']['langcode']))) {
form_set_error('domain', t('The domain (%domain) is already tied to a language (%language).', array('%domain' => $form_state['values']['domain'], '%language' => $duplicate->language)));
}
if (empty($form_state['values']['prefix']) && language_default('language') != $form_state['values']['langcode'] && empty($form_state['values']['domain'])) {
form_set_error('prefix', t('Only the default language can have both the domain and prefix empty.'));
}
- if (!empty($form_state['values']['prefix']) && $duplicate = db_fetch_object(db_query("SELECT language FROM {languages} WHERE prefix = '%s' AND language != '%s'", $form_state['values']['prefix'], $form_state['values']['langcode']))) {
+ if (!empty($form_state['values']['prefix']) && $duplicate = db_fetch_object(db_query("SELECT language FROM {languages} WHERE prefix = %s AND language != %s", $form_state['values']['prefix'], $form_state['values']['langcode']))) {
form_set_error('prefix', t('The prefix (%prefix) is already tied to a language (%language).', array('%prefix' => $form_state['values']['prefix'], '%language' => $duplicate->language)));
}
}
@@ -351,7 +351,7 @@ function locale_languages_edit_form_vali
* Process the language editing form submission.
*/
function locale_languages_edit_form_submit($form, &$form_state) {
- db_query("UPDATE {languages} SET name = '%s', native = '%s', domain = '%s', prefix = '%s', direction = %d WHERE language = '%s'", $form_state['values']['name'], $form_state['values']['native'], $form_state['values']['domain'], $form_state['values']['prefix'], $form_state['values']['direction'], $form_state['values']['langcode']);
+ db_query("UPDATE {languages} SET name = %s, native = %s, domain = %s, prefix = %s, direction = %d WHERE language = %s", $form_state['values']['name'], $form_state['values']['native'], $form_state['values']['domain'], $form_state['values']['prefix'], $form_state['values']['direction'], $form_state['values']['langcode']);
$default = language_default();
if ($default->language == $form_state['values']['langcode']) {
$properties = array('name', 'native', 'direction', 'enabled', 'plurals', 'formula', 'domain', 'prefix', 'weight');
@@ -408,9 +408,9 @@ function locale_languages_delete_form(&$
function locale_languages_delete_form_submit($form, &$form_state) {
$languages = language_list();
if (isset($languages[$form_state['values']['langcode']])) {
- db_query("DELETE FROM {languages} WHERE language = '%s'", $form_state['values']['langcode']);
- db_query("DELETE FROM {locales_target} WHERE language = '%s'", $form_state['values']['langcode']);
- db_query("UPDATE {node} SET language = '' WHERE language = '%s'", $form_state['values']['langcode']);
+ db_query("DELETE FROM {languages} WHERE language = %s", $form_state['values']['langcode']);
+ db_query("DELETE FROM {locales_target} WHERE language = %s", $form_state['values']['langcode']);
+ db_query("UPDATE {node} SET language = '' WHERE language = %s", $form_state['values']['langcode']);
$variables = array('%locale' => $languages[$form_state['values']['langcode']]->name);
drupal_set_message(t('The language %locale has been removed.', $variables));
watchdog('locale', 'The language %locale has been removed.', $variables);
@@ -802,7 +802,7 @@ function locale_translate_edit_form(&$fo
}
// Fetch translations and fill in default values in the form.
- $result = db_query("SELECT DISTINCT translation, language FROM {locales_target} WHERE lid = %d AND language != '%s'", $lid, $omit);
+ $result = db_query("SELECT DISTINCT translation, language FROM {locales_target} WHERE lid = %d AND language != %s", $lid, $omit);
while ($translation = db_fetch_object($result)) {
$form['translations'][$translation->language]['#default_value'] = $translation->translation;
}
@@ -818,19 +818,19 @@ function locale_translate_edit_form(&$fo
function locale_translate_edit_form_submit($form, &$form_state) {
$lid = $form_state['values']['lid'];
foreach ($form_state['values']['translations'] as $key => $value) {
- $translation = db_result(db_query("SELECT translation FROM {locales_target} WHERE lid = %d AND language = '%s'", $lid, $key));
+ $translation = db_result(db_query("SELECT translation FROM {locales_target} WHERE lid = %d AND language = %s", $lid, $key));
if (!empty($value)) {
// Only update or insert if we have a value to use.
if (!empty($translation)) {
- db_query("UPDATE {locales_target} SET translation = '%s' WHERE lid = %d AND language = '%s'", $value, $lid, $key);
+ db_query("UPDATE {locales_target} SET translation = %s WHERE lid = %d AND language = %s", $value, $lid, $key);
}
else {
- db_query("INSERT INTO {locales_target} (lid, translation, language) VALUES (%d, '%s', '%s')", $lid, $value, $key);
+ db_query("INSERT INTO {locales_target} (lid, translation, language) VALUES (%d, %s, %s)", $lid, $value, $key);
}
}
elseif (!empty($translation)) {
// Empty translation entered: remove existing entry from database.
- db_query("DELETE FROM {locales_target} WHERE lid = %d AND language = '%s'", $lid, $key);
+ db_query("DELETE FROM {locales_target} WHERE lid = %d AND language = %s", $lid, $key);
}
// Refresh the JS file for this language.
@@ -913,7 +913,7 @@ function locale_add_language($langcode,
$direction = isset($predefined[$langcode][2]) ? $predefined[$langcode][2] : LANGUAGE_LTR;
}
- db_query("INSERT INTO {languages} (language, name, native, direction, domain, prefix, enabled) VALUES ('%s', '%s', '%s', %d, '%s', '%s', %d)", $langcode, $name, $native, $direction, $domain, $prefix, $enabled);
+ db_query("INSERT INTO {languages} (language, name, native, direction, domain, prefix, enabled) VALUES (%s, %s, %s, %d, %s, %s, %d)", $langcode, $name, $native, $direction, $domain, $prefix, $enabled);
// Only set it as default if enabled.
if ($enabled && $default) {
@@ -955,7 +955,7 @@ function _locale_import_po($file, $langc
}
// Check if we have the language already in the database.
- if (!db_fetch_object(db_query("SELECT language FROM {languages} WHERE language = '%s'", $langcode))) {
+ if (!db_fetch_object(db_query("SELECT language FROM {languages} WHERE language = %s", $langcode))) {
drupal_set_message(t('The language selected for import is not supported.'), 'error');
return FALSE;
}
@@ -1195,10 +1195,10 @@ function _locale_import_one_string($op,
// Get the plural formula and update in database.
if (isset($header["Plural-Forms"]) && $p = _locale_import_parse_plural_forms($header["Plural-Forms"], $file->filename)) {
list($nplurals, $plural) = $p;
- db_query("UPDATE {languages} SET plurals = %d, formula = '%s' WHERE language = '%s'", $nplurals, $plural, $lang);
+ db_query("UPDATE {languages} SET plurals = %d, formula = %s WHERE language = %s", $nplurals, $plural, $lang);
}
else {
- db_query("UPDATE {languages} SET plurals = %d, formula = '%s' WHERE language = '%s'", 0, '', $lang);
+ db_query("UPDATE {languages} SET plurals = %d, formula = %s WHERE language = %s", 0, '', $lang);
}
$headerdone = TRUE;
}
@@ -1260,35 +1260,35 @@ function _locale_import_one_string($op,
* The string ID of the existing string modified or the new string added.
*/
function _locale_import_one_string_db(&$report, $langcode, $source, $translation, $textgroup, $location, $mode, $plid = NULL, $plural = NULL) {
- $lid = db_result(db_query("SELECT lid FROM {locales_source} WHERE source = '%s' AND textgroup = '%s'", $source, $textgroup));
+ $lid = db_result(db_query("SELECT lid FROM {locales_source} WHERE source = %s AND textgroup = %s", $source, $textgroup));
if (!empty($translation)) {
if ($lid) {
// We have this source string saved already.
- db_query("UPDATE {locales_source} SET location = '%s' WHERE lid = %d", $location, $lid);
- $exists = (bool) db_result(db_query("SELECT lid FROM {locales_target} WHERE lid = %d AND language = '%s'", $lid, $langcode));
+ db_query("UPDATE {locales_source} SET location = %s WHERE lid = %d", $location, $lid);
+ $exists = (bool) db_result(db_query("SELECT lid FROM {locales_target} WHERE lid = %d AND language = %s", $lid, $langcode));
if (!$exists) {
// No translation in this language.
- db_query("INSERT INTO {locales_target} (lid, language, translation, plid, plural) VALUES (%d, '%s', '%s', %d, %d)", $lid, $langcode, $translation, $plid, $plural);
+ db_query("INSERT INTO {locales_target} (lid, language, translation, plid, plural) VALUES (%d, %s, %s, %d, %d)", $lid, $langcode, $translation, $plid, $plural);
$report[0]++;
}
else if ($mode == LOCALE_IMPORT_OVERWRITE) {
// Translation exists, only overwrite if instructed.
- db_query("UPDATE {locales_target} SET translation = '%s', plid = %d, plural = %d WHERE language = '%s' AND lid = %d", $translation, $plid, $plural, $langcode, $lid);
+ db_query("UPDATE {locales_target} SET translation = %s, plid = %d, plural = %d WHERE language = %s AND lid = %d", $translation, $plid, $plural, $langcode, $lid);
$report[1]++;
}
}
else {
// No such source string in the database yet.
- db_query("INSERT INTO {locales_source} (location, source, textgroup) VALUES ('%s', '%s', '%s')", $location, $source, $textgroup);
- $lid = db_result(db_query("SELECT lid FROM {locales_source} WHERE source = '%s' AND textgroup = '%s'", $source, $textgroup));
- db_query("INSERT INTO {locales_target} (lid, language, translation, plid, plural) VALUES (%d, '%s', '%s', %d, %d)", $lid, $langcode, $translation, $plid, $plural);
+ db_query("INSERT INTO {locales_source} (location, source, textgroup) VALUES (%s, %s, %s)", $location, $source, $textgroup);
+ $lid = db_result(db_query("SELECT lid FROM {locales_source} WHERE source = %s AND textgroup = %s", $source, $textgroup));
+ db_query("INSERT INTO {locales_target} (lid, language, translation, plid, plural) VALUES (%d, %s, %s, %d, %d)", $lid, $langcode, $translation, $plid, $plural);
$report[0]++;
}
}
elseif ($mode == LOCALE_IMPORT_OVERWRITE) {
// Empty translation, remove existing if instructed.
- db_query("DELETE FROM {locales_target} WHERE language = '%s' AND lid = %d AND plid = %d AND plural = %d", $translation, $langcode, $lid, $plid, $plural);
+ db_query("DELETE FROM {locales_target} WHERE language = %s AND lid = %d AND plid = %d AND plural = %d", $translation, $langcode, $lid, $plid, $plural);
$report[2]++;
}
@@ -1664,7 +1664,7 @@ function _locale_parse_js_file($filepath
// Remove the quotes and string concatenations from the string.
$string = implode('', preg_split('~(?lid);
+ db_query("UPDATE {locales_source} SET location = %s WHERE lid = %d", $locations, $source->lid);
}
}
else {
// We don't have the source string yet, thus we insert it into the database.
- db_query("INSERT INTO {locales_source} (location, source, textgroup) VALUES ('%s', '%s', 'default')", $filepath, $string);
+ db_query("INSERT INTO {locales_source} (location, source, textgroup) VALUES (%s, %s, 'default')", $filepath, $string);
}
}
}
@@ -1704,10 +1704,10 @@ function _locale_parse_js_file($filepath
*/
function _locale_export_get_strings($language = NULL, $group = 'default') {
if (isset($language)) {
- $result = db_query("SELECT s.lid, s.source, s.location, t.translation, t.plid, t.plural FROM {locales_source} s LEFT JOIN {locales_target} t ON s.lid = t.lid AND t.language = '%s' WHERE s.textgroup = '%s' ORDER BY t.plid, t.plural", $language->language, $group);
+ $result = db_query("SELECT s.lid, s.source, s.location, t.translation, t.plid, t.plural FROM {locales_source} s LEFT JOIN {locales_target} t ON s.lid = t.lid AND t.language = %s WHERE s.textgroup = %s ORDER BY t.plid, t.plural", $language->language, $group);
}
else {
- $result = db_query("SELECT s.lid, s.source, s.location, t.plid, t.plural FROM {locales_source} s LEFT JOIN {locales_target} t ON s.lid = t.lid WHERE s.textgroup = '%s' ORDER BY t.plid, t.plural", $group);
+ $result = db_query("SELECT s.lid, s.source, s.location, t.plid, t.plural FROM {locales_source} s LEFT JOIN {locales_target} t ON s.lid = t.lid WHERE s.textgroup = %s ORDER BY t.plid, t.plural", $group);
}
$strings = array();
while ($child = db_fetch_object($result)) {
@@ -1942,34 +1942,34 @@ function _locale_translate_seek() {
// Compute LIKE section
switch ($query['translation']) {
case 'translated':
- $where = "WHERE (t.translation LIKE '%%%s%%')";
+ $where = "WHERE (t.translation LIKE %s)";
$orderby = "ORDER BY t.translation";
- $arguments[] = $query['string'];
+ $arguments[] = "%" . $query['string'] . "%";
break;
case 'untranslated':
- $where = "WHERE (s.source LIKE '%%%s%%' AND t.translation IS NULL)";
+ $where = "WHERE (s.source LIKE %s AND t.translation IS NULL)";
$orderby = "ORDER BY s.source";
- $arguments[] = $query['string'];
+ $arguments[] = "%" . $query['string'] . "%";
break;
case 'all' :
default:
- $where = "WHERE (s.source LIKE '%%%s%%' OR t.translation LIKE '%%%s%%')";
+ $where = "WHERE (s.source LIKE %s OR t.translation LIKE %s)";
$orderby = '';
- $arguments[] = $query['string'];
- $arguments[] = $query['string'];
+ $arguments[] = "%" . $query['string'] . "%";
+ $arguments[] = "%" . $query['string'] . "%";
break;
}
$grouplimit = '';
if (!empty($query['group']) && $query['group'] != 'all') {
- $grouplimit = " AND s.textgroup = '%s'";
+ $grouplimit = " AND s.textgroup = %s";
$arguments[] = $query['group'];
}
switch ($query['language']) {
// Force search in source strings
case "en":
- $sql = $join ." WHERE s.source LIKE '%%%s%%' $grouplimit ORDER BY s.source";
- $arguments = array($query['string']); // $where is not used, discard its arguments
+ $sql = $join ." WHERE s.source LIKE %s $grouplimit ORDER BY s.source";
+ $arguments = array("%" . $query['string'] . "%"); // $where is not used, discard its arguments
if (!empty($grouplimit)) {
$arguments[] = $query['group'];
}
@@ -1980,7 +1980,7 @@ function _locale_translate_seek() {
break;
// Some different language
default:
- $sql = "$join AND t.language = '%s' $where $grouplimit $orderby";
+ $sql = "$join AND t.language = %s $where $grouplimit $orderby";
array_unshift($arguments, $query['language']);
// Don't show translation flags for other languages, we can't see them with this search.
$limit_language = $query['language'];
@@ -2057,7 +2057,7 @@ function _locale_rebuild_js($langcode =
// Construct the array for JavaScript translations.
// We sort on plural so that we have all plural forms before singular forms.
- $result = db_query("SELECT s.lid, s.source, t.plid, t.plural, t.translation FROM {locales_source} s LEFT JOIN {locales_target} t ON s.lid = t.lid AND t.language = '%s' WHERE s.location LIKE '%%.js%%' AND s.textgroup = 'default' ORDER BY t.plural DESC", $language->language);
+ $result = db_query("SELECT s.lid, s.source, t.plid, t.plural, t.translation FROM {locales_source} s LEFT JOIN {locales_target} t ON s.lid = t.lid AND t.language = %s WHERE s.location LIKE %s AND s.textgroup = 'default' ORDER BY t.plural DESC", "%.js%", $language->language);
$translations = $plurals = array();
while ($data = db_fetch_object($result)) {
@@ -2124,14 +2124,14 @@ function _locale_rebuild_js($langcode =
$language->javascript = $filepath ? $data_hash : '';
// Save the new JavaScript hash.
- db_query("UPDATE {languages} SET javascript = '%s' WHERE language = '%s'", $language->javascript, $language->language);
+ db_query("UPDATE {languages} SET javascript = %s WHERE language = %s", $language->javascript, $language->language);
// Update the default language variable if the default language has been altered.
// This is necessary to keep the variable consistent with the database
// version of the language and to prevent checking against an outdated hash.
$default_langcode = language_default('language');
if ($default_langcode == $language->language) {
- $default = db_fetch_object(db_query("SELECT * FROM {languages} WHERE language = '%s'", $default_langcode));
+ $default = db_fetch_object(db_query("SELECT * FROM {languages} WHERE language = %s", $default_langcode));
variable_set('language_default', $default);
}
@@ -2156,7 +2156,7 @@ function _locale_rebuild_js($langcode =
elseif (!empty($language->javascript)) {
// Delete the old JavaScript file
file_delete(file_create_path(variable_get('locale_js_directory', 'languages') .'/'. $language->language .'_'. $language->javascript .'.js'));
- db_query("UPDATE {languages} SET javascript = '' WHERE language = '%s'", $language->language);
+ db_query("UPDATE {languages} SET javascript = '' WHERE language = %s", $language->language);
watchdog('locale', 'Deleted JavaScript translation file for the locale %language.', array('%language' => t($language->name)));
}
}
diff -urpN drupal/includes/menu.inc drupal-6.x-dev-pre_pdo-0.3/includes/menu.inc
--- drupal/includes/menu.inc 2007-08-30 04:46:18.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/includes/menu.inc 2007-09-03 02:23:34.000000000 +0800
@@ -196,7 +196,7 @@ define('MENU_MAX_DEPTH', 9);
* array('node', '12345', 'edit').
* @return
* An array which contains the ancestors and placeholders. Placeholders
- * simply contain as many '%s' as the ancestors.
+ * simply contain as many %s as the ancestors.
*/
function menu_get_ancestors($parts) {
$number_parts = count($parts);
@@ -227,7 +227,7 @@ function menu_get_ancestors($parts) {
$current .= '/';
}
}
- $placeholders[] = "'%s'";
+ $placeholders[] = "%s";
$ancestors[] = $current;
}
return array($ancestors, $placeholders);
@@ -655,7 +655,7 @@ function menu_tree_all_data($menu_name =
$data['tree'] = menu_tree_data(db_query("
SELECT m.load_functions, m.to_arg_functions, m.access_callback, m.access_arguments, m.page_callback, m.page_arguments, m.title, m.title_callback, m.title_arguments, m.type, ml.*
FROM {menu_links} ml LEFT JOIN {menu_router} m ON m.path = ml.router_path
- WHERE ml.menu_name = '%s'". $where ."
+ WHERE ml.menu_name = %s". $where ."
ORDER BY p1 ASC, p2 ASC, p3 ASC, p4 ASC, p5 ASC, p6 ASC, p7 ASC, p8 ASC, p9 ASC", $args), $parents);
$data['node_links'] = array();
menu_tree_collect_node_links($data['tree'], $data['node_links']);
@@ -703,12 +703,12 @@ function menu_tree_page_data($menu_name
// Build and run the query, and build the tree.
if ($item['access']) {
// Check whether a menu link exists that corresponds to the current path.
- $parents = db_fetch_array(db_query("SELECT p1, p2, p3, p4, p5, p6, p7, p8 FROM {menu_links} WHERE menu_name = '%s' AND link_path = '%s'", $menu_name, $item['href']));
+ $parents = db_fetch_array(db_query("SELECT p1, p2, p3, p4, p5, p6, p7, p8 FROM {menu_links} WHERE menu_name = %s AND link_path = %s", $menu_name, $item['href']));
if (empty($parents)) {
// If no link exists, we may be on a local task that's not in the links.
// TODO: Handle the case like a local task on a specific node in the menu.
- $parents = db_fetch_array(db_query("SELECT p1, p2, p3, p4, p5, p6, p7, p8 FROM {menu_links} WHERE menu_name = '%s' AND link_path = '%s'", $menu_name, $item['tab_root']));
+ $parents = db_fetch_array(db_query("SELECT p1, p2, p3, p4, p5, p6, p7, p8 FROM {menu_links} WHERE menu_name = %s AND link_path = %s", $menu_name, $item['tab_root']));
}
// We always want all the top-level links with plid == 0.
$parents[] = '0';
@@ -722,7 +722,7 @@ function menu_tree_page_data($menu_name
// Collect all the links set to be expanded, and then add all of
// their children to the list as well.
do {
- $result = db_query("SELECT mlid FROM {menu_links} WHERE menu_name = '%s' AND expanded = 1 AND has_children = 1 AND plid IN (". $placeholders .') AND mlid NOT IN ('. $placeholders .')', array_merge(array($menu_name), $args, $args));
+ $result = db_query("SELECT mlid FROM {menu_links} WHERE menu_name = %s AND expanded = 1 AND has_children = 1 AND plid IN (". $placeholders .') AND mlid NOT IN ('. $placeholders .')', array_merge(array($menu_name), $args, $args));
$num_rows = FALSE;
while ($item = db_fetch_array($result)) {
$args[] = $item['mlid'];
@@ -745,7 +745,7 @@ function menu_tree_page_data($menu_name
$data['tree'] = menu_tree_data(db_query("
SELECT m.load_functions, m.to_arg_functions, m.access_callback, m.access_arguments, m.page_callback, m.page_arguments, m.title, m.title_callback, m.title_arguments, m.type, ml.*
FROM {menu_links} ml LEFT JOIN {menu_router} m ON m.path = ml.router_path
- WHERE ml.menu_name = '%s' AND ml.plid IN (". $placeholders .")
+ WHERE ml.menu_name = %s AND ml.plid IN (". $placeholders .")
ORDER BY p1 ASC, p2 ASC, p3 ASC, p4 ASC, p5 ASC, p6 ASC, p7 ASC, p8 ASC, p9 ASC", $args), $parents);
$data['node_links'] = array();
menu_tree_collect_node_links($data['tree'], $data['node_links']);
@@ -1079,7 +1079,7 @@ function menu_local_tasks($level = 0, $r
return '';
}
// Get all tabs and the root page.
- $result = db_query("SELECT * FROM {menu_router} WHERE tab_root = '%s' ORDER BY weight, title", $router_item['tab_root']);
+ $result = db_query("SELECT * FROM {menu_router} WHERE tab_root = %s ORDER BY weight, title", $router_item['tab_root']);
$map = arg();
$children = array();
$tasks = array();
@@ -1446,7 +1446,7 @@ function _menu_navigation_links_rebuild(
array_multisort($sort, SORT_NUMERIC, $menu_links);
foreach ($menu_links as $item) {
- $existing_item = db_fetch_array(db_query("SELECT mlid, menu_name, plid, customized FROM {menu_links} WHERE link_path = '%s' AND module = '%s'", $item['link_path'], 'system'));
+ $existing_item = db_fetch_array(db_query("SELECT mlid, menu_name, plid, customized FROM {menu_links} WHERE link_path = %s AND module = %s", $item['link_path'], 'system'));
if ($existing_item) {
$item['mlid'] = $existing_item['mlid'];
$item['menu_name'] = $existing_item['menu_name'];
@@ -1461,7 +1461,7 @@ function _menu_navigation_links_rebuild(
while ($item = db_fetch_array($result)) {
$router_path = _menu_find_router_path($menu, $item['link_path']);
if (!empty($router_path) && $router_path != $item['router_path']) {
- db_query("UPDATE {menu_links} SET router_path = '%s' WHERE mlid = %d", $router_path, $item['mlid']);
+ db_query("UPDATE {menu_links} SET router_path = %s WHERE mlid = %d", $router_path, $item['mlid']);
}
}
}
@@ -1479,7 +1479,7 @@ function menu_link_delete($mlid, $path =
_menu_delete_item(db_fetch_array(db_query("SELECT * FROM {menu_links} WHERE mlid = %d", $mlid)));
}
else {
- $result = db_query("SELECT * FROM {menu_links} WHERE link_path = '%s'", $path);
+ $result = db_query("SELECT * FROM {menu_links} WHERE link_path = %s", $path);
while ($link = db_fetch_array($result)) {
_menu_delete_item($link);
}
@@ -1557,13 +1557,13 @@ function menu_link_save(&$item) {
// Find the parent - it must be in the same menu.
if (isset($item['plid'])) {
- $parent = db_fetch_array(db_query("SELECT * FROM {menu_links} WHERE menu_name = '%s' AND mlid = %d", $menu_name, $item['plid']));
+ $parent = db_fetch_array(db_query("SELECT * FROM {menu_links} WHERE menu_name = %s AND mlid = %d", $menu_name, $item['plid']));
}
else {
$parent_path = $item['link_path'];
do {
$parent_path = substr($parent_path, 0, strrpos($parent_path, '/'));
- $parent = db_fetch_array(db_query("SELECT * FROM {menu_links} WHERE menu_name = '%s' AND link_path = '%s'", $menu_name, $parent_path));
+ $parent = db_fetch_array(db_query("SELECT * FROM {menu_links} WHERE menu_name = %s AND link_path = %s", $menu_name, $parent_path));
} while ($parent === FALSE && $parent_path);
}
// Menu callbacks need to be in the links table for breadcrumbs, but can't
@@ -1582,10 +1582,10 @@ function menu_link_save(&$item) {
expanded, weight,
module, link_title, options,
customized, updated) VALUES (
- '%s', %d, '%s',
+ %s, %d, %s,
%d, %d, %d,
%d, %d,
- '%s', '%s', '%s', %d, %d)",
+ %s, %s, %s, %d, %d)",
$item['menu_name'], $item['plid'], $item['link_path'],
$item['hidden'], $item['_external'], $item['has_children'],
$item['expanded'], $item['weight'],
@@ -1631,11 +1631,11 @@ function menu_link_save(&$item) {
$item['router_path'] = _menu_find_router_path($menu, $item['link_path']);
}
}
- db_query("UPDATE {menu_links} SET menu_name = '%s', plid = %d, link_path = '%s',
- router_path = '%s', hidden = %d, external = %d, has_children = %d,
+ db_query("UPDATE {menu_links} SET menu_name = %s, plid = %d, link_path = %s,
+ router_path = %s, hidden = %d, external = %d, has_children = %d,
expanded = %d, weight = %d, depth = %d,
p1 = %d, p2 = %d, p3 = %d, p4 = %d, p5 = %d, p6 = %d, p7 = %d, p8 = %d, p9 = %d,
- module = '%s', link_title = '%s', options = '%s', customized = %d WHERE mlid = %d",
+ module = %s, link_title = %s, options = %s, customized = %d WHERE mlid = %d",
$item['menu_name'], $item['plid'], $item['link_path'],
$item['router_path'], $item['hidden'], $item['_external'], $item['has_children'],
$item['expanded'], $item['weight'], $item['depth'],
@@ -1705,7 +1705,7 @@ function menu_link_children_relative_dep
$p = 'p'. ++$i;
}
- $max_depth = db_result(db_query_range("SELECT depth FROM {menu_links} WHERE menu_name = '%s'". $match ." ORDER BY depth DESC", $args, 0, 1));
+ $max_depth = db_result(db_query_range("SELECT depth FROM {menu_links} WHERE menu_name = %s". $match ." ORDER BY depth DESC", $args, 0, 1));
return ($max_depth > $item['depth']) ? $max_depth - $item['depth'] : 0;
}
@@ -1719,7 +1719,7 @@ function menu_link_children_relative_dep
function _menu_link_move_children($item, $existing_item) {
$args[] = $item['menu_name'];
- $set[] = "menu_name = '%s'";
+ $set[] = "menu_name = %s";
$i = 1;
while ($i <= $item['depth']) {
@@ -1751,7 +1751,7 @@ function _menu_link_move_children($item,
$args[] = $shift;
$set[] = 'depth = depth + %d';
}
- $where[] = "menu_name = '%s'";
+ $where[] = "menu_name = %s";
$args[] = $existing_item['menu_name'];
$p = 'p1';
for ($i = 1; $i <= MENU_MAX_DEPTH && $existing_item[$p]; $p = 'p'. ++$i) {
@@ -1773,7 +1773,7 @@ function _menu_update_parental_status($i
// We may want to exclude the passed link as a possible child.
$where = $exclude ? " AND mlid != %d" : '';
// Check if at least one visible child exists in the table.
- $parent_has_children = (bool)db_result(db_query_range("SELECT mlid FROM {menu_links} WHERE menu_name = '%s' AND plid = %d AND hidden = 0". $where, $item['menu_name'], $item['plid'], $item['mlid'], 0, 1));
+ $parent_has_children = (bool)db_result(db_query_range("SELECT mlid FROM {menu_links} WHERE menu_name = %s AND plid = %d AND hidden = 0". $where, $item['menu_name'], $item['plid'], $item['mlid'], 0, 1));
db_query("UPDATE {menu_links} SET has_children = %d WHERE mlid = %d", $parent_has_children, $item['plid']);
}
}
@@ -1960,11 +1960,11 @@ function _menu_router_build($callbacks)
number_parts, tab_parent, tab_root,
title, title_callback, title_arguments,
type, block_callback, description, position, weight, file)
- VALUES ('%s', '%s', '%s', '%s',
- '%s', '%s', '%s', %d,
- %d, '%s', '%s',
- '%s', '%s', '%s',
- %d, '%s', '%s', '%s', %d, '%s')",
+ VALUES (%s, %s, %s, %s,
+ %s, %s, %s, %d,
+ %d, %s, %s,
+ %s, %s, %s,
+ %d, %s, %s, %s, %d, %s)",
$path, $item['load_functions'], $item['to_arg_functions'], $item['access callback'],
serialize($item['access arguments']), $item['page callback'], serialize($item['page arguments']), $item['_fit'],
$item['_number_parts'], $item['tab_parent'], $item['tab_root'],
diff -urpN drupal/includes/module.inc drupal-6.x-dev-pre_pdo-0.3/includes/module.inc
--- drupal/includes/module.inc 2007-09-02 22:42:30.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/includes/module.inc 2007-09-03 02:23:34.000000000 +0800
@@ -138,13 +138,13 @@ function module_rebuild_cache() {
// Update the contents of the system table:
if (isset($file->status) || (isset($file->old_filename) && $file->old_filename != $file->filename)) {
- db_query("UPDATE {system} SET info = '%s', name = '%s', filename = '%s', bootstrap = %d WHERE filename = '%s'", serialize($files[$filename]->info), $file->name, $file->filename, $bootstrap, $file->old_filename);
+ db_query("UPDATE {system} SET info = %s, name = %s, filename = %s, bootstrap = %d WHERE filename = %s", serialize($files[$filename]->info), $file->name, $file->filename, $bootstrap, $file->old_filename);
}
else {
// This is a new module.
$files[$filename]->status = 0;
$files[$filename]->throttle = 0;
- db_query("INSERT INTO {system} (name, info, type, filename, status, throttle, bootstrap) VALUES ('%s', '%s', '%s', '%s', %d, %d, %d)", $file->name, serialize($files[$filename]->info), 'module', $file->filename, 0, 0, $bootstrap);
+ db_query("INSERT INTO {system} (name, info, type, filename, status, throttle, bootstrap) VALUES (%s, %s, %s, %s, %d, %d, %d)", $file->name, serialize($files[$filename]->info), 'module', $file->filename, 0, 0, $bootstrap);
}
}
$files = _module_build_dependents($files);
@@ -242,10 +242,10 @@ function module_load_all_includes($type,
function module_enable($module_list) {
$invoke_modules = array();
foreach ($module_list as $module) {
- $existing = db_fetch_object(db_query("SELECT status FROM {system} WHERE type = '%s' AND name = '%s'", 'module', $module));
+ $existing = db_fetch_object(db_query("SELECT status FROM {system} WHERE type = %s AND name = %s", 'module', $module));
if ($existing->status == 0) {
module_load_install($module);
- db_query("UPDATE {system} SET status = %d, throttle = %d WHERE type = '%s' AND name = '%s'", 1, 0, 'module', $module);
+ db_query("UPDATE {system} SET status = %d, throttle = %d WHERE type = %s AND name = %s", 1, 0, 'module', $module);
drupal_load('module', $module);
$invoke_modules[] = $module;
}
@@ -284,7 +284,7 @@ function module_disable($module_list) {
module_load_install($module);
module_invoke($module, 'disable');
- db_query("UPDATE {system} SET status = %d, throttle = %d WHERE type = '%s' AND name = '%s'", 0, 0, 'module', $module);
+ db_query("UPDATE {system} SET status = %d, throttle = %d WHERE type = %s AND name = %s", 0, 0, 'module', $module);
$invoke_modules[] = $module;
}
}
diff -urpN drupal/includes/path.inc drupal-6.x-dev-pre_pdo-0.3/includes/path.inc
--- drupal/includes/path.inc 2007-06-18 14:59:11.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/includes/path.inc 2007-09-03 02:23:34.000000000 +0800
@@ -65,7 +65,7 @@ function drupal_lookup_path($action, $pa
return $map[$path_language][$path];
}
// Get the most fitting result falling back with alias without language
- $alias = db_result(db_query("SELECT dst FROM {url_alias} WHERE src = '%s' AND language IN('%s', '') ORDER BY language DESC", $path, $path_language));
+ $alias = db_result(db_query("SELECT dst FROM {url_alias} WHERE src = %s AND language IN(%s, '') ORDER BY language DESC", $path, $path_language));
$map[$path_language][$path] = $alias;
return $alias;
}
@@ -76,7 +76,7 @@ function drupal_lookup_path($action, $pa
$src = '';
if (!isset($map[$path_language]) || !($src = array_search($path, $map[$path_language]))) {
// Get the most fitting result falling back with alias without language
- if ($src = db_result(db_query("SELECT src FROM {url_alias} WHERE dst = '%s' AND language IN('%s', '') ORDER BY language DESC", $path, $path_language))) {
+ if ($src = db_result(db_query("SELECT src FROM {url_alias} WHERE dst = %s AND language IN(%s, '') ORDER BY language DESC", $path, $path_language))) {
$map[$path_language][$src] = $path;
}
else {
diff -urpN drupal/includes/session.inc drupal-6.x-dev-pre_pdo-0.3/includes/session.inc
--- drupal/includes/session.inc 2007-08-12 23:55:35.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/includes/session.inc 2007-09-03 02:23:34.000000000 +0800
@@ -29,7 +29,7 @@ function sess_read($key) {
}
// Otherwise, if the session is still active, we have a record of the client's session in the database.
- $user = db_fetch_object(db_query("SELECT u.*, s.* FROM {users} u INNER JOIN {sessions} s ON u.uid = s.uid WHERE s.sid = '%s'", $key));
+ $user = db_fetch_object(db_query("SELECT u.*, s.* FROM {users} u INNER JOIN {sessions} s ON u.uid = s.uid WHERE s.sid = %s", $key));
// We found the client's session record and they are an authenticated user
if ($user && $user->uid > 0) {
@@ -61,7 +61,7 @@ function sess_write($key, $value) {
return TRUE;
}
- $result = db_result(db_query("SELECT COUNT(*) FROM {sessions} WHERE sid = '%s'", $key));
+ $result = db_result(db_query("SELECT COUNT(*) FROM {sessions} WHERE sid = %s", $key));
if (!$result) {
// Only save session data when when the browser sends a cookie. This keeps
@@ -69,11 +69,11 @@ function sess_write($key, $value) {
// and gives more useful statistics. We can't eliminate anonymous session
// table rows without breaking throttle module and "Who's Online" block.
if ($user->uid || $value || count($_COOKIE)) {
- db_query("INSERT INTO {sessions} (sid, uid, cache, hostname, session, timestamp) VALUES ('%s', %d, %d, '%s', '%s', %d)", $key, $user->uid, isset($user->cache) ? $user->cache : '', ip_address(), $value, time());
+ db_query("INSERT INTO {sessions} (sid, uid, cache, hostname, session, timestamp) VALUES (%s, %d, %d, %s, %s, %d)", $key, $user->uid, isset($user->cache) ? $user->cache : '', ip_address(), $value, time());
}
}
else {
- db_query("UPDATE {sessions} SET uid = %d, cache = %d, hostname = '%s', session = '%s', timestamp = %d WHERE sid = '%s'", $user->uid, isset($user->cache) ? $user->cache : '', ip_address(), $value, time(), $key);
+ db_query("UPDATE {sessions} SET uid = %d, cache = %d, hostname = %s, session = %s, timestamp = %d WHERE sid = %s", $user->uid, isset($user->cache) ? $user->cache : '', ip_address(), $value, time(), $key);
// Last access time is updated no more frequently than once every 180 seconds.
// This reduces contention in the users table.
@@ -102,7 +102,7 @@ function sess_regenerate() {
session_regenerate_id();
- db_query("UPDATE {sessions} SET sid = '%s' WHERE sid = '%s'", session_id(), $old_session_id);
+ db_query("UPDATE {sessions} SET sid = %s WHERE sid = %s", session_id(), $old_session_id);
}
/**
@@ -130,7 +130,7 @@ function sess_count($timestamp = 0, $ano
* the session id
*/
function sess_destroy_sid($sid) {
- db_query("DELETE FROM {sessions} WHERE sid = '%s'", $sid);
+ db_query("DELETE FROM {sessions} WHERE sid = %s", $sid);
}
/**
diff -urpN drupal/includes/theme.inc drupal-6.x-dev-pre_pdo-0.3/includes/theme.inc
--- drupal/includes/theme.inc 2007-09-01 19:32:07.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/includes/theme.inc 2007-09-03 02:23:34.000000000 +0800
@@ -360,7 +360,7 @@ function list_themes($refresh = FALSE) {
if (empty($list)) {
$list = array();
- $result = db_query("SELECT * FROM {system} WHERE type = '%s'", 'theme');
+ $result = db_query("SELECT * FROM {system} WHERE type = %s", 'theme');
while ($theme = db_fetch_object($result)) {
if (file_exists($theme->filename)) {
$theme->info = unserialize($theme->info);
@@ -407,7 +407,7 @@ function list_theme_engines($refresh = F
if (!$list) {
$list = array();
- $result = db_query("SELECT * FROM {system} WHERE type = '%s' AND status = %d ORDER BY name", 'theme_engine', '1');
+ $result = db_query("SELECT * FROM {system} WHERE type = %s AND status = %d ORDER BY name", 'theme_engine', '1');
while ($engine = db_fetch_object($result)) {
if (file_exists($engine->filename)) {
$engine->info = unserialize($engine->info);
diff -urpN drupal/includes/unicode.inc drupal-6.x-dev-pre_pdo-0.3/includes/unicode.inc
--- drupal/includes/unicode.inc 2007-05-12 14:08:56.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/includes/unicode.inc 2007-09-03 02:23:34.000000000 +0800
@@ -148,7 +148,7 @@ function drupal_xml_parser_create(&$data
$data = ereg_replace('^(<\?xml[^>]+encoding)="([^"]+)"', '\\1="utf-8"', $out);
}
else {
- watchdog('php', 'Could not convert XML encoding %s to UTF-8.', array('%s' => $encoding), WATCHDOG_WARNING);
+ watchdog('php', 'Could not convert XML encoding %encoding to UTF-8.', array('%encoding' => $encoding), WATCHDOG_WARNING);
return 0;
}
}
@@ -181,7 +181,7 @@ function drupal_convert_to_utf8($data, $
$out = @recode_string($encoding .'..utf-8', $data);
}
else {
- watchdog('php', 'Unsupported encoding %s. Please install iconv, GNU recode or mbstring for PHP.', array('%s' => $encoding), WATCHDOG_ERROR);
+ watchdog('php', 'Unsupported encoding %encoding. Please install iconv, GNU recode or mbstring for PHP.', array('%encoding' => $encoding), WATCHDOG_ERROR);
return FALSE;
}
diff -urpN drupal/install.php drupal-6.x-dev-pre_pdo-0.3/install.php
--- drupal/install.php 2007-09-02 20:41:01.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/install.php 2007-09-03 02:23:34.000000000 +0800
@@ -126,7 +126,7 @@ function install_main() {
*/
function install_verify_drupal() {
// Read the variable manually using the @ so we don't trigger an error if it fails.
- $result = @db_query("SELECT value FROM {variable} WHERE name = '%s'", 'install_task');
+ $result = @db_query("SELECT value FROM {variable} WHERE name = %s", 'install_task');
if ($result) {
return unserialize(db_result($result));
}
@@ -970,7 +970,7 @@ function install_configure_form_submit($
$form_state['old_values'] = $form_state['values'];
$form_state['values'] = $form_state['values']['account'];
user_register_submit($form, $form_state);
- db_query("INSERT INTO {users} (uid, name, mail) VALUES(%d, '%s', '%s')", 0, '', '');
+ db_query("INSERT INTO {users} (uid, name, mail) VALUES(%d, %s, %s)", 0, '', '');
$form_state['values'] = $form_state['old_values'];
unset($form_state['old_values']);
variable_set('user_email_verification', TRUE);
diff -urpN drupal/modules/actions/actions.module drupal-6.x-dev-pre_pdo-0.3/modules/actions/actions.module
--- drupal/modules/actions/actions.module 2007-08-29 22:57:49.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/actions/actions.module 2007-09-03 02:23:34.000000000 +0800
@@ -83,7 +83,7 @@ function actions_menu() {
if (in_array($module, array('node', 'comment', 'user', 'system', 'taxonomy'))) {
continue;
}
- $info = db_result(db_query("SELECT info FROM {system} WHERE name = '%s'", $module));
+ $info = db_result(db_query("SELECT info FROM {system} WHERE name = %s", $module));
$info = unserialize($info);
$nice_name = $info['name'];
$items["admin/build/actions/assign/$module"] = array(
@@ -131,10 +131,10 @@ function actions_access_check($module) {
function _actions_get_hook_actions($hook, $op, $type = NULL) {
$actions = array();
if ($type) {
- $result = db_query("SELECT h.aid, a.description FROM {actions_assignments} h LEFT JOIN {actions} a on a.aid = h.aid WHERE a.type = '%s' AND h.hook = '%s' AND h.op = '%s' ORDER BY h.weight", $type, $hook, $op);
+ $result = db_query("SELECT h.aid, a.description FROM {actions_assignments} h LEFT JOIN {actions} a on a.aid = h.aid WHERE a.type = %s AND h.hook = %s AND h.op = %s ORDER BY h.weight", $type, $hook, $op);
}
else {
- $result = db_query("SELECT h.aid, a.description FROM {actions_assignments} h LEFT JOIN {actions} a on a.aid = h.aid WHERE h.hook = '%s' AND h.op = '%s' ORDER BY h.weight", $hook, $op);
+ $result = db_query("SELECT h.aid, a.description FROM {actions_assignments} h LEFT JOIN {actions} a on a.aid = h.aid WHERE h.hook = %s AND h.op = %s ORDER BY h.weight", $hook, $op);
}
while ($action = db_fetch_object($result)) {
$actions[$action->aid] = $action->description;
@@ -155,7 +155,7 @@ function _actions_get_hook_actions($hook
*/
function _actions_get_hook_aids($hook, $op = '') {
$aids = array();
- $result = db_query("SELECT aa.aid, a.type FROM {actions_assignments} aa LEFT JOIN {actions} a ON aa.aid = a.aid WHERE aa.hook = '%s' AND aa.op = '%s' ORDER BY weight", $hook, $op);
+ $result = db_query("SELECT aa.aid, a.type FROM {actions_assignments} aa LEFT JOIN {actions} a ON aa.aid = a.aid WHERE aa.hook = %s AND aa.op = %s ORDER BY weight", $hook, $op);
while ($action = db_fetch_object($result)) {
$aids[$action->aid]['type'] = $action->type;
}
@@ -245,8 +245,8 @@ function actions_assign_form_submit($for
$form_values = $form_state['values'];
if (!empty($form_values['aid'])) {
$aid = actions_function_lookup($form_values['aid']);
- $weight = db_result(db_query("SELECT MAX(weight) FROM {actions_assignments} WHERE hook = '%s' AND op = '%s'", $form_values['hook'], $form_values['operation']));
- db_query("INSERT INTO {actions_assignments} values ('%s', '%s', '%s', %d)", $form_values['hook'], $form_values['operation'], $aid, $weight + 1);
+ $weight = db_result(db_query("SELECT MAX(weight) FROM {actions_assignments} WHERE hook = %s AND op = %s", $form_values['hook'], $form_values['operation']));
+ db_query("INSERT INTO {actions_assignments} values (%s, %s, %s, %d)", $form_values['hook'], $form_values['operation'], $aid, $weight + 1);
}
}
@@ -378,7 +378,7 @@ function actions_unassign_submit($form,
$form_values = $form_state['values'];
if ($form_values['confirm'] == 1) {
$aid = actions_function_lookup($form_values['aid']);
- db_query("DELETE FROM {actions_assignments} WHERE hook = '%s' AND op = '%s' AND aid = '%s'", $form_values['hook'], $form_values['operation'], $aid);
+ db_query("DELETE FROM {actions_assignments} WHERE hook = %s AND op = %s AND aid = %s", $form_values['hook'], $form_values['operation'], $aid);
$actions = actions_get_all_actions();
watchdog('actions', 'Action %action has been unassigned.', array('%action' => check_plain($actions[$aid]['description'])));
drupal_set_message(t('Action %action has been unassigned.', array('%action' => $actions[$aid]['description'])));
diff -urpN drupal/modules/aggregator/aggregator.module drupal-6.x-dev-pre_pdo-0.3/modules/aggregator/aggregator.module
--- drupal/modules/aggregator/aggregator.module 2007-08-31 04:20:38.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/aggregator/aggregator.module 2007-09-03 02:24:48.000000000 +0800
@@ -361,10 +361,10 @@ function aggregator_form_category_valida
if ($form_state['values']['op'] == t('Save')) {
// Check for duplicate titles
if (isset($form_state['values']['cid'])) {
- $category = db_fetch_object(db_query("SELECT cid FROM {aggregator_category} WHERE title = '%s' AND cid != %d", $form_state['values']['title'], $form_state['values']['cid']));
+ $category = db_fetch_object(db_query("SELECT cid FROM {aggregator_category} WHERE title = %s AND cid != %d", $form_state['values']['title'], $form_state['values']['cid']));
}
else {
- $category = db_fetch_object(db_query("SELECT cid FROM {aggregator_category} WHERE title = '%s'", $form_state['values']['title']));
+ $category = db_fetch_object(db_query("SELECT cid FROM {aggregator_category} WHERE title = %s", $form_state['values']['title']));
}
if ($category) {
form_set_error('title', t('A category named %category already exists. Please enter a unique title.', array('%category' => $form_state['values']['title'])));
@@ -420,14 +420,14 @@ function aggregator_form_category_submit
*/
function aggregator_save_category($edit) {
if (!empty($edit['cid']) && !empty($edit['title'])) {
- db_query("UPDATE {aggregator_category} SET title = '%s', description = '%s' WHERE cid = %d", $edit['title'], $edit['description'], $edit['cid']);
+ db_query("UPDATE {aggregator_category} SET title = %s, description = %s WHERE cid = %d", $edit['title'], $edit['description'], $edit['cid']);
}
else if (!empty($edit['cid'])) {
db_query('DELETE FROM {aggregator_category} WHERE cid = %d', $edit['cid']);
}
else if (!empty($edit['title'])) {
// A single unique id for bundles and feeds, to use in blocks
- db_query("INSERT INTO {aggregator_category} (title, description, block) VALUES ('%s', '%s', 5)", $edit['title'], $edit['description']);
+ db_query("INSERT INTO {aggregator_category} (title, description, block) VALUES (%s, %s, 5)", $edit['title'], $edit['description']);
}
}
@@ -495,10 +495,10 @@ function aggregator_form_feed_validate($
if ($form_state['values']['op'] == t('Save')) {
// Check for duplicate titles
if (isset($form_state['values']['fid'])) {
- $result = db_query("SELECT title, url FROM {aggregator_feed} WHERE (title = '%s' OR url='%s') AND fid != %d", $form_state['values']['title'], $form_state['values']['url'], $form_state['values']['fid']);
+ $result = db_query("SELECT title, url FROM {aggregator_feed} WHERE (title = %s OR url=%s) AND fid != %d", $form_state['values']['title'], $form_state['values']['url'], $form_state['values']['fid']);
}
else {
- $result = db_query("SELECT title, url FROM {aggregator_feed} WHERE title = '%s' OR url='%s'", $form_state['values']['title'], $form_state['values']['url']);
+ $result = db_query("SELECT title, url FROM {aggregator_feed} WHERE title = %s OR url=%s", $form_state['values']['title'], $form_state['values']['url']);
}
while ($feed = db_fetch_object($result)) {
if (strcasecmp($feed->title, $form_state['values']['title']) == 0) {
@@ -563,7 +563,7 @@ function aggregator_save_feed($edit) {
db_query('DELETE FROM {aggregator_category_feed} WHERE fid = %d', $edit['fid']);
}
if (!empty($edit['fid']) && !empty($edit['title'])) {
- db_query("UPDATE {aggregator_feed} SET title = '%s', url = '%s', refresh = %d WHERE fid = %d", $edit['title'], $edit['url'], $edit['refresh'], $edit['fid']);
+ db_query("UPDATE {aggregator_feed} SET title = %s, url = %s, refresh = %d WHERE fid = %d", $edit['title'], $edit['url'], $edit['refresh'], $edit['fid']);
}
else if (!empty($edit['fid'])) {
$result = db_query('SELECT iid FROM {aggregator_item} WHERE fid = %d', $edit['fid']);
@@ -577,7 +577,7 @@ function aggregator_save_feed($edit) {
db_query('DELETE FROM {aggregator_item} WHERE fid = %d', $edit['fid']);
}
else if ($edit['title']) {
- db_query("INSERT INTO {aggregator_feed} (title, url, refresh, block, description) VALUES ('%s', '%s', %d, 5, '')", $edit['title'], $edit['url'], $edit['refresh']);
+ db_query("INSERT INTO {aggregator_feed} (title, url, refresh, block, description) VALUES (%s, %s, %d, 5, '')", $edit['title'], $edit['url'], $edit['refresh']);
// A single unique id for bundles and feeds, to use in blocks.
