From 5e274ab323cf4352023eda9f4cc60914ca68ba4f Mon Sep 17 00:00:00 2001 From: "Pierre Habouzit (MadCoder" Date: Thu, 30 Dec 2004 11:53:37 +0000 Subject: [PATCH] less ->db->queries git-archimport-id: opensource@polytechnique.org--2005/platal--mainline--0.9--patch-198 --- htdocs/admin/index.php | 4 +-- htdocs/admin/utilisateurs.php | 60 +++++++++++++++----------------- htdocs/emails/broken.php | 16 ++++----- htdocs/emails/redirect.php | 18 +++++----- htdocs/groupex/export-econfiance.php | 42 +++++++++++----------- htdocs/listes/create.php | 5 ++- htdocs/listes/trombi.php | 15 ++++---- htdocs/newsletter/show.php | 9 +++-- htdocs/paiement/cyberpaiement_retour.php | 32 +++++++++-------- htdocs/stats/coupure.php | 12 +++---- htdocs/stats/graph_promo.php | 22 ++++++------ htdocs/stats/nb_by_promo.php | 19 +++++----- htdocs/trezo/gere_operations.php | 10 +++--- 13 files changed, 132 insertions(+), 132 deletions(-) diff --git a/htdocs/admin/index.php b/htdocs/admin/index.php index 83be2e7..58a5e26 100644 --- a/htdocs/admin/index.php +++ b/htdocs/admin/index.php @@ -22,14 +22,14 @@ require_once("xorg.inc.php"); new_admin_page('admin/index.tpl'); -$res = $globals->db->query(" +$res = $globals->xdb->iterRow(" SELECT h1, h2, texte, url FROM admin_a AS a INNER JOIN admin_h2 AS h2 USING(h2id) INNER JOIN admin_h1 AS h1 USING(h1id) ORDER BY h1.prio, h2.prio, a.prio"); $index = Array(); -while(list($h1,$h2,$txt,$url) = mysql_fetch_row($res)) { +while(list($h1,$h2,$txt,$url) = $res->next()) { $index[$h1][$h2][] = Array('txt' => $txt, 'url'=>$url); } $page->assign_by_ref('index', $index); diff --git a/htdocs/admin/utilisateurs.php b/htdocs/admin/utilisateurs.php index 07057e0..8c7b5bf 100644 --- a/htdocs/admin/utilisateurs.php +++ b/htdocs/admin/utilisateurs.php @@ -43,20 +43,18 @@ if(Env::has('logs_button') && $login) { if(Env::has('suid_button') && $login) { $_SESSION['log']->log("suid_start", "login by ".Session::get('forlife')); $_SESSION['suid'] = $_SESSION; - $r = $globals->db->query("SELECT id FROM aliases WHERE alias='$login'"); - if(list($uid) = mysql_fetch_row($r)) { + $r = $globals->xdb->query("SELECT id FROM aliases WHERE alias={?}", $login); + if($uid = $r->fetchOneCell()) { start_connexion($uid,true); header("Location: ../"); } - mysql_free_result($r); } if ($login) { - $r = $globals->db->query("SELECT *, a.alias AS forlife - FROM auth_user_md5 AS u - INNER JOIN aliases AS a ON ( a.id = u.user_id AND a.alias='$login' AND type!='homonyme' )"); - $mr = mysql_fetch_assoc($r); - mysql_free_result($r); + $r = $globals->xdb->query("SELECT *, a.alias AS forlife + FROM auth_user_md5 AS u + INNER JOIN aliases AS a ON ( a.id = u.user_id AND a.alias={?} AND type!='homonyme' )", $login); + $mr = $r->fetchOneAssoc(); $redirect = new Redirect($mr['user_id']); @@ -81,24 +79,24 @@ if ($login) { case "del_alias": if (!empty($val)) { - $globals->db->query("DELETE FROM aliases WHERE id='{$mr['user_id']}' AND alias='$val' - AND type!='a_vie' AND type!='homonyme'"); + $globals->xdb->execute("DELETE FROM aliases WHERE id={?} AND alias={?} + AND type!='a_vie' AND type!='homonyme'", $mr['user_id'], $val); fix_bestalias($nr['user_id']); $page->trig($val." a été supprimé"); } break; case "add_alias": - $globals->db->query("INSERT INTO aliases (id,alias,type) - VALUES ('{$mr['user_id']}','".Env::get('email')."','alias')"); + $globals->xdb->execute("INSERT INTO aliases (id,alias,type) VALUES ({?