From 73a882ed92e77c74dd60406b770b57666ef2c11f Mon Sep 17 00:00:00 2001
From: Yannick Warnier <yannick.warnier@beeznest.com>
Date: Mon, 3 Aug 2009 05:57:59 +0200
Subject: [PATCH] [svn r22575] Minor - using database class

---
 main/dropbox/dropbox_functions.inc.php | 72 +++++++++++++-------------
 1 file changed, 35 insertions(+), 37 deletions(-)

diff --git a/main/dropbox/dropbox_functions.inc.php b/main/dropbox/dropbox_functions.inc.php
index 4d2d9d5c9c..fcd4d47a52 100644
--- a/main/dropbox/dropbox_functions.inc.php
+++ b/main/dropbox/dropbox_functions.inc.php
@@ -1,12 +1,10 @@
 <?php //$id: $
 /* For licensing terms, see /dokeos_license.txt */
-
 /**
 * This file contains additional dropbox functions. Initially there were some 
 * functions in the init files also but I have moved them over
 * to one file 		-- Patrick Cool <patrick.cool@UGent.be>, Ghent University
 */
-
 /**
 * This function is a wrapper function for the multiple actions feature.
 * @return	Mixed	If there is a problem, return a string message, otherwise nothing
@@ -137,11 +135,11 @@ function delete_category($action, $id)
 
 	// step 1: delete the category
 	$sql="DELETE FROM ".$dropbox_cnf['tbl_category']." WHERE cat_id='".Database::escape_string($id)."' AND $sentreceived='1'";
-	$result=Database::query($sql);
+	$result=Database::query($sql,__FILE__,__LINE__);
 
 	// step 2: delete all the documents in this category
 	$sql="SELECT * FROM ".$entries_table." WHERE cat_id='".Database::escape_string($id)."'";
-	$result=Database::query($sql);
+	$result=Database::query($sql,__FILE__,__LINE__);
 
 	while ($row=Database::fetch_array($result))
 	{
@@ -227,7 +225,7 @@ function store_move($id, $target, $part)
 						WHERE dest_user_id='".Database::escape_string($_user['user_id'])."'
 						AND file_id='".Database::escape_string($id)."'
 						";
-			api_sql_query($sql,__FILE__,__LINE__);
+			Database::query($sql,__FILE__,__LINE__);
 			$return_message=get_lang('ReceivedFileMoved');
 		}
 		if ($part=='sent')
@@ -236,7 +234,7 @@ function store_move($id, $target, $part)
 						WHERE uploader_id='".Database::escape_string($_user['user_id'])."'
 						AND id='".Database::escape_string($id)."'
 						";
-			api_sql_query($sql,__FILE__,__LINE__);
+			Database::query($sql,__FILE__,__LINE__);
 			$return_message=get_lang('SentFileMoved');
 		}
 	}
@@ -325,8 +323,8 @@ function get_dropbox_categories($filter='')
 
 	$sql="SELECT * FROM ".$dropbox_cnf['tbl_category']." WHERE user_id='".$_user['user_id']."'";
 
-	$result=api_sql_query($sql);
-	while ($row=mysql_fetch_array($result))
+	$result=Database::query($sql,__FILE__,__LINE__);
+	while ($row=Database::fetch_array($result))
 	{
 		if(($filter=='sent' AND $row['sent']==1) OR ($filter=='received' AND $row['received']==1) OR $filter=='')
 		{
@@ -382,7 +380,7 @@ function store_addcategory()
 	{
 		// step 3a, we check if the category doesn't already exist
 		$sql="SELECT * FROM ".$dropbox_cnf['tbl_category']." WHERE user_id='".$_user['user_id']."' AND cat_name='".Database::escape_string(Security::remove_XSS($_POST['category_name']))."' AND received='".$received."' AND sent='".$sent."'";
-		$result=api_sql_query($sql);
+		$result=Database::query($sql,__FILE__,__LINE__);
 