$edit['fid'] = db_last_insert_id('aggregator_feed', 'fid');
}
@@ -781,7 +781,7 @@ function aggregator_refresh($feed) {
** Update the feed data:
*/
- db_query("UPDATE {aggregator_feed} SET url = '%s', checked = %d, link = '%s', description = '%s', image = '%s', etag = '%s', modified = %d WHERE fid = %d", $feed['url'], time(), $channel['LINK'], $channel['DESCRIPTION'], $image, $result->headers['ETag'], $modified, $feed['fid']);
+ db_query("UPDATE {aggregator_feed} SET url = %s, checked = %d, link = %s, description = %s, image = %s, etag = %s, modified = %d WHERE fid = %d", $feed['url'], time(), $channel['LINK'], $channel['DESCRIPTION'], $image, $result->headers['ETag'], $modified, $feed['fid']);
/*
** Clear the cache:
@@ -947,13 +947,13 @@ function aggregator_parse_feed(&$data, $
*/
if ($guid) {
- $entry = db_fetch_object(db_query("SELECT iid FROM {aggregator_item} WHERE fid = %d AND guid = '%s'", $feed['fid'], $guid));
+ $entry = db_fetch_object(db_query("SELECT iid FROM {aggregator_item} WHERE fid = %d AND guid = %s", $feed['fid'], $guid));
}
else if ($link && $link != $feed['link'] && $link != $feed['url']) {
- $entry = db_fetch_object(db_query("SELECT iid FROM {aggregator_item} WHERE fid = %d AND link = '%s'", $feed['fid'], $link));
+ $entry = db_fetch_object(db_query("SELECT iid FROM {aggregator_item} WHERE fid = %d AND link = %s", $feed['fid'], $link));
}
else {
- $entry = db_fetch_object(db_query("SELECT iid FROM {aggregator_item} WHERE fid = %d AND title = '%s'", $feed['fid'], $title));
+ $entry = db_fetch_object(db_query("SELECT iid FROM {aggregator_item} WHERE fid = %d AND title = %s", $feed['fid'], $title));
}
aggregator_save_item(array('iid' => (isset($entry->iid)?$entry->iid:''), 'fid' => $feed['fid'], 'timestamp' => $timestamp, 'title' => $title, 'link' => $link, 'author' => (empty($item['AUTHOR'])?'':$item['AUTHOR']), 'description' => $item['DESCRIPTION'], 'guid' => $guid));
}
@@ -981,15 +981,17 @@ function aggregator_parse_feed(&$data, $
function aggregator_save_item($edit) {
if ($edit['iid'] && $edit['title']) {
- db_query("UPDATE {aggregator_item} SET title = '%s', link = '%s', author = '%s', description = '%s', guid = '%s', timestamp = %d WHERE iid = %d", $edit['title'], $edit['link'], $edit['author'], $edit['description'], $edit['guid'], $edit['timestamp'], $edit['iid']);
+ db_query("UPDATE {aggregator_item} SET title = %s, link = %s, author = %s, description = %c, guid = %s, timestamp = %d WHERE iid = %d", $edit['title'], $edit['link'], $edit['author'], NULL, $edit['guid'], $edit['timestamp'], $edit['iid']);
+ db_update_clob('iid = %d', $edit['iid'], db_prefix_tables('{aggregator_item}'), 'description', $edit['description']);
}
else if ($edit['iid']) {
db_query('DELETE FROM {aggregator_item} WHERE iid = %d', $edit['iid']);
db_query('DELETE FROM {aggregator_category_item} WHERE iid = %d', $edit['iid']);
}
else if ($edit['title'] && $edit['link']) {
- db_query("INSERT INTO {aggregator_item} (fid, title, link, author, description, timestamp, guid) VALUES (%d, '%s', '%s', '%s', '%s', %d, '%s')", $edit['fid'], $edit['title'], $edit['link'], $edit['author'], $edit['description'], $edit['timestamp'], $edit['guid']);
+ db_query("INSERT INTO {aggregator_item} (fid, title, link, author, description, timestamp, guid) VALUES (%d, %s, %s, %s, %c, %d, %s)", $edit['fid'], $edit['title'], $edit['link'], $edit['author'], NULL, $edit['timestamp'], $edit['guid']);
$edit['iid'] = db_last_insert_id('aggregator_item', 'iid');
+ db_update_clob('iid = %d', $edit['iid'], db_prefix_tables('{aggregator_item}'), 'description', $edit['description']);
// file the items in the categories indicated by the feed
$categories = db_query('SELECT cid FROM {aggregator_category_feed} WHERE fid = %d', $edit['fid']);
while ($category = db_fetch_object($categories)) {
@@ -1236,6 +1238,7 @@ function aggregator_page_rss() {
}
while ($item = db_fetch_object($result)) {
+ $item->description = db_decode_clob($item->description);
switch (variable_get('feed_item_length', 'teaser')) {
case 'teaser':
$teaser = node_teaser($item->description);
@@ -1411,7 +1414,7 @@ function theme_aggregator_page_item($ite
$output .= "$source $source_date
\n";
if ($item->description) {
- $output .= ''. aggregator_filter_xss($item->description) ."
\n";
+ $output .= ''. aggregator_filter_xss(db_decode_clob($item->description)) ."
\n";
}
$result = db_query('SELECT c.title, c.cid FROM {aggregator_category_item} ci LEFT JOIN {aggregator_category} c ON ci.cid = c.cid WHERE ci.iid = %d ORDER BY c.title', $item->iid);
diff -urpN drupal/modules/aggregator/aggregator.schema drupal-6.x-dev-pre_pdo-0.3/modules/aggregator/aggregator.schema
--- drupal/modules/aggregator/aggregator.schema 2007-07-15 18:09:21.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/aggregator/aggregator.schema 2007-09-03 02:24:48.000000000 +0800
@@ -57,7 +57,7 @@ function aggregator_schema() {
'title' => array('type' => 'varchar', 'length' => 255, 'not null' => TRUE, 'default' => ''),
'link' => array('type' => 'varchar', 'length' => 255, 'not null' => TRUE, 'default' => ''),
'author' => array('type' => 'varchar', 'length' => 255, 'not null' => TRUE, 'default' => ''),
- 'description' => array('type' => 'text', 'not null' => TRUE, 'size' => 'big'),
+ 'description' => array('type' => 'clob', 'not null' => TRUE, 'size' => 'big'),
'timestamp' => array('type' => 'int', 'not null' => FALSE),
'guid' => array('type' => 'varchar', 'length' => 255, 'not null' => FALSE)
),
diff -urpN drupal/modules/block/block.admin.inc drupal-6.x-dev-pre_pdo-0.3/modules/block/block.admin.inc
--- drupal/modules/block/block.admin.inc 2007-09-01 13:31:09.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/block/block.admin.inc 2007-09-03 02:24:48.000000000 +0800
@@ -66,7 +66,7 @@ function block_admin_display_submit($for
foreach ($form_state['values'] as $block) {
$block['status'] = $block['region'] != BLOCK_REGION_NONE;
$block['region'] = $block['status'] ? $block['region'] : '';
- db_query("UPDATE {blocks} SET status = %d, weight = %d, region = '%s', throttle = %d WHERE module = '%s' AND delta = '%s' AND theme = '%s'", $block['status'], $block['weight'], $block['region'], isset($block['throttle']) ? $block['throttle'] : 0, $block['module'], $block['delta'], $block['theme']);
+ db_query("UPDATE {blocks} SET status = %d, weight = %d, region = %s, throttle = %d WHERE module = %s AND delta = %s AND theme = %s", $block['status'], $block['weight'], $block['region'], isset($block['throttle']) ? $block['throttle'] : 0, $block['module'], $block['delta'], $block['theme']);
}
drupal_set_message(t('The block settings have been updated.'));
cache_clear_all();
@@ -103,7 +103,7 @@ function block_admin_configure(&$form_st
$form['module'] = array('#type' => 'value', '#value' => $module);
$form['delta'] = array('#type' => 'value', '#value' => $delta);
- $edit = db_fetch_array(db_query("SELECT pages, visibility, custom, title FROM {blocks} WHERE module = '%s' AND delta = '%s'", $module, $delta));
+ $edit = db_fetch_array(db_query("SELECT pages, visibility, custom, title FROM {blocks} WHERE module = %s AND delta = %s", $module, $delta));
$form['block_settings'] = array(
'#type' => 'fieldset',
@@ -153,7 +153,7 @@ function block_admin_configure(&$form_st
// Role-based visibility settings
$default_role_options = array();
- $result = db_query("SELECT rid FROM {blocks_roles} WHERE module = '%s' AND delta = '%s'", $module, $delta);
+ $result = db_query("SELECT rid FROM {blocks_roles} WHERE module = %s AND delta = %s", $module, $delta);
while ($role = db_fetch_object($result)) {
$default_role_options[] = $role->rid;
}
@@ -219,7 +219,7 @@ function block_admin_configure(&$form_st
function block_admin_configure_validate($form, &$form_state) {
if ($form_state['values']['module'] == 'block') {
- if (empty($form_state['values']['info']) || db_result(db_query("SELECT COUNT(*) FROM {boxes} WHERE bid != %d AND info = '%s'", $form_state['values']['delta'], $form_state['values']['info']))) {
+ if (empty($form_state['values']['info']) || db_result(db_query("SELECT COUNT(*) FROM {boxes} WHERE bid != %d AND info = %s", $form_state['values']['delta'], $form_state['values']['info']))) {
form_set_error('info', t('Please ensure that each block description is unique.'));
}
}
@@ -227,10 +227,10 @@ function block_admin_configure_validate(
function block_admin_configure_submit($form, &$form_state) {
if (!form_get_errors()) {
- db_query("UPDATE {blocks} SET visibility = %d, pages = '%s', custom = %d, title = '%s' WHERE module = '%s' AND delta = '%s'", $form_state['values']['visibility'], trim($form_state['values']['pages']), $form_state['values']['custom'], $form_state['values']['title'], $form_state['values']['module'], $form_state['values']['delta']);
- db_query("DELETE FROM {blocks_roles} WHERE module = '%s' AND delta = '%s'", $form_state['values']['module'], $form_state['values']['delta']);
+ db_query("UPDATE {blocks} SET visibility = %d, pages = %s, custom = %d, title = %s WHERE module = %s AND delta = %s", $form_state['values']['visibility'], trim($form_state['values']['pages']), $form_state['values']['custom'], $form_state['values']['title'], $form_state['values']['module'], $form_state['values']['delta']);
+ db_query("DELETE FROM {blocks_roles} WHERE module = %s AND delta = %s", $form_state['values']['module'], $form_state['values']['delta']);
foreach (array_filter($form_state['values']['roles']) as $rid) {
- db_query("INSERT INTO {blocks_roles} (rid, module, delta) VALUES (%d, '%s', '%s')", $rid, $form_state['values']['module'], $form_state['values']['delta']);
+ db_query("INSERT INTO {blocks_roles} (rid, module, delta) VALUES (%d, %s, %s)", $rid, $form_state['values']['module'], $form_state['values']['delta']);
}
module_invoke($form_state['values']['module'], 'block', 'save', $form_state['values']['delta'], $form_state['values']);
drupal_set_message(t('The block configuration has been saved.'));
@@ -248,7 +248,7 @@ function block_add_block_form(&$form_sta
}
function block_add_block_form_validate($form, &$form_state) {
- if (empty($form_state['values']['info']) || db_result(db_query("SELECT COUNT(*) FROM {boxes} WHERE info = '%s'", $form_state['values']['info']))) {
+ if (empty($form_state['values']['info']) || db_result(db_query("SELECT COUNT(*) FROM {boxes} WHERE info = %s", $form_state['values']['info']))) {
form_set_error('info', t('Please ensure that each block description is unique.'));
}
}
@@ -257,17 +257,18 @@ function block_add_block_form_validate($
* Save the new custom block.
*/
function block_add_block_form_submit($form, &$form_state) {
- db_query("INSERT INTO {boxes} (body, info, format) VALUES ('%s', '%s', %d)", $form_state['values']['body'], $form_state['values']['info'], $form_state['values']['format']);
+ db_query("INSERT INTO {boxes} (body, info, format) VALUES (%c, %s, %d)", NULL, $form_state['values']['info'], $form_state['values']['format']);
$delta = db_last_insert_id('boxes', 'bid');
+ db_update_clob('bid = %d', $delta, db_prefix_tables('{boxes}'), 'body', $form_state['values']['body']);
foreach (list_themes() as $key => $theme) {
if ($theme->status) {
- db_query("INSERT INTO {blocks} (visibility, pages, custom, title, module, theme, status, weight, delta, cache) VALUES(%d, '%s', %d, '%s', '%s', '%s', %d, %d, %d, %d)", $form_state['values']['visibility'], trim($form_state['values']['pages']), $form_state['values']['custom'], $form_state['values']['title'], $form_state['values']['module'], $theme->name, 0, 0, $delta, BLOCK_NO_CACHE);
+ db_query("INSERT INTO {blocks} (visibility, pages, custom, title, module, theme, status, weight, delta, cache) VALUES(%d, %s, %d, %s, %s, %s, %d, %d, %d, %d)", $form_state['values']['visibility'], trim($form_state['values']['pages']), $form_state['values']['custom'], $form_state['values']['title'], $form_state['values']['module'], $theme->name, 0, 0, $delta, BLOCK_NO_CACHE);
}
}
foreach (array_filter($form_state['values']['roles']) as $rid) {
- db_query("INSERT INTO {blocks_roles} (rid, module, delta) VALUES (%d, '%s', '%s')", $rid, $form_state['values']['module'], $delta);
+ db_query("INSERT INTO {blocks_roles} (rid, module, delta) VALUES (%d, %s, %s)", $rid, $form_state['values']['module'], $delta);
}
drupal_set_message(t('The block has been created.'));
diff -urpN drupal/modules/block/block.module drupal-6.x-dev-pre_pdo-0.3/modules/block/block.module
--- drupal/modules/block/block.module 2007-09-01 13:31:09.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/block/block.module 2007-09-03 02:24:48.000000000 +0800
@@ -199,7 +199,7 @@ function block_block($op = 'list', $delt
case 'view':
$block = db_fetch_object(db_query('SELECT body, format FROM {boxes} WHERE bid = %d', $delta));
- $data['content'] = check_markup($block->body, $block->format, FALSE);
+ $data['content'] = check_markup(db_decode_clob($block->body), $block->format, FALSE);
return $data;
}
}
@@ -215,7 +215,7 @@ function _block_rehash() {
init_theme();
- $result = db_query("SELECT * FROM {blocks} WHERE theme = '%s'", $theme_key);
+ $result = db_query("SELECT * FROM {blocks} WHERE theme = %s", $theme_key);
while ($old_block = db_fetch_object($result)) {
$old_blocks[$old_block->module][$old_block->delta] = $old_block;
}
@@ -258,7 +258,7 @@ function _block_rehash() {
db_lock_table('blocks');
// Remove all blocks from table.
- db_query("DELETE FROM {blocks} WHERE theme = '%s'", $theme_key);
+ db_query("DELETE FROM {blocks} WHERE theme = %s", $theme_key);
// Reinsert new set of blocks into table.
foreach ($blocks as $block) {
@@ -266,7 +266,7 @@ function _block_rehash() {
'visibility' => NULL,
'throttle' => NULL,
);
- db_query("INSERT INTO {blocks} (module, delta, theme, status, weight, region, visibility, pages, custom, throttle, title, cache) VALUES ('%s', '%s', '%s', %d, %d, '%s', %d, '%s', %d, %d, '%s', %d)", $block['module'], $block['delta'], $theme_key, $block['status'], $block['weight'], $block['region'], $block['visibility'], $block['pages'], $block['custom'], $block['throttle'], $block['title'], $block['cache']);
+ db_query("INSERT INTO {blocks} (module, delta, theme, status, weight, region, visibility, pages, custom, throttle, title, cache) VALUES (%s, %s, %s, %d, %d, %s, %d, %s, %d, %d, %s, %d)", $block['module'], $block['delta'], $theme_key, $block['status'], $block['weight'], $block['region'], $block['visibility'], $block['pages'], $block['custom'], $block['throttle'], $block['title'], $block['cache']);
}
db_unlock_tables();
@@ -316,7 +316,8 @@ function block_box_save($edit, $delta) {
$edit['format'] = FILTER_FORMAT_DEFAULT;
}
- db_query("UPDATE {boxes} SET body = '%s', info = '%s', format = %d WHERE bid = %d", $edit['body'], $edit['info'], $edit['format'], $delta);
+ db_query("UPDATE {boxes} SET body = %c, info = %s, format = %d WHERE bid = %d", NULL, $edit['info'], $edit['format'], $delta);
+ db_update_clob('bid = %d', $delta, db_prefix_tables('{boxes}'), 'body', $edit['body']);
return TRUE;
}
@@ -379,7 +380,7 @@ function block_list($region) {
static $blocks = array();
if (!count($blocks)) {
- $result = db_query(db_rewrite_sql("SELECT DISTINCT b.* FROM {blocks} b LEFT JOIN {blocks_roles} r ON b.module = r.module AND b.delta = r.delta WHERE b.theme = '%s' AND b.status = 1 AND (r.rid IN (%s) OR r.rid IS NULL) ORDER BY b.region, b.weight, b.module", 'b', 'bid'), $theme_key, implode(',', array_keys($user->roles)));
+ $result = db_query(db_rewrite_sql("SELECT DISTINCT b.* FROM {blocks} b LEFT JOIN {blocks_roles} r ON b.module = r.module AND b.delta = r.delta WHERE b.theme = %s AND b.status = 1 AND (r.rid IN (%s) OR r.rid IS NULL) ORDER BY b.region, b.weight, b.module", 'b', 'bid'), $theme_key, implode(',', array_keys($user->roles)));
while ($block = db_fetch_object($result)) {
if (!isset($blocks[$block->region])) {
$blocks[$block->region] = array();
@@ -511,4 +512,4 @@ function _block_get_cache_id($block) {
return implode(':', $cid_parts);
}
-}
\ No newline at end of file
+}
diff -urpN drupal/modules/block/block.schema drupal-6.x-dev-pre_pdo-0.3/modules/block/block.schema
--- drupal/modules/block/block.schema 2007-08-19 16:08:44.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/block/block.schema 2007-09-03 02:24:48.000000000 +0800
@@ -37,7 +37,7 @@ function block_schema() {
$schema['boxes'] = array(
'fields' => array(
'bid' => array('type' => 'serial', 'not null' => TRUE),
- 'body' => array('type' => 'text', 'not null' => FALSE, 'size' => 'big'),
+ 'body' => array('type' => 'clob', 'not null' => FALSE, 'size' => 'big'),
'info' => array('type' => 'varchar', 'length' => 128, 'not null' => TRUE, 'default' => ''),
'format' => array('type' => 'int', 'size' => 'small', 'not null' => TRUE, 'default' => 0)
),
diff -urpN drupal/modules/blogapi/blogapi.module drupal-6.x-dev-pre_pdo-0.3/modules/blogapi/blogapi.module
--- drupal/modules/blogapi/blogapi.module 2007-07-01 03:46:55.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/blogapi/blogapi.module 2007-09-03 02:23:34.000000000 +0800
@@ -322,10 +322,10 @@ function blogapi_blogger_get_recent_post
$type = _blogapi_blogid($blogid);
if ($bodies) {
- $result = db_query_range("SELECT n.nid, n.title, r.body, r.format, n.comment, n.created, u.name FROM {node} n, {node_revisions} r, {users} u WHERE n.uid = u.uid AND n.vid = r.vid AND n.type = '%s' AND n.uid = %d ORDER BY n.created DESC", $type, $user->uid, 0, $number_of_posts);
+ $result = db_query_range("SELECT n.nid, n.title, r.body, r.format, n.comment, n.created, u.name FROM {node} n, {node_revisions} r, {users} u WHERE n.uid = u.uid AND n.vid = r.vid AND n.type = %s AND n.uid = %d ORDER BY n.created DESC", $type, $user->uid, 0, $number_of_posts);
}
else {
- $result = db_query_range("SELECT n.nid, n.title, n.created, u.name FROM {node} n, {users} u WHERE n.uid = u.uid AND n.type = '%s' AND n.uid = %d ORDER BY n.created DESC", $type, $user->uid, 0, $number_of_posts);
+ $result = db_query_range("SELECT n.nid, n.title, n.created, u.name FROM {node} n, {users} u WHERE n.uid = u.uid AND n.type = %s AND n.uid = %d ORDER BY n.created DESC", $type, $user->uid, 0, $number_of_posts);
}
$blogs = array();
while ($blog = db_fetch_object($result)) {
diff -urpN drupal/modules/book/book.module drupal-6.x-dev-pre_pdo-0.3/modules/book/book.module
--- drupal/modules/book/book.module 2007-08-30 23:31:46.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/book/book.module 2007-09-03 02:23:34.000000000 +0800
@@ -1490,7 +1490,7 @@ function book_menu_subtree_data($item) {
$data = $cache->data;
}
else {
- $match = array("menu_name = '%s'");
+ $match = array("menu_name = %s");
$args = array($item['menu_name']);
$i = 1;
while ($i <= MENU_MAX_DEPTH && $item["p$i"]) {
diff -urpN drupal/modules/comment/comment.module drupal-6.x-dev-pre_pdo-0.3/modules/comment/comment.module
--- drupal/modules/comment/comment.module 2007-09-02 22:56:18.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/comment/comment.module 2007-09-03 02:24:48.000000000 +0800
@@ -518,7 +518,7 @@ function comment_nodeapi(&$node, $op, $a
$text = '';
$comments = db_query('SELECT subject, comment, format FROM {comments} WHERE nid = %d AND status = %d', $node->nid, COMMENT_PUBLISHED);
while ($comment = db_fetch_object($comments)) {
- $text .= ''. check_plain($comment->subject) .'
'. check_markup($comment->comment, $comment->format, FALSE);
+ $text .= ''. check_plain($comment->subject) .'
'. check_markup(db_decode_clob($comment->comment), $comment->format, FALSE);
}
return $text;
@@ -775,7 +775,8 @@ function comment_save($edit) {
if (!form_get_errors()) {
if ($edit['cid']) {
// Update the comment in the database.
- db_query("UPDATE {comments} SET status = %d, timestamp = %d, subject = '%s', comment = '%s', format = %d, uid = %d, name = '%s', mail = '%s', homepage = '%s' WHERE cid = %d", $edit['status'], $edit['timestamp'], $edit['subject'], $edit['comment'], $edit['format'], $edit['uid'], $edit['name'], $edit['mail'], $edit['homepage'], $edit['cid']);
+ db_query("UPDATE {comments} SET status = %d, timestamp = %d, subject = %s, comment = %c, format = %d, uid = %d, name = %s, mail = %s, homepage = %s WHERE cid = %d", $edit['status'], $edit['timestamp'], $edit['subject'], NULL, $edit['format'], $edit['uid'], $edit['name'], $edit['mail'], $edit['homepage'], $edit['cid']);
+ db_update_clob('cid = %d', $edit['cid'], db_prefix_tables('{comments}'), 'comment', $edit['comment']);
// Allow modules to respond to the updating of a comment.
comment_invoke_comment($edit, 'update');
@@ -811,7 +812,7 @@ function comment_save($edit) {
$parent->thread = (string) rtrim((string) $parent->thread, '/');
// Get the max value in _this_ thread.
- $max = db_result(db_query("SELECT MAX(thread) FROM {comments} WHERE thread LIKE '%s.%%' AND nid = %d", $parent->thread, $edit['nid']));
+ $max = db_result(db_query("SELECT MAX(thread) FROM {comments} WHERE thread LIKE %s AND nid = %d", $parent->thread . ".%", $edit['nid']));
if ($max == '') {
// First child of this parent.
@@ -838,8 +839,9 @@ function comment_save($edit) {
}
$edit += array('mail' => '', 'homepage' => '');
- db_query("INSERT INTO {comments} (nid, pid, uid, subject, comment, format, hostname, timestamp, status, thread, name, mail, homepage) VALUES (%d, %d, %d, '%s', '%s', %d, '%s', %d, %d, '%s', '%s', '%s', '%s')", $edit['nid'], $edit['pid'], $edit['uid'], $edit['subject'], $edit['comment'], $edit['format'], ip_address(), $edit['timestamp'], $status, $thread, $edit['name'], $edit['mail'], $edit['homepage']);
+ db_query("INSERT INTO {comments} (nid, pid, uid, subject, comment, format, hostname, timestamp, status, thread, name, mail, homepage) VALUES (%d, %d, %d, %s, %c, %d, %s, %d, %d, %s, %s, %s, %s)", $edit['nid'], $edit['pid'], $edit['uid'], $edit['subject'], NULL, $edit['format'], ip_address(), $edit['timestamp'], $status, $thread, $edit['name'], $edit['mail'], $edit['homepage']);
$edit['cid'] = db_last_insert_id('comments', 'cid');
+ db_update_clob('cid = %d', $edit['cid'], db_prefix_tables('{comments}'), 'comment', $edit['comment']);
// Tell the other modules a new comment has been submitted.
