Commit 2ecf1a80 authored by Son Nguyen's avatar Son Nguyen Committed by Gerrit Code Review
Browse files

Make sure the parameter 'values' is an array. Bug 1394056



in the calls of the dml function: get_record_sql()

Change-Id: I28d6d03258c6141e9cdca21bf201228522d8b809
Signed-off-by: default avatarSon Nguyen <son.nguyen@catalyst.net.nz>
parent cc98e393
...@@ -21,7 +21,7 @@ $instid = param_integer('instid'); ...@@ -21,7 +21,7 @@ $instid = param_integer('instid');
$disabled = param_boolean('disabled', false); $disabled = param_boolean('disabled', false);
$definst = get_field('auth_instance', 'id', 'institution', 'mahara'); $definst = get_field('auth_instance', 'id', 'institution', 'mahara');
$record = get_record_sql('SELECT i.name, i.defaultquota FROM {institution} i JOIN {auth_instance} ai ON (i.name = ai.institution) WHERE ai.id = ?', $instid); $record = get_record_sql('SELECT i.name, i.defaultquota FROM {institution} i JOIN {auth_instance} ai ON (i.name = ai.institution) WHERE ai.id = ?', array($instid));
if (!$USER->get('admin') && !$USER->is_institutional_admin($record->name)) { if (!$USER->get('admin') && !$USER->is_institutional_admin($record->name)) {
json_reply(true, 'You are not an administrator for institution '.$record->name); json_reply(true, 'You are not an administrator for institution '.$record->name);
......
...@@ -867,7 +867,7 @@ function get_service_providers($instance) { ...@@ -867,7 +867,7 @@ function get_service_providers($instance) {
a.name = h.appname"; a.name = h.appname";
try { try {
$results = get_records_sql_assoc($query, array('value' => $instance)); $results = get_records_sql_assoc($query, array($instance));
} catch (SQLException $e) { } catch (SQLException $e) {
// Table doesn't exist yet // Table doesn't exist yet
return array(); return array();
......
...@@ -147,7 +147,7 @@ class User { ...@@ -147,7 +147,7 @@ class User {
WHERE WHERE
username = ?'; username = ?';
$user = get_record_sql($sql, $username); $user = get_record_sql($sql, array($username));
if (false == $user) { if (false == $user) {
throw new AuthUnknownUserException("User with username \"$username\" is not known"); throw new AuthUnknownUserException("User with username \"$username\" is not known");
......
...@@ -99,7 +99,7 @@ function deletepost_submit(Pieform $form, $values) { ...@@ -99,7 +99,7 @@ function deletepost_submit(Pieform $form, $values) {
ON (o.objecttype = 'forum' AND o.objectid = fp.id) ON (o.objecttype = 'forum' AND o.objectid = fp.id)
WHERE fp.id = ? WHERE fp.id = ?
AND o.resolvedby IS NULL AND o.resolvedby IS NULL
AND o.resolvedtime IS NULL", $values['post']); AND o.resolvedtime IS NULL", array($values['post']));
if ($objectionable !== false) { if ($objectionable !== false) {
// Trigger activity. // Trigger activity.
......
...@@ -91,7 +91,7 @@ function deletetopic_submit(Pieform $form, $values) { ...@@ -91,7 +91,7 @@ function deletetopic_submit(Pieform $form, $values) {
WHERE fp.topic = ? WHERE fp.topic = ?
AND fp.parent IS NULL AND fp.parent IS NULL
AND o.resolvedby IS NULL AND o.resolvedby IS NULL
AND o.resolvedtime IS NULL", $topicid); AND o.resolvedtime IS NULL", array($topicid));
if ($objectionable !== false) { if ($objectionable !== false) {
// Trigger activity. // Trigger activity.
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment