diff options
Diffstat (limited to 'classes/pluginhost.php')
-rw-r--r-- | classes/pluginhost.php | 50 |
1 files changed, 27 insertions, 23 deletions
diff --git a/classes/pluginhost.php b/classes/pluginhost.php index f56343c5f..4224893c2 100644 --- a/classes/pluginhost.php +++ b/classes/pluginhost.php @@ -1,6 +1,6 @@ <?php class PluginHost { - private $dbh; + private $pdo; private $hooks = array(); private $plugins = array(); private $handlers = array(); @@ -63,7 +63,7 @@ class PluginHost { const KIND_USER = 3; function __construct() { - $this->dbh = Db::get(); + $this->pdo = Db::pdo(); $this->storage = array(); } @@ -90,9 +90,13 @@ class PluginHost { } function get_dbh() { - return $this->dbh; + return Db::get(); } + function get_pdo() { + return $this->pdo; + } + function get_plugin_names() { $names = array(); @@ -276,8 +280,6 @@ class PluginHost { } else { return false; } - - return false; } function get_commands() { @@ -295,10 +297,11 @@ class PluginHost { function load_data() { if ($this->owner_uid) { - $result = $this->dbh->query("SELECT name, content FROM ttrss_plugin_storage - WHERE owner_uid = '".$this->owner_uid."'"); + $sth = $this->pdo->prepare("SELECT name, content FROM ttrss_plugin_storage + WHERE owner_uid = ?"); + $sth->execute([$this->owner_uid]); - while ($line = $this->dbh->fetch_assoc($result)) { + while ($line = $sth->fetch()) { $this->storage[$line["name"]] = unserialize($line["content"]); } } @@ -306,30 +309,30 @@ class PluginHost { private function save_data($plugin) { if ($this->owner_uid) { - $plugin = $this->dbh->escape_string($plugin); - - $this->dbh->query("BEGIN"); + $this->pdo->beginTransaction(); - $result = $this->dbh->query("SELECT id FROM ttrss_plugin_storage WHERE - owner_uid= '".$this->owner_uid."' AND name = '$plugin'"); + $sth = $this->pdo->prepare("SELECT id FROM ttrss_plugin_storage WHERE + owner_uid= ? AND name = ?"); + $sth->execute([$this->owner_uid, $plugin]); if (!isset($this->storage[$plugin])) $this->storage[$plugin] = array(); - $content = $this->dbh->escape_string(serialize($this->storage[$plugin]), - false); + $content = serialize($this->storage[$plugin]); - if ($this->dbh->num_rows($result) != 0) { - $this->dbh->query("UPDATE ttrss_plugin_storage SET content = '$content' - WHERE owner_uid= '".$this->owner_uid."' AND name = '$plugin'"); + if ($sth->fetch()) { + $sth = $this->pdo->prepare("UPDATE ttrss_plugin_storage SET content = ? + WHERE owner_uid= ? AND name = ?"); + $sth->execute([(string)$content, $this->owner_uid, $plugin]); } else { - $this->dbh->query("INSERT INTO ttrss_plugin_storage + $sth = $this->pdo->prepare("INSERT INTO ttrss_plugin_storage (name,owner_uid,content) VALUES - ('$plugin','".$this->owner_uid."','$content')"); + (?, ?, ?)"); + $sth->execute([$plugin, $this->owner_uid, (string)$content]); } - $this->dbh->query("COMMIT"); + $this->pdo->commit(); } } @@ -366,8 +369,9 @@ class PluginHost { unset($this->storage[$idx]); - $this->dbh->query("DELETE FROM ttrss_plugin_storage WHERE name = '$idx' - AND owner_uid = " . $this->owner_uid); + $sth = $this->pdo->prepare("DELETE FROM ttrss_plugin_storage WHERE name = ? + AND owner_uid = ?"); + $sth->execute([$idx, $this->owner_uid]); } } |