}, {?}, 'alias')", + $mr['user_id'], Env::get('email')); break; case "best": - $globals->db->query("UPDATE aliases SET flags='' WHERE flags='bestalias' AND id='{$mr['user_id']}'"); - $globals->db->query("UPDATE aliases SET flags='epouse' WHERE flags='epouse,bestalias' AND id='{$mr['user_id']}'"); - $globals->db->query("UPDATE aliases - SET flags=CONCAT(flags,',','bestalias') - WHERE id='{$mr['user_id']}' AND alias='$val'"); + $globals->xdb->execute("UPDATE aliases SET flags='' WHERE flags='bestalias' AND id={?}", $mr['user_id']); + $globals->xdb->execute("UPDATE aliases SET flags='epouse' WHERE flags='epouse,bestalias' AND id={?}", $mr['user_id']); + $globals->xdb->execute("UPDATE aliases + SET flags=CONCAT(flags,',','bestalias') + WHERE id={?} AND alias={?}", $mr['user_id'], $val); break; @@ -117,12 +115,12 @@ if ($login) { naissance = '$naiss', password = '$pass_md5B', perms = '$perms', - prenom = '$prenm', - nom = '$nom', + prenom = '".addslashes($prenm)."', + nom = '".addslashes($nom)."', promo = $promo, - comment = '$comm' + comment = '".addslashes($comm)."' WHERE user_id = '{$mr['user_id']}'"; - if ($globals->db->query($query)) { + if ($globals->xdb->execute($query)) { // FIXME: recherche system('echo 1 > /tmp/flag_recherche'); @@ -136,12 +134,11 @@ if ($login) { $page->trig("updaté correctement."); } - $r = $globals->db->query("SELECT *, a.alias AS forlife - FROM auth_user_md5 AS u - INNER JOIN aliases AS a ON (u.user_id=a.id) - WHERE user_id = {$mr['user_id']}"); - $mr = mysql_fetch_assoc($r); - mysql_free_result($r); + $r = $globals->xdb->query("SELECT *, a.alias AS forlife + FROM auth_user_md5 AS u + INNER JOIN aliases AS a ON (u.user_id=a.id) + WHERE user_id = {?}", $mr['user_id']); + $mr = $r->fetchOneAssoc(); break; // DELETE FROM auth_user_md5 @@ -159,13 +156,12 @@ if ($login) { } } - $result=$globals->db->query("SELECT UNIX_TIMESTAMP(start), host + $res = $globals->xdb->query("SELECT UNIX_TIMESTAMP(start), host FROM logger.sessions - WHERE uid={$mr['user_id']} AND suid=0 + WHERE uid={?} AND suid=0 ORDER BY start DESC - LIMIT 1"); - list($lastlogin,$host) = mysql_fetch_row($result); - mysql_free_result($result); + LIMIT 1", $mr['user_id']); + list($lastlogin,$host) = $res->fetchOneRow(); $page->assign('lastlogin', $lastlogin); $page->assign('host', $host); diff --git a/htdocs/emails/broken.php b/htdocs/emails/broken.php index b3bcce5..1a2a569 100644 --- a/htdocs/emails/broken.php +++ b/htdocs/emails/broken.php @@ -26,14 +26,14 @@ require_once('emails.inc.php'); if (Get::has('email') && Get::has('action')) { $email = valide_email(Get::get('email')); // vérifications d'usage - $sel = $globals->db->query( + $sel = $globals->xdb->query( "SELECT e.uid, a.alias FROM emails AS e INNER JOIN auth_user_md5 AS u ON e.uid = u.user_id INNER JOIN aliases AS a ON (e.uid = a.id AND type!='homonyme' AND FIND_IN_SET('bestalias',a.flags)) - WHERE e.email='$email'"); + WHERE e.email={?