comment_invoke_comment($edit, 'insert');
@@ -1247,7 +1249,7 @@ function comment_admin_overview($type =
while ($comment = db_fetch_object($result)) {
$comments[$comment->cid] = '';
$comment->name = $comment->uid ? $comment->registered_name : $comment->name;
- $form['subject'][$comment->cid] = array('#value' => l($comment->subject, 'node/'. $comment->nid, array('title' => truncate_utf8($comment->comment, 128), 'fragment' => 'comment-'. $comment->cid)));
+ $form['subject'][$comment->cid] = array('#value' => l($comment->subject, 'node/'. $comment->nid, array('title' => truncate_utf8(db_decode_clob($comment->comment), 128), 'fragment' => 'comment-'. $comment->cid)));
$form['username'][$comment->cid] = array('#value' => theme('username', $comment));
$form['timestamp'][$comment->cid] = array('#value' => format_date($comment->timestamp, 'small'));
$form['operations'][$comment->cid] = array('#value' => l(t('edit'), 'comment/edit/'. $comment->cid, array('query' => $destination)));
@@ -1449,7 +1451,7 @@ function comment_validate($edit) {
if (!$user->uid || isset($edit['is_anonymous'])) {
if (variable_get('comment_anonymous', COMMENT_ANONYMOUS_MAYNOT_CONTACT) > COMMENT_ANONYMOUS_MAYNOT_CONTACT) {
if ($edit['name']) {
- $taken = db_result(db_query("SELECT COUNT(uid) FROM {users} WHERE LOWER(name) = '%s'", $edit['name']));
+ $taken = db_result(db_query("SELECT COUNT(uid) FROM {users} WHERE LOWER(name) = %s", $edit['name']));
if ($taken != 0) {
form_set_error('name', t('The name you used belongs to a registered user.'));
@@ -1777,7 +1779,7 @@ function theme_comment_view($comment, $n
// Switch to folded/unfolded view of the comment
if ($visible) {
- $comment->comment = check_markup($comment->comment, $comment->format, FALSE);
+ $comment->comment = check_markup(db_decode_clob($comment->comment), $comment->format, FALSE);
// Comment API hook
comment_invoke_comment($comment, 'view');
@@ -2071,7 +2073,7 @@ function _comment_update_node_statistics
// comments exist
if ($count > 0) {
$last_reply = db_fetch_object(db_query_range('SELECT cid, name, timestamp, uid FROM {comments} WHERE nid = %d AND status = %d ORDER BY cid DESC', $nid, COMMENT_PUBLISHED, 0, 1));
- db_query("UPDATE {node_comment_statistics} SET comment_count = %d, last_comment_timestamp = %d, last_comment_name = '%s', last_comment_uid = %d WHERE nid = %d", $count, $last_reply->timestamp, $last_reply->uid ? '' : $last_reply->name, $last_reply->uid, $nid);
+ db_query("UPDATE {node_comment_statistics} SET comment_count = %d, last_comment_timestamp = %d, last_comment_name = %s, last_comment_uid = %d WHERE nid = %d", $count, $last_reply->timestamp, $last_reply->uid ? '' : $last_reply->name, $last_reply->uid, $nid);
}
// no comments
@@ -2229,7 +2231,7 @@ function comment_unpublish_by_keyword_ac
*/
function comment_unpublish_by_keyword_action($comment, $context) {
foreach ($context['keywords'] as $keyword) {
- if (strstr($comment->comment, $keyword) || strstr($comment->subject, $keyword)) {
+ if (strstr(db_decode_clob($comment->comment), $keyword) || strstr($comment->subject, $keyword)) {
db_query('UPDATE {comments} SET status = %d WHERE cid = %d', COMMENT_NOT_PUBLISHED, $comment->cid);
watchdog('action', 'Unpublished comment %subject.', array('%subject' => $comment->subject));
break;
diff -urpN drupal/modules/comment/comment.schema drupal-6.x-dev-pre_pdo-0.3/modules/comment/comment.schema
--- drupal/modules/comment/comment.schema 2007-07-31 05:27:34.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/comment/comment.schema 2007-09-03 02:24:48.000000000 +0800
@@ -9,7 +9,7 @@ function comment_schema() {
'nid' => array('type' => 'int', 'not null' => TRUE, 'default' => 0),
'uid' => array('type' => 'int', 'not null' => TRUE, 'default' => 0),
'subject' => array('type' => 'varchar', 'length' => 64, 'not null' => TRUE, 'default' => ''),
- 'comment' => array('type' => 'text', 'not null' => TRUE, 'size' => 'big'),
+ 'comment' => array('type' => 'clob', 'not null' => TRUE, 'size' => 'big'),
'hostname' => array('type' => 'varchar', 'length' => 128, 'not null' => TRUE, 'default' => ''),
'timestamp' => array('type' => 'int', 'not null' => TRUE, 'default' => 0),
'status' => array('type' => 'int', 'unsigned' => TRUE, 'not null' => TRUE, 'default' => 0, 'size' => 'tiny'),
diff -urpN drupal/modules/contact/contact.admin.inc drupal-6.x-dev-pre_pdo-0.3/modules/contact/contact.admin.inc
--- drupal/modules/contact/contact.admin.inc 2007-07-16 20:43:05.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/contact/contact.admin.inc 2007-09-03 02:24:48.000000000 +0800
@@ -110,13 +110,16 @@ function contact_admin_edit_submit($form
}
$form_state['values']['recipients'] = implode(',', $recipients);
if (empty($form_state['values']['cid']) || $form_state['values']['contact_op'] == 'add') {
- db_query("INSERT INTO {contact} (category, recipients, reply, weight, selected) VALUES ('%s', '%s', '%s', %d, %d)", $form_state['values']['category'], $form_state['values']['recipients'], $form_state['values']['reply'], $form_state['values']['weight'], $form_state['values']['selected']);
+ db_query("INSERT INTO {contact} (category, recipients, reply, weight, selected) VALUES (%s, %s, %c, %d, %d)", $form_state['values']['category'], $form_state['values']['recipients'], NULL, $form_state['values']['weight'], $form_state['values']['selected']);
+ $cid = db_last_insert_id('contact', 'cid');
+ db_update_clob('cid = %d', $cid, db_prefix_tables('{contact}'), 'reply', $form_state['values']['reply']);
drupal_set_message(t('Category %category has been added.', array('%category' => $form_state['values']['category'])));
watchdog('mail', 'Contact form: category %category added.', array('%category' => $form_state['values']['category']), WATCHDOG_NOTICE, l(t('view'), 'admin/build/contact'));
}
else {
- db_query("UPDATE {contact} SET category = '%s', recipients = '%s', reply = '%s', weight = %d, selected = %d WHERE cid = %d", $form_state['values']['category'], $form_state['values']['recipients'], $form_state['values']['reply'], $form_state['values']['weight'], $form_state['values']['selected'], $form_state['values']['cid']);
+ db_query("UPDATE {contact} SET category = %s, recipients = %s, reply = %c, weight = %d, selected = %d WHERE cid = %d", $form_state['values']['category'], $form_state['values']['recipients'], NULL, $form_state['values']['weight'], $form_state['values']['selected'], $form_state['values']['cid']);
+ db_update_clob('cid = %d', $form_state['values']['cid'], db_prefix_tables('{contact}'), 'reply', $form_state['values']['reply']);
drupal_set_message(t('Category %category has been updated.', array('%category' => $form_state['values']['category'])));
watchdog('mail', 'Contact form: category %category updated.', array('%category' => $form_state['values']['category']), WATCHDOG_NOTICE, l(t('view'), 'admin/build/contact'));
}
diff -urpN drupal/modules/contact/contact.module drupal-6.x-dev-pre_pdo-0.3/modules/contact/contact.module
--- drupal/modules/contact/contact.module 2007-07-16 14:37:49.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/contact/contact.module 2007-09-03 02:24:48.000000000 +0800
@@ -171,7 +171,7 @@ function contact_mail($key, &$message, $
case 'page_autoreply':
$contact = $params['contact'];
$message['subject'] .= t('[!category] !subject', array('!category' => $contact['category'], '!subject' => $params['subject']), $language->language);
- $message['body'][] = $contact['reply'];
+ $message['body'][] = db_decode_clob($contact['reply']);
break;
case 'user_mail':
case 'user_copy':
diff -urpN drupal/modules/contact/contact.pages.inc drupal-6.x-dev-pre_pdo-0.3/modules/contact/contact.pages.inc
--- drupal/modules/contact/contact.pages.inc 2007-08-12 00:13:45.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/contact/contact.pages.inc 2007-09-03 02:24:48.000000000 +0800
@@ -132,7 +132,7 @@ function contact_mail_page_submit($form,
}
// Send an auto-reply if necessary using the current language.
- if ($contact['reply']) {
+ if (db_decode_clob($contact['reply'])) {
drupal_mail('contact', 'page_autoreply', $from, $language, $values, $contact['recipients']);
}
diff -urpN drupal/modules/contact/contact.schema drupal-6.x-dev-pre_pdo-0.3/modules/contact/contact.schema
--- drupal/modules/contact/contact.schema 2007-07-15 18:09:21.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/contact/contact.schema 2007-09-03 02:24:48.000000000 +0800
@@ -7,7 +7,7 @@ function contact_schema() {
'cid' => array('type' => 'serial', 'unsigned' => TRUE, 'not null' => TRUE),
'category' => array('type' => 'varchar', 'length' => 255, 'not null' => TRUE, 'default' => ''),
'recipients' => array('type' => 'text', 'not null' => TRUE, 'size' => 'big'),
- 'reply' => array('type' => 'text', 'not null' => TRUE, 'size' => 'big'),
+ 'reply' => array('type' => 'clob', 'not null' => TRUE, 'size' => 'big'),
'weight' => array('type' => 'int', 'not null' => TRUE, 'default' => 0, 'size' => 'tiny'),
'selected' => array('type' => 'int', 'not null' => TRUE, 'default' => 0, 'size' => 'tiny')
),
diff -urpN drupal/modules/dblog/dblog.admin.inc drupal-6.x-dev-pre_pdo-0.3/modules/dblog/dblog.admin.inc
--- drupal/modules/dblog/dblog.admin.inc 2007-07-27 05:42:52.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/dblog/dblog.admin.inc 2007-09-03 02:23:34.000000000 +0800
@@ -98,7 +98,7 @@ function dblog_top($type) {
array('data' => t('Message'), 'field' => 'message')
);
- $result = pager_query("SELECT COUNT(wid) AS count, message, variables FROM {watchdog} WHERE type = '%s' GROUP BY message, variables ". tablesort_sql($header), 30, 0, "SELECT COUNT(DISTINCT(message)) FROM {watchdog} WHERE type = '%s'", $type);
+ $result = pager_query("SELECT COUNT(wid) AS count, message, variables FROM {watchdog} WHERE type = %s GROUP BY message, variables ". tablesort_sql($header), 30, 0, "SELECT COUNT(DISTINCT(message)) FROM {watchdog} WHERE type = %s", $type);
$rows = array();
while ($dblog = db_fetch_object($result)) {
@@ -211,7 +211,7 @@ function dblog_filters() {
if (!empty($types)) {
$filters['type'] = array(
'title' => t('Type'),
- 'where' => "w.type = '%s'",
+ 'where' => "w.type = %s",
'options' => $types,
);
}
diff -urpN drupal/modules/dblog/dblog.module drupal-6.x-dev-pre_pdo-0.3/modules/dblog/dblog.module
--- drupal/modules/dblog/dblog.module 2007-07-22 14:51:47.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/dblog/dblog.module 2007-09-03 02:23:34.000000000 +0800
@@ -133,7 +133,7 @@ function dblog_watchdog($log = array())
db_query("INSERT INTO {watchdog}
(uid, type, message, variables, severity, link, location, referer, hostname, timestamp)
VALUES
- (%d, '%s', '%s', '%s', %d, '%s', '%s', '%s', '%s', %d)",
+ (%d, %s, %s, %s, %d, %s, %s, %s, %s, %d)",
$log['user']->uid,
$log['type'],
$log['message'],
diff -urpN drupal/modules/drupal/drupal.module drupal-6.x-dev-pre_pdo-0.3/modules/drupal/drupal.module
--- drupal/modules/drupal/drupal.module 2007-08-21 16:15:59.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/drupal/drupal.module 2007-09-03 02:23:34.000000000 +0800
@@ -160,20 +160,20 @@ function drupal_client_ping($client, $sy
*/
if ($client['link'] && $client['name'] && $client['mail'] && $client['slogan'] && $client['mission']) {
- $result = db_query("SELECT cid FROM {client} WHERE link = '%s'", $client['link']);
+ $result = db_query("SELECT cid FROM {client} WHERE link = %s", $client['link']);
if ($record = db_fetch_object($result)) {
$client['cid'] = $record->cid;
// We have an existing record.
- db_query("UPDATE {client} SET link = '%s', name = '%s', mail = '%s', slogan = '%s', mission = '%s', users = %d, nodes = %d, version = '%s', changed = '%s' WHERE cid = %d", $client['uid'], $client['link'], $client['name'], $client['mail'], $client['slogan'], $client['mission'], $client['users'], $client['nodes'], $client['version'], time(), $client['cid']);
+ db_query("UPDATE {client} SET link = %s, name = %s, mail = %s, slogan = %s, mission = %s, users = %d, nodes = %d, version = %s, changed = %s WHERE cid = %d", $client['uid'], $client['link'], $client['name'], $client['mail'], $client['slogan'], $client['mission'], $client['users'], $client['nodes'], $client['version'], time(), $client['cid']);
}
else {
- db_query("INSERT INTO {client} (link, name, mail, slogan, mission, users, nodes, version, created, changed) VALUES ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s')", $client['link'], $client['name'], $client['mail'], $client['slogan'], $client['mission'], $client['users'], $client['nodes'], $client['version'], time(), time());
+ db_query("INSERT INTO {client} (link, name, mail, slogan, mission, users, nodes, version, created, changed) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s)", $client['link'], $client['name'], $client['mail'], $client['slogan'], $client['mission'], $client['users'], $client['nodes'], $client['version'], time(), time());
$client['cid'] = db_last_insert_id('client', 'cid');
}
if (is_array($system)) {
db_query("DELETE FROM {client_system} WHERE cid = %d", $client['cid']);
foreach ($system as $item) {
- db_query("INSERT INTO {client_system} (cid, name, type) VALUES (%d, '%s', '%s')", $client['cid'], $item['name'], $item['type']);
+ db_query("INSERT INTO {client_system} (cid, name, type) VALUES (%d, %s, %s)", $client['cid'], $item['name'], $item['type']);
}
}
watchdog('client ping', 'Ping from %name (%link).', array('%name' => $client['name'], '%link' => $client['link']), WATCHDOG_NOTICE, 'view');
diff -urpN drupal/modules/filter/filter.module drupal-6.x-dev-pre_pdo-0.3/modules/filter/filter.module
--- drupal/modules/filter/filter.module 2007-08-08 15:47:48.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/filter/filter.module 2007-09-03 02:23:34.000000000 +0800
@@ -444,7 +444,7 @@ function filter_admin_format_form(&$form
function filter_admin_format_form_validate($form, &$form_state) {
if (!isset($form_state['values']['format'])) {
$name = trim($form_state['values']['name']);
- $result = db_fetch_object(db_query("SELECT format FROM {filter_formats} WHERE name='%s'", $name));
+ $result = db_fetch_object(db_query("SELECT format FROM {filter_formats} WHERE name=%s", $name));
if ($result) {
form_set_error('name', t('Filter format names need to be unique. A format named %name already exists.', array('%name' => $name)));
}
@@ -463,7 +463,7 @@ function filter_admin_format_form_submit
// Add a new filter format.
if (!$format) {
$new = TRUE;
- db_query("INSERT INTO {filter_formats} (name) VALUES ('%s')", $name);
+ db_query("INSERT INTO {filter_formats} (name) VALUES (%s)", $name);
$format = db_result(db_query("SELECT MAX(format) AS format FROM {filter_formats}"));
drupal_set_message(t('Added input format %format.', array('%format' => $name)));
}
@@ -477,7 +477,7 @@ function filter_admin_format_form_submit
list($module, $delta) = explode('/', $id);
// Add new filters to the bottom.
$weight = isset($current[$id]->weight) ? $current[$id]->weight : 10;
- db_query("INSERT INTO {filters} (format, module, delta, weight) VALUES (%d, '%s', %d, %d)", $format, $module, $delta, $weight);
+ db_query("INSERT INTO {filters} (format, module, delta, weight) VALUES (%d, %s, %d, %d)", $format, $module, $delta, $weight);
// Check if there are any 'no cache' filters.
$cache &= !module_invoke($module, 'filter', 'no cache', $delta);
@@ -502,7 +502,7 @@ function filter_admin_format_form_submit
$roles = ','. implode(',', $roles) .',';
}
- db_query("UPDATE {filter_formats} SET cache = %d, name='%s', roles = '%s' WHERE format = %d", $cache, $name, $roles, $format);
+ db_query("UPDATE {filter_formats} SET cache = %d, name=%s, roles = %s WHERE format = %d", $cache, $name, $roles, $format);
cache_clear_all($format .':', 'cache_filter', TRUE);
@@ -558,7 +558,7 @@ function theme_filter_admin_order($form)
function filter_admin_order_submit($form, &$form_state) {
foreach ($form_state['values']['weights'] as $id => $weight) {
list($module, $delta) = explode('/', $id);
- db_query("UPDATE {filters} SET weight = %d WHERE format = %d AND module = '%s' AND delta = %d", $weight, $form_state['values']['format'], $module, $delta);
+ db_query("UPDATE {filters} SET weight = %d WHERE format = %d AND module = %s AND delta = %d", $weight, $form_state['values']['format'], $module, $delta);
}
drupal_set_message(t('The filter ordering has been saved.'));
@@ -608,8 +608,8 @@ function filter_formats($index = NULL) {
if (!$all) {
$where = array();
foreach ($user->roles as $rid => $role) {
- $where[] = "roles LIKE '%%,%d,%%'";
- $args[] = $rid;
+ $where[] = "roles LIKE %s";
+ $args[] = "%," . $rid . ",%";
}
$query .= ' WHERE '. implode(' OR ', $where) .' OR format = %d';
$args[] = variable_get('filter_default_format', 1);
diff -urpN drupal/modules/locale/locale.module drupal-6.x-dev-pre_pdo-0.3/modules/locale/locale.module
--- drupal/modules/locale/locale.module 2007-09-02 23:19:16.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/locale/locale.module 2007-09-03 02:23:34.000000000 +0800
@@ -335,7 +335,7 @@ function locale($string = NULL, $langcod
if (!isset($locale_t[$langcode][$string])) {
// We do not have this translation cached, so get it from the DB.
- $translation = db_fetch_object(db_query("SELECT s.lid, t.translation, s.version FROM {locales_source} s LEFT JOIN {locales_target} t ON s.lid = t.lid AND t.language = '%s' WHERE s.source = '%s' AND s.textgroup = 'default'", $langcode, $string));
+ $translation = db_fetch_object(db_query("SELECT s.lid, t.translation, s.version FROM {locales_source} s LEFT JOIN {locales_target} t ON s.lid = t.lid AND t.language = %s WHERE s.source = %s AND s.textgroup = 'default'", $langcode, $string));
if ($translation) {
// We have the source string at least.
// Cache translation string or TRUE if no translation exists.
@@ -345,13 +345,13 @@ function locale($string = NULL, $langcod
// This is the first use of this string under current Drupal version. Save version
// and clear cache, to include the string into caching next time. Saved version is
// also a string-history information for later pruning of the tables.
- db_query("UPDATE {locales_source} SET version = '%s' WHERE lid = %d LIMIT 1", VERSION, $translation->lid);
+ db_query("UPDATE {locales_source} SET version = %s WHERE lid = %d LIMIT 1", VERSION, $translation->lid);
cache_clear_all('locale:'. $langcode, 'cache');
}
}
else {
// We don't have the source string, cache this as untranslated.
- db_query("INSERT INTO {locales_source} (location, source, textgroup, version) VALUES ('%s', '%s', 'default', '%s')", request_uri(), $string, VERSION);
+ db_query("INSERT INTO {locales_source} (location, source, textgroup, version) VALUES (%s, %s, 'default', %s)", request_uri(), $string, VERSION);
$locale_t[$langcode][$string] = TRUE;
// Clear locale cache so this string can be added in a later request.
cache_clear_all('locale:'. $langcode, 'cache');
@@ -372,7 +372,7 @@ function locale_refresh_cache() {
unset($languages['en']);
foreach ($languages as $language) {
- $result = db_query("SELECT s.source, t.translation, t.language FROM {locales_source} s LEFT JOIN {locales_target} t ON s.lid = t.lid AND t.language = '%s' WHERE s.textgroup = 'default' AND s.version = '%s' AND LENGTH(s.source) < 75", $language->language, VERSION);
+ $result = db_query("SELECT s.source, t.translation, t.language FROM {locales_source} s LEFT JOIN {locales_target} t ON s.lid = t.lid AND t.language = %s WHERE s.textgroup = 'default' AND s.version = %s AND LENGTH(s.source) < 75", $language->language, VERSION);
$t = array();
while ($data = db_fetch_object($result)) {
$t[$data->source] = (empty($data->translation) ? TRUE : $data->translation);
diff -urpN drupal/modules/menu/menu.admin.inc drupal-6.x-dev-pre_pdo-0.3/modules/menu/menu.admin.inc
--- drupal/modules/menu/menu.admin.inc 2007-08-31 00:27:12.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/menu/menu.admin.inc 2007-09-03 02:23:34.000000000 +0800
@@ -29,9 +29,9 @@ function menu_overview($menu) {
$sql ="
SELECT m.load_functions, m.to_arg_functions, m.access_callback, m.access_arguments, m.page_callback, m.page_arguments, m.title, m.title_callback, m.title_arguments, m.type, ml.*
FROM {menu_links} ml LEFT JOIN {menu_router} m ON m.path = ml.router_path
- WHERE ml.menu_name = '%s'
+ WHERE ml.menu_name = %s
ORDER BY p1 ASC, p2 ASC, p3 ASC, p4 ASC, p5 ASC, p6 ASC, p7 ASC, p8 ASC, p9 ASC";
- $sql_count = "SELECT COUNT(*) FROM {menu_links} ml WHERE menu_name = '%s'";
+ $sql_count = "SELECT COUNT(*) FROM {menu_links} ml WHERE menu_name = %s";
$result = pager_query($sql, 200, 0, $sql_count, $menu['menu_name']);
$tree = menu_tree_data($result);
$node_links = array();
@@ -308,7 +308,7 @@ function menu_delete_menu_page($menu) {
function menu_delete_menu_confirm(&$form_state, $menu) {
$form['#menu'] = $menu;
$caption = '';
- $num_links = db_result(db_query("SELECT COUNT(*) FROM {menu_links} WHERE menu_name = '%s'", $menu['menu_name']));
+ $num_links = db_result(db_query("SELECT COUNT(*) FROM {menu_links} WHERE menu_name = %s", $menu['menu_name']));
if ($num_links) {
$caption .= ''. format_plural($num_links, 'Warning: There is currently 1 menu item in %title. It will be deleted (system-defined items will be reset).', 'Warning: There are currently @count menu items in %title. They will be deleted (system-defined items will be reset).', array('%title' => $menu['title'])) .'
';
}
@@ -323,25 +323,25 @@ function menu_delete_menu_confirm_submit
$menu = $form['#menu'];
$form_state['redirect'] = 'admin/build/menu';
// System-defined menus may not be deleted - only menus defined by this module.
- if (in_array($menu['menu_name'], menu_list_system_menus()) || !db_result(db_query("SELECT COUNT(*) FROM {menu_custom} WHERE menu_name = '%s'", $menu['menu_name']))) {
+ if (in_array($menu['menu_name'], menu_list_system_menus()) || !db_result(db_query("SELECT COUNT(*) FROM {menu_custom} WHERE menu_name = %s", $menu['menu_name']))) {
return;
}
// Reset all the menu links defined by the system via hook_menu.
- $result = db_query("SELECT * FROM {menu_links} ml INNER JOIN {menu_router} m ON ml.router_path = m.path WHERE ml.menu_name = '%s' AND ml.module = 'system' ORDER BY m.number_parts ASC", $menu['menu_name']);
+ $result = db_query("SELECT * FROM {menu_links} ml INNER JOIN {menu_router} m ON ml.router_path = m.path WHERE ml.menu_name = %s AND ml.module = 'system' ORDER BY m.number_parts ASC", $menu['menu_name']);
while ($item = db_fetch_array($result)) {
menu_reset_item($item);
}
// Delete all links to the overview page for this menu.
- $result = db_query("SELECT mlid FROM {menu_links} ml WHERE ml.link_path = '%s'", 'admin/build/menu-customize/'. $menu['menu_name']);
+ $result = db_query("SELECT mlid FROM {menu_links} ml WHERE ml.link_path = %s", 'admin/build/menu-customize/'. $menu['menu_name']);
while ($m = db_fetch_array($result)) {
menu_link_delete($m['mlid']);
}
// Delete all the links in the menu and the menu from the list of custom menus.
- db_query("DELETE FROM {menu_links} WHERE menu_name = '%s'", $menu['menu_name']);
- db_query("DELETE FROM {menu_custom} WHERE menu_name = '%s'", $menu['menu_name']);
+ db_query("DELETE FROM {menu_links} WHERE menu_name = %s", $menu['menu_name']);
+ db_query("DELETE FROM {menu_custom} WHERE menu_name = %s", $menu['menu_name']);
// Delete all the blocks for this menu.
- db_query("DELETE FROM {blocks} WHERE module = 'menu' AND delta = '%s'", $menu['menu_name']);
- db_query("DELETE FROM {blocks_roles} WHERE module = 'menu' AND delta = '%s'", $menu['menu_name']);
+ db_query("DELETE FROM {blocks} WHERE module = 'menu' AND delta = %s", $menu['menu_name']);
+ db_query("DELETE FROM {blocks_roles} WHERE module = 'menu' AND delta = %s", $menu['menu_name']);
menu_cache_clear_all();
cache_clear_all();
$t_args = array('%title' => $menu['title']);
@@ -363,8 +363,8 @@ function menu_edit_menu_validate($form,
if ($form['#insert']) {
// We will add 'menu-' to the menu name to help avoid name-space conflicts.
