Index: handlers/views_handler_argument_numeric.inc =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/views/handlers/views_handler_argument_numeric.inc,v retrieving revision 1.1 diff -u -p -r1.1 views_handler_argument_numeric.inc --- handlers/views_handler_argument_numeric.inc 3 Sep 2008 19:21:28 -0000 1.1 +++ handlers/views_handler_argument_numeric.inc 3 Oct 2008 20:45:42 -0000 @@ -83,8 +83,7 @@ class views_handler_argument_numeric ext if (count($this->value) > 1) { $operator = empty($this->options['not']) ? 'IN' : 'NOT IN'; - $placeholders = implode(', ', array_fill(0, sizeof($this->value), '%d')); - $this->query->add_where(0, "$this->table_alias.$this->real_field $operator ($placeholders)", $this->value); + $this->query->add_where(0, "$this->table_alias.$this->real_field $operator (" . db_placeholders($this->value) .")", $this->value); } else { $operator = empty($this->options['not']) ? '=' : '!='; Index: modules/comment/views_handler_field_node_new_comments.inc =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/views/modules/comment/views_handler_field_node_new_comments.inc,v retrieving revision 1.2 diff -u -p -r1.2 views_handler_field_node_new_comments.inc --- modules/comment/views_handler_field_node_new_comments.inc 22 Sep 2008 21:59:39 -0000 1.2 +++ modules/comment/views_handler_field_node_new_comments.inc 3 Oct 2008 20:45:43 -0000 @@ -58,7 +58,7 @@ class views_handler_field_node_new_comme } if ($nids) { - $result = db_query("SELECT n.nid, COUNT(c.cid) as num_comments FROM {node} n INNER JOIN {comments} c ON n.nid = c.nid LEFT JOIN {history} h ON h.nid = n.nid AND h.uid = %d WHERE n.nid IN (" . implode(', ', $nids) . ") AND c.timestamp > GREATEST(COALESCE(h.timestamp, %d), %d) AND c.status = %d GROUP BY n.nid ", $user->uid, NODE_NEW_LIMIT, NODE_NEW_LIMIT, COMMENT_PUBLISHED); + $result = db_query("SELECT n.nid, COUNT(c.cid) as num_comments FROM {node} n INNER JOIN {comments} c ON n.nid = c.nid LEFT JOIN {history} h ON h.nid = n.nid AND h.uid = %d WHERE n.nid IN (" . db_placeholders($nids) . ") AND c.timestamp > GREATEST(COALESCE(h.timestamp, %d), %d) AND c.status = %d GROUP BY n.nid ", $user->uid, $nids, NODE_NEW_LIMIT, NODE_NEW_LIMIT, COMMENT_PUBLISHED); while ($node = db_fetch_object($result)) { foreach ($ids[$node->nid] as $id) { Index: modules/comment/views_plugin_row_comment_view.inc =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/views/modules/comment/views_plugin_row_comment_view.inc,v retrieving revision 1.1 diff -u -p -r1.1 views_plugin_row_comment_view.inc --- modules/comment/views_plugin_row_comment_view.inc 3 Sep 2008 19:21:29 -0000 1.1 +++ modules/comment/views_plugin_row_comment_view.inc 3 Oct 2008 20:45:43 -0000 @@ -32,7 +32,7 @@ class views_plugin_row_comment_view exte } if (count($cids) > 1) { - $placeholder = " IN (" . implode(', ', array_fill(0, sizeof($cids), '%d')) . ")"; + $placeholder = " IN (" . db_placeholders($cids) . ")"; } else { $placeholder = " = %d"; Index: modules/node/views_handler_argument_node_nid.inc =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/views/modules/node/views_handler_argument_node_nid.inc,v retrieving revision 1.1 diff -u -p -r1.1 views_handler_argument_node_nid.inc --- modules/node/views_handler_argument_node_nid.inc 3 Sep 2008 19:21:29 -0000 1.1 +++ modules/node/views_handler_argument_node_nid.inc 3 Oct 2008 20:45:43 -0000 @@ -14,9 +14,8 @@ class views_handler_argument_node_nid ex */ function title_query() { $titles = array(); - $placeholders = implode(', ', array_fill(0, sizeof($this->value), '%d')); - $result = db_query("SELECT n.title FROM {node} n WHERE n.nid IN ($placeholders)", $this->value); + $result = db_query("SELECT n.title FROM {node} n WHERE n.nid IN (" . db_placeholders($this->value) . ")", $this->value); while ($term = db_fetch_object($result)) { $titles[] = check_plain($term->title); } Index: modules/node/views_handler_argument_node_vid.inc =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/views/modules/node/views_handler_argument_node_vid.inc,v retrieving revision 1.1 diff -u -p -r1.1 views_handler_argument_node_vid.inc --- modules/node/views_handler_argument_node_vid.inc 3 Sep 2008 19:21:29 -0000 1.1 +++ modules/node/views_handler_argument_node_vid.inc 3 Oct 2008 20:45:43 -0000 @@ -16,9 +16,8 @@ class views_handler_argument_node_vid ex */ function title_query() { $titles = array(); - $placeholders = implode(', ', array_fill(0, sizeof($this->value), '%d')); - $result = db_query("SELECT n.title FROM {node_revisions} n WHERE n.nid IN ($placeholders)", $this->value); + $result = db_query("SELECT n.title FROM {node_revisions} n WHERE n.nid IN (" . db_placeholders($this->value) . ")", $this->value); while ($term = db_fetch_object($result)) { $titles[] = check_plain($term->title); } Index: modules/node/views_plugin_argument_validate_node.inc =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/views/modules/node/views_plugin_argument_validate_node.inc,v retrieving revision 1.1 diff -u -p -r1.1 views_plugin_argument_validate_node.inc --- modules/node/views_plugin_argument_validate_node.inc 3 Sep 2008 19:21:29 -0000 1.1 +++ modules/node/views_plugin_argument_validate_node.inc 3 Oct 2008 20:45:43 -0000 @@ -93,12 +93,10 @@ class views_plugin_argument_validate_nod return FALSE; } - $placeholders = implode(', ', array_fill(0, sizeof($nids->value), '%d')); - $test = drupal_map_assoc($nids->value); $titles = array(); - $result = db_query("SELECT * FROM {node} WHERE nid IN ($placeholders)", $nids->value); + $result = db_query("SELECT * FROM {node} WHERE nid IN (". db_placeholders($nids->value) . ")", $nids->value); while ($node = db_fetch_object($result)) { if ($types && empty($types[$node->type])) { return FALSE; Index: modules/taxonomy/views_handler_argument_term_node_tid.inc =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/views/modules/taxonomy/views_handler_argument_term_node_tid.inc,v retrieving revision 1.1 diff -u -p -r1.1 views_handler_argument_term_node_tid.inc --- modules/taxonomy/views_handler_argument_term_node_tid.inc 3 Sep 2008 19:21:30 -0000 1.1 +++ modules/taxonomy/views_handler_argument_term_node_tid.inc 3 Oct 2008 20:45:43 -0000 @@ -30,9 +30,8 @@ class views_handler_argument_term_node_t function title_query() { $titles = array(); - $placeholders = implode(', ', array_fill(0, sizeof($this->value), '%d')); - $result = db_query("SELECT name FROM {term_data} WHERE tid IN ($placeholders)", $this->value); + $result = db_query("SELECT name FROM {term_data} WHERE tid IN (" . db_placeholders($this->value) . ")", $this->value); while ($term = db_fetch_object($result)) { $titles[] = check_plain($term->name); } Index: modules/taxonomy/views_handler_argument_term_node_tid_depth.inc =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/views/modules/taxonomy/views_handler_argument_term_node_tid_depth.inc,v retrieving revision 1.1 diff -u -p -r1.1 views_handler_argument_term_node_tid_depth.inc --- modules/taxonomy/views_handler_argument_term_node_tid_depth.inc 3 Sep 2008 19:21:30 -0000 1.1 +++ modules/taxonomy/views_handler_argument_term_node_tid_depth.inc 3 Oct 2008 20:45:43 -0000 @@ -77,7 +77,7 @@ class views_handler_argument_term_node_t } if (count($tids->value) > 1) { - $placeholder = " IN (" . implode(', ', array_fill(0, sizeof($tids->value), '%d')) . ")"; + $placeholder = " IN (" . db_placeholders($tids->value) . ")"; } else { $placeholder = " = %d"; Index: modules/taxonomy/views_handler_field_term_node_tid.inc =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/views/modules/taxonomy/views_handler_field_term_node_tid.inc,v retrieving revision 1.2 diff -u -p -r1.2 views_handler_field_term_node_tid.inc --- modules/taxonomy/views_handler_field_term_node_tid.inc 22 Sep 2008 18:13:51 -0000 1.2 +++ modules/taxonomy/views_handler_field_term_node_tid.inc 3 Oct 2008 20:45:43 -0000 @@ -80,7 +80,7 @@ class views_handler_field_term_node_tid $voc = " AND td.vid IN (" . implode(', ', array_keys(array_filter($this->options['vids']))) . ")"; } - $result = db_query("SELECT tn.vid AS node_vid, td.