diff options
| author | Henry Sudhof <kellanved@phpbb.com> | 2007-07-26 11:51:23 +0000 |
|---|---|---|
| committer | Henry Sudhof <kellanved@phpbb.com> | 2007-07-26 11:51:23 +0000 |
| commit | 4dc5afd639deb192051f5aab03b5a1bbb9d11367 (patch) | |
| tree | e577226e7f91302feed5624004105c3e867919a9 /phpBB | |
| parent | 8a26bac6e24ff528f2cc8d919faadb3ed9ef8155 (diff) | |
| download | forums-4dc5afd639deb192051f5aab03b5a1bbb9d11367.tar forums-4dc5afd639deb192051f5aab03b5a1bbb9d11367.tar.gz forums-4dc5afd639deb192051f5aab03b5a1bbb9d11367.tar.bz2 forums-4dc5afd639deb192051f5aab03b5a1bbb9d11367.tar.xz forums-4dc5afd639deb192051f5aab03b5a1bbb9d11367.zip | |
Cleaning up a little. Mostly there are excellent reasons not to use sql_in_set.
Might be revisisted in the future.
#13797
git-svn-id: file:///svn/phpbb/trunk@7952 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB')
| -rw-r--r-- | phpBB/includes/acp/auth.php | 4 | ||||
| -rw-r--r-- | phpBB/includes/functions_convert.php | 35 |
2 files changed, 21 insertions, 18 deletions
diff --git a/phpBB/includes/acp/auth.php b/phpBB/includes/acp/auth.php index bc1ef75d1a..a5b6dba520 100644 --- a/phpBB/includes/acp/auth.php +++ b/phpBB/includes/acp/auth.php @@ -821,7 +821,7 @@ class auth_admin extends auth } // Remove current auth options... - $auth_option_ids = array(); + $auth_option_ids = array((int)$any_option_id); foreach ($auth as $auth_option => $auth_setting) { $auth_option_ids[] = (int) $this->option_ids[$auth_option]; @@ -830,7 +830,7 @@ class auth_admin extends auth $sql = "DELETE FROM $table WHERE $forum_sql AND $ug_id_sql - AND auth_option_id IN ($any_option_id, " . implode(', ', $auth_option_ids) . ')'; + AND ". $db->sql_in_set(auth_option_id, $auth_option_ids); $db->sql_query($sql); // Remove those having a role assigned... the correct type of course... diff --git a/phpBB/includes/functions_convert.php b/phpBB/includes/functions_convert.php index 5cd74ccbd3..98d15abb84 100644 --- a/phpBB/includes/functions_convert.php +++ b/phpBB/includes/functions_convert.php @@ -1481,18 +1481,21 @@ function mass_auth($ug_type, $forum_id, $ug_id, $acl_list, $setting = ACL_NO) // Role based permissions are the simplest to handle so check for them first if ($ug_type == 'user_role' || $ug_type == 'group_role') { - $sql = 'SELECT role_id - FROM ' . ACL_ROLES_TABLE . " - WHERE role_name = 'ROLE_" . $db->sql_escape($acl_list) . "'"; - $result = $db->sql_query_limit($sql, 1); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - // If we have no role id there is something wrong here - if ($row) + if (is_numeric($forum_id)) { - $sql = "INSERT INTO $table ($id_field, forum_id, auth_role_id) VALUES ($ug_id, $forum_id, " . $row['role_id'] . ')'; - $db->sql_query($sql); + $sql = 'SELECT role_id + FROM ' . ACL_ROLES_TABLE . " + WHERE role_name = 'ROLE_" . $db->sql_escape($acl_list) . "'"; + $result = $db->sql_query_limit($sql, 1); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + // If we have no role id there is something wrong here + if ($row) + { + $sql = "INSERT INTO $table ($id_field, forum_id, auth_role_id) VALUES ($ug_id, $forum_id, " . $row['role_id'] . ')'; + $db->sql_query($sql); + } } return; @@ -1542,7 +1545,7 @@ function mass_auth($ug_type, $forum_id, $ug_id, $acl_list, $setting = ACL_NO) $db->sql_freeresult($result); } - $sql_forum = 'AND a.forum_id IN (' . implode(', ', array_map('intval', $forum_id)) . ')'; + $sql_forum = 'AND ' . $db->sql_in_set('a.forum_id', array_map('intval', $forum_id), false, true); $sql = ($ug_type == 'user') ? 'SELECT o.auth_option_id, o.auth_option, a.forum_id, a.auth_setting FROM ' . ACL_USERS_TABLE . ' a, ' . ACL_OPTIONS_TABLE . " o WHERE a.auth_option_id = o.auth_option_id $sql_forum AND a.user_id = $ug_id" : 'SELECT o.auth_option_id, o.auth_option, a.forum_id, a.auth_setting FROM ' . ACL_GROUPS_TABLE . ' a, ' . ACL_OPTIONS_TABLE . " o WHERE a.auth_option_id = o.auth_option_id $sql_forum AND a.group_id = $ug_id"; $result = $db->sql_query($sql); @@ -1684,8 +1687,8 @@ function add_default_groups() ); $sql = 'SELECT * - FROM ' . GROUPS_TABLE . " - WHERE group_name IN ('" . implode("', '", array_keys($default_groups)) . "')"; + FROM ' . GROUPS_TABLE . ' + WHERE ' . $db->sql_in_set('group_name', array_keys($default_groups)); $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) @@ -2062,7 +2065,7 @@ function fix_empty_primary_groups() if (sizeof($user_ids)) { $db->sql_query('UPDATE ' . USERS_TABLE . ' SET group_id = ' . get_group_id('administrators') . ' - WHERE group_id = 0 AND user_id IN (' . implode(', ', $user_ids) . ')'); + WHERE group_id = 0 AND ' . $db->sql_in_set('user_id', $user_ids)); } $sql = 'SELECT user_id FROM ' . USER_GROUP_TABLE . ' WHERE group_id = ' . get_group_id('global_moderators'); @@ -2077,7 +2080,7 @@ function fix_empty_primary_groups() if (sizeof($user_ids)) { $db->sql_query('UPDATE ' . USERS_TABLE . ' SET group_id = ' . get_group_id('global_moderators') . ' - WHERE group_id = 0 AND user_id IN (' . implode(', ', $user_ids) . ')'); + WHERE group_id = 0 AND ' . $db->sql_in_set('user_id', $user_ids)); } // Set user colour |