 
 		// step 3b, we add the category if it does not exist yet.
@@ -390,7 +388,7 @@ function store_addcategory()
 		{
 			$sql="INSERT INTO ".$dropbox_cnf['tbl_category']." (cat_name, received, sent, user_id)
 					VALUES ('".Database::escape_string(Security::remove_XSS($_POST['category_name']))."', '".Database::escape_string($received)."', '".Database::escape_string($sent)."', '".Database::escape_string($_user['user_id'])."')";
-			api_sql_query($sql);
+			Database::query($sql,__FILE__,__LINE__);
 			return array('type' => 'confirmation', 'message'=>get_lang('CategoryStored'));
 		}
 		else
@@ -403,7 +401,7 @@ function store_addcategory()
 		$sql="UPDATE ".$dropbox_cnf['tbl_category']." SET cat_name='".Database::escape_string(Security::remove_XSS($_POST['category_name']))."', received='".Database::escape_string($received)."' , sent='".Database::escape_string($sent)."'
 				WHERE user_id='".Database::escape_string($_user['user_id'])."'
 				AND cat_id='".Database::escape_string(Security::remove_XSS($_POST['edit_id']))."'";
-		api_sql_query($sql);
+		Database::query($sql,__FILE__,__LINE__);
 		return array('type' => 'confirmation', 'message'=>get_lang('CategoryModified'));
 	}
 }
@@ -427,7 +425,7 @@ function display_addcategory_form($category_name='', $id='',$action)
 	{
 		// retrieve the category we are editing
 		$sql="SELECT * FROM ".$dropbox_cnf['tbl_category']." WHERE cat_id='".Database::escape_string($id)."'";
-		$result=api_sql_query($sql);
+		$result=Database::query($sql,__FILE__,__LINE__);
 		$row=Database::fetch_array($result);
 
 		if ($category_name=='') // after an edit with an error we do not want to return to the original name but the name we already modified. (happens when createinrecievedfiles AND createinsentfiles are not checked)
@@ -690,8 +688,8 @@ function getUserNameFromId ( $id)  // RH: Mailing: return 'Mailing ' + id
     $sql = "SELECT CONCAT(lastname,' ', firstname) AS name
 			FROM " . dropbox_cnf("tbl_user") . "
 			WHERE user_id='$id'";
-    $result = api_sql_query($sql,__FILE__,__LINE__);
-    $res = mysql_fetch_array( $result);
+    $result = Database::query($sql,__FILE__,__LINE__);
+    $res = Database::fetch_array( $result);
 
     if ( $res == FALSE) return FALSE;
     return stripslashes( $res["name"]);
@@ -707,8 +705,8 @@ function getLoginFromId ( $id)
     $sql = "SELECT username
 			FROM " . dropbox_cnf("tbl_user") . "
 			WHERE user_id='$id'";
-    $result =api_sql_query($sql,__FILE__,__LINE__);
-    $res = mysql_fetch_array( $result);
+    $result =Database::query($sql,__FILE__,__LINE__);
+    $res = Database::fetch_array( $result);
     if ( $res == FALSE) return FALSE;
     return stripslashes( $res["username"]);
 }
@@ -737,14 +735,14 @@ function removeUnusedFiles( )
 			FROM " . dropbox_cnf("tbl_file") . " f
 			LEFT JOIN " . dropbox_cnf("tbl_person") . " p ON f.id = p.file_id
 			WHERE p.user_id IS NULL";
-    $result = api_sql_query($sql,__FILE__,__LINE__);
-    while ( $res = mysql_fetch_array( $result))
+    $result = Database::query($sql,__FILE__,__LINE__);
+    while ( $res = Database::fetch_array( $result))
     {
 		//delete the selected files from the post and file tables
         $sql = "DELETE FROM " . dropbox_cnf("tbl_post") . " WHERE file_id='" . $res['id'] . "'";
-        $result1 = api_sql_query($sql,__FILE__,__LINE__);
+        $result1 = Database::query($sql,__FILE__,__LINE__);
         $sql = "DELETE FROM " . dropbox_cnf("tbl_file") . " WHERE id='" . $res['id'] . "'";
-        $result1 = api_sql_query($sql,__FILE__,__LINE__);
+        $result1 = Database::query($sql,__FILE__,__LINE__);
 
 		//delete file from server
         @unlink( dropbox_cnf("sysPath") . "/" . $res["filename"]);
@@ -771,9 +769,9 @@ function getUserOwningThisMailing($mailingPseudoId, $owner = 0, $or_die = '')
 			FROM " . dropbox_cnf("tbl_file") . " f
 			LEFT JOIN " . dropbox_cnf("tbl_post") . " p ON f.id = p.file_id
 			WHERE p.dest_user_id = '" . $mailingPseudoId . "'";
-    $result = api_sql_query($sql,__FILE__,__LINE__);
+    $result = Database::query($sql,__FILE__,__LINE__);
 
-    if (!($res = mysql_fetch_array($result)))
+    if (!($res = Database::fetch_array($result)))
         die(dropbox_lang("generalError")." (code 901)");
 
     if ($owner == 0) return $res['uploader_id'];
@@ -797,19 +795,19 @@ function removeMoreIfMailing($file_id)
     $sql = "SELECT p.dest_user_id
 			FROM " . dropbox_cnf("tbl_post") . " p
 			WHERE p.file_id = '" . $file_id . "'";
-    $result = api_sql_query($sql,__FILE__,__LINE__);
+    $result = Database::query($sql,__FILE__,__LINE__);
 
-    if ( $res = mysql_fetch_array( $result))
+    if ( $res = Database::fetch_array( $result))
     {
 	    $mailingPseudoId = $res['dest_user_id'];
 	    if ( $mailingPseudoId > dropbox_cnf("mailingIdBase"))
 	    {
 	        $sql = "DELETE FROM " . dropbox_cnf("tbl_person") . " WHERE user_id='" . $mailingPseudoId . "'";
-	        $result1 = api_sql_query($sql,__FILE__,__LINE__);
+	        $result1 = Database::query($sql,__FILE__,__LINE__);
 
 	        $sql = "UPDATE " . dropbox_cnf("tbl_file") .
 	            " SET uploader_id='" . api_get_user_id() . "' WHERE uploader_id='" . $mailingPseudoId . "'";
-	        $result1 = api_sql_query($sql,__FILE__,__LINE__);
+	        $result1 = Database::query($sql,__FILE__,__LINE__);
         }
     }
 }
@@ -1057,8 +1055,8 @@ function display_user_link($user_id, $name='')
 		{
 			$table_user = Database::get_main_table(TABLE_MAIN_USER);
 			$sql="SELECT * FROM $table_user WHERE user_id='".Database::escape_string($user_id)."'";
-			$result=api_sql_query($sql,__FILE__,__LINE__);
-			$row=mysql_fetch_array($result);
+			$result=Database::query($sql,__FILE__,__LINE__);
+			$row=Database::fetch_array($result);
 			return "<a href=\"../user/userInfo.php?uInfo=".$row['user_id']."\">".$row['firstname']." ".$row['lastname']."</a>";
 		}
 		else
@@ -1125,8 +1123,8 @@ function feedback_form()
 	// we now check if the other users have not delete this document yet. If this is the case then it is useless to see the
 	// add feedback since the other users will never get to see the feedback.
 	$sql="SELECT * FROM ".$dropbox_cnf["tbl_person"]." WHERE file_id='".Database::escape_string($_GET['id'])."'";
-	$result=api_sql_query($sql,__LINE__, __FILE__);
-	$number_users_who_see_file=mysql_num_rows($result);
+	$result=Database::query($sql,__LINE__, __FILE__);
+	$number_users_who_see_file=Database::num_rows($result);
 	if ($number_users_who_see_file>1)
 	{
 		$return .= '<textarea name="feedback" style="width: 80%; height: 80px;"></textarea><br /><button type="submit" class="add" name="store_feedback" value="'.get_lang('Ok').'" 
@@ -1163,7 +1161,7 @@ function store_feedback()
 	{
 		$sql="INSERT INTO ".$dropbox_cnf['tbl_feedback']." (file_id, author_user_id, feedback, feedback_date) VALUES
 				('".Database::escape_string($_GET['id'])."','".Database::escape_string($_user['user_id'])."','".Database::escape_string($_POST['feedback'])."',NOW())";
-		api_sql_query($sql);
+		Database::query($sql,__FILE__,__LINE__);
 		return get_lang('DropboxFeedbackStored');
 	}
 }
@@ -1209,8 +1207,8 @@ function zip_download ($array)
 			WHERE file.id IN (".implode(', ',$array).")
 			AND file.id=person.file_id
 			AND person.user_id='".$_user['user_id']."'";
-	$result=api_sql_query($sql,__FILE__,__LINE__);
-	while ($row=mysql_fetch_array($result))
+	$result=Database::query($sql,__FILE__,__LINE__);
+	while ($row=Database::fetch_array($result))
 	{
 		$files[$row['filename']]=array('filename'=>$row['filename'],'title'=>$row['title'], 'author'=>$row['author'], 'description'=>$row['description']);
 	}
@@ -1457,8 +1455,8 @@ function get_total_number_feedback($file_id='')
 	global $dropbox_cnf;
 
 	$sql="SELECT COUNT(feedback_id) AS total, file_id FROM ".$dropbox_cnf['tbl_feedback']." GROUP BY file_id";
-	$result=api_sql_query($sql, __FILE__, __LINE__);
-	while ($row=mysql_fetch_array($result))
+	$result=Database::query($sql, __FILE__, __LINE__);
+	while ($row=Database::fetch_array($result))
 	{
 		$return[$row['file_id']]=$row['total'];
 	}
@@ -1529,7 +1527,7 @@ function get_last_tool_access($tool, $course_code='', $user_id='')
 				AND access_tool='".Database::escape_string($tool)."'
 				ORDER BY access_date DESC
 				LIMIT 1";
-	$result=api_sql_query($sql,__FILE__,__LINE__);
-	$row=mysql_fetch_array($result);
+	$result=Database::query($sql,__FILE__,__LINE__);
+	$row=Database::fetch_array($result);
 	return $row['access_date'];
 }
\ No newline at end of file