}", $email); - if (list($uid, $dest) = mysql_fetch_row($sel)) { + if (list($uid, $dest) = $sel->fetchOneRow()) { // envoi du mail $message = "Bonjour ! @@ -66,17 +66,17 @@ L' } elseif (Post::has('email')) { $email = valide_email(Post::get('email')); $page->assign('email',$email); - $sel = $globals->db->query( + $sel = $globals->xdb->query( "SELECT e1.uid, e1.panne != 0 AS panne, count(e2.uid) AS nb_mails, u.nom, u.prenom, u.promo FROM emails as e1 LEFT JOIN emails as e2 ON(e1.uid = e2.uid AND FIND_IN_SET('active', e2.flags) AND e1.email != e2.email) INNER JOIN auth_user_md5 as u ON(e1.uid = u.user_id) - WHERE e1.email ='$email' - GROUP BY e1.uid"); - if ($x = mysql_fetch_assoc($sel)) { + WHERE e1.email = {?} + GROUP BY e1.uid", $email); + if ($x = $sel->fetchOneAssoc()) { // on écrit dans la base que l'adresse est cassée if (!$x['panne']) { - $globals->db->query("UPDATE emails SET panne='".date('Y-m-d')."' WHERE email = '$email'"); + $globals->xdb->execute("UPDATE emails SET panne=NOW() WHERE email = {?}", $email); } $page->assign_by_ref('x', $x); } diff --git a/htdocs/emails/redirect.php b/htdocs/emails/redirect.php index 3cd0968..0955779 100644 --- a/htdocs/emails/redirect.php +++ b/htdocs/emails/redirect.php @@ -40,15 +40,15 @@ if (Env::has('emailop')) { $page->assign('retour', $redirect->modify_email($actifs, Env::getMixed('emails_rewrite',Array()))); } } -$sql = "SELECT alias - FROM virtual - INNER JOIN virtual_redirect USING(vid) - WHERE ( redirect='$forlife@{$globals->mail->domain}' - OR redirect='$forlife@{$globals->mail->domain2}' ) - AND alias LIKE '%@{$globals->mail->alias_dom}'"; -$res = $globals->db->query($sql); -if (mysql_num_rows($res)) { - list($melix) = mysql_fetch_row($res); +$res = $globals->xdb->query( + "SELECT alias + FROM virtual + INNER JOIN virtual_redirect USING(vid) + WHERE (redirect={?} OR redirect={?}) + AND alias LIKE '%@{$globals->mail->alias_dom}'", + $forlife.'@'.$globals->mail->domain, $forlife.'@'.$globals->mail->domain2); +$melix = $res->fetchOneCell(); +if ($melix) { list($melix) = split('@', $melix); $page->assign('melix',$melix); } diff --git a/htdocs/groupex/export-econfiance.php b/htdocs/groupex/export-econfiance.php index 715dd31..2a0aa15 100644 --- a/htdocs/groupex/export-econfiance.php +++ b/htdocs/groupex/export-econfiance.php @@ -29,40 +29,38 @@ $cle = $globals->econfiance; if (isset($_SESSION["chall"]) && $_SESSION["chall"] != "" && $_GET["PASS"] == md5($_SESSION["chall"].$cle)) { - $res = $globals->db->query("SELECT password FROM auth_user_md5 WHERE user_id=10154"); - list($pass) = mysql_fetch_row($res); - mysql_free_result($res); - + $res = $globals->xdb->query("SELECT password FROM auth_user_md5 WHERE user_id=10154"); + $pass = $res->fetchOneCell(); $client = new xmlrpc_client("http://10154:$pass@localhost:4949/polytechnique.org"); $members = $client->get_members('x-econfiance'); if(is_array($members)) { - $membres = Array(); - foreach($members[1] as $member) { - if(preg_match('/^([^.]*.[^.]*.(\d\d\d\d))@polytechnique.org$/', $member[1], $matches)) { - $membres[] = "a.alias='{$matches[1]}'"; - } - } + $membres = Array(); + foreach($members[1] as $member) { + if(preg_match('/^([^.]*.[^.]*.(\d\d\d\d))@polytechnique.org$/', $member[1], $matches)) { + $membres[] = "a.alias='{$matches[1]}'"; + } + } } $where = join(' OR ',$membres); - $all = $globals->db->query("SELECT u.prenom,u.nom,a.alias - FROM auth_user_md5 AS u - INNER JOIN aliases AS a ON ( u.user_id = a.id AND a.type!='homonyme' ) - WHERE $where - ORDER BY nom"); + $all = $globals->xdb->fetchRow( + "SELECT u.prenom,u.nom,a.alias + FROM auth_user_md5 AS u + INNER JOIN aliases AS a ON ( u.user_id = a.id AND a.type!