Commit
list rows using getRenderContext(), also tidying up and safe-ing some queries.
- Loading branch information
There are no files selected for viewing
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -311,12 +311,22 @@ private function doThumb($listid, $formid, $row_id, $thumb) | |
$userid = $db->quote($hash); | ||
} | ||
$elementid = $this->getElement()->id; | ||
$db | ||
->setQuery( | ||
"INSERT INTO #__{package}_thumbs (user_id, listid, formid, row_id, thumb, date_created, element_id) | ||
values ($userid, $listid, $formid, $row_id, " . $db->quote($thumb) | ||
. ", $strDate, $elementid) | ||
ON DUPLICATE KEY UPDATE date_created = $strDate, thumb = " . $db->quote($thumb)); | ||
$db->setQuery( | ||
"INSERT INTO #__{package}_thumbs | ||
(user_id, listid, formid, row_id, thumb, date_created, element_id) | ||
values ( | ||
" . $db->Quote($userid) . ", | ||
This comment has been minimized.
Sorry, something went wrong.
This comment has been minimized.
Sorry, something went wrong.
cheesegrits
Author
Member
|
||
" . $db->Quote($listid) . ", | ||
" . $db->Quote($formid) . ", | ||
" . $db->Quote($row_id) . ", | ||
" . $db->quote($thumb) . ", | ||
" . $db->Quote($strDate) . ", | ||
" . $db->Quote($elementid) . " | ||
) | ||
ON DUPLICATE KEY UPDATE | ||
date_created = " . $db->Quote($strDate) . ", | ||
thumb = " . $db->quote($thumb) | ||
); | ||
$db->query(); | ||
if ($db->getErrorNum()) | ||
{ | ||
|
@@ -439,6 +449,7 @@ function elementListJavascript() | |
$opts->elid = $this->getElement()->id; | ||
$opts->myThumbs = $listMyThumbs; | ||
$opts->userid = "$userid"; | ||
$opts->renderContext = $this->getListModel()->getRenderContext(); | ||
$opts = json_encode($opts); | ||
return "new FbThumbsList('$id', $opts);\n"; | ||
} | ||
|
why quote integer values? Also should be quote() and not Quote()
plus whilst you're here the query should be done using the query builder ($query = $db->getQuery(true)