* FROM {term_data} td INNER JOIN {term_node} tn ON td.tid = tn.tid WHERE tn.vid IN (" . implode(', ', $vids) . ")$voc ORDER BY td.weight, td.name"); + $result = db_query("SELECT tn.vid AS node_vid, td.* FROM {term_data} td INNER JOIN {term_node} tn ON td.tid = tn.tid WHERE tn.vid IN (" . db_placeholders($vids) . ")$voc ORDER BY td.weight, td.name", $vids); while ($term = db_fetch_object($result)) { if (empty($this->options['link_to_taxonomy'])) { Index: modules/taxonomy/views_handler_filter_term_node_tid.inc =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/views/modules/taxonomy/views_handler_filter_term_node_tid.inc,v retrieving revision 1.2 diff -u -p -r1.2 views_handler_filter_term_node_tid.inc --- modules/taxonomy/views_handler_filter_term_node_tid.inc 22 Sep 2008 18:13:51 -0000 1.2 +++ modules/taxonomy/views_handler_filter_term_node_tid.inc 3 Oct 2008 20:45:44 -0000 @@ -78,7 +78,7 @@ class views_handler_filter_term_node_tid if ($this->options['type'] == 'textfield') { $default = ''; if ($this->value) { - $result = db_query("SELECT * FROM {term_data} td WHERE td.tid IN (" . implode(', ', $this->value) . ')'); + $result = db_query("SELECT * FROM {term_data} td WHERE td.tid IN (" . db_placeholders($this->value) . ')', $this->value); while ($term = db_fetch_object($result)) { if ($default) { $default .= ', '; @@ -201,20 +201,18 @@ class views_handler_filter_term_node_tid } $tids = array(); - $placeholders = array(); $args = array(); $results = array(); foreach ($values as $value) { $missing[strtolower($value)] = TRUE; $args[] = $value; - $placeholders[] = "'%s'"; } if (!$args) { return; } - $result = db_query("SELECT * FROM {term_data} WHERE name IN (" . implode(', ', $placeholders) . ")", $args); + $result = db_query("SELECT * FROM {term_data} WHERE name IN (" . db_placeholders($args, 'text') . ")", $args); while ($term = db_fetch_object($result)) { unset($missing[strtolower($term->name)]); $tids[] = $term->tid; @@ -243,7 +241,7 @@ class views_handler_filter_term_node_tid $this->value_options = array(); if ($this->value) { - $result = db_query("SELECT * FROM {term_data} td WHERE td.tid IN (" . implode(', ', $this->value) . ")"); + $result = db_query("SELECT * FROM {term_data} td WHERE td.tid IN (" . db_placeholders($this->value) . ")", $this->value); while ($term = db_fetch_object($result)) { $this->value_options[$term->tid] = $term->name; Index: modules/taxonomy/views_plugin_argument_validate_taxonomy_term.inc =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/views/modules/taxonomy/views_plugin_argument_validate_taxonomy_term.inc,v retrieving revision 1.2 diff -u -p -r1.2 views_plugin_argument_validate_taxonomy_term.inc --- modules/taxonomy/views_plugin_argument_validate_taxonomy_term.inc 10 Sep 2008 16:17:54 -0000 1.2 +++ modules/taxonomy/views_plugin_argument_validate_taxonomy_term.inc 3 Oct 2008 20:45:44 -0000 @@ -69,12 +69,10 @@ class views_plugin_argument_validate_tax return FALSE; } - $placeholders = implode(', ', array_fill(0, sizeof($tids->value), '%d')); - $test = drupal_map_assoc($tids->value); $titles = array(); - $result = db_query("SELECT * FROM {term_data} WHERE tid IN ($placeholders)", $tids->value); + $result = db_query("SELECT * FROM {term_data} WHERE tid IN (" . db_placeholders($tids->value) . ")", $tids->value); while ($term = db_fetch_object($result)) { if ($vids && empty($vids[$term->vid])) { return FALSE; Index: modules/translation/views_handler_argument_node_tnid.inc =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/views/modules/translation/views_handler_argument_node_tnid.inc,v retrieving revision 1.1 diff -u -p -r1.1 views_handler_argument_node_tnid.inc --- modules/translation/views_handler_argument_node_tnid.inc 30 Sep 2008 22:07:15 -0000 1.1 +++ modules/translation/views_handler_argument_node_tnid.inc 3 Oct 2008 20:45:44 -0000 @@ -14,9 +14,8 @@ class views_handler_argument_node_tnid e */ function title_query() { $titles = array(); - $placeholders = implode(', ', array_fill(0, sizeof($this->value), '%d')); - $result = db_query("SELECT n.title FROM {node} n WHERE n.tnid IN ($placeholders)", $this->value); + $result = db_query("SELECT n.title FROM {node} n WHERE n.tnid IN (" . db_placeholders($this->value) . ")", $this->value); while ($term = db_fetch_object($result)) { $titles[] = check_plain($term->title); } Index: modules/upload/views_handler_field_upload_description.inc =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/views/modules/upload/views_handler_field_upload_description.inc,v retrieving revision 1.1 diff -u -p -r1.1 views_handler_field_upload_description.inc --- modules/upload/views_handler_field_upload_description.inc 3 Sep 2008 19:21:30 -0000 1.1 +++ modules/upload/views_handler_field_upload_description.inc 3 Oct 2008 20:45:44 -0000 @@ -44,7 +44,7 @@ class views_handler_field_upload_descrip if ($fids) { // Support "only listed files" option. - $result = db_query("SELECT f.fid, f.filepath FROM {files} f WHERE f.fid IN (" . implode(', ', $fids) . ")"); + $result = db_query("SELECT f.fid, f.filepath FROM {files} f WHERE f.fid IN (" . db_placeholders($fids) . ")", $fids); while ($file = db_fetch_object($result)) { $this->items[$file->fid] = $file; } Index: modules/upload/views_handler_field_upload_fid.inc =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/views/modules/upload/views_handler_field_upload_fid.inc,v retrieving revision 1.2 diff -u -p -r1.2 views_handler_field_upload_fid.inc --- modules/upload/views_handler_field_upload_fid.inc 10 Sep 2008 21:02:57 -0000 1.2 +++ modules/upload/views_handler_field_upload_fid.inc 3 Oct 2008 20:45:44 -0000 @@ -45,7 +45,7 @@ class views_handler_field_upload_fid ext if (!empty($this->options['only_listed'])) { $where = " AND u.list <> 0"; } - $result = db_query("SELECT u.vid, u.fid, f.filepath, u.description FROM {upload} u LEFT JOIN {files} f ON f.fid = u.fid WHERE u.vid IN (" . implode(', ', $vids) . ")$where ORDER BY u.weight"); + $result = db_query("SELECT u.vid, u.fid, f.filepath, u.description FROM {upload} u LEFT JOIN {files} f ON f.fid = u.fid WHERE u.vid IN (" . db_placeholders($vids) . ")$where ORDER BY u.weight", $vids); while ($file = db_fetch_object($result)) { $this->items[$file->vid][$file->fid] = $this->render_link(check_plain($file->description), $file); } Index: modules/user/views_handler_argument_user_uid.inc =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/views/modules/user/views_handler_argument_user_uid.inc,v retrieving revision 1.1 diff -u -p -r1.1 views_handler_argument_user_uid.inc --- modules/user/views_handler_argument_user_uid.inc 3 Sep 2008 19:21:30 -0000 1.1 +++ modules/user/views_handler_argument_user_uid.inc 3 Oct 2008 20:45:44 -0000 @@ -18,9 +18,8 @@ class views_handler_argument_user_uid ex } $titles = array(); - $placeholders = implode(', ', array_fill(0, sizeof($this->value), '%d')); - $result = db_query("SELECT u.name FROM {users} u WHERE u.uid IN ($placeholders)", $this->value); + $result = db_query("SELECT u.name FROM {users} u WHERE u.uid IN (". db_placeholders($this->value) . ")", $this->value); while ($term = db_fetch_object($result)) { $titles[] = check_plain($term->name); } Index: modules/user/views_handler_argument_users_roles_rid.inc =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/views/modules/user/views_handler_argument_users_roles_rid.inc,v retrieving revision 1.1 diff -u -p -r1.1 views_handler_argument_users_roles_rid.inc --- modules/user/views_handler_argument_users_roles_rid.inc 3 Sep 2008 19:21:30 -0000 1.1 +++ modules/user/views_handler_argument_users_roles_rid.inc 3 Oct 2008 20:45:44 -0000 @@ -6,9 +6,8 @@ class views_handler_argument_users_roles_rid extends views_handler_argument_many_to_one { function title_query() { $titles = array(); - $placeholders = implode(', ', array_fill(0, sizeof($this->value), '%d')); - $result = db_query("SELECT name FROM {role} WHERE rid IN ($placeholders)", $this->value); + $result = db_query("SELECT name FROM {role} WHERE rid IN (" . db_placeholders($this->value) . ")", $this->value); while ($term = db_fetch_object($result)) { $titles[] = check_plain($term->name); } Index: modules/user/views_handler_field_user_roles.inc =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/views/modules/user/views_handler_field_user_roles.inc,v retrieving revision 1.1 diff -u -p -r1.1 views_handler_field_user_roles.inc --- modules/user/views_handler_field_user_roles.inc 3 Sep 2008 19:21:30 -0000 1.1 +++ modules/user/views_handler_field_user_roles.inc 3 Oct 2008 20:45:44 -0000 @@ -23,7 +23,7 @@ class views_handler_field_user_roles ext } if ($uids) { - $result = db_query("SELECT u.uid, u.rid, r.name FROM {role} r INNER JOIN {users_roles} u ON u.rid = r.rid WHERE u.uid IN (" . implode(', ', $uids) . ") ORDER BY r.name"); + $result = db_query("SELECT u.uid, u.rid, r.name FROM {role} r INNER JOIN {users_roles} u ON u.rid = r.rid WHERE u.uid IN (" . db_placeholders($uids) . ") ORDER BY r.name", $uids); while ($role = db_fetch_object($result)) { $this->items[$role->uid][$role->rid] = check_plain($role->name); } Index: modules/user/views_handler_filter_user_name.inc =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/views/modules/user/views_handler_filter_user_name.inc,v retrieving revision 1.2 diff -u -p -r1.2 views_handler_filter_user_name.inc --- modules/user/views_handler_filter_user_name.inc 22 Sep 2008 23:41:14 -0000 1.2 +++ modules/user/views_handler_filter_user_name.inc 3 Oct 2008 20:45:44 -0000 @@ -10,7 +10,7 @@ class views_handler_filter_user_name ext function value_form(&$form, &$form_state) { $values = array(); if ($this->value) { - $result = db_query("SELECT * FROM {users} u WHERE uid IN (" . implode(', ', $this->value) . ")"); + $result = db_query("SELECT * FROM {users} u WHERE uid IN (" . db_placeholders($this->value) . ")", $this->value); while ($account = db_fetch_object($result)) { if ($account->uid) { $values[] = $account->name; @@ -84,7 +84,6 @@ class views_handler_filter_user_name ext */ function validate_user_strings(&$form, $values) { $uids = array(); - $placeholders = array(); $args = array(); $results = array(); foreach ($values as $value) { @@ -94,7 +93,6 @@ class views_handler_filter_user_name ext else { $missing[strtolower($value)] = TRUE; $args[] = $value; - $placeholders[] = "'%s'"; } } @@ -102,7 +100,7 @@ class views_handler_filter_user_name ext return $uids; } - $result = db_query("SELECT * FROM {users} WHERE name IN (" . implode(', ', $placeholders) . ")", $args); + $result = db_query("SELECT * FROM {users} WHERE name IN (" . db_placeholders($args, 'text') . ")", $args); while ($account = db_fetch_object($result)) { unset($missing[strtolower($account->name)]); $uids[] = $account->uid; @@ -127,7 +125,7 @@ class views_handler_filter_user_name ext $this->value_options = array(); if ($this->value) { - $result = db_query("SELECT * FROM {users} u WHERE uid IN (" . implode(', ', $this->value) . ")"); + $result = db_query("SELECT * FROM {users} u WHERE uid IN (" . db_placeholders($this->value) . ")", $this->value); while ($account = db_fetch_object($result)) { if ($account->uid) {