$item['menu_name'] = 'menu-'. $item['menu_name'];
- if (db_result(db_query("SELECT menu_name FROM {menu_custom} WHERE menu_name = '%s'", $item['menu_name'])) ||
- db_result(db_query_range("SELECT menu_name FROM {menu_links} WHERE menu_name = '%s'", $item['menu_name'], 0, 1))) {
+ if (db_result(db_query("SELECT menu_name FROM {menu_custom} WHERE menu_name = %s", $item['menu_name'])) ||
+ db_result(db_query_range("SELECT menu_name FROM {menu_links} WHERE menu_name = %s", $item['menu_name'], 0, 1))) {
form_set_error('menu_name', t('Menu already exists'));
}
}
@@ -383,13 +383,13 @@ function menu_edit_menu_submit($form, &$
$link['link_path'] = $path . $menu['menu_name'];
$link['router_path'] = $path .'%';
$link['module'] = 'menu';
- $link['plid'] = db_result(db_query("SELECT mlid FROM {menu_links} WHERE link_path = '%s' AND module = '%s'", 'admin/build/menu', 'system'));
+ $link['plid'] = db_result(db_query("SELECT mlid FROM {menu_links} WHERE link_path = %s AND module = %s", 'admin/build/menu', 'system'));
menu_link_save($link);
- db_query("INSERT INTO {menu_custom} (menu_name, title, description) VALUES ('%s', '%s', '%s')", $menu['menu_name'], $menu['title'], $menu['description']);
+ db_query("INSERT INTO {menu_custom} (menu_name, title, description) VALUES (%s, %s, %s)", $menu['menu_name'], $menu['title'], $menu['description']);
}
else {
- db_query("UPDATE {menu_custom} SET title = '%s', description = '%s' WHERE menu_name = '%s'", $menu['title'], $menu['description'], $menu['menu_name']);
- $result = db_query("SELECT mlid FROM {menu_links} WHERE link_path = '%s'", $path . $menu['menu_name']);
+ db_query("UPDATE {menu_custom} SET title = %s, description = %s WHERE menu_name = %s", $menu['title'], $menu['description'], $menu['menu_name']);
+ $result = db_query("SELECT mlid FROM {menu_links} WHERE link_path = %s", $path . $menu['menu_name']);
while ($m = db_fetch_array($result)) {
$link = menu_link_load($m['mlid']);
$link['link_title'] = $menu['title'];
diff -urpN drupal/modules/menu/menu.install drupal-6.x-dev-pre_pdo-0.3/modules/menu/menu.install
--- drupal/modules/menu/menu.install 2007-08-21 02:18:15.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/menu/menu.install 2007-09-03 02:23:34.000000000 +0800
@@ -7,9 +7,9 @@
function menu_install() {
// Create tables.
drupal_install_schema('menu');
- db_query("INSERT INTO {menu_custom} (menu_name, title, description) VALUES ('%s', '%s', '%s')", 'navigation', 'Navigation', 'The navigation menu is provided by Drupal and is the main interactive menu for any site. It is usually the only menu that contains personalized links for authenticated users, and is often not even visible to anonymous users.');
- db_query("INSERT INTO {menu_custom} (menu_name, title, description) VALUES ('%s', '%s', '%s')", 'primary-links', 'Primary links', 'Primary links are often used at the theme layer to show the major sections of a site. A typical representation for primary links would be tabs along the top.');
- db_query("INSERT INTO {menu_custom} (menu_name, title, description) VALUES ('%s', '%s', '%s')", 'secondary-links', 'Secondary links', 'Secondary links are often used for pages like legal notices, contact details, and other secondary navigation items that play a lesser role than primary links');
+ db_query("INSERT INTO {menu_custom} (menu_name, title, description) VALUES (%s, %s, %s)", 'navigation', 'Navigation', 'The navigation menu is provided by Drupal and is the main interactive menu for any site. It is usually the only menu that contains personalized links for authenticated users, and is often not even visible to anonymous users.');
+ db_query("INSERT INTO {menu_custom} (menu_name, title, description) VALUES (%s, %s, %s)", 'primary-links', 'Primary links', 'Primary links are often used at the theme layer to show the major sections of a site. A typical representation for primary links would be tabs along the top.');
+ db_query("INSERT INTO {menu_custom} (menu_name, title, description) VALUES (%s, %s, %s)", 'secondary-links', 'Secondary links', 'Secondary links are often used for pages like legal notices, contact details, and other secondary navigation items that play a lesser role than primary links');
}
/**
diff -urpN drupal/modules/menu/menu.module drupal-6.x-dev-pre_pdo-0.3/modules/menu/menu.module
--- drupal/modules/menu/menu.module 2007-08-31 00:26:48.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/menu/menu.module 2007-09-03 02:23:34.000000000 +0800
@@ -170,7 +170,7 @@ function menu_enable() {
$link['mlid'] = 0;
$link['link_title'] = $menu['title'];
$link['link_path'] = 'admin/build/menu-customize/'. $menu['menu_name'];
- if (!db_result(db_query("SELECT mlid FROM {menu_links} WHERE link_path = '%s' AND plid = %d", $link['link_path'], $link['plid']))) {
+ if (!db_result(db_query("SELECT mlid FROM {menu_links} WHERE link_path = %s AND plid = %d", $link['link_path'], $link['plid']))) {
menu_link_save($link);
}
}
@@ -188,7 +188,7 @@ function menu_overview_title($menu) {
* Load the data for a single custom menu.
*/
function menu_load($menu_name) {
- return db_fetch_array(db_query("SELECT * FROM {menu_custom} WHERE menu_name = '%s'", $menu_name));
+ return db_fetch_array(db_query("SELECT * FROM {menu_custom} WHERE menu_name = %s", $menu_name));
}
/**
@@ -319,7 +319,7 @@ function menu_nodeapi(&$node, $op) {
$item = array();
if (isset($node->nid)) {
// Give priority to the default menu
- $mlid = db_result(db_query_range("SELECT mlid FROM {menu_links} WHERE link_path = 'node/%d' AND menu_name = '%s' AND module = 'menu' ORDER BY mlid ASC", $node->nid, $menu_name, 0, 1));
+ $mlid = db_result(db_query_range("SELECT mlid FROM {menu_links} WHERE link_path = 'node/%d' AND menu_name = %s AND module = 'menu' ORDER BY mlid ASC", $node->nid, $menu_name, 0, 1));
// Check all menus if a link does not exist in the default menu.
if (!$mlid) {
$mlid = db_result(db_query_range("SELECT mlid FROM {menu_links} WHERE link_path = 'node/%d' AND module = 'menu' ORDER BY mlid ASC", $node->nid, 0, 1));
@@ -433,7 +433,7 @@ function menu_get_menus($all = TRUE) {
$system_menus = menu_list_system_menus();
$sql = 'SELECT * FROM {menu_custom}';
if (!$all) {
- $sql .= ' WHERE menu_name NOT IN ('. implode(',', array_fill(0, count($system_menus), "'%s'")) .')';
+ $sql .= ' WHERE menu_name NOT IN ('. implode(',', array_fill(0, count($system_menus), "%s")) .')';
}
$sql .= ' ORDER BY title';
$result = db_query($sql, $system_menus);
@@ -459,7 +459,7 @@ function menu_valid_path($form_item) {
}
elseif (preg_match('/\/\%/', $path)) {
// Path is dynamic (ie 'user/%'), so check directly against menu_router table.
- if ($item = db_fetch_array(db_query("SELECT * FROM {menu_router} where path = '%s' ", $path))) {
+ if ($item = db_fetch_array(db_query("SELECT * FROM {menu_router} where path = %s ", $path))) {
$item['link_path'] = $form_item['link_path'];
$item['link_title'] = $form_item['link_title'];
$item['external'] = FALSE;
diff -urpN drupal/modules/node/content_types.inc drupal-6.x-dev-pre_pdo-0.3/modules/node/content_types.inc
--- drupal/modules/node/content_types.inc 2007-09-02 20:36:14.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/node/content_types.inc 2007-09-03 02:23:34.000000000 +0800
@@ -382,7 +382,7 @@ function node_type_delete_confirm(&$form
$message = t('Are you sure you want to delete the content type %type?', array('%type' => $type->name));
$caption = '';
- $num_nodes = db_result(db_query("SELECT COUNT(*) FROM {node} WHERE type = '%s'", $type->type));
+ $num_nodes = db_result(db_query("SELECT COUNT(*) FROM {node} WHERE type = %s", $type->type));
if ($num_nodes) {
$caption .= ''. format_plural($num_nodes, 'Warning: there is currently 1 %type post on your site. It may not be able to be displayed or edited correctly, once you have removed this content type.', 'Warning: there are currently @count %type posts on your site. They may not be able to be displayed or edited correctly, once you have removed this content type.', array('%type' => $type->name)) .'
';
}
diff -urpN drupal/modules/node/node.admin.inc drupal-6.x-dev-pre_pdo-0.3/modules/node/node.admin.inc
--- drupal/modules/node/node.admin.inc 2007-09-02 22:42:30.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/node/node.admin.inc 2007-09-03 02:23:34.000000000 +0800
@@ -206,9 +206,9 @@ function node_build_filter_query() {
$join .= "INNER JOIN {term_node} $table ON n.nid = $table.nid ";
break;
case 'type':
- $where[] = "n.type = '%s'";
+ $where[] = "n.type = %s";
case 'language':
- $where[] = "n.language = '%s'";
+ $where[] = "n.language = %s";
}
$args[] = $value;
}
diff -urpN drupal/modules/node/node.module drupal-6.x-dev-pre_pdo-0.3/modules/node/node.module
--- drupal/modules/node/node.module 2007-09-02 22:42:30.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/node/node.module 2007-09-03 02:24:48.000000000 +0800
@@ -404,7 +404,7 @@ function node_types_rebuild() {
function node_type_save($info) {
$is_existing = FALSE;
$existing_type = !empty($info->old_type) ? $info->old_type : $info->type;
- $is_existing = db_result(db_query("SELECT COUNT(*) FROM {node_type} WHERE type = '%s'", $existing_type));
+ $is_existing = db_result(db_query("SELECT COUNT(*) FROM {node_type} WHERE type = %s", $existing_type));
if (!isset($info->help)) {
$info->help = '';
}
@@ -416,13 +416,13 @@ function node_type_save($info) {
}
if ($is_existing) {
- db_query("UPDATE {node_type} SET type = '%s', name = '%s', module = '%s', has_title = %d, title_label = '%s', has_body = %d, body_label = '%s', description = '%s', help = '%s', min_word_count = %d, custom = %d, modified = %d, locked = %d WHERE type = '%s'", $info->type, $info->name, $info->module, $info->has_title, $info->title_label, $info->has_body, $info->body_label, $info->description, $info->help, $info->min_word_count, $info->custom, $info->modified, $info->locked, $existing_type);
+ db_query("UPDATE {node_type} SET type = %s, name = %s, module = %s, has_title = %d, title_label = %s, has_body = %d, body_label = %s, description = %s, help = %s, min_word_count = %d, custom = %d, modified = %d, locked = %d WHERE type = %s", $info->type, $info->name, $info->module, $info->has_title, $info->title_label, $info->has_body, $info->body_label, $info->description, $info->help, $info->min_word_count, $info->custom, $info->modified, $info->locked, $existing_type);
module_invoke_all('node_type', 'update', $info);
return SAVED_UPDATED;
}
else {
- db_query("INSERT INTO {node_type} (type, name, module, has_title, title_label, has_body, body_label, description, help, min_word_count, custom, modified, locked, orig_type) VALUES ('%s', '%s', '%s', %d, '%s', %d, '%s', '%s', '%s', %d, %d, %d, %d, '%s')", $info->type, $info->name, $info->module, $info->has_title, $info->title_label, $info->has_body, $info->body_label, $info->description, $info->help, $info->min_word_count, $info->custom, $info->modified, $info->locked, $info->orig_type);
+ db_query("INSERT INTO {node_type} (type, name, module, has_title, title_label, has_body, body_label, description, help, min_word_count, custom, modified, locked, orig_type) VALUES (%s, %s, %s, %d, %s, %d, %s, %s, %s, %d, %d, %d, %d, %s)", $info->type, $info->name, $info->module, $info->has_title, $info->title_label, $info->has_body, $info->body_label, $info->description, $info->help, $info->min_word_count, $info->custom, $info->modified, $info->locked, $info->orig_type);
module_invoke_all('node_type', 'insert', $info);
return SAVED_NEW;
@@ -436,7 +436,7 @@ function node_type_save($info) {
* The machine-readable name of the node type to be deleted.
*/
function node_type_delete($type) {
- db_query("DELETE FROM {node_type} WHERE type = '%s'", $type);
+ db_query("DELETE FROM {node_type} WHERE type = %s", $type);
$info = node_get_types('type', $type);
module_invoke_all('node_type', 'delete', $info);
@@ -454,7 +454,7 @@ function node_type_delete($type) {
* The number of nodes whose node type field was modified.
*/
function node_type_update_nodes($old_type, $type) {
- db_query("UPDATE {node} SET type = '%s' WHERE type = '%s'", $type, $old_type);
+ db_query("UPDATE {node} SET type = %s WHERE type = %s", $type, $old_type);
return db_affected_rows();
}
@@ -643,7 +643,7 @@ function node_load($param = array(), $re
elseif (is_array($param)) {
// Turn the conditions into a query.
foreach ($param as $key => $value) {
- $cond[] = 'n.'. db_escape_string($key) ." = '%s'";
+ $cond[] = 'n.'. db_escape_string($key) ." = %s";
$arguments[] = $value;
}
$cond = implode(' AND ', $cond);
@@ -661,6 +661,8 @@ function node_load($param = array(), $re
else {
$node = db_fetch_object(db_query('SELECT n.nid, n.vid, n.type, n.status, n.language, n.created, n.changed, n.comment, n.promote, n.sticky, n.tnid, n.translate, r.timestamp AS revision_timestamp, r.title, r.body, r.teaser, r.log, r.format, u.uid, u.name, u.picture, u.data FROM {node} n INNER JOIN {users} u ON u.uid = n.uid INNER JOIN {node_revisions} r ON r.vid = n.vid WHERE '. $cond, $arguments));
}
+ $node->body = db_decode_clob($node->body);
+ $node->teaser = db_decode_clob($node->teaser);
if ($node && $node->nid) {
// Call the node specific callback (if any) and piggy-back the
@@ -800,19 +802,19 @@ function node_save(&$node) {
// Split off revisions data to another structure
$revisions_table_values = array('nid' => &$node->nid,
- 'title' => $node->title, 'body' => isset($node->body) ? $node->body : '',
- 'teaser' => $node->teaser, 'timestamp' => $node->changed,
+ 'title' => $node->title, 'body' => NULL,
+ 'teaser' => NULL, 'timestamp' => $node->changed,
'uid' => $user->uid, 'format' => isset($node->format) ? $node->format : FILTER_FORMAT_DEFAULT);
$revisions_table_types = array('nid' => '%d',
- 'title' => "'%s'", 'body' => "'%s'",
- 'teaser' => "'%s'", 'timestamp' => '%d',
+ 'title' => "%s", 'body' => "%c",
+ 'teaser' => "%c", 'timestamp' => '%d',
'uid' => '%d', 'format' => '%d');
if (!empty($node->log) || $node->is_new || (isset($node->revision) && $node->revision)) {
// Only store the log message if there's something to store; this prevents
// existing log messages from being unintentionally overwritten by a blank
// message. A new revision will have an empty log message (or $node->log).
$revisions_table_values['log'] = $node->log;
- $revisions_table_types['log'] = "'%s'";
+ $revisions_table_types['log'] = "%s";
}
$node_table_values = array(
'title' => $node->title, 'type' => $node->type, 'uid' => $node->uid,
@@ -820,8 +822,8 @@ function node_save(&$node) {
'changed' => $node->changed, 'comment' => $node->comment,
'promote' => $node->promote, 'sticky' => $node->sticky);
$node_table_types = array(
- 'title' => "'%s'", 'type' => "'%s'", 'uid' => '%d',
- 'status' => '%d', 'language' => "'%s'",'created' => '%d',
+ 'title' => "%s", 'type' => "%s", 'uid' => '%d',
+ 'status' => '%d', 'language' => "%s",'created' => '%d',
'changed' => '%d', 'comment' => '%d',
'promote' => '%d', 'sticky' => '%d');
$update_node = TRUE;
@@ -834,6 +836,8 @@ function node_save(&$node) {
$revisions_query = 'INSERT INTO {node_revisions} ('. implode(', ', array_keys($revisions_table_types)) .') VALUES ('. implode(', ', $revisions_table_types) .')';
db_query($revisions_query, $revisions_table_values);
$node->vid = db_last_insert_id('node_revisions', 'vid');
+ db_update_clob('vid = %d', $node->vid, db_prefix_tables('{node_revisions}'), 'body', isset($node->body) ? $node->body : '');
+ db_update_clob('vid = %d', $node->vid, db_prefix_tables('{node_revisions}'), 'teaser', $node->teaser);
$op = 'insert';
}
else {
@@ -848,6 +852,8 @@ function node_save(&$node) {
$revisions_query = 'INSERT INTO {node_revisions} ('. implode(', ', array_keys($revisions_table_types)) .') VALUES ('. implode(', ', $revisions_table_types) .')';
db_query($revisions_query, $revisions_table_values);
$node->vid = db_last_insert_id('node_revisions', 'vid');
+ db_update_clob('vid = %d', $node->vid, db_prefix_tables('{node_revisions}'), 'body', isset($node->body) ? $node->body : '');
+ db_update_clob('vid = %d', $node->vid, db_prefix_tables('{node_revisions}'), 'teaser', $node->teaser);
}
else {
$arr = array();
@@ -857,6 +863,8 @@ function node_save(&$node) {
$revisions_table_values[] = $node->vid;
$revisions_query = 'UPDATE {node_revisions} SET '. implode(', ', $arr) .' WHERE vid = %d';
db_query($revisions_query, $revisions_table_values);
+ db_update_clob('vid = %d', $node->vid, db_prefix_tables('{node_revisions}'), 'body', isset($node->body) ? $node->body : '');
+ db_update_clob('vid = %d', $node->vid, db_prefix_tables('{node_revisions}'), 'teaser', $node->teaser);
$update_node = FALSE;
}
$op = 'update';
@@ -1101,7 +1109,7 @@ function node_search($op = 'search', $ke
if ($type = search_query_extract($keys, 'type')) {
$types = array();
foreach (explode(',', $type) as $t) {
- $types[] = "n.type = '%s'";
+ $types[] = "n.type = %s";
$arguments1[] = $t;
}
$conditions1 .= ' AND ('. implode(' OR ', $types) .')';
@@ -2055,7 +2063,7 @@ function node_access_write_grants($node,
if ($delete) {
$query = 'DELETE FROM {node_access} WHERE nid = %d';
if ($realm) {
- $query .= " AND realm in ('%s', 'all')";
+ $query .= " AND realm in (%s, 'all')";
}
db_query($query, $node->nid, $realm);
}
@@ -2068,7 +2076,7 @@ function node_access_write_grants($node,
}
// Only write grants; denies are implicit.
if ($grant['grant_view'] || $grant['grant_update'] || $grant['grant_delete']) {
- db_query("INSERT INTO {node_access} (nid, realm, gid, grant_view, grant_update, grant_delete) VALUES (%d, '%s', %d, %d, %d, %d)", $node->nid, $grant['realm'], $grant['gid'], $grant['grant_view'], $grant['grant_update'], $grant['grant_delete']);
+ db_query("INSERT INTO {node_access} (nid, realm, gid, grant_view, grant_update, grant_delete) VALUES (%d, %s, %d, %d, %d, %d)", $node->nid, $grant['realm'], $grant['gid'], $grant['grant_view'], $grant['grant_update'], $grant['grant_delete']);
}
}
}
@@ -2530,7 +2538,7 @@ function node_assign_owner_action_form($
}
function node_assign_owner_action_validate($form, $form_state) {
- $count = db_result(db_query("SELECT COUNT(*) FROM {users} WHERE name = '%s'", $form_state['values']['owner_name']));
+ $count = db_result(db_query("SELECT COUNT(*) FROM {users} WHERE name = %s", $form_state['values']['owner_name']));
if (intval($count) != 1) {
form_set_error('owner_name', t('Please enter a valid username.'));
}
@@ -2538,7 +2546,7 @@ function node_assign_owner_action_valida
function node_assign_owner_action_submit($form, $form_state) {
// Username can change, so we need to store the ID, not the username.
- $uid = db_result(db_query("SELECT uid from {users} WHERE name = '%s'", $form_state['values']['owner_name']));
+ $uid = db_result(db_query("SELECT uid from {users} WHERE name = %s", $form_state['values']['owner_name']));
return array('owner_uid' => $uid);
}
diff -urpN drupal/modules/node/node.schema drupal-6.x-dev-pre_pdo-0.3/modules/node/node.schema
--- drupal/modules/node/node.schema 2007-08-30 23:31:46.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/node/node.schema 2007-09-03 02:24:48.000000000 +0800
@@ -72,8 +72,8 @@ function node_schema() {
'vid' => array('type' => 'serial', 'unsigned' => TRUE, 'not null' => TRUE),
'uid' => array('type' => 'int', 'not null' => TRUE, 'default' => 0),
'title' => array('type' => 'varchar', 'length' => 255, 'not null' => TRUE, 'default' => ''),
- 'body' => array('type' => 'text', 'not null' => TRUE, 'size' => 'big'),
- 'teaser' => array('type' => 'text', 'not null' => TRUE, 'size' => 'big'),
+ 'body' => array('type' => 'clob', 'not null' => TRUE, 'size' => 'big'),
+ 'teaser' => array('type' => 'clob', 'not null' => TRUE, 'size' => 'big'),
'log' => array('type' => 'text', 'not null' => TRUE, 'size' => 'big'),
'timestamp' => array('type' => 'int', 'not null' => TRUE, 'default' => 0),
'format' => array('type' => 'int', 'not null' => TRUE, 'default' => 0)
diff -urpN drupal/modules/openid/openid.module drupal-6.x-dev-pre_pdo-0.3/modules/openid/openid.module
--- drupal/modules/openid/openid.module 2007-08-19 17:48:33.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/openid/openid.module 2007-09-03 02:23:34.000000000 +0800
@@ -284,7 +284,7 @@ function openid_association($op_endpoint
db_query("DELETE FROM {openid_association} WHERE created + expires_in < %d", time());
// Check to see if we have an association for this IdP already
- $assoc_handle = db_result(db_query("SELECT assoc_handle FROM {openid_association} WHERE idp_endpoint_uri = '%s'", $op_endpoint));
+ $assoc_handle = db_result(db_query("SELECT assoc_handle FROM {openid_association} WHERE idp_endpoint_uri = %s", $op_endpoint));
if (empty($assoc_handle)) {
$mod = OPENID_DH_DEFAULT_MOD;
$gen = OPENID_DH_DEFAULT_GEN;
@@ -312,7 +312,7 @@ function openid_association($op_endpoint
$shared = bcpowmod($spub, $private, $mod);
$assoc_response['mac_key'] = base64_encode(_openid_dh_xorsecret($shared, $enc_mac_key));
}
- db_query("INSERT INTO {openid_association} (idp_endpoint_uri, session_type, assoc_handle, assoc_type, expires_in, mac_key, created) VALUES('%s', '%s', '%s', '%s', %d, '%s', %d)",
+ db_query("INSERT INTO {openid_association} (idp_endpoint_uri, session_type, assoc_handle, assoc_type, expires_in, mac_key, created) VALUES(%s, %s, %s, %s, %d, %s, %d)",
$op_endpoint, $assoc_response['session_type'], $assoc_response['assoc_handle'], $assoc_response['assoc_type'], $assoc_response['expires_in'], $assoc_response['mac_key'], time());
$assoc_handle = $assoc_response['assoc_handle'];
@@ -434,7 +434,7 @@ function openid_verify_assertion($op_end
$valid = FALSE;
- $association = db_fetch_object(db_query("SELECT * FROM {openid_association} WHERE assoc_handle = '%s'", $response['openid.assoc_handle']));
+ $association = db_fetch_object(db_query("SELECT * FROM {openid_association} WHERE assoc_handle = %s", $response['openid.assoc_handle']));
if ($association && isset($association->session_type)) {
$keys_to_sign = explode(',', $response['openid.signed']);
$self_sig = _openid_signature($association, $response, $keys_to_sign);
diff -urpN drupal/modules/openid/openid.pages.inc drupal-6.x-dev-pre_pdo-0.3/modules/openid/openid.pages.inc
--- drupal/modules/openid/openid.pages.inc 2007-08-19 17:48:33.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/openid/openid.pages.inc 2007-09-03 02:23:34.000000000 +0800
@@ -33,7 +33,7 @@ function openid_user_identities($account
// Check to see if we got a response
$result = openid_complete($_REQUEST);
if ($result['status'] == 'success') {
- db_query("INSERT INTO {authmap} (uid, authname, module) VALUES (%d, '%s','openid')", $account->uid, $result['openid.identity']);
+ db_query("INSERT INTO {authmap} (uid, authname, module) VALUES (%d, %s,'openid')", $account->uid, $result['openid.identity']);
drupal_set_message(t('Successfully added %identity', array('%identity' => $result['openid.identity'])));
}
@@ -68,7 +68,7 @@ function openid_user_add() {
function openid_user_add_validate($form, &$form_state) {
// Check for existing entries.
$claimed_id = _openid_normalize($form_state['values']['openid_url']);
- if (db_result(db_query("SELECT authname FROM {authmap} WHERE authname='%s'", $claimed_id))) {
+ if (db_result(db_query("SELECT authname FROM {authmap} WHERE authname=%s", $claimed_id))) {
form_set_error('openid_url', t('That OpenID is already in use on this site.'));
}
else {
diff -urpN drupal/modules/path/path.admin.inc drupal-6.x-dev-pre_pdo-0.3/modules/path/path.admin.inc
--- drupal/modules/path/path.admin.inc 2007-08-13 00:34:56.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/path/path.admin.inc 2007-09-03 02:23:34.000000000 +0800
@@ -21,7 +21,7 @@ function path_admin_overview($keys = NUL
if ($keys) {
// Replace wildcards with MySQL/PostgreSQL wildcards.
$keys = preg_replace('!\*+!', '%', $keys);
- $sql = "SELECT * FROM {url_alias} WHERE dst LIKE '%%%s%%'";
+ $sql = "SELECT * FROM {url_alias} WHERE dst LIKE %s";
}
else {
$sql = 'SELECT * FROM {url_alias}';
@@ -36,7 +36,7 @@ function path_admin_overview($keys = NUL
$header[2] = array('data' => t('Language'), 'field' => 'language');
}
$sql .= tablesort_sql($header);
- $result = pager_query($sql, 50, 0 , NULL, $keys);
+ $result = pager_query($sql, 50, 0 , NULL, "%" . $keys . "%");
$rows = array();
$destination = drupal_get_destination();
@@ -133,7 +133,7 @@ function path_admin_form_validate($form,
// Language is only set if locale module is enabled, otherwise save for all languages.
$language = isset($form_state['values']['language']) ? $form_state['values']['language'] : '';
- if (db_result(db_query("SELECT COUNT(dst) FROM {url_alias} WHERE pid != %d AND dst = '%s' AND language = '%s'", $pid, $dst, $language))) {
+ if (db_result(db_query("SELECT COUNT(dst) FROM {url_alias} WHERE pid != %d AND dst = %s AND language = %s", $pid, $dst, $language))) {
form_set_error('dst', t('The alias %alias is already in use in this language.', array('%alias' => $dst)));
}
}
diff -urpN drupal/modules/path/path.module drupal-6.x-dev-pre_pdo-0.3/modules/path/path.module
--- drupal/modules/path/path.module 2007-08-13 00:34:56.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/path/path.module 2007-09-03 02:23:34.000000000 +0800
@@ -86,36 +86,36 @@ function path_admin_delete($pid = 0) {
function path_set_alias($path = NULL, $alias = NULL, $pid = NULL, $language = '') {
if ($path && !$alias) {
// Delete based on path
- db_query("DELETE FROM {url_alias} WHERE src = '%s' AND language = '%s'", $path, $language);
+ db_query("DELETE FROM {url_alias} WHERE src = %s AND language = %s", $path, $language);
drupal_clear_path_cache();
}
else if (!$path && $alias) {
// Delete based on alias
- db_query("DELETE FROM {url_alias} WHERE dst = '%s' AND language = '%s'", $alias, $language);
+ db_query("DELETE FROM {url_alias} WHERE dst = %s AND language = %s", $alias, $language);
drupal_clear_path_cache();
}
else if ($path && $alias) {
$path = urldecode($path);
- $path_count = db_result(db_query("SELECT COUNT(src) FROM {url_alias} WHERE src = '%s' AND language = '%s'", $path, $language));
+ $path_count = db_result(db_query("SELECT COUNT(src) FROM {url_alias} WHERE src = %s AND language = %s", $path, $language));
$alias = urldecode($alias);
// Alias count can only be 0 or 1.
