summaryrefslogtreecommitdiff
path: root/manager
diff options
context:
space:
mode:
authorMichael Tänzer <neo@nhng.de>2010-04-29 21:32:48 +0200
committerMichael Tänzer <neo@nhng.de>2010-04-29 21:32:48 +0200
commite9d2e83670f66050455efda3e17c58c374adf894 (patch)
treefe39c25a8639dd3ca45f61d6c6615b0cdea80e5c /manager
parent66174d6fb339cee7014017f10df5d7ce06455382 (diff)
downloadcacert-mgr-e9d2e83670f66050455efda3e17c58c374adf894.tar.gz
cacert-mgr-e9d2e83670f66050455efda3e17c58c374adf894.tar.xz
cacert-mgr-e9d2e83670f66050455efda3e17c58c374adf894.zip
quoteInto() only accepts '?' as place holder
Signed-off-by: Michael Tänzer <neo@nhng.de>
Diffstat (limited to 'manager')
-rw-r--r--manager/application/controllers/AddPointsController.php13
1 files changed, 6 insertions, 7 deletions
diff --git a/manager/application/controllers/AddPointsController.php b/manager/application/controllers/AddPointsController.php
index 891ee5d..b7f3541 100644
--- a/manager/application/controllers/AddPointsController.php
+++ b/manager/application/controllers/AddPointsController.php
@@ -103,16 +103,15 @@ class AddPointsController extends Zend_Controller_Action
// Fix the assurer flag
$where = array();
- $query = '`users`.`id` = :user';
- $query_params['user'] = $user['id'];
- $where[] = $this->db->quoteInto($query, $query_params);
+ $query = '`users`.`id` = ?';
+ $where[] = $this->db->quoteInto($query, $user['id']);
$query = 'exists(select * from `cats_passed` as `cp`, ' .
'`cats_variant` as `cv` where `cp`.`variant_id` = `cv`.`id` and ' .
- '`cv`.`type_id` = 1 and `cp`.`user_id` = :user';
- $where[] = $this->db->quoteInto($query, $query_params);
- $query = '(select sum(`points`) from `notary` where `to`= :user and ' .
+ '`cv`.`type_id` = 1 and `cp`.`user_id` = ?';
+ $where[] = $this->db->quoteInto($query, $user['id']);
+ $query = '(select sum(`points`) from `notary` where `to`= ? and ' .
'`expire` > now()) >= 100';
- $where[] = $this->db->quoteInto($query, $query_params);
+ $where[] = $this->db->quoteInto($query, $user['id']);
$this->db->update('users', array('assurer' => 1), $where);
return;