diff options
author | Arun Persaud <arun@nubati.net> | 2013-02-25 22:04:21 -0800 |
---|---|---|
committer | Arun Persaud <arun@nubati.net> | 2013-02-25 22:04:21 -0800 |
commit | 5116d22ed84db0f15a7f583bcbe243ee2cd606e1 (patch) | |
tree | f0606717f34a65c874116e435638b19209e325fb /include/openid.php | |
parent | 94bbb934cb0bc65c72e2ab724f4bf99b3c7207be (diff) | |
download | e-DoKo-5116d22ed84db0f15a7f583bcbe243ee2cd606e1.tar.gz e-DoKo-5116d22ed84db0f15a7f583bcbe243ee2cd606e1.tar.bz2 e-DoKo-5116d22ed84db0f15a7f583bcbe243ee2cd606e1.zip |
mysql optimization: don't quote integers as strings in WHERE
Diffstat (limited to 'include/openid.php')
-rw-r--r-- | include/openid.php | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/include/openid.php b/include/openid.php index 16c59f4..14024b8 100644 --- a/include/openid.php +++ b/include/openid.php @@ -142,22 +142,23 @@ function DB_GetUserId($openid_url) function DB_GetOpenIDsByUser($user_id) { - return DB_query_array_all("SELECT openid_url FROM user_openids WHERE user_id = '$user_id'"); + return DB_query_array_all("SELECT openid_url FROM user_openids WHERE user_id =".DB_quote_smart($user_id)); } function DB_AttachOpenID($openid_url, $user_id) { - DB_query("INSERT INTO user_openids VALUES (".DB_quote_smart(OpenIDUrlEncode($openid_url)).", '$user_id')"); + DB_query("INSERT INTO user_openids VALUES (".DB_quote_smart(OpenIDUrlEncode($openid_url)).", ".DB_quote_smart($user_id).")"); } function DB_DetachOpenID($openid_url, $user_id) { - DB_query("DELETE FROM user_openids WHERE openid_url = ".DB_quote_smart(OpenIDUrlEncode($openid_url))." AND user_id = '$user_id'"); + DB_query("DELETE FROM user_openids WHERE openid_url = ".DB_quote_smart(OpenIDUrlEncode($openid_url)). + " AND user_id = ".DB_quote_smart($user_id)); } function DB_DetachOpenIDsByUser($user_id) { - DB_query("DELETE FROM user_openids WHERE user_id = '$user_id'"); + DB_query("DELETE FROM user_openids WHERE user_id = ".DB_quote_smart($user_id)); } ?>
\ No newline at end of file |