plugin base class: init pdo object

plugins/share: use PDO
This commit is contained in:
Andrew Dolgov 2017-12-03 09:43:18 +03:00
parent 187abfe732
commit b6f3562d1e
2 changed files with 32 additions and 20 deletions

View File

@ -10,6 +10,10 @@ abstract class Plugin {
abstract function about(); abstract function about();
// return array(1.0, "plugin", "No description", "No author", false); // return array(1.0, "plugin", "No description", "No author", false);
function __construct() {
$this->pdo = Db::pdo();
}
function flags() { function flags() {
/* associative array, possible keys: /* associative array, possible keys:
needs_curl = boolean needs_curl = boolean

View File

@ -8,6 +8,7 @@ class Share extends Plugin {
"fox"); "fox");
} }
/* @var PluginHost $host */
function init($host) { function init($host) {
$this->host = $host; $this->host = $host;
@ -25,10 +26,11 @@ class Share extends Plugin {
function unshare() { function unshare() {
$id = db_escape_string($_REQUEST['id']); $id = $_REQUEST['id'];
db_query("UPDATE ttrss_user_entries SET uuid = '' WHERE int_id = '$id' $sth = $this->pdo->prepare("UPDATE ttrss_user_entries SET uuid = '' WHERE int_id = ?
AND owner_uid = " . $_SESSION['uid']); AND owner_uid = ?");
$sth->execute([$id, $_SESSION['uid']]);
print "OK"; print "OK";
} }
@ -48,20 +50,21 @@ class Share extends Plugin {
// Silent // Silent
function clearArticleKeys() { function clearArticleKeys() {
db_query("UPDATE ttrss_user_entries SET uuid = '' WHERE $sth = $this->pdo->prepare("UPDATE ttrss_user_entries SET uuid = '' WHERE
owner_uid = " . $_SESSION["uid"]); owner_uid = ?");
$sth->execute([$_SESSION['uid']]);
return; return;
} }
function newkey() { function newkey() {
$id = db_escape_string($_REQUEST['id']); $id = $_REQUEST['id'];
$uuid = uniqid_short();
$uuid = db_escape_string(uniqid_short()); $sth = $this->pdo->prepare("UPDATE ttrss_user_entries SET uuid = ? WHERE int_id = ?
AND owner_uid = ?");
db_query("UPDATE ttrss_user_entries SET uuid = '$uuid' WHERE int_id = '$id' $sth->execute([$uuid, $id, $_SESSION['uid']]);
AND owner_uid = " . $_SESSION['uid']);
print json_encode(array("link" => $uuid)); print json_encode(array("link" => $uuid));
} }
@ -76,21 +79,22 @@ class Share extends Plugin {
} }
function shareArticle() { function shareArticle() {
$param = db_escape_string($_REQUEST['param']); $param = $_REQUEST['param'];
$result = db_query("SELECT uuid FROM ttrss_user_entries WHERE int_id = '$param' $sth = $this->pdo->prepare("SELECT uuid FROM ttrss_user_entries WHERE int_id = ?
AND owner_uid = " . $_SESSION['uid']); AND owner_uid = ?");
$sth->execute([$param, $_SESSION['uid']]);
if (db_num_rows($result) == 0) { if ($row = $sth->fetch()) {
print "Article not found.";
} else {
$uuid = db_fetch_result($result, 0, "uuid"); $uuid = $row['uuid'];
if (!$uuid) { if (!$uuid) {
$uuid = db_escape_string(uniqid_short()); $uuid = uniqid_short();
db_query("UPDATE ttrss_user_entries SET uuid = '$uuid' WHERE int_id = '$param'
AND owner_uid = " . $_SESSION['uid']); $sth = $this->pdo->prepare("UPDATE ttrss_user_entries SET uuid = ? WHERE int_id = ?
AND owner_uid = ?");
$sth->execute([$uuid, $param, $_SESSION['uid']]);
} }
print __("You can share this article by the following unique URL:") . "<br/>"; print __("You can share this article by the following unique URL:") . "<br/>";
@ -106,6 +110,10 @@ class Share extends Plugin {
label_create(__('Shared'), $_SESSION["uid"]); label_create(__('Shared'), $_SESSION["uid"]);
label_add_article($ref_id, __('Shared'), $_SESSION['uid']); */ label_add_article($ref_id, __('Shared'), $_SESSION['uid']); */
} else {
print "Article not found.";
} }
print "<div align='center'>"; print "<div align='center'>";