public function setLocation($event_id, $point)
{
/* First make sure it doesn't already exist */
- $sql = "SELECT COUNT(*) FROM kronolith_events_geo WHERE event_id = ('" . $event_id . "')";
- $count = $this->_db->getOne($sql);
+ $sql = 'SELECT COUNT(*) FROM kronolith_events_geo WHERE event_id = ?';
+ $count = $this->_db->getOne($sql, array($event_id));
if ($count instanceof PEAR_Error) {
Horde::logMessage($count, __FILE__, __LINE__, PEAR_LOG_ERR);
throw new Horde_Exception($count);
/* Do we actually have data? */
if ((empty($point['lat']) || empty($point['lon'])) && $count) {
// Delete the record.
- $sql = "DELETE FROM kronolith_events_geo WHERE event_id = '" . $event_id . "'";
+ $this->deleteLocation($event_id);
+ return;
} elseif (empty($point['lat']) || empty($point['lon'])) {
return;
}
/* INSERT or UPDATE */
if ($count) {
- $sql = "UPDATE kronolith_events_geo SET event_coordinates = GeomFromText('POINT(" . $point['lat'] . " " . $point['lon'] . ")') WHERE event_id = '" . $event_id . "'";
+ $sql = "UPDATE kronolith_events_geo SET event_coordinates = GeomFromText('POINT(" . $point['lat'] . " " . $point['lon'] . ")') WHERE event_id = ?";
} else {
- $sql = "INSERT into kronolith_events_geo (event_id, event_coordinates) VALUES('" . $event_id . "', GeomFromText('POINT(" . $point['lat'] . " " . $point['lon'] . ")'))";
+ $sql = "INSERT into kronolith_events_geo (event_id, event_coordinates) VALUES(?, GeomFromText('POINT(" . $point['lat'] . " " . $point['lon'] . ")'))";
}
- $result = $this->_write_db->query($sql);
+ $result = $this->_write_db->query($sql, array($event_id));
if ($result instanceof PEAR_Error) {
Horde::logMessage($result, __FILE__, __LINE__, PEAR_LOG_ERR);
throw new Horde_Exception($result);
*/
public function getLocation($event_id)
{
- $sql = "SELECT x(event_coordinates) as lat, y(event_coordinates) as lon FROM kronolith_events_geo WHERE event_id = '" . $event_id . "'";
- $result = $this->_db->getRow($sql, null, DB_FETCHMODE_ASSOC);
+ $sql = 'SELECT x(event_coordinates) as lat, y(event_coordinates) as lon FROM kronolith_events_geo WHERE event_id = ?';
+ $result = $this->_db->getRow($sql, array($event_id), DB_FETCHMODE_ASSOC);
if ($result instanceof PEAR_Error) {
Horde::logMessage($result, __FILE__, __LINE__, PEAR_LOG_ERR);
throw new Horde_Exception($result);
/* Allow overriding the default conversion factor */
$factor = empty($criteria['factor']) ? $this->_conversionFactor : $criteria['factor'];
- // ... if this works it will be a miracle ;)
+ $params = array($point['lat'] . ' ' . $point['lon'], $factor, $radius, $limit);
$sql = "SELECT event_id, "
- . "GLength(LINESTRINGFromWKB(LineString(event_coordinates, GeomFromText('POINT(" . $point['lat'] . " " . $point['lon'] . ")')))) * " . $factor . " as distance, "
- . "x(event_coordinates) as lat, y(event_coordinates) as lon FROM kronolith_events_geo HAVING distance < " . $radius . " ORDER BY distance ASC LIMIT " . $limit;
+ . "GLength(LINESTRINGFromWKB(LineString(event_coordinates, GeomFromText('POINT(?)')))) * ? as distance, "
+ . "x(event_coordinates) as lat, y(event_coordinates) as lon FROM kronolith_events_geo HAVING distance < ? ORDER BY distance ASC LIMIT ?";
- $results = $this->_db->getAssoc($sql, false, null, DB_FETCHMODE_ASSOC);
+ $results = $this->_db->getAssoc($sql, false, $params, DB_FETCHMODE_ASSOC);
if ($results instanceof PEAR_Error) {
Horde::logMessage($results, __FILE__, __LINE__, PEAR_LOG_ERR);
throw new Horde_Exception($results);
return $results;
}
-}
\ No newline at end of file
+}
projects / horde.git / commitdiff