='homonyme' ) + WHERE $where + ORDER BY nom"); $res = "\n\n\n\n"; - while (list ($prenom1,$nom1,$email1) = mysql_fetch_row($all)) { - $res .= "\n"; - $res .= "\t".$nom1."\n"; - $res .= "\t".$prenom1."\n"; - $res .= "\t".$email1."\n"; - $res .= "\n\n"; + while (list ($prenom1,$nom1,$email1) = $all->next()) { + $res .= "\n"; + $res .= "\t".$nom1."\n"; + $res .= "\t".$prenom1."\n"; + $res .= "\t".$email1."\n"; + $res .= "\n\n"; } - mysql_free_result($all); $res .= "\n\n"; diff --git a/htdocs/listes/create.php b/htdocs/listes/create.php index b7413cd..3b2a9be 100644 --- a/htdocs/listes/create.php +++ b/htdocs/listes/create.php @@ -53,9 +53,8 @@ if (Post::has('submit')) { $page->trig('le nom de la liste ne doit contenir que des lettres, chiffres et tirets'); } - $res = $globals->db->query("SELECT COUNT(*) FROM aliases WHERE alias='$liste'"); - list($n) = mysql_fetch_row($res); - mysql_free_result($res); + $res = $globals->xdb->query("SELECT COUNT(*) FROM aliases WHERE alias={?}", $liste); + $n = $res->fetchOneCell(); if($n) { $page->trig('cet alias est déjà pris'); diff --git a/htdocs/listes/trombi.php b/htdocs/listes/trombi.php index 82e5db9..6b52bbc 100644 --- a/htdocs/listes/trombi.php +++ b/htdocs/listes/trombi.php @@ -38,19 +38,20 @@ if(Get::has('add')) { header("Location: ?liste=$liste"); } -function getList($offset,$limit) { +function getList($offset,$limit) +{ global $client, $globals; $liste = Env::get('liste'); list($total,$members) = $client->get_members_limit($liste,$offset,$limit); $membres = Array(); - foreach($members as $member) { + foreach ($members as $member) { list($m) = split('@',$member[1]); - $res = $globals->db->query("SELECT prenom,IF(epouse='', nom, epouse) AS nom, promo, a.alias AS forlife - FROM auth_user_md5 AS u - INNER JOIN aliases AS a ON u.user_id = a.id - WHERE a.alias = '$m'"); - if($tmp = mysql_fetch_assoc($res)) { + $res = $globals->xdb->query("SELECT prenom,IF(epouse='', nom, epouse) AS nom, promo, a.alias AS forlife + FROM auth_user_md5 AS u + INNER JOIN aliases AS a ON u.user_id = a.id + WHERE a.alias = {?}", $m); + if ($tmp = $res->fetchOneAssoc()) { $membres[$tmp['nom']] = $tmp; } else { $membres[$member[0]] = Array('addr' => $member[0]); diff --git a/htdocs/newsletter/show.php b/htdocs/newsletter/show.php index 8c0cf85..bbee019 100644 --- a/htdocs/newsletter/show.php +++ b/htdocs/newsletter/show.php @@ -28,11 +28,10 @@ $nl = new NewsLetter($nid); $page->assign_by_ref('nl',$nl); if (Post::has('send')) { - $res = $globals->db->query('SELECT pref FROM newsletter_ins WHERE user_id='.Session::getInt('uid')); - if (!(list($format) = mysql_fetch_row($res))) { - $format = 'html'; - } - $nl->sendTo(Session::get('prenom'), Session::get('nom'), Session::get('bestalias'), Session::get('femme'), $format=='html'); + $res = $globals->xdb->query('SELECT pref FROM newsletter_ins WHERE user_id={?}', Session::getInt('uid')); + $fmt = $res->fetchOneCell(); + if (empty($fmt)) { $fmt = 'html'; } + $nl->sendTo(Session::get('prenom'), Session::get('nom'), Session::get('bestalias'), Session::get('femme'), $fmt=='html'); } $page->run(); diff --git a/htdocs/paiement/cyberpaiement_retour.php b/htdocs/paiement/cyberpaiement_retour.php index 03d9086..d021b50 100644 --- a/htdocs/paiement/cyberpaiement_retour.php +++ b/htdocs/paiement/cyberpaiement_retour.php @@ -75,12 +75,12 @@ $champ202 = clean_request('CHAMP202'); $montant = "$champ201 $champ202"; /* on extrait les informations sur l'utilisateur */ -$res = $globals->db->query(" +$res = $globals->xdb->query(" SELECT a.prenom,a.nom,a.promo,l.alias,FIND_IN_SET(a.flags,'femme') FROM auth_user_md5 AS a INNER JOIN aliases AS l ON (a.user_id=l.id AND type!