Changeset 130 for branches/2.0singleton/services
- Timestamp:
- May 30, 2006 9:30:35 PM (18 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/2.0singleton/services/admins.php
r129 r130 154 154 if (getFormdata('repeat', false)) { 155 155 // Display edit function with next available ID. 156 $qid = DB::query("SELECT admin_id FROM admin_tbl WHERE admin_id > '" . DB::escapeString(getFormData('admin_id')) . "' ORDER BY admin_id ASC LIMIT 1");156 $qid = $db->query("SELECT admin_id FROM admin_tbl WHERE admin_id > '" . $db->escapeString(getFormData('admin_id')) . "' ORDER BY admin_id ASC LIMIT 1"); 157 157 if (list($next_id) = mysql_fetch_row($qid)) { 158 158 $app->dieURL($_SERVER['PHP_SELF'] . '?op=edit&admin_id=' . $next_id); … … 259 259 global $lock; 260 260 $app =& App::getInstance(); 261 261 $db =& DB::getInstance(); 262 262 263 $lock->select('admin_tbl', 'admin_id', $id); 263 264 if ($lock->isLocked() && !$lock->isMine()) { … … 266 267 267 268 // Get the information for the form. 268 $qid = DB::query("269 $qid = $db->query(" 269 270 SELECT * 270 271 FROM admin_tbl 271 WHERE admin_id = '" . DB::escapeString($id) . "'272 WHERE admin_id = '" . $db->escapeString($id) . "' 272 273 "); 273 274 if (!$frm = mysql_fetch_assoc($qid)) { … … 315 316 global $auth, $lock; 316 317 $app =& App::getInstance(); 317 318 $db =& DB::getInstance(); 319 318 320 $lock->select('admin_tbl', 'admin_id', $id); 319 321 if ($lock->isLocked() && !$lock->isMine()) { … … 325 327 326 328 // Get the information for this object. 327 $qid = DB::query("329 $qid = $db->query(" 328 330 SELECT username, user_type from admin_tbl 329 WHERE admin_id = '" . DB::escapeString($id) . "'331 WHERE admin_id = '" . $db->escapeString($id) . "' 330 332 "); 331 333 if (! list($name, $user_type) = mysql_fetch_row($qid)) { … … 336 338 337 339 // Get the information for this object. 338 $qid = DB::query("SELECT COUNT(*) from admin_tbl");340 $qid = $db->query("SELECT COUNT(*) from admin_tbl"); 339 341 list($num_admins) = mysql_fetch_row($qid); 340 342 if ('root' == $user_type && 'root' != $auth->getVal('user_type')) { … … 349 351 } else { 350 352 // Delete the record. 351 DB::query("DELETE FROM admin_tbl WHERE admin_id = '" . DB::escapeString($id) . "'");353 $db->query("DELETE FROM admin_tbl WHERE admin_id = '" . $db->escapeString($id) . "'"); 352 354 $app->raiseMsg(sprintf(_("The admin <strong>%s</strong> has been deleted."), $name), MSG_SUCCESS, __FILE__, __LINE__); 353 355 } … … 361 363 global $auth; 362 364 $app =& App::getInstance(); 363 365 $db =& DB::getInstance(); 366 364 367 // Break the cache because we are changing the list data. 365 368 SessionCache::breakCache($_SERVER['PHP_SELF']); 366 369 367 370 // Insert record data. 368 DB::query("371 $db->query(" 369 372 INSERT INTO admin_tbl ( 370 373 username, … … 376 379 added_datetime 377 380 ) VALUES ( 378 '" . DB::escapeString($frm['username']) . "',379 '" . DB::escapeString($frm['first_name']) . "',380 '" . DB::escapeString($frm['last_name']) . "',381 '" . DB::escapeString($frm['email']) . "',382 '" . DB::escapeString($frm['user_type']) . "',383 '" . DB::escapeString($auth->getVal('user_id')) . "',381 '" . $db->escapeString($frm['username']) . "', 382 '" . $db->escapeString($frm['first_name']) . "', 383 '" . $db->escapeString($frm['last_name']) . "', 384 '" . $db->escapeString($frm['email']) . "', 385 '" . $db->escapeString($frm['user_type']) . "', 386 '" . $db->escapeString($auth->getVal('user_id')) . "', 384 387 NOW() 385 388 ) 386 389 "); 387 $last_insert_id = mysql_insert_id( DB::getDBH());390 $last_insert_id = mysql_insert_id($db->getDBH()); 388 391 389 392 // Set admin password. … … 403 406 global $auth, $lock; 404 407 $app =& App::getInstance(); 405 408 $db =& DB::getInstance(); 409 406 410 $lock->select('admin_tbl', 'admin_id', $frm['admin_id']); 407 411 if ($lock->isLocked() && !$lock->isMine()) { … … 419 423 420 424 // Update record data. 421 DB::query("425 $db->query(" 422 426 UPDATE admin_tbl SET 423 username = '" . DB::escapeString($frm['username']) . "',424 first_name = '" . DB::escapeString($frm['first_name']) . "',425 last_name = '" . DB::escapeString($frm['last_name']) . "',426 email = '" . DB::escapeString($frm['email']) . "',427 user_type = '" . DB::escapeString($frm['user_type']) . "',428 modified_by_user_id = '" . DB::escapeString($auth->getVal('user_id')) . "',427 username = '" . $db->escapeString($frm['username']) . "', 428 first_name = '" . $db->escapeString($frm['first_name']) . "', 429 last_name = '" . $db->escapeString($frm['last_name']) . "', 430 email = '" . $db->escapeString($frm['email']) . "', 431 user_type = '" . $db->escapeString($frm['user_type']) . "', 432 modified_by_user_id = '" . $db->escapeString($auth->getVal('user_id')) . "', 429 433 modified_datetime = NOW() 430 WHERE admin_id = '" . DB::escapeString($frm['admin_id']) . "'434 WHERE admin_id = '" . $db->escapeString($frm['admin_id']) . "' 431 435 "); 432 436 … … 445 449 global $page; 446 450 global $so; 451 $db =& DB::getInstance(); 452 447 453 448 454 $where_clause = ''; … … 454 460 $where_clause .= (empty($where_clause) ? 'WHERE' : 'AND') . " 455 461 ( 456 admin_tbl.username LIKE '%" . DB::escapeString($qry_words[$i]) . "%'457 OR admin_tbl.first_name LIKE '%" . DB::escapeString($qry_words[$i]) . "%'458 OR admin_tbl.last_name LIKE '%" . DB::escapeString($qry_words[$i]) . "%'459 OR admin_tbl.email LIKE '%" . DB::escapeString($qry_words[$i]) . "%'462 admin_tbl.username LIKE '%" . $db->escapeString($qry_words[$i]) . "%' 463 OR admin_tbl.first_name LIKE '%" . $db->escapeString($qry_words[$i]) . "%' 464 OR admin_tbl.last_name LIKE '%" . $db->escapeString($qry_words[$i]) . "%' 465 OR admin_tbl.email LIKE '%" . $db->escapeString($qry_words[$i]) . "%' 460 466 ) 461 467 "; … … 464 470 465 471 // Count the total number of records so we can do something about the page numbers. 466 $qid = DB::query("472 $qid = $db->query(" 467 473 SELECT COUNT(*) 468 474 FROM admin_tbl … … 505 511 } else { 506 512 // If the list is not already cached, query now. 507 $qid = DB::query($sql);513 $qid = $db->query($sql); 508 514 // Fill an array with the items for this page. 509 515 while ($row = mysql_fetch_assoc($qid)) {
Note: See TracChangeset
for help on using the changeset viewer.