diff options
author | Dan McGee <dan@archlinux.org> | 2011-04-12 00:15:48 -0500 |
---|---|---|
committer | Lukas Fleischer <archlinux@cryptocrack.de> | 2011-04-16 17:49:00 +0200 |
commit | a3ad06015896f132054fece17abb0dfa1808d3b4 (patch) | |
tree | 6ed1a75986467e5ec73f6b3e6d86e1ae0c13b405 | |
parent | aa206b343af8821e01c4984ae27ab510b87a43e8 (diff) | |
download | aurweb-a3ad06015896f132054fece17abb0dfa1808d3b4.tar.xz |
rpc.php: be a bit more consistent in query building
Do the implode as the same but separate step each time, and remove
indentation where no other query has it.
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-rw-r--r-- | web/lib/aurjson.class.php | 20 |
1 files changed, 10 insertions, 10 deletions
diff --git a/web/lib/aurjson.class.php b/web/lib/aurjson.class.php index 321fee3..2521948 100644 --- a/web/lib/aurjson.class.php +++ b/web/lib/aurjson.class.php @@ -117,10 +117,11 @@ class AurJSON { return $this->json_error('Query arg too small'); } + $fields = implode(',', self::$fields); $keyword_string = mysql_real_escape_string($keyword_string, $this->dbh); $keyword_string = addcslashes($keyword_string, '%_'); - $query = "SELECT " . implode(',', self::$fields) . + $query = "SELECT {$fields} " . " FROM Packages WHERE " . " ( Name LIKE '%{$keyword_string}%' OR " . " Description LIKE '%{$keyword_string}%' )"; @@ -134,7 +135,9 @@ class AurJSON { * @return mixed Returns an array of value data containing the package data **/ private function info($pqdata) { - $base_query = "SELECT " . implode(',', self::$fields) . + $fields = implode(',', self::$fields); + + $base_query = "SELECT {$fields} " . " FROM Packages WHERE "; if ( is_numeric($pqdata) ) { @@ -144,11 +147,8 @@ class AurJSON { $query_stub = "ID={$pqdata}"; } else { - if(get_magic_quotes_gpc()) { - $pqdata = stripslashes($pqdata); - } $query_stub = sprintf("Name=\"%s\"", - mysql_real_escape_string($pqdata)); + mysql_real_escape_string($pqdata, $this->dbh)); } $query = $base_query . $query_stub; @@ -161,13 +161,13 @@ class AurJSON { * @return mixed Returns an array of value data containing the package data **/ private function msearch($maintainer) { - $maintainer = mysql_real_escape_string($maintainer, $this->dbh); $fields = implode(',', self::$fields); + $maintainer = mysql_real_escape_string($maintainer, $this->dbh); $query = "SELECT Users.Username as Maintainer, {$fields} " . - " FROM Packages, Users " . - " WHERE Packages.MaintainerUID = Users.ID AND " . - " Users.Username = '{$maintainer}'"; + " FROM Packages, Users WHERE " . + " Packages.MaintainerUID = Users.ID AND " . + " Users.Username = '{$maintainer}'"; return $this->process_query('msearch', $query); } |