From cc7a82756b4f4d7ab18e928527c37489adbaf564 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Tue, 07 Apr 2015 14:10:50 -0400
Subject: [PATCH] - rewrite of sql queries to new form

---
 server/mods-available/remoteaction_core_module.inc.php |   14 ++++----------
 1 files changed, 4 insertions(+), 10 deletions(-)

diff --git a/server/mods-available/remoteaction_core_module.inc.php b/server/mods-available/remoteaction_core_module.inc.php
index 0864953..807de50 100644
--- a/server/mods-available/remoteaction_core_module.inc.php
+++ b/server/mods-available/remoteaction_core_module.inc.php
@@ -62,10 +62,8 @@
 		 * First set the state
 		 */
 		global $app;
-		$sql = "UPDATE sys_remoteaction " .
-			"SET action_state = '" . $app->dbmaster->quote($state) . "' " .
-			"WHERE action_id = " . intval($id);
-		$app->dbmaster->query($sql);
+		$sql = "UPDATE sys_remoteaction SET action_state = ? WHERE action_id = ?";
+		$app->dbmaster->query($sql, $state, $id);
 
 		/*
 		 * Then save the maxid for the next time...
@@ -103,12 +101,8 @@
 		/*
 		 * Get all actions this server should execute
 		*/
-		$sql = "SELECT action_id, action_type, action_param " .
-			"FROM sys_remoteaction " .
-			"WHERE server_id = " . $server_id . " ".
-			" AND  action_id > " . intval($maxid_remote_action) . " ".
-			"ORDER BY action_id";
-		$actions = $app->dbmaster->queryAllRecords($sql);
+		$sql = "SELECT action_id, action_type, action_param FROM sys_remoteaction WHERE server_id = ? AND action_id > ? ORDER BY action_id";
+		$actions = $app->dbmaster->queryAllRecords($sql, $server_id, $maxid_remote_action);
 
 		/*
 		 * process all actions

--
Gitblit v1.9.1