aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes/functions.php
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/includes/functions.php')
-rw-r--r--phpBB/includes/functions.php12
1 files changed, 6 insertions, 6 deletions
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php
index a676a717ff..48fec2d795 100644
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@@ -576,13 +576,13 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $
{
$sql = 'DELETE FROM ' . TOPICS_TRACK_TABLE . "
WHERE user_id = {$user->data['user_id']}
- AND forum_id IN (" . implode(', ', $forum_id) . ")";
+ AND " . $db->sql_in_set('forum_id', $forum_id);
$db->sql_query($sql);
$sql = 'SELECT forum_id
FROM ' . FORUMS_TRACK_TABLE . "
WHERE user_id = {$user->data['user_id']}
- AND forum_id IN (" . implode(', ', $forum_id) . ')';
+ AND " . $db->sql_in_set('forum_id', $forum_id);
$result = $db->sql_query($sql);
$sql_update = array();
@@ -597,7 +597,7 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $
$sql = 'UPDATE ' . FORUMS_TRACK_TABLE . '
SET mark_time = ' . time() . "
WHERE user_id = {$user->data['user_id']}
- AND forum_id IN (" . implode(', ', $sql_update) . ')';
+ AND " . $db->sql_in_set('forum_id', $sql_update);
$db->sql_query($sql);
}
@@ -888,7 +888,7 @@ function get_complete_topic_tracking($forum_id, $topic_ids, $global_announce_lis
$sql = 'SELECT topic_id, mark_time
FROM ' . TOPICS_TRACK_TABLE . "
WHERE user_id = {$user->data['user_id']}
- AND topic_id IN (" . implode(', ', $topic_ids) . ")";
+ AND " . $db->sql_in_set('topic_id', $topic_ids);
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
@@ -1805,13 +1805,13 @@ function login_forum_box($forum_data)
$sql_in = array();
do
{
- $sql_in[] = "'" . $db->sql_escape($row['session_id']) . "'";
+ $sql_in[] = (string) $row['session_id'];
}
while ($row = $db->sql_fetchrow($result));
// Remove expired sessions
$sql = 'DELETE FROM ' . FORUMS_ACCESS_TABLE . '
- WHERE session_id NOT IN (' . implode(', ', $sql_in) . ')';
+ WHERE ' . $db->sql_in_set('session_id', $sql_in, true);
$db->sql_query($sql);
}
$db->sql_freeresult($result);
generated by cgit v1.2.1 (git 2.21.0) at 2024-11-12 06:13:41 +0000