Skip to content

Commit

Permalink
removed mysql_* functions
Browse files Browse the repository at this point in the history
  • Loading branch information
@timo-bes
timo-bes committed Jul 22, 2010
1 parent 1b3870c commit 3517433
Show file tree
Hide file tree
Showing 3 changed files with 19 additions and 13 deletions.
18 changes: 11 additions & 7 deletions API.php
View file
Expand Up @@ -63,8 +63,10 @@ public function getSearchEvolution($idSite, $period, $date) {
$searchTerm = Piwik_Common::getRequestVar('search_term', false);

$where = '';
$bind = array();
if ($searchTerm) {
$where = 'AND action.search_term = "'.mysql_escape_string($searchTerm).'"';
$where = 'AND action.search_term = :searchTerm';
$bind[':searchTerm'] = $searchTerm;
}

// TODO: exclude multiple result pages from totalSearches
Expand All @@ -91,7 +93,7 @@ public function getSearchEvolution($idSite, $period, $date) {
GROUP BY
visit.visit_server_date
';
$result = Piwik_FetchAll($query);
$result = Piwik_FetchAll($query, $bind);

$dataTable = new Piwik_DataTable();
$data = array();
Expand Down Expand Up @@ -228,12 +230,13 @@ private function loadAssociatedPages($site, $following, $searchTerm, Piwik_Perio
$setAction = 'idaction_url';
}

$bind = array();
if ($searchTerm) {
// analyze one search term
$searchTerm = mysql_escape_string($searchTerm);
$where = 'AND action_set.search_term = "'.$searchTerm.'" '
$where = 'AND action_set.search_term = :searchTerm '
. 'AND (action_get.search_term IS NULL OR '
. 'action_get.search_term != "'.$searchTerm.'")';
. 'action_get.search_term != :searchTerm)';
$bind[':searchTerm'] = $searchTerm;
} else {
// analyze all keywords
$where = 'AND action_set.search_term IS NOT NULL';
Expand All @@ -243,11 +246,12 @@ private function loadAssociatedPages($site, $following, $searchTerm, Piwik_Perio
if (substr($url, -1) == '/') {
$url = substr($url, 0, -1);
}
$bind[':url'] = $url;

$sql = '
SELECT
action_get.idaction,
REPLACE(action_get.name, "'.mysql_escape_string($url).'", "") AS label,
REPLACE(action_get.name, :url, "") AS label,
COUNT(action_get.idaction) AS hits
FROM
'.Piwik_Common::prefixTable('log_action').' AS action_set
Expand All @@ -268,7 +272,7 @@ private function loadAssociatedPages($site, $following, $searchTerm, Piwik_Perio
GROUP BY
action_get.idaction
';
return Piwik_FetchAll($sql);
return Piwik_FetchAll($sql, $bind);
}

}
8 changes: 5 additions & 3 deletions Controller.php
View file
Expand Up @@ -183,18 +183,20 @@ private function analyzeSite($idSite) {
$sql = '
SELECT idaction, name
FROM '.Piwik_Common::prefixTable('log_action').'
WHERE type = 1 AND name LIKE "'.mysql_escape_string($url).'%"
WHERE type = 1 AND name LIKE :name"
';
$bind = array(':name' => $url.'%');
$result = Piwik_FetchAll($sql);
$parameter = $site['sitesearch_parameter'];
foreach ($result as $action) {
$hit = preg_match('/'.$parameter.'=(.*?)(&|$)/i', $action['name'], $match);
if ($hit) {
$bind[':searchTerm'] = urldecode($match[1]);
Piwik_Query('
UPDATE '.Piwik_Common::prefixTable('log_action').'
SET search_term = "'.mysql_escape_string(urldecode($match[1])).'"
SET search_term = :searchTerm
where idaction = '.intval($action['idaction']).'
');
', $bind);
}
}
}
Expand Down
6 changes: 3 additions & 3 deletions SiteSearch.php
View file
Expand Up @@ -121,10 +121,10 @@ public function logResults($notification) {
if ($hit) {
$sql = '
UPDATE '.Piwik_Common::prefixTable('log_action').'
SET search_term = "'.mysql_escape_string(urldecode($match[1])).'"
where idaction = '.intval($idaction).'
SET search_term = :searchTerm
WHERE idaction = '.intval($idaction).'
';
Piwik_Query($sql);
Piwik_Query($sql, array(':searchTerm' => urldecode($match[1])));
}
}
}
Expand Down

0 comments on commit 3517433

Please sign in to comment.