- $alias_count = db_result(db_query("SELECT COUNT(dst) FROM {url_alias} WHERE dst = '%s' AND language = '%s'", $alias, $language));
+ $alias_count = db_result(db_query("SELECT COUNT(dst) FROM {url_alias} WHERE dst = %s AND language = %s", $alias, $language));
if ($alias_count == 0) {
if ($pid) {
// Existing path changed data
- db_query("UPDATE {url_alias} SET src = '%s', dst = '%s', language = '%s' WHERE pid = %d", $path, $alias, $language, $pid);
+ db_query("UPDATE {url_alias} SET src = %s, dst = %s, language = %s WHERE pid = %d", $path, $alias, $language, $pid);
}
else {
// No such alias yet in this language
- db_query("INSERT INTO {url_alias} (src, dst, language) VALUES ('%s', '%s', '%s')", $path, $alias, $language);
+ db_query("INSERT INTO {url_alias} (src, dst, language) VALUES (%s, %s, %s)", $path, $alias, $language);
}
}
// The alias exists.
else {
// This path has no alias yet, so we redirect the alias here.
if ($path_count == 0) {
- db_query("UPDATE {url_alias} SET src = '%s' WHERE dst = '%s' AND language = '%s'", $path, $alias, $language);
+ db_query("UPDATE {url_alias} SET src = %s WHERE dst = %s AND language = %s", $path, $alias, $language);
}
else {
// This will delete the path that alias was originally pointing to.
@@ -143,7 +143,7 @@ function path_nodeapi(&$node, $op, $arg)
case 'validate':
$node->path = trim($node->path);
$language = isset($node->language) ? $node->language : '';
- if (db_result(db_query("SELECT COUNT(dst) FROM {url_alias} WHERE dst = '%s' AND src != '%s' AND language = '%s'", $node->path, "node/$node->nid", $language))) {
+ if (db_result(db_query("SELECT COUNT(dst) FROM {url_alias} WHERE dst = %s AND src != %s AND language = %s", $node->path, "node/$node->nid", $language))) {
form_set_error('path', t('The path is already in use.'));
}
break;
@@ -204,7 +204,7 @@ function path_form_alter(&$form, $form_s
if ($path) {
$form['path']['pid'] = array(
'#type' => 'value',
- '#value' => db_result(db_query("SELECT pid FROM {url_alias} WHERE dst = '%s'", $path))
+ '#value' => db_result(db_query("SELECT pid FROM {url_alias} WHERE dst = %s", $path))
);
}
}
diff -urpN drupal/modules/poll/poll.module drupal-6.x-dev-pre_pdo-0.3/modules/poll/poll.module
--- drupal/modules/poll/poll.module 2007-08-31 01:01:42.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/poll/poll.module 2007-09-03 02:23:34.000000000 +0800
@@ -307,7 +307,7 @@ function poll_load($node) {
$result = db_fetch_object(db_query('SELECT chorder FROM {poll_votes} WHERE nid = %d AND uid = %d', $node->nid, $user->uid));
}
else {
- $result = db_fetch_object(db_query("SELECT chorder FROM {poll_votes} WHERE nid = %d AND hostname = '%s'", $node->nid, ip_address()));
+ $result = db_fetch_object(db_query("SELECT chorder FROM {poll_votes} WHERE nid = %d AND hostname = %s", $node->nid, ip_address()));
}
if (isset($result->chorder)) {
$poll->vote = $result->chorder;
@@ -337,7 +337,7 @@ function poll_insert($node) {
$i = 0;
foreach ($node->choice as $choice) {
if ($choice['chtext'] != '') {
- db_query("INSERT INTO {poll_choices} (nid, chtext, chvotes, chorder) VALUES (%d, '%s', %d, %d)", $node->nid, $choice['chtext'], $choice['chvotes'], $i++);
+ db_query("INSERT INTO {poll_choices} (nid, chtext, chvotes, chorder) VALUES (%d, %s, %d, %d)", $node->nid, $choice['chtext'], $choice['chvotes'], $i++);
}
}
}
@@ -357,7 +357,7 @@ function poll_update($node) {
$chtext = $choice['chtext'];
if ($chtext != '') {
- db_query("INSERT INTO {poll_choices} (nid, chtext, chvotes, chorder) VALUES (%d, '%s', %d, %d)", $node->nid, $chtext, $chvotes, $i++);
+ db_query("INSERT INTO {poll_choices} (nid, chtext, chvotes, chorder) VALUES (%d, %s, %d, %d)", $node->nid, $chtext, $chvotes, $i++);
}
}
}
@@ -494,7 +494,7 @@ function poll_vote($form, &$form_state)
db_query('INSERT INTO {poll_votes} (nid, chorder, uid) VALUES (%d, %d, %d)', $node->nid, $choice, $user->uid);
}
else {
- db_query("INSERT INTO {poll_votes} (nid, chorder, hostname) VALUES (%d, %d, '%s')", $node->nid, $choice, ip_address());
+ db_query("INSERT INTO {poll_votes} (nid, chorder, hostname) VALUES (%d, %d, %s)", $node->nid, $choice, ip_address());
}
// Add one to the votes.
@@ -617,7 +617,7 @@ function poll_cancel($form, &$form_state
db_query('DELETE FROM {poll_votes} WHERE nid = %d and uid = %d', $node->nid, $user->uid);
}
else {
- db_query("DELETE FROM {poll_votes} WHERE nid = %d and hostname = '%s'", $node->nid, ip_address());
+ db_query("DELETE FROM {poll_votes} WHERE nid = %d and hostname = %s", $node->nid, ip_address());
}
// Subtract from the votes.
diff -urpN drupal/modules/profile/profile.module drupal-6.x-dev-pre_pdo-0.3/modules/profile/profile.module
--- drupal/modules/profile/profile.module 2007-09-01 14:15:33.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/profile/profile.module 2007-09-03 02:23:34.000000000 +0800
@@ -363,10 +363,10 @@ function profile_field_form_validate($fo
$query_suffix = ' AND fid != %d';
}
- if (db_result(db_query("SELECT fid FROM {profile_fields} WHERE title = '%s' AND category = '%s'". $query_suffix, $args1))) {
+ if (db_result(db_query("SELECT fid FROM {profile_fields} WHERE title = %s AND category = %s". $query_suffix, $args1))) {
form_set_error('title', t('The specified title is already in use.'));
}
- if (db_result(db_query("SELECT fid FROM {profile_fields} WHERE name = '%s'". $query_suffix, $args2))) {
+ if (db_result(db_query("SELECT fid FROM {profile_fields} WHERE name = %s". $query_suffix, $args2))) {
form_set_error('name', t('The specified name is already in use.'));
}
}
@@ -382,13 +382,13 @@ function profile_field_form_submit($form
$form_state['values']['page'] = '';
}
if (!isset($form_state['values']['fid'])) {
- db_query("INSERT INTO {profile_fields} (title, name, explanation, category, type, weight, required, register, visibility, autocomplete, options, page) VALUES ('%s', '%s', '%s', '%s', '%s', %d, %d, %d, %d, %d, '%s', '%s')", $form_state['values']['title'], $form_state['values']['name'], $form_state['values']['explanation'], $form_state['values']['category'], $form_state['values']['type'], $form_state['values']['weight'], $form_state['values']['required'], $form_state['values']['register'], $form_state['values']['visibility'], $form_state['values']['autocomplete'], $form_state['values']['options'], $form_state['values']['page']);
+ db_query("INSERT INTO {profile_fields} (title, name, explanation, category, type, weight, required, register, visibility, autocomplete, options, page) VALUES (%s, %s, %s, %s, %s, %d, %d, %d, %d, %d, %s, %s)", $form_state['values']['title'], $form_state['values']['name'], $form_state['values']['explanation'], $form_state['values']['category'], $form_state['values']['type'], $form_state['values']['weight'], $form_state['values']['required'], $form_state['values']['register'], $form_state['values']['visibility'], $form_state['values']['autocomplete'], $form_state['values']['options'], $form_state['values']['page']);
drupal_set_message(t('The field has been created.'));
watchdog('profile', 'Profile field %field added under category %category.', array('%field' => $form_state['values']['title'], '%category' => $form_state['values']['category']), WATCHDOG_NOTICE, l(t('view'), 'admin/user/profile'));
}
else {
- db_query("UPDATE {profile_fields} SET title = '%s', name = '%s', explanation = '%s', category = '%s', weight = %d, required = %d, register = %d, visibility = %d, autocomplete = %d, options = '%s', page = '%s' WHERE fid = %d", $form_state['values']['title'], $form_state['values']['name'], $form_state['values']['explanation'], $form_state['values']['category'], $form_state['values']['weight'], $form_state['values']['required'], $form_state['values']['register'], $form_state['values']['visibility'], $form_state['values']['autocomplete'], $form_state['values']['options'], $form_state['values']['page'], $form_state['values']['fid']);
+ db_query("UPDATE {profile_fields} SET title = %s, name = %s, explanation = %s, category = %s, weight = %d, required = %d, register = %d, visibility = %d, autocomplete = %d, options = %s, page = %s WHERE fid = %d", $form_state['values']['title'], $form_state['values']['name'], $form_state['values']['explanation'], $form_state['values']['category'], $form_state['values']['weight'], $form_state['values']['required'], $form_state['values']['register'], $form_state['values']['visibility'], $form_state['values']['autocomplete'], $form_state['values']['options'], $form_state['values']['page'], $form_state['values']['fid']);
drupal_set_message(t('The field has been updated.'));
}
@@ -467,7 +467,7 @@ function profile_browse() {
// Ensure that the path is converted to 3 levels always.
list(, $name, $value) = array_pad(explode('/', $_GET['q'], 3), 3, '');
- $field = db_fetch_object(db_query("SELECT DISTINCT(fid), type, title, page, visibility FROM {profile_fields} WHERE name = '%s'", $name));
+ $field = db_fetch_object(db_query("SELECT DISTINCT(fid), type, title, page, visibility FROM {profile_fields} WHERE name = %s", $name));
if ($name && $field->fid) {
// Only allow browsing of fields that have a page title set.
@@ -496,12 +496,12 @@ function profile_browse() {
break;
case 'textfield':
case 'selection':
- $query = "v.value = '%s'";
+ $query = "v.value = %s";
$arguments[] = $value;
break;
case 'list':
- $query = "v.value LIKE '%%%s%%'";
- $arguments[] = $value;
+ $query = "v.value LIKE %s";
+ $arguments[] = "%" . $value . "%";
break;
default:
drupal_not_found();
@@ -574,7 +574,7 @@ function profile_save_profile(&$edit, &$
$edit[$field->name] = serialize($edit[$field->name]);
}
db_query("DELETE FROM {profile_values} WHERE fid = %d AND uid = %d", $field->fid, $user->uid);
- db_query("INSERT INTO {profile_values} (fid, uid, value) VALUES (%d, %d, '%s')", $field->fid, $user->uid, $edit[$field->name]);
+ db_query("INSERT INTO {profile_values} (fid, uid, value) VALUES (%d, %d, %s)", $field->fid, $user->uid, $edit[$field->name]);
// Mark field as handled (prevents saving to user->data).
$edit[$field->name] = NULL;
}
@@ -757,7 +757,7 @@ function profile_form_profile($edit, $us
function profile_autocomplete($field, $string) {
$matches = array();
if (db_result(db_query("SELECT COUNT(*) FROM {profile_fields} WHERE fid = %d AND autocomplete = 1", $field))) {
- $result = db_query_range("SELECT value FROM {profile_values} WHERE fid = %d AND LOWER(value) LIKE LOWER('%s%%') GROUP BY value ORDER BY value ASC", $field, $string, 0, 10);
+ $result = db_query_range("SELECT value FROM {profile_values} WHERE fid = %d AND LOWER(value) LIKE LOWER(%s) GROUP BY value ORDER BY value ASC", $field, $string . "%", 0, 10);
while ($data = db_fetch_object($result)) {
$matches[$data->value] = check_plain($data->value);
}
@@ -892,8 +892,8 @@ function _profile_get_fields($category,
$filters[] = 'register = 1';
}
else {
- // Use LOWER('%s') instead of PHP's strtolower() to avoid UTF-8 conversion issues.
- $filters[] = "LOWER(category) = LOWER('%s')";
+ // Use LOWER(%s) instead of PHP's strtolower() to avoid UTF-8 conversion issues.
+ $filters[] = "LOWER(category) = LOWER(%s)";
$args[] = $category;
}
if (!user_access('administer users')) {
@@ -910,7 +910,7 @@ function _profile_get_fields($category,
*/
function profile_admin_settings_autocomplete($string) {
$matches = array();
- $result = db_query_range("SELECT category FROM {profile_fields} WHERE LOWER(category) LIKE LOWER('%s%%')", $string, 0, 10);
+ $result = db_query_range("SELECT category FROM {profile_fields} WHERE LOWER(category) LIKE LOWER(%s)", $string . "%", 0, 10);
while ($data = db_fetch_object($result)) {
$matches[$data->category] = check_plain($data->category);
}
diff -urpN drupal/modules/search/search.module drupal-6.x-dev-pre_pdo-0.3/modules/search/search.module
--- drupal/modules/search/search.module 2007-09-02 20:53:50.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/search/search.module 2007-09-03 02:23:34.000000000 +0800
@@ -296,10 +296,10 @@ function search_wipe($sid = NULL, $type
module_invoke_all('search', 'reset');
}
else {
- db_query("DELETE FROM {search_dataset} WHERE sid = %d AND type = '%s'", $sid, $type);
- db_query("DELETE FROM {search_index} WHERE fromsid = %d AND fromtype = '%s'", $sid, $type);
+ db_query("DELETE FROM {search_dataset} WHERE sid = %d AND type = %s", $sid, $type);
+ db_query("DELETE FROM {search_index} WHERE fromsid = %d AND fromtype = %s", $sid, $type);
// When re-indexing, keep link references
- db_query("DELETE FROM {search_index} WHERE sid = %d AND type = '%s'". ($reindex ? " AND fromsid = 0" : ''), $sid, $type);
+ db_query("DELETE FROM {search_index} WHERE sid = %d AND type = %s". ($reindex ? " AND fromsid = 0" : ''), $sid, $type);
}
}
@@ -343,12 +343,12 @@ function search_update_totals() {
// Update word IDF (Inverse Document Frequency) counts for new/changed words
foreach (search_dirty() as $word => $dummy) {
// Get total count
- $total = db_result(db_query("SELECT SUM(score) FROM {search_index} WHERE word = '%s'", $word));
+ $total = db_result(db_query("SELECT SUM(score) FROM {search_index} WHERE word = %s", $word));
// Apply Zipf's law to equalize the probability distribution
$total = log10(1 + 1/(max(1, $total)));
- db_query("UPDATE {search_total} SET count = %f WHERE word = '%s'", $total, $word);
+ db_query("UPDATE {search_total} SET count = %f WHERE word = %s", $total, $word);
if (!db_affected_rows()) {
- db_query("INSERT INTO {search_total} (word, count) VALUES ('%s', %f)", $word, $total);
+ db_query("INSERT INTO {search_total} (word, count) VALUES (%s, %f)", $word, $total);
}
}
// Find words that were deleted from search_index, but are still in
@@ -356,7 +356,7 @@ function search_update_totals() {
// rows which fail to join.
$result = db_query("SELECT t.word AS realword, i.word FROM {search_total} t LEFT JOIN {search_index} i ON t.word = i.word WHERE i.word IS NULL");
while ($word = db_fetch_object($result)) {
- db_query("DELETE FROM {search_total} WHERE word = '%s'", $word->realword);
+ db_query("DELETE FROM {search_total} WHERE word = %s", $word->realword);
}
}
@@ -626,11 +626,11 @@ function search_index($sid, $type, $text
search_wipe($sid, $type, TRUE);
// Insert cleaned up data into dataset
- db_query("INSERT INTO {search_dataset} (sid, type, data) VALUES (%d, '%s', '%s')", $sid, $type, $accum);
+ db_query("INSERT INTO {search_dataset} (sid, type, data) VALUES (%d, %s, %s)", $sid, $type, $accum);
// Insert results into search index
foreach ($results[0] as $word => $score) {
- db_query("INSERT INTO {search_index} (word, sid, type, score) VALUES ('%s', %d, '%s', %f)", $word, $sid, $type, $score);
+ db_query("INSERT INTO {search_index} (word, sid, type, score) VALUES (%s, %d, %s, %f)", $word, $sid, $type, $score);
search_dirty($word);
}
unset($results[0]);
@@ -638,7 +638,7 @@ function search_index($sid, $type, $text
// Now insert links to nodes
foreach ($results as $nid => $words) {
foreach ($words as $word => $score) {
- db_query("INSERT INTO {search_index} (word, sid, type, fromsid, fromtype, score) VALUES ('%s', %d, '%s', %d, '%s', %f)", $word, $nid, 'node', $sid, $type, $score);
+ db_query("INSERT INTO {search_index} (word, sid, type, fromsid, fromtype, score) VALUES (%s, %d, %s, %d, %s, %f)", $word, $nid, 'node', $sid, $type, $score);
search_dirty($word);
}
}
@@ -741,7 +741,7 @@ function search_parse_query($text) {
$any |= $count;
if ($q) {
$queryor[] = $q;
- $arguments[] = $or;
+ $arguments[] = "% " . $or . " %";
}
}
if (count($queryor)) {
@@ -755,7 +755,7 @@ function search_parse_query($text) {
list($q, $count) = _search_parse_query($key, $arguments2);
if ($q) {
$query[] = $q;
- $arguments[] = $key;
+ $arguments[] = "% " . $key . " %";
// Each AND keyword needs to match at least once
$matches += $count;
}
@@ -766,13 +766,13 @@ function search_parse_query($text) {
list($q) = _search_parse_query($key, $arguments2, TRUE);
if ($q) {
$query[] = $q;
- $arguments[] = $key;
+ $arguments[] = "% " . $key . " %";
}
}
$query = implode(' AND ', $query);
// Build word-index conditions for the first pass
- $query2 = substr(str_repeat("i.word = '%s' OR ", count($arguments2)), 0, -4);
+ $query2 = substr(str_repeat("i.word = %s OR ", count($arguments2)), 0, -4);
return array($query, $arguments, $query2, $arguments2, $matches);
}
@@ -797,7 +797,7 @@ function _search_parse_query(&$word, &$s
}
}
// Return matching snippet and number of added words
- return array("d.data ". ($not ? 'NOT ' : '') ."LIKE '%% %s %%'", $count);
+ return array("d.data ". ($not ? 'NOT ' : '') ."LIKE %s", $count);
}
/**
@@ -879,7 +879,7 @@ function do_search($keywords, $type, $jo
// First pass: select all possible matching sids, doing a simple index-based OR matching on the keywords.
// 'matches' is used to reject those items that cannot possibly match the query.
- $conditions = $where1 .' AND ('. $query[2] .") AND i.type = '%s'";
+ $conditions = $where1 .' AND ('. $query[2] .") AND i.type = %s";
$arguments = array_merge($arguments1, $query[3], array($type, $query[4]));
$result = db_query_temporary("SELECT i.type, i.sid, SUM(i.score * t.count) AS relevance, COUNT(*) AS matches FROM {search_index} i INNER JOIN {search_total} t ON i.word = t.word $join1 WHERE $conditions GROUP BY i.type, i.sid HAVING COUNT(*) >= %d", $arguments, 'temp_search_sids');
diff -urpN drupal/modules/statistics/statistics.admin.inc drupal-6.x-dev-pre_pdo-0.3/modules/statistics/statistics.admin.inc
--- drupal/modules/statistics/statistics.admin.inc 2007-08-24 00:34:44.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/statistics/statistics.admin.inc 2007-09-03 02:23:34.000000000 +0800
@@ -106,8 +106,8 @@ function statistics_top_visitors() {
* Menu callback; presents the "referrer" page.
*/
function statistics_top_referrers() {
- $query = "SELECT url, COUNT(url) AS hits, MAX(timestamp) AS last FROM {accesslog} WHERE url NOT LIKE '%%%s%%' AND url <> '' GROUP BY url";
- $query_cnt = "SELECT COUNT(DISTINCT(url)) FROM {accesslog} WHERE url <> '' AND url NOT LIKE '%%%s%%'";
+ $query = "SELECT url, COUNT(url) AS hits, MAX(timestamp) AS last FROM {accesslog} WHERE url NOT LIKE %s AND url <> '' GROUP BY url";
+ $query_cnt = "SELECT COUNT(DISTINCT(url)) FROM {accesslog} WHERE url <> '' AND url NOT LIKE %s";
drupal_set_title(t('Top referrers in the past %interval', array('%interval' => format_interval(variable_get('statistics_flush_accesslog_timer', 259200)))));
$header = array(
@@ -117,7 +117,7 @@ function statistics_top_referrers() {
);
$query .= tablesort_sql($header);
- $result = pager_query($query, 30, 0, $query_cnt, $_SERVER['HTTP_HOST']);
+ $result = pager_query($query, 30, 0, $query_cnt, "%" . $_SERVER['HTTP_HOST'] . "%");
$rows = array();
while ($referrer = db_fetch_object($result)) {
diff -urpN drupal/modules/statistics/statistics.module drupal-6.x-dev-pre_pdo-0.3/modules/statistics/statistics.module
--- drupal/modules/statistics/statistics.module 2007-08-24 00:34:44.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/statistics/statistics.module 2007-09-03 02:23:34.000000000 +0800
@@ -68,7 +68,7 @@ function statistics_exit() {
}
if ((variable_get('statistics_enable_access_log', 0)) && (module_invoke('throttle', 'status') == 0)) {
// Log this page access.
- db_query("INSERT INTO {accesslog} (title, path, url, hostname, uid, sid, timer, timestamp) values('%s', '%s', '%s', '%s', %d, '%s', %d, %d)", strip_tags(drupal_get_title()), $_GET['q'], referer_uri(), ip_address(), $user->uid, session_id(), timer_read('page'), time());
+ db_query("INSERT INTO {accesslog} (title, path, url, hostname, uid, sid, timer, timestamp) values(%s, %s, %s, %s, %d, %s, %d, %d)", strip_tags(drupal_get_title()), $_GET['q'], referer_uri(), ip_address(), $user->uid, session_id(), timer_read('page'), time());
}
}
diff -urpN drupal/modules/system/system.admin.inc drupal-6.x-dev-pre_pdo-0.3/modules/system/system.admin.inc
--- drupal/modules/system/system.admin.inc 2007-09-01 22:41:21.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/system/system.admin.inc 2007-09-03 02:23:34.000000000 +0800
@@ -27,7 +27,7 @@ function system_main_admin_page($arg = N
SELECT m.*, ml.*
FROM {menu_links} ml
INNER JOIN {menu_router} m ON ml.router_path = m.path
- WHERE ml.link_path != 'admin/help' AND menu_name = '%s' AND ml.plid = %d AND hidden = 0", $admin);
+ WHERE ml.link_path != 'admin/help' AND menu_name = %s AND ml.plid = %d AND hidden = 0", $admin);
while ($item = db_fetch_array($result)) {
_menu_link_translate($item);
if (!$item['access']) {
@@ -259,7 +259,7 @@ function system_themes_form_submit($form
if ($choice || $form_state['values']['theme_default'] == $key) {
system_initialize_theme_blocks($key);
$new_theme_list[] = $key;
- db_query("UPDATE {system} SET status = 1 WHERE type = 'theme' and name = '%s'", $key);
+ db_query("UPDATE {system} SET status = 1 WHERE type = 'theme' and name = %s", $key);
}
}
}
@@ -777,7 +777,7 @@ function system_modules_submit($form, &$
// Update throttle settings, if present
if (isset($form_state['values']['throttle'])) {
foreach ($form_state['values']['throttle'] as $key => $choice) {
- db_query("UPDATE {system} SET throttle = %d WHERE type = 'module' and name = '%s'", $choice ? 1 : 0, $key);
+ db_query("UPDATE {system} SET throttle = %d WHERE type = 'module' and name = %s", $choice ? 1 : 0, $key);
}
}
diff -urpN drupal/modules/system/system.install drupal-6.x-dev-pre_pdo-0.3/modules/system/system.install
--- drupal/modules/system/system.install 2007-08-31 04:34:02.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/system/system.install 2007-09-03 02:23:34.000000000 +0800
@@ -260,46 +260,46 @@ function system_install() {
// Load system theme data appropriately.
system_theme_data();
- db_query("INSERT INTO {role} (name) VALUES ('%s')", 'anonymous user');
- db_query("INSERT INTO {role} (name) VALUES ('%s')", 'authenticated user');
+ db_query("INSERT INTO {role} (name) VALUES (%s)", 'anonymous user');
+ db_query("INSERT INTO {role} (name) VALUES (%s)", 'authenticated user');
- db_query("INSERT INTO {permission} (rid, perm, tid) VALUES (%d, '%s', %d)", 1, 'access content', 0);
- db_query("INSERT INTO {permission} (rid, perm, tid) VALUES (%d, '%s', %d)", 2, 'access comments, access content, post comments, post comments without approval', 0);
+ db_query("INSERT INTO {permission} (rid, perm, tid) VALUES (%d, %s, %d)", 1, 'access content', 0);
+ db_query("INSERT INTO {permission} (rid, perm, tid) VALUES (%d, %s, %d)", 2, 'access comments, access content, post comments, post comments without approval', 0);
- db_query("INSERT INTO {variable} (name, value) VALUES ('%s', '%s')", 'theme_default', 's:7:"garland";');
- db_query("UPDATE {system} SET status = %d WHERE type = '%s' AND name = '%s'", 1, 'theme', 'garland');
- db_query("INSERT INTO {blocks} (module, delta, theme, status, pages) VALUES ('%s', '%s', '%s', %d, '%s')", 'user', '0', 'garland', 1, '');
- db_query("INSERT INTO {blocks} (module, delta, theme, status, pages) VALUES ('%s', '%s', '%s', %d, '%s')", 'user', '1', 'garland', 1, '');
+ db_query("INSERT INTO {variable} (name, value) VALUES (%s, %s)", 'theme_default', 's:7:"garland";');
+ db_query("UPDATE {system} SET status = %d WHERE type = %s AND name = %s", 1, 'theme', 'garland');
+ db_query("INSERT INTO {blocks} (module, delta, theme, status, pages) VALUES (%s, %s, %s, %d, %s)", 'user', '0', 'garland', 1, '');
+ db_query("INSERT INTO {blocks} (module, delta, theme, status, pages) VALUES (%s, %s, %s, %d, %s)", 'user', '1', 'garland', 1, '');
- db_query("INSERT INTO {node_access} (nid, gid, realm, grant_view, grant_update, grant_delete) VALUES (%d, %d, '%s', %d, %d, %d)", 0, 0, 'all', 1, 0, 0);
+ db_query("INSERT INTO {node_access} (nid, gid, realm, grant_view, grant_update, grant_delete) VALUES (%d, %d, %s, %d, %d, %d)", 0, 0, 'all', 1, 0, 0);
// Add input formats.
