summaryrefslogtreecommitdiffstats
path: root/include/openid.php
diff options
context:
space:
mode:
authorArun Persaud <arun@nubati.net>2013-02-25 22:04:21 -0800
committerArun Persaud <arun@nubati.net>2013-02-25 22:04:21 -0800
commit5116d22ed84db0f15a7f583bcbe243ee2cd606e1 (patch)
treef0606717f34a65c874116e435638b19209e325fb /include/openid.php
parent94bbb934cb0bc65c72e2ab724f4bf99b3c7207be (diff)
downloade-DoKo-5116d22ed84db0f15a7f583bcbe243ee2cd606e1.tar.gz
e-DoKo-5116d22ed84db0f15a7f583bcbe243ee2cd606e1.tar.bz2
e-DoKo-5116d22ed84db0f15a7f583bcbe243ee2cd606e1.zip
mysql optimization: don't quote integers as strings in WHERE
Diffstat (limited to 'include/openid.php')
-rw-r--r--include/openid.php9
1 files changed, 5 insertions, 4 deletions
diff --git a/include/openid.php b/include/openid.php
index 16c59f4..14024b8 100644
--- a/include/openid.php
+++ b/include/openid.php
@@ -142,22 +142,23 @@ function DB_GetUserId($openid_url)
function DB_GetOpenIDsByUser($user_id)
{
- return DB_query_array_all("SELECT openid_url FROM user_openids WHERE user_id = '$user_id'");
+ return DB_query_array_all("SELECT openid_url FROM user_openids WHERE user_id =".DB_quote_smart($user_id));
}
function DB_AttachOpenID($openid_url, $user_id)
{
- DB_query("INSERT INTO user_openids VALUES (".DB_quote_smart(OpenIDUrlEncode($openid_url)).", '$user_id')");
+ DB_query("INSERT INTO user_openids VALUES (".DB_quote_smart(OpenIDUrlEncode($openid_url)).", ".DB_quote_smart($user_id).")");
}
function DB_DetachOpenID($openid_url, $user_id)
{
- DB_query("DELETE FROM user_openids WHERE openid_url = ".DB_quote_smart(OpenIDUrlEncode($openid_url))." AND user_id = '$user_id'");
+ DB_query("DELETE FROM user_openids WHERE openid_url = ".DB_quote_smart(OpenIDUrlEncode($openid_url)).
+ " AND user_id = ".DB_quote_smart($user_id));
}
function DB_DetachOpenIDsByUser($user_id)
{
- DB_query("DELETE FROM user_openids WHERE user_id = '$user_id'");
+ DB_query("DELETE FROM user_openids WHERE user_id = ".DB_quote_smart($user_id));
}
?> \ No newline at end of file