diff options
| author | Andrew Dolgov <[email protected]> | 2017-12-02 11:25:43 +0300 |
|---|---|---|
| committer | Andrew Dolgov <[email protected]> | 2017-12-02 11:25:43 +0300 |
| commit | 8af94f1292bb2b3c1d998f0fdc3ba6befe7ddc2c (patch) | |
| tree | f1c7765c21f1f08af85ce8d05df5a2c3147836b6 /classes/pluginhost.php | |
| parent | 0500e14cc2ea0486364142606f800d0f0763d224 (diff) | |
pluginhost: use PDO
Diffstat (limited to 'classes/pluginhost.php')
| -rw-r--r-- | classes/pluginhost.php | 43 |
1 files changed, 26 insertions, 17 deletions
diff --git a/classes/pluginhost.php b/classes/pluginhost.php index 533e7ee91..bff7c32d0 100644 --- a/classes/pluginhost.php +++ b/classes/pluginhost.php @@ -1,6 +1,7 @@ <?php class PluginHost { private $dbh; + private $pdo; private $hooks = array(); private $plugins = array(); private $handlers = array(); @@ -63,6 +64,7 @@ class PluginHost { function __construct() { $this->dbh = Db::get(); + $this->pdo = Db::pdo(); $this->storage = array(); } @@ -92,6 +94,10 @@ class PluginHost { return $this->dbh; } + function get_pdo() { + return $this->pdo; + } + function get_plugin_names() { $names = array(); @@ -294,10 +300,11 @@ class PluginHost { function load_data() { if ($this->owner_uid) { - $result = $this->dbh->query("SELECT name, content FROM ttrss_plugin_storage - WHERE owner_uid = '".$this->owner_uid."'"); + $sth = $this->pdo->prepare("SELECT name, content FROM ttrss_plugin_storage + WHERE owner_uid = ?"); + $sth->execute([$this->owner_uid]); - while ($line = $this->dbh->fetch_assoc($result)) { + while ($line = $sth->fetch()) { $this->storage[$line["name"]] = unserialize($line["content"]); } } @@ -305,30 +312,31 @@ class PluginHost { private function save_data($plugin) { if ($this->owner_uid) { - $plugin = $this->dbh->escape_string($plugin); - - $this->dbh->query("BEGIN"); + $this->pdo->beginTransaction(); - $result = $this->dbh->query("SELECT id FROM ttrss_plugin_storage WHERE - owner_uid= '".$this->owner_uid."' AND name = '$plugin'"); + $sth = $this->pdo->prepare("SELECT id FROM ttrss_plugin_storage WHERE + owner_uid= ? AND name = ?"); + $sth->execute([$this->owner_uid, $plugin]); if (!isset($this->storage[$plugin])) $this->storage[$plugin] = array(); - $content = $this->dbh->escape_string(serialize($this->storage[$plugin]), + $content = serialize($this->storage[$plugin], false); - if ($this->dbh->num_rows($result) != 0) { - $this->dbh->query("UPDATE ttrss_plugin_storage SET content = '$content' - WHERE owner_uid= '".$this->owner_uid."' AND name = '$plugin'"); + if ($sth->fetch()) { + $sth = $this->pdo->prepare("UPDATE ttrss_plugin_storage SET content = ? + WHERE owner_uid= ? AND name = ?"); + $sth->execute([$content, $this->owner_uid, $plugin]); } else { - $this->dbh->query("INSERT INTO ttrss_plugin_storage + $sth = $this->pdo->prepare("INSERT INTO ttrss_plugin_storage (name,owner_uid,content) VALUES - ('$plugin','".$this->owner_uid."','$content')"); + (?, ?, ?)"); + $sth->execute([$plugin, $this->owner_uid, $content]); } - $this->dbh->query("COMMIT"); + $this->pdo->commit(); } } @@ -365,8 +373,9 @@ class PluginHost { unset($this->storage[$idx]); - $this->dbh->query("DELETE FROM ttrss_plugin_storage WHERE name = '$idx' - AND owner_uid = " . $this->owner_uid); + $sth = $this->pdo->prepare("DELETE FROM ttrss_plugin_storage WHERE name = ? + AND owner_uid = ?"); + $sth->execute([$idx, $this->owner_uid]); } } |