bug 1024: extract the SQL from the mysql_query() call

Signed-off-by: Michael Tänzer <neo@nhng.de>

1 files changed, 6 insertions, 4 deletions

diff --git a/includes/lib/account.php b/includes/lib/account.php
index 65c75a4..2c3fffa 100644
--- a/includes/lib/account.php
+++ b/includes/lib/account.php
@@ -21,28 +21,30 @@ function fix_assurer_flag($userID)
 {
 	// Update Assurer-Flag on users table if 100 points.
 	// Should the number of points be SUM(points) or SUM(awarded)?
-	$query = mysql_query('UPDATE `users` AS `u` SET `assurer` = 1 WHERE
+	$sql = 'UPDATE `users` AS `u` SET `assurer` = 1 WHERE
 		`u`.`id` = \''.(int)intval($userID).'\' AND
 		EXISTS(SELECT 1 FROM `cats_passed` AS `cp`, `cats_variant` AS `cv`
 			WHERE `cp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 AND
 			`cp`.`user_id` = `u`.`id`) AND
 		(SELECT SUM(`points`) FROM `notary` AS `n` WHERE `n`.`to` = `u`.`id`
-			AND (`n`.`expire` > now() OR `n`.`expire` IS NULL)) >= 100');
+			AND (`n`.`expire` > now() OR `n`.`expire` IS NULL)) >= 100';
 	// Challenge has been passed and non-expired points >= 100
 	
+	$query = mysql_query($sql);
 	if (!$query) {
 		return false;
 	}
  
 	// Reset flag if requirements are not met
-	$query = mysql_query('UPDATE `users` AS `u` SET `assurer` = 0 WHERE
+	$sql = 'UPDATE `users` AS `u` SET `assurer` = 0 WHERE
 		`u`.`id` = \''.(int)intval($userID).'\' AND
 		(NOT EXISTS(SELECT 1 FROM `cats_passed` AS `cp`, `cats_variant` AS
 			`cv` WHERE `cp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1
 			AND `cp`.`user_id` = `u`.`id`) OR
 		(SELECT SUM(`points`) FROM `notary` AS `n` WHERE `n`.`to` = `u`.`id`
-			AND (`n`.`expire` > now() OR `n`.`expire` IS NULL)) < 100)');
+			AND (`n`.`expire` > now() OR `n`.`expire` IS NULL)) < 100)';
 	
+	$query = mysql_query($sql);
 	if (!$query) {
 		return false;
 	}