='homonyme') - WHERE a.user_id='$uid'"); -if (!list($prenom,$nom,$promo,$forlife,$femme) = mysql_fetch_row($res)) { + WHERE a.user_id={?}", $uid); +if (!list($prenom,$nom,$promo,$forlife,$femme) = $res->fetchOneRow()) { erreur("uid invalide"); } @@ -91,26 +91,28 @@ if (!ereg('-xorg-([0-9]+)$',$champ200,$matches)) { } echo ($ref = $matches[1]); -$res = $globals->db->query("select mail,text,confirmation from paiement.paiements where id='$ref'"); -if (!list($conf_mail,$conf_title,$conf_text) = mysql_fetch_row($res)) { +$res = $globals->xdb->query("SELECT mail,text,confirmation FROM paiement.paiements WHERE id={?}", $ref); +if (!list($conf_mail,$conf_title,$conf_text) = $res->fetchOneRow()) { erreur("référence de commande inconnue"); } /* on extrait le code de retour */ if ($champ906 != "0000") { - $res = $globals->db->query("SELECT rcb.text,c.id,c.text - FROM paiement.codeRCB AS rcb - LEFT JOIN paiement.codeC AS c ON rcb.codeC=c.id - WHERE rcb.id='$champ906'"); - if (list($rcb_text,$c_id,$c_text) = mysql_fetch_row($res)) - erreur("erreur lors du paiement : $c_text ($c_id)"); - else - erreur("erreur inconnue lors du paiement"); + $res = $globals->xdb->query("SELECT rcb.text,c.id,c.text + FROM paiement.codeRCB AS rcb + LEFT JOIN paiement.codeC AS c ON rcb.codeC=c.id + WHERE rcb.id='$champ906'"); + if (list($rcb_text, $c_id, $c_text) = $res->fetchOneRow()) { + erreur("erreur lors du paiement : $c_text ($c_id)"); + } else{ + erreur("erreur inconnue lors du paiement"); + } } /* on fait l'insertion en base de donnees */ -$globals->db->query("INSERT INTO paiement.transactions (id,uid,ref,fullref,montant,cle) - VALUES ('$champ901','$uid','$ref','$champ200','$montant','$champ905')"); +$globals->xdb->execute("INSERT INTO paiement.transactions (id,uid,ref,fullref,montant,cle) + VALUES ({?},{?},{?},{?},{?},{?})", + $champ901, $uid, $ref, $champ200, $montant, $champ905); /* on genere le mail de confirmation */ $conf_text = str_replace("",$prenom,$conf_text); diff --git a/htdocs/stats/coupure.php b/htdocs/stats/coupure.php index ce02f9d..cda17d8 100644 --- a/htdocs/stats/coupure.php +++ b/htdocs/stats/coupure.php @@ -35,12 +35,12 @@ function serv_to_str($params) { } if (Env::has('cp_id')) { - $res = $globals->db->query("SELECT UNIX_TIMESTAMP(debut) AS debut, - TIME_FORMAT(duree,'%kh%i') AS duree, - resume, description, services - FROM coupures - WHERE id = ".Env::getInt('cp_id')); - $cp = @mysql_fetch_assoc($res); + $res = $globals->xdb->query("SELECT UNIX_TIMESTAMP(debut) AS debut, + TIME_FORMAT(duree,'%kh%i') AS duree, + resume, description, services + FROM coupures + WHERE id = {?}", Env::getInt('cp_id')); + $cp = $res->fetchOneAssoc(); } if($cp) { diff --git a/htdocs/stats/graph_promo.php b/htdocs/stats/graph_promo.php index af4b473..67882d2 100644 --- a/htdocs/stats/graph_promo.php +++ b/htdocs/stats/graph_promo.php @@ -29,25 +29,27 @@ $JOURS=364; define('DUREEJOUR',24*3600); //recupere le nombre d'inscriptions par jour sur la plage concernée -$donnees=$globals->db->query("SELECT IF( date_ins>DATE_SUB(NOW(),INTERVAL $JOURS DAY), - TO_DAYS(date_ins)-TO_DAYS(NOW()), - ".