- db_query("INSERT INTO {filter_formats} (name, roles, cache) VALUES ('%s', '%s', %d)", 'Filtered HTML', ',1,2,', 1);
- db_query("INSERT INTO {filter_formats} (name, roles, cache) VALUES ('%s', '%s', %d)", 'Full HTML', '', 1);
+ db_query("INSERT INTO {filter_formats} (name, roles, cache) VALUES (%s, %s, %d)", 'Filtered HTML', ',1,2,', 1);
+ db_query("INSERT INTO {filter_formats} (name, roles, cache) VALUES (%s, %s, %d)", 'Full HTML', '', 1);
// Enable filters for each input format.
// Filtered HTML:
// URL filter.
- db_query("INSERT INTO {filters} (format, module, delta, weight) VALUES (%d, '%s', %d, %d)", 1, 'filter', 2, 0);
+ db_query("INSERT INTO {filters} (format, module, delta, weight) VALUES (%d, %s, %d, %d)", 1, 'filter', 2, 0);
// HTML filter.
- db_query("INSERT INTO {filters} (format, module, delta, weight) VALUES (%d, '%s', %d, %d)", 1, 'filter', 0, 1);
+ db_query("INSERT INTO {filters} (format, module, delta, weight) VALUES (%d, %s, %d, %d)", 1, 'filter', 0, 1);
// Line break filter.
- db_query("INSERT INTO {filters} (format, module, delta, weight) VALUES (%d, '%s', %d, %d)", 1, 'filter', 1, 2);
+ db_query("INSERT INTO {filters} (format, module, delta, weight) VALUES (%d, %s, %d, %d)", 1, 'filter', 1, 2);
// HTML corrector filter.
- db_query("INSERT INTO {filters} (format, module, delta, weight) VALUES (%d, '%s', %d, %d)", 1, 'filter', 3, 10);
+ db_query("INSERT INTO {filters} (format, module, delta, weight) VALUES (%d, %s, %d, %d)", 1, 'filter', 3, 10);
// Full HTML:
// URL filter.
- db_query("INSERT INTO {filters} (format, module, delta, weight) VALUES (%d, '%s', %d, %d)", 2, 'filter', 2, 0);
+ db_query("INSERT INTO {filters} (format, module, delta, weight) VALUES (%d, %s, %d, %d)", 2, 'filter', 2, 0);
// Line break filter.
- db_query("INSERT INTO {filters} (format, module, delta, weight) VALUES (%d, '%s', %d, %d)", 2, 'filter', 1, 1);
+ db_query("INSERT INTO {filters} (format, module, delta, weight) VALUES (%d, %s, %d, %d)", 2, 'filter', 1, 1);
// HTML corrector filter.
- db_query("INSERT INTO {filters} (format, module, delta, weight) VALUES (%d, '%s', %d, %d)", 1, 'filter', 3, 10);
+ db_query("INSERT INTO {filters} (format, module, delta, weight) VALUES (%d, %s, %d, %d)", 1, 'filter', 3, 10);
- db_query("INSERT INTO {variable} (name, value) VALUES ('%s','%s')", 'filter_html_1', 'i:1;');
+ db_query("INSERT INTO {variable} (name, value) VALUES (%s,%s)", 'filter_html_1', 'i:1;');
- db_query("INSERT INTO {variable} (name, value) VALUES ('%s', '%s')", 'node_options_forum', 'a:1:{i:0;s:6:"status";}');
+ db_query("INSERT INTO {variable} (name, value) VALUES (%s, %s)", 'node_options_forum', 'a:1:{i:0;s:6:"status";}');
}
// Updates for core
@@ -548,7 +548,7 @@ function system_update_118() {
}
foreach ($node_types as $vid => $type_array) {
foreach ($type_array as $type) {
- db_query("INSERT INTO {vocabulary_node_types} (vid, type) VALUES (%d, '%s')", $vid, $type);
+ db_query("INSERT INTO {vocabulary_node_types} (vid, type) VALUES (%d, %s)", $vid, $type);
}
}
if ($GLOBALS['db_type'] == 'mysql') {
@@ -592,12 +592,12 @@ function system_update_120() {
$ret = array();
// Rewrite old URL aliases. Works for both PostgreSQL and MySQL
- $result = db_query("SELECT pid, src FROM {url_alias} WHERE src LIKE 'blog/%%'");
+ $result = db_query("SELECT pid, src FROM {url_alias} WHERE src LIKE %s", "blog/%");
while ($alias = db_fetch_object($result)) {
list(, $page, $op, $uid) = explode('/', $alias->src);
if ($page == 'feed') {
$new = "blog/$uid/feed";
- update_sql("UPDATE {url_alias} SET src = '%s' WHERE pid = '%s'", $new, $alias->pid);
+ update_sql("UPDATE {url_alias} SET src = %s WHERE pid = %s", $new, $alias->pid);
}
}
@@ -685,7 +685,7 @@ function system_update_124() {
$result = db_query("SELECT c.nid, c.timestamp, c.name, c.uid, COUNT(c.nid) as comment_count FROM {node} n LEFT JOIN {comments} c ON c.nid = n.nid WHERE c.status = 0 GROUP BY c.nid, c.timestamp, c.name, c.uid");
while ($comment_record = db_fetch_object($result)) {
$count = db_result(db_query('SELECT COUNT(cid) FROM {comments} WHERE nid = %d AND status = 0', $comment_record->nid));
- db_query("UPDATE {node_comment_statistics} SET comment_count = %d, last_comment_timestamp = %d, last_comment_name = '%s', last_comment_uid = %d WHERE nid = %d", $count, $comment_record->timestamp, $comment_record->name, $comment_record->uid, $comment_record->nid);
+ db_query("UPDATE {node_comment_statistics} SET comment_count = %d, last_comment_timestamp = %d, last_comment_name = %s, last_comment_uid = %d WHERE nid = %d", $count, $comment_record->timestamp, $comment_record->name, $comment_record->uid, $comment_record->nid);
}
return $ret;
@@ -837,7 +837,7 @@ function system_update_135() {
$result = db_query("SELECT delta FROM {blocks} WHERE module = 'aggregator'");
while ($block = db_fetch_object($result)) {
list($type, $id) = explode(':', $block->delta);
- db_query("UPDATE {blocks} SET delta = '%s' WHERE module = 'aggregator' AND delta = '%s'", $type .'-'. $id, $block->delta);
+ db_query("UPDATE {blocks} SET delta = %s WHERE module = 'aggregator' AND delta = %s", $type .'-'. $id, $block->delta);
}
variable_del('update_135_done');
@@ -994,7 +994,7 @@ function system_update_145() {
// Initialize block data for default theme
$ret[] = update_sql("UPDATE {blocks} SET region = 'left' WHERE region = '0'");
$ret[] = update_sql("UPDATE {blocks} SET region = 'right' WHERE region = '1'");
- db_query("UPDATE {blocks} SET theme = '%s'", $default_theme);
+ db_query("UPDATE {blocks} SET theme = %s", $default_theme);
// Initialize block data for other enabled themes.
$themes = list_themes();
@@ -1095,7 +1095,7 @@ function system_update_146() {
// Move logs too.
$result = db_query("SELECT nid, log FROM {book} WHERE log != ''");
while ($row = db_fetch_object($result)) {
- db_query("UPDATE {node_revisions} SET log = '%s' WHERE vid = %d", $row->log, $row->nid);
+ db_query("UPDATE {node_revisions} SET log = %s WHERE vid = %d", $row->log, $row->nid);
}
$ret[] = update_sql("ALTER TABLE {book} DROP log");
@@ -1274,7 +1274,7 @@ function system_update_151() {
for ($i = 0; $i < count($links['text']); $i++) {
if ($links['text'][$i] != "" && $links['link'][$i] != "") {
$num_inserted ++;
- $node_unalias = db_fetch_array(db_query("SELECT src FROM {url_alias} WHERE dst = '%s'", $links['link'][$i]));
+ $node_unalias = db_fetch_array(db_query("SELECT src FROM {url_alias} WHERE dst = %s", $links['link'][$i]));
if (isset($node_unalias) && is_array($node_unalias)) {
$href = $node_unalias['src'];
}
@@ -1464,7 +1464,7 @@ function system_update_159() {
$revision['uid'] = $version['uid'];
$revision['timestamp'] = $version['timestamp'];
$vid++;
- $revisions_query[] = "(%d, %d, %d, '%s', '%s', '%s', '%s', %d, %d)";
+ $revisions_query[] = "(%d, %d, %d, %s, %s, %s, %s, %d, %d)";
$revisions_args = array_merge($revisions_args, array($node->nid, $vid, $revision['uid'], $revision['title'], $revision['body'], $revision['teaser'], $revision['log'], $revision['timestamp'], $revision['format']));
switch ($node->type) {
case 'forum':
@@ -1655,7 +1655,7 @@ function system_update_164() {
}
else {
// $polled is a host
- db_query("INSERT INTO {poll_votes} (nid, hostname) VALUES (%d, '%s')", $poll->nid, $polled);
+ db_query("INSERT INTO {poll_votes} (nid, hostname) VALUES (%d, %s)", $poll->nid, $polled);
}
}
}
@@ -1828,7 +1828,7 @@ function system_update_172() {
$thread[$i] = int2vancode((strlen($offset) - 1) * 10 + substr($offset, -1, 1));
}
$thread = implode('.', $thread) .'/';
- db_query("UPDATE {comments} SET thread = '%s' WHERE cid = %d", $thread, $comment->cid);
+ db_query("UPDATE {comments} SET thread = %s WHERE cid = %d", $thread, $comment->cid);
}
if ($_SESSION['system_update_172'] == $_SESSION['system_update_172_max']) {
@@ -1951,7 +1951,7 @@ function system_update_175() {
while ($path = db_fetch_object($result)) {
$path->src = urldecode($path->src);
$path->dst = urldecode($path->dst);
- db_query("UPDATE {url_alias} SET dst = '%s', src = '%s' WHERE pid = %d", $path->dst, $path->src, $path->pid);
+ db_query("UPDATE {url_alias} SET dst = %s, src = %s WHERE pid = %d", $path->dst, $path->src, $path->pid);
}
return array();
}
@@ -2068,7 +2068,7 @@ function system_update_178() {
$_SESSION['system_update_178_comment'] = $comment->cid;
$comment->comment = _update_178_url_fix($comment->comment);
if ($comment->comment !== FALSE) {
- db_query("UPDATE {comments} SET comment = '%s' WHERE cid = %d", $comment->comment, $comment->cid);
+ db_query("UPDATE {comments} SET comment = %s WHERE cid = %d", $comment->comment, $comment->cid);
}
}
}
@@ -2083,13 +2083,13 @@ function system_update_178() {
$node->teaser = _update_178_url_fix($node->teaser);
if ($node->teaser !== FALSE) {
- $set[] = "teaser = '%s'";
+ $set[] = "teaser = %s";
$args[] = $node->teaser;
}
$node->body = _update_178_url_fix($node->body);
if ($node->body !== FALSE) {
- $set[] = "body = '%s'";
+ $set[] = "body = %s";
$args[] = $node->body;
}
@@ -2140,7 +2140,7 @@ function system_update_179() {
while ($block = db_fetch_object($result)) {
$block->body = _update_178_url_fix($block->body);
if ($block->body !== FALSE) {
- db_query("UPDATE {boxes} SET body = '%s' WHERE bid = %d", $block->body, $block->bid);
+ db_query("UPDATE {boxes} SET body = %s WHERE bid = %d", $block->body, $block->bid);
}
}
@@ -2191,7 +2191,7 @@ function system_update_179() {
$_SESSION['system_update_179_fid'] = $field->fid;
$field->value = _update_178_url_fix($field->value);
if ($field->value !== FALSE) {
- db_query("UPDATE {profile_values} SET value = '%s' WHERE uid = %d AND fid = %d", $field->value, $field->uid, $field->fid);
+ db_query("UPDATE {profile_values} SET value = %s WHERE uid = %d AND fid = %d", $field->value, $field->uid, $field->fid);
}
$has_rows = TRUE;
}
@@ -2467,9 +2467,9 @@ function system_update_1005() {
$query = db_query('SELECT type FROM {node_type}');
while ($result = db_fetch_object($query)) {
$variable_name = 'minimum_'. $result->type .'_size';
- if ($value = db_fetch_object(db_query("SELECT value FROM {variable} WHERE name = '%s'", $variable_name))) {
+ if ($value = db_fetch_object(db_query("SELECT value FROM {variable} WHERE name = %s", $variable_name))) {
$value = (int) unserialize($value->value);
- db_query("UPDATE {node_type} SET min_word_count = %d, modified = %d WHERE type = '%s'", $value, 1, $result->type);
+ db_query("UPDATE {node_type} SET min_word_count = %d, modified = %d WHERE type = %s", $value, 1, $result->type);
variable_del($variable_name);
}
}
@@ -2494,7 +2494,7 @@ function system_update_1006() {
// Migrate custom block titles to new column.
$boxes = db_query('SELECT bid, title from {boxes}');
while ($box = db_fetch_object($boxes)) {
- db_query("UPDATE {blocks} SET title = '%s' WHERE delta = %d and module = 'block'", $box->title, $box->bid);
+ db_query("UPDATE {blocks} SET title = %s WHERE delta = %d and module = 'block'", $box->title, $box->bid);
}
switch ($GLOBALS['db_type']) {
case 'mysql':
@@ -3137,7 +3137,7 @@ function system_update_6018() {
$result = db_query("SELECT format FROM {filter_formats} WHERE name LIKE '%HTML%'");
while ($format = db_fetch_object($result)) {
$weight = db_result(db_query("SELECT MAX(weight) FROM {filters} WHERE format = %d", $format->format));
- db_query("INSERT INTO {filters} (format, module, delta, weight) VALUES (%d, '%s', %d, %d)", $format->format, 'filter', 3, max(10, $weight + 1));
+ db_query("INSERT INTO {filters} (format, module, delta, weight) VALUES (%d, %s, %d, %d)", $format->format, 'filter', 3, max(10, $weight + 1));
}
return $ret;
@@ -3395,7 +3395,7 @@ function system_update_6021() {
}
}
foreach ($menus as $menu) {
- db_query("INSERT INTO {menu_custom} (menu_name, title, description) VALUES ('%s', '%s', '%s')", $menu);
+ db_query("INSERT INTO {menu_custom} (menu_name, title, description) VALUES (%s, %s, %s)", $menu);
}
menu_rebuild();
$_SESSION['system_update_6021'] = 0;
@@ -3453,7 +3453,7 @@ function system_update_6021() {
}
$item['updated'] = TRUE;
// Save the link.
- if ($existing_item = db_fetch_array(db_query("SELECT mlid, menu_name FROM {menu_links} WHERE link_path = '%s' AND plid = '%s' AND link_title = '%s' AND menu_name = '%s'", $item['link_path'], $item['plid'], $item['link_title'], $item['menu_name']))) {
+ if ($existing_item = db_fetch_array(db_query("SELECT mlid, menu_name FROM {menu_links} WHERE link_path = %s AND plid = %s AND link_title = %s AND menu_name = %s", $item['link_path'], $item['plid'], $item['link_title'], $item['menu_name']))) {
$_SESSION['menu_item_map'][$item['mid']] = $existing_item;
}
else {
@@ -3468,7 +3468,7 @@ function system_update_6021() {
$item['menu_name'] = substr($item['menu_name'], 0, 20);
$original_menu_name = $item['menu_name'];
$i = 0;
- while (db_result(db_query("SELECT menu_name FROM {menu_custom} WHERE menu_name = '%s'", $item['menu_name']))) {
+ while (db_result(db_query("SELECT menu_name FROM {menu_custom} WHERE menu_name = %s", $item['menu_name']))) {
$item['menu_name'] = $original_menu_name . ($i++);
}
if ($item['path']) {
@@ -3478,7 +3478,7 @@ function system_update_6021() {
}
else {
// Add this menu to the list of custom menus.
- db_query("INSERT INTO {menu_custom} (menu_name, title, description) VALUES ('%s', '%s', '')", $item['menu_name'], $item['title']);
+ db_query("INSERT INTO {menu_custom} (menu_name, title, description) VALUES (%s, %s, '')", $item['menu_name'], $item['title']);
}
$_SESSION['menu_menu_map'][$item['mid']] = $item['menu_name'];
$_SESSION['menu_item_map'][$item['mid']] = FALSE;
diff -urpN drupal/modules/system/system.module drupal-6.x-dev-pre_pdo-0.3/modules/system/system.module
--- drupal/modules/system/system.module 2007-09-01 22:41:21.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/system/system.module 2007-09-03 02:23:34.000000000 +0800
@@ -477,13 +477,13 @@ function system_user($type, $edit, &$use
function system_admin_menu_block($item) {
$content = array();
if (!isset($item['mlid'])) {
- $item += db_fetch_array(db_query("SELECT mlid, menu_name FROM {menu_links} ml WHERE ml.router_path = '%s' AND module = 'system'", $item['path']));
+ $item += db_fetch_array(db_query("SELECT mlid, menu_name FROM {menu_links} ml WHERE ml.router_path = %s AND module = 'system'", $item['path']));
}
$result = db_query("
SELECT m.*, ml.*
FROM {menu_links} ml
INNER JOIN {menu_router} m ON ml.router_path = m.path
- WHERE ml.plid = %d AND ml.menu_name = '%s' AND hidden = 0", $item['mlid'], $item['menu_name']);
+ WHERE ml.plid = %d AND ml.menu_name = %s AND hidden = 0", $item['mlid'], $item['menu_name']);
while ($item = db_fetch_array($result)) {
_menu_link_translate($item);
if (!$item['access']) {
@@ -506,7 +506,7 @@ function system_admin_menu_block($item)
function system_admin_theme_submit($form, &$form_state) {
// If we're changing themes, make sure the theme has its blocks initialized.
if ($form_state['values']['admin_theme'] != variable_get('admin_theme', '0')) {
- $result = db_result(db_query("SELECT COUNT(*) FROM {blocks} WHERE theme = '%s'", $form_state['values']['admin_theme']));
+ $result = db_result(db_query("SELECT COUNT(*) FROM {blocks} WHERE theme = %s", $form_state['values']['admin_theme']));
if (!$result) {
system_initialize_theme_blocks($form_state['values']['admin_theme']);
}
@@ -595,7 +595,7 @@ function system_check_directory($form_el
*/
function system_get_files_database(&$files, $type) {
// Extract current files from database.
- $result = db_query("SELECT filename, name, type, status, throttle, schema_version FROM {system} WHERE type = '%s'", $type);
+ $result = db_query("SELECT filename, name, type, status, throttle, schema_version FROM {system} WHERE type = %s", $type);
while ($file = db_fetch_object($result)) {
if (isset($files[$file->name]) && is_object($files[$file->name])) {
$file->old_filename = $file->filename;
@@ -651,13 +651,13 @@ function system_theme_data() {
$engines = drupal_system_listing('\.engine$', 'themes/engines');
// Remove all theme engines from the system table
- db_query("DELETE FROM {system} WHERE type = '%s'", 'theme_engine');
+ db_query("DELETE FROM {system} WHERE type = %s", 'theme_engine');
foreach ($engines as $engine) {
// Insert theme engine into system table
drupal_get_filename('theme_engine', $engine->name, $engine->filename);
drupal_load('theme_engine', $engine->name);
- db_query("INSERT INTO {system} (name, type, filename, status, throttle, bootstrap) VALUES ('%s', '%s', '%s', %d, %d, %d)", $engine->name, 'theme_engine', $engine->filename, 1, 0, 0);
+ db_query("INSERT INTO {system} (name, type, filename, status, throttle, bootstrap) VALUES (%s, %s, %s, %d, %d, %d)", $engine->name, 'theme_engine', $engine->filename, 1, 0, 0);
}
$defaults = system_theme_default();
@@ -764,7 +764,7 @@ function system_theme_data() {
$theme->owner = '';
}
- db_query("INSERT INTO {system} (name, owner, info, type, filename, status, throttle, bootstrap) VALUES ('%s', '%s', '%s', '%s', '%s', %d, %d, %d)", $theme->name, $theme->owner, serialize($theme->info), 'theme', $theme->filename, isset($theme->status) ? $theme->status : 0, 0, 0);
+ db_query("INSERT INTO {system} (name, owner, info, type, filename, status, throttle, bootstrap) VALUES (%s, %s, %s, %s, %s, %d, %d, %d)", $theme->name, $theme->owner, serialize($theme->info), 'theme', $theme->filename, isset($theme->status) ? $theme->status : 0, 0, 0);
}
return $themes;
@@ -808,7 +808,7 @@ function system_region_list($theme_key)
static $list = array();
if (!array_key_exists($theme_key, $list)) {
- $info = unserialize(db_result(db_query("SELECT info FROM {system} WHERE type = 'theme' AND name = '%s'", $theme_key)));
+ $info = unserialize(db_result(db_query("SELECT info FROM {system} WHERE type = 'theme' AND name = %s", $theme_key)));
$list[$theme_key] = array_map('t', $info['regions']);
}
@@ -841,16 +841,16 @@ function system_default_region($theme) {
*/
function system_initialize_theme_blocks($theme) {
// Initialize theme's blocks if none already registered.
- if (!(db_result(db_query("SELECT COUNT(*) FROM {blocks} WHERE theme = '%s'", $theme)))) {
+ if (!(db_result(db_query("SELECT COUNT(*) FROM {blocks} WHERE theme = %s", $theme)))) {
$default_theme = variable_get('theme_default', 'garland');
$regions = system_region_list($theme);
- $result = db_query("SELECT * FROM {blocks} WHERE theme = '%s'", $default_theme);
+ $result = db_query("SELECT * FROM {blocks} WHERE theme = %s", $default_theme);
while ($block = db_fetch_array($result)) {
// If the region isn't supported by the theme, assign the block to the theme's default region.
if (!array_key_exists($block['region'], $regions)) {
$block['region'] = system_default_region($theme);
}
- db_query("INSERT INTO {blocks} (module, delta, theme, status, weight, region, visibility, pages, custom, throttle, cache) VALUES ('%s', '%s', '%s', %d, %d, '%s', %d, '%s', %d, %d, %d)",
+ db_query("INSERT INTO {blocks} (module, delta, theme, status, weight, region, visibility, pages, custom, throttle, cache) VALUES (%s, %s, %s, %d, %d, %s, %d, %s, %d, %d, %d)",
$block['module'], $block['delta'], $theme, $block['status'], $block['weight'], $block['region'], $block['visibility'], $block['pages'], $block['custom'], $block['throttle'], $block['cache']);
}
}
diff -urpN drupal/modules/taxonomy/taxonomy.module drupal-6.x-dev-pre_pdo-0.3/modules/taxonomy/taxonomy.module
--- drupal/modules/taxonomy/taxonomy.module 2007-08-19 04:03:19.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/taxonomy/taxonomy.module 2007-09-03 02:23:34.000000000 +0800
@@ -166,10 +166,10 @@ function taxonomy_save_vocabulary(&$edit
$edit['nodes'] = empty($edit['nodes']) ? array() : $edit['nodes'];
if (!empty($edit['vid']) && !empty($edit['name'])) {
- db_query("UPDATE {vocabulary} SET name = '%s', description = '%s', help = '%s', multiple = %d, required = %d, hierarchy = %d, relations = %d, tags = %d, weight = %d, module = '%s' WHERE vid = %d", $edit['name'], $edit['description'], $edit['help'], $edit['multiple'], $edit['required'], $edit['hierarchy'], $edit['relations'], $edit['tags'], $edit['weight'], isset($edit['module']) ? $edit['module'] : 'taxonomy', $edit['vid']);
+ db_query("UPDATE {vocabulary} SET name = %s, description = %s, help = %s, multiple = %d, required = %d, hierarchy = %d, relations = %d, tags = %d, weight = %d, module = %s WHERE vid = %d", $edit['name'], $edit['description'], $edit['help'], $edit['multiple'], $edit['required'], $edit['hierarchy'], $edit['relations'], $edit['tags'], $edit['weight'], isset($edit['module']) ? $edit['module'] : 'taxonomy', $edit['vid']);
db_query("DELETE FROM {vocabulary_node_types} WHERE vid = %d", $edit['vid']);
foreach ($edit['nodes'] as $type => $selected) {
- db_query("INSERT INTO {vocabulary_node_types} (vid, type) VALUES (%d, '%s')", $edit['vid'], $type);
+ db_query("INSERT INTO {vocabulary_node_types} (vid, type) VALUES (%d, %s)", $edit['vid'], $type);
}
module_invoke_all('taxonomy', 'update', 'vocabulary', $edit);
$status = SAVED_UPDATED;
@@ -178,10 +178,10 @@ function taxonomy_save_vocabulary(&$edit
$status = taxonomy_del_vocabulary($edit['vid']);
}
else {
- db_query("INSERT INTO {vocabulary} (name, description, help, multiple, required, hierarchy, relations, tags, weight, module) VALUES ('%s', '%s', '%s', %d, %d, %d, %d, %d, %d, '%s')", $edit['name'], isset($edit['description']) ? $edit['description'] : NULL, isset($edit['help']) ? $edit['help'] : NULL, $edit['multiple'], $edit['required'], $edit['hierarchy'], $edit['relations'], isset($edit['tags']) ? $edit['tags'] : NULL, $edit['weight'], isset($edit['module']) ? $edit['module'] : 'taxonomy');
+ db_query("INSERT INTO {vocabulary} (name, description, help, multiple, required, hierarchy, relations, tags, weight, module) VALUES (%s, %s, %s, %d, %d, %d, %d, %d, %d, %s)", $edit['name'], isset($edit['description']) ? $edit['description'] : NULL, isset($edit['help']) ? $edit['help'] : NULL, $edit['multiple'], $edit['required'], $edit['hierarchy'], $edit['relations'], isset($edit['tags']) ? $edit['tags'] : NULL, $edit['weight'], isset($edit['module']) ? $edit['module'] : 'taxonomy');
$edit['vid'] = db_last_insert_id('vocabulary', 'vid');
foreach ($edit['nodes'] as $type => $selected) {
- db_query("INSERT INTO {vocabulary_node_types} (vid, type) VALUES (%d, '%s')", $edit['vid'], $type);
+ db_query("INSERT INTO {vocabulary_node_types} (vid, type) VALUES (%d, %s)", $edit['vid'], $type);
}
module_invoke_all('taxonomy', 'insert', 'vocabulary', $edit);
$status = SAVED_NEW;
@@ -231,7 +231,7 @@ function taxonomy_save_term(&$form_value
);
if (!empty($form_values['tid']) && $form_values['name']) {
- db_query("UPDATE {term_data} SET name = '%s', description = '%s', weight = %d WHERE tid = %d", $form_values['name'], $form_values['description'], $form_values['weight'], $form_values['tid']);
+ db_query("UPDATE {term_data} SET name = %s, description = %s, weight = %d WHERE tid = %d", $form_values['name'], $form_values['description'], $form_values['weight'], $form_values['tid']);
$hook = 'update';
$status = SAVED_UPDATED;
}
@@ -239,7 +239,7 @@ function taxonomy_save_term(&$form_value
return taxonomy_del_term($form_values['tid']);
}
else {
- db_query("INSERT INTO {term_data} (name, description, vid, weight) VALUES ('%s', '%s', %d, %d)", $form_values['name'], $form_values['description'], $form_values['vid'], $form_values['weight']);
+ db_query("INSERT INTO {term_data} (name, description, vid, weight) VALUES (%s, %s, %d, %d)", $form_values['name'], $form_values['description'], $form_values['vid'], $form_values['weight']);
$form_values['tid'] = db_last_insert_id('term_data', 'tid');
$hook = 'insert';
$status = SAVED_NEW;
@@ -278,7 +278,7 @@ function taxonomy_save_term(&$form_value
if (!empty($form_values['synonyms'])) {
foreach (explode ("\n", str_replace("\r", '', $form_values['synonyms'])) as $synonym) {
if ($synonym) {
- db_query("INSERT INTO {term_synonym} (tid, name) VALUES (%d, '%s')", $form_values['tid'], chop($synonym));
+ db_query("INSERT INTO {term_synonym} (tid, name) VALUES (%d, %s)", $form_values['tid'], chop($synonym));
}
}
}
@@ -378,7 +378,7 @@ function taxonomy_form_all($free_tags =
*/
function taxonomy_get_vocabularies($type = NULL) {
if ($type) {
- $result = db_query(db_rewrite_sql("SELECT v.vid, v.*, n.type FROM {vocabulary} v LEFT JOIN {vocabulary_node_types} n ON v.vid = n.vid WHERE n.type = '%s' ORDER BY v.weight, v.name", 'v', 'vid'), $type);
+ $result = db_query(db_rewrite_sql("SELECT v.vid, v.*, n.type FROM {vocabulary} v LEFT JOIN {vocabulary_node_types} n ON v.vid = n.vid WHERE n.type = %s ORDER BY v.weight, v.name", 'v', 'vid'), $type);
}
else {
$result = db_query(db_rewrite_sql('SELECT v.*, n.type FROM {vocabulary} v LEFT JOIN {vocabulary_node_types} n ON v.vid = n.vid ORDER BY v.weight, v.name', 'v', 'vid'));
@@ -411,7 +411,7 @@ function taxonomy_form_alter(&$form, $fo
$terms = $node->taxonomy;
}
- $c = db_query(db_rewrite_sql("SELECT v.* FROM {vocabulary} v INNER JOIN {vocabulary_node_types} n ON v.vid = n.vid WHERE n.type = '%s' ORDER BY v.weight, v.name", 'v', 'vid'), $node->type);
+ $c = db_query(db_rewrite_sql("SELECT v.* FROM {vocabulary} v INNER JOIN {vocabulary_node_types} n ON v.vid = n.vid WHERE n.type = %s ORDER BY v.weight, v.name", 'v', 'vid'), $node->type);
while ($vocabulary = db_fetch_object($c)) {
if ($vocabulary->tags) {
@@ -589,10 +589,10 @@ function taxonomy_node_delete_revision($
*/
function taxonomy_node_type($op, $info) {
if ($op == 'update' && !empty($info->old_type) && $info->type != $info->old_type) {
- db_query("UPDATE {vocabulary_node_types} SET type = '%s' WHERE type = '%s'", $info->type, $info->old_type);
+ db_query("UPDATE {vocabulary_node_types} SET type = %s WHERE type = %s", $info->type, $info->old_type);
}
elseif ($op == 'delete') {
- db_query("DELETE FROM {vocabulary_node_types} WHERE type = '%s'", $info->type);
+ db_query("DELETE FROM {vocabulary_node_types} WHERE type = %s", $info->type);
}
}
@@ -745,7 +745,7 @@ function taxonomy_get_synonyms($tid) {
* Return the term object that has the given string as a synonym.
*/
function taxonomy_get_synonym_root($synonym) {
- return db_fetch_object(db_query("SELECT * FROM {term_synonym} s, {term_data} t WHERE t.tid = s.tid AND s.name = '%s'", $synonym));
+ return db_fetch_object(db_query("SELECT * FROM {term_synonym} s, {term_data} t WHERE t.tid = s.tid AND s.name = %s", $synonym));
}
/**
@@ -771,7 +771,7 @@ function taxonomy_term_count_nodes($tid,
$result = db_query(db_rewrite_sql('SELECT t.tid, COUNT(n.nid) AS c FROM {term_node} t INNER JOIN {node} n ON t.vid = n.vid WHERE n.status = 1 GROUP BY t.tid'));
}
else {
- $result = db_query(db_rewrite_sql("SELECT t.tid, COUNT(n.nid) AS c FROM {term_node} t INNER JOIN {node} n ON t.vid = n.vid WHERE n.status = 1 AND n.type = '%s' GROUP BY t.tid"), $type);
+ $result = db_query(db_rewrite_sql("SELECT t.tid, COUNT(n.nid) AS c FROM {term_node} t INNER JOIN {node} n ON t.vid = n.vid WHERE n.status = 1 AND n.type = %s GROUP BY t.tid"), $type);
}
while ($term = db_fetch_object($result)) {
$count[$type][$term->tid] = $term->c;
@@ -821,7 +821,7 @@ function _taxonomy_term_children($tid) {
* An array of matching term objects.
*/
function taxonomy_get_term_by_name($name) {
- $db_result = db_query(db_rewrite_sql("SELECT t.tid, t.* FROM {term_data} t WHERE LOWER(t.name) LIKE LOWER('%s')", 't', 'tid'), trim($name));
+ $db_result = db_query(db_rewrite_sql("SELECT t.tid, t.* FROM {term_data} t WHERE LOWER(t.name) LIKE LOWER(%s)", 't', 'tid'), trim($name));
$result = array();
while ($term = db_fetch_object($db_result)) {
$result[] = $term;
diff -urpN drupal/modules/taxonomy/taxonomy.pages.inc drupal-6.x-dev-pre_pdo-0.3/modules/taxonomy/taxonomy.pages.inc
--- drupal/modules/taxonomy/taxonomy.pages.inc 2007-07-31 04:33:48.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/taxonomy/taxonomy.pages.inc 2007-09-03 02:23:34.000000000 +0800
@@ -80,7 +80,7 @@ function taxonomy_autocomplete($vid, $st
$last_string = trim(array_pop($array));
$matches = array();
if ($last_string != '') {
- $result = db_query_range(db_rewrite_sql("SELECT t.tid, t.name FROM {term_data} t WHERE t.vid = %d AND LOWER(t.name) LIKE LOWER('%%%s%%')", 't', 'tid'), $vid, $last_string, 0, 10);
+ $result = db_query_range(db_rewrite_sql("SELECT t.tid, t.name FROM {term_data} t WHERE t.vid = %d AND LOWER(t.name) LIKE LOWER(%s)", 't', 'tid'), $vid, "%" . $last_string . "%", 0, 10);
$prefix = count($array) ? implode(', ', $array) .', ' : '';
diff -urpN drupal/modules/upload/upload.module drupal-6.x-dev-pre_pdo-0.3/modules/upload/upload.module
--- drupal/modules/upload/upload.module 2007-09-02 22:26:26.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/upload/upload.module 2007-09-03 02:23:34.000000000 +0800
@@ -149,7 +149,7 @@ function upload_file_download($file) {
return -1;
}
$file = file_create_path($file);
- $result = db_query("SELECT f.* FROM {files} f INNER JOIN {upload} u ON f.fid = u.fid WHERE filepath = '%s'", $file);
+ $result = db_query("SELECT f.* FROM {files} f INNER JOIN {upload} u ON f.fid = u.fid WHERE filepath = %s", $file);
if ($file = db_fetch_object($result)) {
return array(
'Content-Type: '. $file->filemime,
@@ -400,12 +400,12 @@ function upload_save(&$node) {
// Create a new revision, or associate a new file needed.
if (!empty($node->old_vid) || isset($_SESSION['upload_files'][$fid])) {
- db_query("INSERT INTO {upload} (fid, nid, vid, list, description) VALUES (%d, %d, %d, %d, '%s')", $file->fid, $node->nid, $node->vid, $file->list, $file->description);
+ db_query("INSERT INTO {upload} (fid, nid, vid, list, description) VALUES (%d, %d, %d, %d, %s)", $file->fid, $node->nid, $node->vid, $file->list, $file->description);
file_set_status($file, FILE_STATUS_PERMANENT);
}
// Update existing revision.
else {
- db_query("UPDATE {upload} SET list = %d, description = '%s' WHERE fid = %d AND vid = %d", $file->list, $file->description, $file->fid, $node->vid);
+ db_query("UPDATE {upload} SET list = %d, description = %s WHERE fid = %d AND vid = %d", $file->list, $file->description, $file->fid, $node->vid);
file_set_status($file, FILE_STATUS_PERMANENT);
}
}
diff -urpN drupal/modules/user/user.module drupal-6.x-dev-pre_pdo-0.3/modules/user/user.module
--- drupal/modules/user/user.module 2007-09-02 20:46:21.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/modules/user/user.module 2007-09-03 02:23:34.000000000 +0800
@@ -70,7 +70,7 @@ function user_theme() {
}
function user_external_load($authname) {
- $result = db_query("SELECT uid FROM {authmap} WHERE authname = '%s'", $authname);
+ $result = db_query("SELECT uid FROM {authmap} WHERE authname = %s", $authname);
if ($user = db_fetch_array($result)) {
return user_load($user);
@@ -141,11 +141,11 @@ function user_load($array = array()) {
$params[] = $value;
}
else if ($key == 'pass') {
- $query[] = "pass = '%s'";
+ $query[] = "pass = %s";
$params[] = md5($value);
}
else {
- $query[]= "LOWER($key) = LOWER('%s')";
+ $query[]= "LOWER($key) = LOWER(%s)";
$params[] = $value;
}
}
@@ -202,13 +202,13 @@ function user_save($account, $array = ar
$data = unserialize(db_result(db_query('SELECT data FROM {users} WHERE uid = %d', $account->uid)));
foreach ($array as $key => $value) {
if ($key == 'pass' && !empty($value)) {
- $query .= "$key = '%s', ";
+ $query .= "$key = %s, ";
$v[] = md5($value);
}
else if ((substr($key, 0, 4) !== 'auth') && ($key != 'pass')) {
if (in_array($key, $user_fields)) {
// Save standard fields
- $query .= "$key = '%s', ";
+ $query .= "$key = %s, ";
$v[] = $value;
}
else if ($key != 'roles') {
@@ -222,7 +222,7 @@ function user_save($account, $array = ar
}
}
}
- $query .= "data = '%s' ";
+ $query .= "data = %s ";
$v[] = serialize($data);
db_query("UPDATE {users} SET $query WHERE uid = %d", array_merge($v, array($account->uid)));
@@ -267,7 +267,7 @@ function user_save($account, $array = ar
case 'pass':
$fields[] = $key;
$values[] = md5($value);
- $s[] = "'%s'";
+ $s[] = "%s";
break;
case 'mode': case 'sort': case 'timezone':
case 'threshold': case 'created': case 'access':
@@ -280,7 +280,7 @@ function user_save($account, $array = ar
if (substr($key, 0, 4) !== 'auth' && in_array($key, $user_fields)) {
$fields[] = $key;
$values[] = $value;
- $s[] = "'%s'";
+ $s[] = "%s";
}
break;
}
@@ -300,7 +300,7 @@ function user_save($account, $array = ar
$data[$key] = $value;
}
}
- db_query("UPDATE {users} SET data = '%s' WHERE uid = %d", serialize($data), $user->uid);
+ db_query("UPDATE {users} SET data = %s WHERE uid = %d", serialize($data), $user->uid);
// Save user roles (delete just to be safe).
if (isset($array['roles']) && is_array($array['roles'])) {
@@ -463,7 +463,7 @@ function user_access($string, $account =
* @return boolean TRUE for blocked users, FALSE for active
*/
function user_is_blocked($name) {
- $deny = db_fetch_object(db_query("SELECT name FROM {users} WHERE status = 0 AND name = LOWER('%s')", $name));
+ $deny = db_fetch_object(db_query("SELECT name FROM {users} WHERE status = 0 AND name = LOWER(%s)", $name));
return $deny;
}
@@ -520,13 +520,13 @@ function user_search($op = 'search', $ke
$keys = preg_replace('!\*+!', '%', $keys);
if (user_access('administer users')) {
// Administrators can also search in the otherwise private email field.
- $result = pager_query("SELECT name, uid, mail FROM {users} WHERE LOWER(name) LIKE LOWER('%%%s%%') OR LOWER(mail) LIKE LOWER('%%%s%%')", 15, 0, NULL, $keys, $keys);
+ $result = pager_query("SELECT name, uid, mail FROM {users} WHERE LOWER(name) LIKE LOWER(%s) OR LOWER(mail) LIKE LOWER(%s)", 15, 0, NULL, "%" . $keys . "%", "%" . $keys . "%");
while ($account = db_fetch_object($result)) {
$find[] = array('title' => $account->name .' ('. $account->mail .')', 'link' => url('user/'. $account->uid, array('absolute' => TRUE)));
}
}
else {
- $result = pager_query("SELECT name, uid FROM {users} WHERE LOWER(name) LIKE LOWER('%%%s%%')", 15, 0, NULL, $keys);
+ $result = pager_query("SELECT name, uid FROM {users} WHERE LOWER(name) LIKE LOWER(%s)", 15, 0, NULL, "%" . $keys . "%");
while ($account = db_fetch_object($result)) {
$find[] = array('title' => $account->name, 'link' => url('user/'. $account->uid, array('absolute' => TRUE)));
}
@@ -1105,7 +1105,7 @@ function user_current_to_arg($arg) {
* array of modules and DA names. Called at external login.
*/
function user_get_authmaps($authname = NULL) {
- $result = db_query("SELECT authname, module FROM {authmap} WHERE authname = '%s'", $authname);
+ $result = db_query("SELECT authname, module FROM {authmap} WHERE authname = %s", $authname);
$authmaps = array();
$has_rows = FALSE;
while ($authmap = db_fetch_object($result)) {
@@ -1119,13 +1119,13 @@ function user_set_authmaps($account, $au
foreach ($authmaps as $key => $value) {
$module = explode('_', $key, 2);
if ($value) {
- db_query("UPDATE {authmap} SET authname = '%s' WHERE uid = %d AND module = '%s'", $value, $account->uid, $module[1]);
+ db_query("UPDATE {authmap} SET authname = %s WHERE uid = %d AND module = %s", $value, $account->uid, $module[1]);
if (!db_affected_rows()) {
- db_query("INSERT INTO {authmap} (authname, uid, module) VALUES ('%s', %d, '%s')", $value, $account->uid, $module[1]);
+ db_query("INSERT INTO {authmap} (authname, uid, module) VALUES (%s, %d, %s)", $value, $account->uid, $module[1]);
}
}
else {
- db_query("DELETE FROM {authmap} WHERE uid = %d AND module = '%s'", $account->uid, $module[1]);
+ db_query("DELETE FROM {authmap} WHERE uid = %d AND module = %s", $account->uid, $module[1]);
}
}
}
@@ -1660,7 +1660,7 @@ function _user_edit_validate($uid, &$edi
if ($error = user_validate_name($edit['name'])) {
form_set_error('name', $error);
}
- else if (db_result(db_query("SELECT COUNT(*) FROM {users} WHERE uid != %d AND LOWER(name) = LOWER('%s')", $uid, $edit['name'])) > 0) {
+ else if (db_result(db_query("SELECT COUNT(*) FROM {users} WHERE uid != %d AND LOWER(name) = LOWER(%s)", $uid, $edit['name'])) > 0) {
form_set_error('name', t('The name %name is already taken.', array('%name' => $edit['name'])));
}
else if (drupal_is_denied('user', $edit['name'])) {
@@ -1672,7 +1672,7 @@ function _user_edit_validate($uid, &$edi
if ($error = user_validate_mail($edit['mail'])) {
form_set_error('mail', $error);
}
- else if (db_result(db_query("SELECT COUNT(*) FROM {users} WHERE uid != %d AND LOWER(mail) = LOWER('%s')", $uid, $edit['mail'])) > 0) {
+ else if (db_result(db_query("SELECT COUNT(*) FROM {users} WHERE uid != %d AND LOWER(mail) = LOWER(%s)", $uid, $edit['mail'])) > 0) {
form_set_error('mail', t('The e-mail address %email is already registered. Have you forgotten your password?', array('%email' => $edit['mail'], '@password' => url('user/password'))));
}
else if (drupal_is_denied('mail', $edit['mail'])) {
@@ -2000,7 +2000,7 @@ function user_admin_access_add($mask = N
form_set_error('mask', t('You must enter a mask.'));
}
else {
- db_query("INSERT INTO {access} (mask, type, status) VALUES ('%s', '%s', %d)", $edit['mask'], $edit['type'], $edit['status']);
+ db_query("INSERT INTO {access} (mask, type, status) VALUES (%s, %s, %d)", $edit['mask'], $edit['type'], $edit['status']);
$aid = db_last_insert_id('access', 'aid');
drupal_set_message(t('The access rule has been added.'));
drupal_goto('admin/user/rules');
@@ -2047,7 +2047,7 @@ function user_admin_access_edit($aid = 0
form_set_error('mask', t('You must enter a mask.'));
}
else {
- db_query("UPDATE {access} SET mask = '%s', type = '%s', status = '%s' WHERE aid = %d", $edit['mask'], $edit['type'], $edit['status'], $aid);
+ db_query("UPDATE {access} SET mask = %s, type = %s, status = %s WHERE aid = %d", $edit['mask'], $edit['type'], $edit['status'], $aid);
drupal_set_message(t('The access rule has been saved.'));
drupal_goto('admin/user/rules');
}
@@ -2118,7 +2118,7 @@ function user_roles($membersonly = 0, $p
$roles = array();
if ($permission) {
- $result = db_query("SELECT r.* FROM {role} r INNER JOIN {permission} p ON r.rid = p.rid WHERE p.perm LIKE '%%%s%%' ORDER BY r.name", $permission);
+ $result = db_query("SELECT r.* FROM {role} r INNER JOIN {permission} p ON r.rid = p.rid WHERE p.perm LIKE %s ORDER BY r.name", "%" . $permission . "%");
}
else {
$result = db_query('SELECT * FROM {role} ORDER BY name');
@@ -2234,7 +2234,7 @@ function user_admin_perm_submit($form, &
db_query('DELETE FROM {permission} WHERE rid = %d', $role->rid);
$form_state['values'][$role->rid] = array_filter($form_state['values'][$role->rid]);
if (count($form_state['values'][$role->rid])) {
- db_query("INSERT INTO {permission} (rid, perm) VALUES (%d, '%s')", $role->rid, implode(', ', array_keys($form_state['values'][$role->rid])));
+ db_query("INSERT INTO {permission} (rid, perm) VALUES (%d, %s)", $role->rid, implode(', ', array_keys($form_state['values'][$role->rid])));
}
}
}
@@ -2298,12 +2298,12 @@ function user_admin_role() {
function user_admin_role_validate($form, &$form_state) {
if ($form_state['values']['name']) {
if ($form_state['values']['op'] == t('Save role')) {
- if (db_result(db_query("SELECT COUNT(*) FROM {role} WHERE name = '%s' AND rid != %d", $form_state['values']['name'], $form_state['values']['rid']))) {
+ if (db_result(db_query("SELECT COUNT(*) FROM {role} WHERE name = %s AND rid != %d", $form_state['values']['name'], $form_state['values']['rid']))) {
form_set_error('name', t('The role name %name already exists. Please choose another role name.', array('%name' => $form_state['values']['name'])));
}
}
else if ($form_state['values']['op'] == t('Add role')) {
- if (db_result(db_query("SELECT COUNT(*) FROM {role} WHERE name = '%s'", $form_state['values']['name']))) {
+ if (db_result(db_query("SELECT COUNT(*) FROM {role} WHERE name = %s", $form_state['values']['name']))) {
form_set_error('name', t('The role name %name already exists. Please choose another role name.', array('%name' => $form_state['values']['name'])));
}
}
@@ -2315,7 +2315,7 @@ function user_admin_role_validate($form,
function user_admin_role_submit($form, &$form_state) {
if ($form_state['values']['op'] == t('Save role')) {
- db_query("UPDATE {role} SET name = '%s' WHERE rid = %d", $form_state['values']['name'], $form_state['values']['rid']);
+ db_query("UPDATE {role} SET name = %s WHERE rid = %d", $form_state['values']['name'], $form_state['values']['rid']);
drupal_set_message(t('The role has been renamed.'));
}
else if ($form_state['values']['op'] == t('Delete role')) {
@@ -2327,7 +2327,7 @@ function user_admin_role_submit($form, &
drupal_set_message(t('The role has been deleted.'));
}
else if ($form_state['values']['op'] == t('Add role')) {
- db_query("INSERT INTO {role} (name) VALUES ('%s')", $form_state['values']['name']);
+ db_query("INSERT INTO {role} (name) VALUES (%s)", $form_state['values']['name']);
drupal_set_message(t('The role has been added.'));
}
$form_state['redirect'] = 'admin/user/roles';
@@ -3003,7 +3003,7 @@ function _user_forms(&$edit, $account, $
function user_autocomplete($string = '') {
$matches = array();
if ($string) {
- $result = db_query_range("SELECT name FROM {users} WHERE LOWER(name) LIKE LOWER('%s%%')", $string, 0, 10);
+ $result = db_query_range("SELECT name FROM {users} WHERE LOWER(name) LIKE LOWER(%s)", $string . "%", 0, 10);
while ($user = db_fetch_object($result)) {
$matches[$user->name] = check_plain($user->name);
}
@@ -3035,7 +3035,7 @@ function user_filters() {
if ($permissions = module_invoke($module, 'perm')) {
asort($permissions);
foreach ($permissions as $permission) {
- $options["$module $t_module"][$permission] = t($permission);
+ $options["$module $t_module"][$permission] = "%" . t($permission) . "%";
}
}
}
@@ -3043,7 +3043,7 @@ function user_filters() {
$filters['permission'] = array(
'title' => t('permission'),
'join' => 'LEFT JOIN {permission} p ON ur.rid = p.rid',
- 'where' => " ((p.perm IS NOT NULL AND p.perm LIKE '%%%s%%') OR u.uid = 1) ",
+ 'where' => " ((p.perm IS NOT NULL AND p.perm LIKE %s) OR u.uid = 1) ",
'options' => $options,
);
@@ -3462,6 +3462,6 @@ function user_block_user_action(&$object
* Adds an access rule that blocks the user's IP address.
*/
function user_block_ip_action() {
- db_query("INSERT INTO {access} (mask, type, status) VALUES ('%s', '%s', %d)", $_SERVER['REMOTE_ADDR'], 'host', 0);
+ db_query("INSERT INTO {access} (mask, type, status) VALUES (%s, %s, %d)", $_SERVER['REMOTE_ADDR'], 'host', 0);
watchdog('action', 'Banned IP address %ip', array('%ip' => $_SERVER['REMOTE_ADDR']));
}
diff -urpN drupal/update.php drupal-6.x-dev-pre_pdo-0.3/update.php
--- drupal/update.php 2007-09-02 23:19:16.000000000 +0800
+++ drupal-6.x-dev-pre_pdo-0.3/update.php 2007-09-03 02:23:34.000000000 +0800
@@ -494,7 +494,7 @@ function update_fix_system_table() {
foreach ($core_modules as $module) {
$old_path = "modules/$module.module";
$new_path = "modules/$module/$module.module";
- db_query("UPDATE {system} SET filename = '%s' WHERE filename = '%s'", $new_path, $old_path);
+ db_query("UPDATE {system} SET filename = %s WHERE filename = %s", $new_path, $old_path);
}
$row = db_fetch_object(db_query_range('SELECT * FROM {system}', 0, 1));
if (!isset($row->weight)) {