|
|
@@ -1,6 +1,7 @@
|
|
|
<?php
|
|
|
class PluginHost {
|
|
|
private $dbh;
|
|
|
+ private $pdo;
|
|
|
private $hooks = array();
|
|
|
private $plugins = array();
|
|
|
private $handlers = array();
|
|
|
@@ -63,6 +64,7 @@ class PluginHost {
|
|
|
|
|
|
function __construct() {
|
|
|
$this->dbh = Db::get();
|
|
|
+ $this->pdo = Db::pdo();
|
|
|
|
|
|
$this->storage = array();
|
|
|
}
|
|
|
@@ -92,6 +94,10 @@ class PluginHost {
|
|
|
return $this->dbh;
|
|
|
}
|
|
|
|
|
|
+ function get_pdo() {
|
|
|
+ return $this->pdo;
|
|
|
+ }
|
|
|
+
|
|
|
function get_plugin_names() {
|
|
|
$names = array();
|
|
|
|
|
|
@@ -294,10 +300,11 @@ class PluginHost {
|
|
|
|
|
|
function load_data() {
|
|
|
if ($this->owner_uid) {
|
|
|
- $result = $this->dbh->query("SELECT name, content FROM ttrss_plugin_storage
|
|
|
- WHERE owner_uid = '".$this->owner_uid."'");
|
|
|
+ $sth = $this->pdo->prepare("SELECT name, content FROM ttrss_plugin_storage
|
|
|
+ WHERE owner_uid = ?");
|
|
|
+ $sth->execute([$this->owner_uid]);
|
|
|
|
|
|
- while ($line = $this->dbh->fetch_assoc($result)) {
|
|
|
+ while ($line = $sth->fetch()) {
|
|
|
$this->storage[$line["name"]] = unserialize($line["content"]);
|
|
|
}
|
|
|
}
|
|
|
@@ -305,30 +312,31 @@ class PluginHost {
|
|
|
|
|
|
private function save_data($plugin) {
|
|
|
if ($this->owner_uid) {
|
|
|
- $plugin = $this->dbh->escape_string($plugin);
|
|
|
-
|
|
|
- $this->dbh->query("BEGIN");
|
|
|
+ $this->pdo->beginTransaction();
|
|
|
|
|
|
- $result = $this->dbh->query("SELECT id FROM ttrss_plugin_storage WHERE
|
|
|
- owner_uid= '".$this->owner_uid."' AND name = '$plugin'");
|
|
|
+ $sth = $this->pdo->prepare("SELECT id FROM ttrss_plugin_storage WHERE
|
|
|
+ owner_uid= ? AND name = ?");
|
|
|
+ $sth->execute([$this->owner_uid, $plugin]);
|
|
|
|
|
|
if (!isset($this->storage[$plugin]))
|
|
|
$this->storage[$plugin] = array();
|
|
|
|
|
|
- $content = $this->dbh->escape_string(serialize($this->storage[$plugin]),
|
|
|
+ $content = serialize($this->storage[$plugin],
|
|
|
false);
|
|
|
|
|
|
- if ($this->dbh->num_rows($result) != 0) {
|
|
|
- $this->dbh->query("UPDATE ttrss_plugin_storage SET content = '$content'
|
|
|
- WHERE owner_uid= '".$this->owner_uid."' AND name = '$plugin'");
|
|
|
+ if ($sth->fetch()) {
|
|
|
+ $sth = $this->pdo->prepare("UPDATE ttrss_plugin_storage SET content = ?
|
|
|
+ WHERE owner_uid= ? AND name = ?");
|
|
|
+ $sth->execute([$content, $this->owner_uid, $plugin]);
|
|
|
|
|
|
} else {
|
|
|
- $this->dbh->query("INSERT INTO ttrss_plugin_storage
|
|
|
+ $sth = $this->pdo->prepare("INSERT INTO ttrss_plugin_storage
|
|
|
(name,owner_uid,content) VALUES
|
|
|
- ('$plugin','".$this->owner_uid."','$content')");
|
|
|
+ (?, ?, ?)");
|
|
|
+ $sth->execute([$plugin, $this->owner_uid, $content]);
|
|
|
}
|
|
|
|
|
|
- $this->dbh->query("COMMIT");
|
|
|
+ $this->pdo->commit();
|
|
|
}
|
|
|
}
|
|
|
|
|
|
@@ -365,8 +373,9 @@ class PluginHost {
|
|
|
|
|
|
unset($this->storage[$idx]);
|
|
|
|
|
|
- $this->dbh->query("DELETE FROM ttrss_plugin_storage WHERE name = '$idx'
|
|
|
- AND owner_uid = " . $this->owner_uid);
|
|
|
+ $sth = $this->pdo->prepare("DELETE FROM ttrss_plugin_storage WHERE name = ?
|
|
|
+ AND owner_uid = ?");
|
|
|
+ $sth->execute([$idx, $this->owner_uid]);
|
|
|
}
|
|
|
}
|
|
|
|
Andrew Dolgov