From d4bd109238aec503ad1d8abc1cd12ad8a12bba46 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20T=C3=A4nzer?= Date: Thu, 22 Mar 2012 13:03:25 +0100 Subject: bug 1024: extract the SQL from the mysql_query() call MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Michael Tänzer --- includes/lib/account.php | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) (limited to 'includes') diff --git a/includes/lib/account.php b/includes/lib/account.php index 65c75a4..2c3fffa 100644 --- a/includes/lib/account.php +++ b/includes/lib/account.php @@ -21,28 +21,30 @@ function fix_assurer_flag($userID) { // Update Assurer-Flag on users table if 100 points. // Should the number of points be SUM(points) or SUM(awarded)? - $query = mysql_query('UPDATE `users` AS `u` SET `assurer` = 1 WHERE + $sql = 'UPDATE `users` AS `u` SET `assurer` = 1 WHERE `u`.`id` = \''.(int)intval($userID).'\' AND EXISTS(SELECT 1 FROM `cats_passed` AS `cp`, `cats_variant` AS `cv` WHERE `cp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 AND `cp`.`user_id` = `u`.`id`) AND (SELECT SUM(`points`) FROM `notary` AS `n` WHERE `n`.`to` = `u`.`id` - AND (`n`.`expire` > now() OR `n`.`expire` IS NULL)) >= 100'); + AND (`n`.`expire` > now() OR `n`.`expire` IS NULL)) >= 100'; // Challenge has been passed and non-expired points >= 100 + $query = mysql_query($sql); if (!$query) { return false; } // Reset flag if requirements are not met - $query = mysql_query('UPDATE `users` AS `u` SET `assurer` = 0 WHERE + $sql = 'UPDATE `users` AS `u` SET `assurer` = 0 WHERE `u`.`id` = \''.(int)intval($userID).'\' AND (NOT EXISTS(SELECT 1 FROM `cats_passed` AS `cp`, `cats_variant` AS `cv` WHERE `cp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 AND `cp`.`user_id` = `u`.`id`) OR (SELECT SUM(`points`) FROM `notary` AS `n` WHERE `n`.`to` = `u`.`id` - AND (`n`.`expire` > now() OR `n`.`expire` IS NULL)) < 100)'); + AND (`n`.`expire` > now() OR `n`.`expire` IS NULL)) < 100)'; + $query = mysql_query($sql); if (!$query) { return false; } -- cgit v1.2.1