Commit aa365c41 authored by root's avatar root
Browse files

fixed sql-syntax

parent 634132a0
...@@ -85,8 +85,8 @@ class plugin_backuplist extends plugin_base { ...@@ -85,8 +85,8 @@ class plugin_backuplist extends plugin_base {
$server_id = $this->form->dataRecord['server_id']; $server_id = $this->form->dataRecord['server_id'];
$backup = $app->db->queryOneRecord("SELECT * FROM web_backup WHERE backup_id = ?", $backup_id); $backup = $app->db->queryOneRecord("SELECT * FROM web_backup WHERE backup_id = ?", $backup_id);
if($backup['server_id'] > 0) $server_id = $backup['server_id']; if($backup['server_id'] > 0) $server_id = $backup['server_id'];
$sql = "SELECT count(action_id) as number FROM sys_remoteaction WHERE action_state = 'pending' AND action_type = 'backup_restore' AND action_param = '$backup_id'"; $sql = "SELECT count(action_id) as number FROM sys_remoteaction WHERE action_state = 'pending' AND action_type = 'backup_restore' AND action_param = ?";
$tmp = $app->db->queryOneRecord($sql); $tmp = $app->db->queryOneRecord($sql, $backup_id);
if($tmp['number'] == 0) { if($tmp['number'] == 0) {
$message .= $wb['restore_info_txt']; $message .= $wb['restore_info_txt'];
$sql = "INSERT INTO sys_remoteaction (server_id, tstamp, action_type, action_param, action_state, response) " . $sql = "INSERT INTO sys_remoteaction (server_id, tstamp, action_type, action_param, action_state, response) " .
...@@ -98,22 +98,15 @@ class plugin_backuplist extends plugin_base { ...@@ -98,22 +98,15 @@ class plugin_backuplist extends plugin_base {
} }
if($_GET['backup_action'] == 'delete' && $backup_id > 0) { if($_GET['backup_action'] == 'delete' && $backup_id > 0) {
$server_id = $this->form->dataRecord['server_id']; $server_id = $this->form->dataRecord['server_id'];
$backup = $app->db->queryOneRecord("SELECT * FROM web_backup WHERE backup_id = ".$backup_id); $backup = $app->db->queryOneRecord("SELECT * FROM web_backup WHERE backup_id = ?", $backup_id);
if($backup['server_id'] > 0) $server_id = $backup['server_id']; if($backup['server_id'] > 0) $server_id = $backup['server_id'];
$sql = "SELECT count(action_id) as number FROM sys_remoteaction WHERE action_state = 'pending' AND action_type = 'backup_delete' AND action_param = '$backup_id'"; $sql = "SELECT count(action_id) as number FROM sys_remoteaction WHERE action_state = 'pending' AND action_type = 'backup_delete' AND action_param = ?";
$tmp = $app->db->queryOneRecord($sql); $tmp = $app->db->queryOneRecord($sql, $backup_id);
if($tmp['number'] == 0) { if($tmp['number'] == 0) {
$message .= $wb['delete_info_txt']; $message .= $wb['delete_info_txt'];
$sql = "INSERT INTO sys_remoteaction (server_id, tstamp, action_type, action_param, action_state, response) " . $sql = "INSERT INTO sys_remoteaction (server_id, tstamp, action_type, action_param, action_state, response) " .
"VALUES (". "VALUES (?, UNIX_TIMESTAMP(), 'backup_delete', ?, 'pending', '')";
(int)$server_id . ", " . $app->db->query($sql, $server_id, $backup_id);
time() . ", " .
"'backup_delete', " .
"'".$backup_id."', " .
"'pending', " .
"''" .
")";
$app->db->query($sql);
} else { } else {
$error .= $wb['delete_pending_txt']; $error .= $wb['delete_pending_txt'];
} }
......
...@@ -62,7 +62,7 @@ class plugin_backuplist_mail extends plugin_base { ...@@ -62,7 +62,7 @@ class plugin_backuplist_mail extends plugin_base {
if($tmp['number'] == 0) { if($tmp['number'] == 0) {
$message .= $wb['restore_info_txt']; $message .= $wb['restore_info_txt'];
$sql = "INSERT INTO sys_remoteaction (server_id, tstamp, action_type, action_param, action_state, response) " . $sql = "INSERT INTO sys_remoteaction (server_id, tstamp, action_type, action_param, action_state, response) " .
"VALUES (?, ? 'backup_restore_mail', ?, 'pending','')"; "VALUES (?, ?, 'backup_restore_mail', ?, 'pending','')";
$app->db->query($sql, $this->form->dataRecord['server_id'], time(), $backup_id); $app->db->query($sql, $this->form->dataRecord['server_id'], time(), $backup_id);
} else { } else {
$error .= $wb['restore_pending_txt']; $error .= $wb['restore_pending_txt'];
...@@ -75,15 +75,8 @@ class plugin_backuplist_mail extends plugin_base { ...@@ -75,15 +75,8 @@ class plugin_backuplist_mail extends plugin_base {
if($tmp['number'] == 0) { if($tmp['number'] == 0) {
$message .= $wb['delete_info_txt']; $message .= $wb['delete_info_txt'];
$sql = "INSERT INTO sys_remoteaction (server_id, tstamp, action_type, action_param, action_state, response) " . $sql = "INSERT INTO sys_remoteaction (server_id, tstamp, action_type, action_param, action_state, response) " .
"VALUES (". "VALUES (?, ?, 'backup_delete_mail, ?, 'pending', '')";
(int)$this->form->dataRecord['server_id'] . ", " . $app->db->query($sql, $this->form->dataRecord['server_id'], time(), $backup_id);
time() . ", " .
"'backup_delete_mail', " .
"'".$backup_id."', " .
"'pending', " .
"''" .
")";
$app->db->query($sql);
} else { } else {
$error .= $wb['delete_pending_txt']; $error .= $wb['delete_pending_txt'];
} }
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment