From 7e935065fa57708077faeb028dc7330fc1bb76c9 Mon Sep 17 00:00:00 2001 From: int2001 Date: Mon, 27 Nov 2023 13:49:41 +0000 Subject: [PATCH] use Bind-Vars intead of literals --- application/models/Logbook_model.php | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/application/models/Logbook_model.php b/application/models/Logbook_model.php index 6c85a9bc..45d99fd1 100755 --- a/application/models/Logbook_model.php +++ b/application/models/Logbook_model.php @@ -633,9 +633,9 @@ class Logbook_model extends CI_Model { */ function exists_hrdlog_code($station_id) { $sql = 'select hrdlog_code, hrdlogrealtime from station_profile - where station_id = ' . $station_id; + where station_id = ?'; - $query = $this->db->query($sql); + $query = $this->db->query($sql,$station_id); $result = $query->row(); @@ -650,9 +650,9 @@ class Logbook_model extends CI_Model { * Function checks if a Clublog Credebtials exists in the table with the given station id */ function exists_clublog_credentials($station_id) { - $sql = 'select auth.user_clublog_name ucn, auth.user_clublog_password ucp from '.$this->config->item('auth_table').' auth inner join station_profile prof on (auth.user_id=prof.user_id) where prof.station_id = ' . $station_id; + $sql = 'select auth.user_clublog_name ucn, auth.user_clublog_password ucp from '.$this->config->item('auth_table').' auth inner join station_profile prof on (auth.user_id=prof.user_id) where prof.station_id = ?'; - $query = $this->db->query($sql); + $query = $this->db->query($sql, $station_id); $result = $query->row(); @@ -669,9 +669,9 @@ class Logbook_model extends CI_Model { */ function exists_qrz_api_key($station_id) { $sql = 'select qrzapikey, qrzrealtime from station_profile - where station_id = ' . $station_id; + where station_id = ?'; - $query = $this->db->query($sql); + $query = $this->db->query($sql, $station_id); $result = $query->row(); @@ -688,9 +688,9 @@ class Logbook_model extends CI_Model { */ function exists_webadif_api_key($station_id) { $sql = 'select webadifapikey, webadifapiurl, webadifrealtime from station_profile - where station_id = ' . $station_id; + where station_id = ?'; - $query = $this->db->query($sql); + $query = $this->db->query($sql, $station_id); $result = $query->row();