(-($JOURS+1)).") AS jour, - count(user_id) AS nb - FROM auth_user_md5 - WHERE promo = $promo AND perms IN ('admin','user') - GROUP BY jour"); +$res = $globals->xdb->iterRow( + "SELECT IF( date_ins>DATE_SUB(NOW(),INTERVAL $JOURS DAY), + TO_DAYS(date_ins)-TO_DAYS(NOW()), + ".(-($JOURS+1)).") AS jour, + COUNT(user_id) AS nb + FROM auth_user_md5 + WHERE promo = {?} AND perms IN ('admin','user') + GROUP BY jour", $promo); //genere des donnees compatibles avec GNUPLOT $inscrits=''; // la première ligne contient le total des inscrits avant la date de départ (J - $JOURS) -list(,$init_nb)=mysql_fetch_row($donnees); +list(,$init_nb) = $res->next(); $total = $init_nb; -list($numjour, $nb) = mysql_fetch_row($donnees); +list($numjour, $nb) = $res->next(); + for ($i=-$JOURS;$i<=0;$i++) { if ($numjour<$i) { - if(!list($numjour, $nb) = mysql_fetch_row($donnees)) { + if(!list($numjour, $nb) = $res->next()) { $numjour = 0; $nb = 0; } diff --git a/htdocs/stats/nb_by_promo.php b/htdocs/stats/nb_by_promo.php index df0135e..a781e79 100644 --- a/htdocs/stats/nb_by_promo.php +++ b/htdocs/stats/nb_by_promo.php @@ -22,16 +22,19 @@ require_once("xorg.inc.php"); new_skinned_page('stats/nb_by_promo.tpl', AUTH_COOKIE); -$result = $globals->db->query("SELECT promo,COUNT(*) - FROM auth_user_md5 - WHERE promo > 1900 AND perms IN ('admin','user') - GROUP BY promo - ORDER BY promo"); +$res = $globals->xdb->iterRow( + "SELECT promo,COUNT(*) + FROM auth_user_md5 + WHERE promo > 1900 AND perms IN ('admin','user') + GROUP BY promo + ORDER BY promo"); $max=0; $min=3000; -while(list($promo,$nb)=mysql_fetch_row($result)) { - $promo=intval($promo); - if(!isset($nbpromo[$promo/10])) + +while (list($promo,$nb) = $res->next()) { + $promo = intval($promo); + if(!isset($nbpromo[$promo/10])) { $nbpromo[$promo/10] = Array('','','','','','','','','',''); // tableau de 10 cases vides + } $nbpromo[$promo/10][$promo%10]=Array('promo' => $promo, 'nb' => $nb); } diff --git a/htdocs/trezo/gere_operations.php b/htdocs/trezo/gere_operations.php index 325794b..c8ffd9e 100644 --- a/htdocs/trezo/gere_operations.php +++ b/htdocs/trezo/gere_operations.php @@ -40,8 +40,8 @@ $mon_sel = $trim_fr[$mois_sel]." $annee_sel"; switch($action) { case "edit": if ($op_id) { - $res=$globals->db->query("select date,label,credit,debit from money_trezo where id='$op_id'"); - list($op_date,$op_label,$op_credit,$op_debit)=mysql_fetch_row($res); + $res = $globals->xdb->query("SELECT date,label,credit,debit FROM money_trezo WHERE id={?}", $op_id); + list($op_date,$op_label,$op_credit,$op_debit) = $res->fetchOneRow(); } break; @@ -53,18 +53,18 @@ switch($action) { $mydate = date("Y-m-d"); } - $sql = "replace into money_trezo set date='$mydate',label='$op_label'"; + $sql = "replace into money_trezo set date='$mydate',label='".addslashes($op_label)."'"; if ($op_credit) { $sql .= ',credit='.$op_credit; } if ($op_debit) { $sql .= ",debit=".$op_debit; } if ($op_id) { $sql .= ",id='$op_id'"; } - $globals->db->query($sql); + $globals->xdb->execute($sql); break; case "del": if ($op_id) { - $globals->db->query("delete from money_trezo where id='".$op_id."'"); + $globals->xdb->execute("DELETE FROM money_trezo WHERE id={?}", $op_id); } break; } -- 2.1.4