diff --git a/box/core/sandesh.php b/box/core/sandesh.php index 1ebb87c..12173bc 100644 --- a/box/core/sandesh.php +++ b/box/core/sandesh.php @@ -70,7 +70,7 @@ function start($data){ } ksort($groupid); $gmd5 = md5(serialize($groupid)); - $stmt = $this->global['pdo']->prepare("INSERT INTO `{$data['db_prefix']}groups` (`id`,`groupid`) VALUES (:id,:groupid)"); + $stmt = $this->global['pdo']->prepare("INSERT INTO `{$data['db_prefix']}groups` (`id`,`groupid`) VALUES (:id,:groupid);"); $stmt->execute( array( 'id' => $group, @@ -96,7 +96,7 @@ function start($data){ // INSERT GROUP_USERS foreach($users as $user){ - $stmt = $this->global['pdo']->prepare("INSERT INTO `{$data['db_prefix']}group_users` (`grupid`,`users`) VALUES (:grupid,:users)"); + $stmt = $this->global['pdo']->prepare("INSERT INTO `{$data['db_prefix']}group_users` (`grupid`,`users`) VALUES (:grupid,:users);"); $stmt->execute( array( 'grupid' => $group, @@ -122,7 +122,7 @@ function start($data){ ); // INSERT GUEST END // INSERT MSGS - $stmt = $this->global['pdo']->prepare("INSERT INTO `{$data['db_prefix']}msgs` (`msg`,`grp_id`,`sender_id`, `mid`) VALUES (:msg,:grp_id,:sender_id, 1)"); + $stmt = $this->global['pdo']->prepare("INSERT INTO `{$data['db_prefix']}msgs` (`msg`,`grp_id`,`sender_id`, `mid`) VALUES (:msg,:grp_id,:sender_id, 1);"); $stmt->execute( array( 'msg' => $_POST['kchat_msg'], @@ -133,7 +133,7 @@ function start($data){ // INSERT MSGS END // INSERT PLOTLY $x = date('Y-m-d H:00:00'); - $stmt = $this->global['pdo']->prepare("INSERT INTO `{$data['db_prefix']}plotly` (`y`,`x`) VALUES (1,:x) ON DUPLICATE KEY UPDATE y = y + 1"); + $stmt = $this->global['pdo']->prepare("INSERT INTO `{$data['db_prefix']}plotly` (`y`,`x`) VALUES (1,:x) ON DUPLICATE KEY UPDATE y = y + 1;"); $stmt->execute(array('x' => $x)); // INSERT PLOTLY END } @@ -154,7 +154,7 @@ function msg($data){ $grp_id = $this->global['group_id']; - $stmt = $this->global['pdo']->prepare("SELECT IFNULL(MAX(`mid`) + 1, 0) as mid FROM `{$data['db_prefix']}msgs` WHERE `grp_id` = :grp_id"); + $stmt = $this->global['pdo']->prepare("SELECT IFNULL(MAX(`mid`) + 1, 0) as mid FROM `{$data['db_prefix']}msgs` WHERE `grp_id` = :grp_id;"); $stmt->execute( array( 'grp_id' => $grp_id @@ -165,7 +165,7 @@ function msg($data){ $mid = $row['mid']; } - $stmt = $this->global['pdo']->prepare("INSERT INTO `{$data['db_prefix']}msgs` (`msg`,`grp_id`,`sender_id`,`mid`) VALUES (:msg, :grp_id,:sender_id,:mid)"); + $stmt = $this->global['pdo']->prepare("INSERT INTO `{$data['db_prefix']}msgs` (`msg`,`grp_id`,`sender_id`,`mid`) VALUES (:msg, :grp_id,:sender_id,:mid);"); $stmt->execute( array( 'msg' => msgencode($msg), @@ -185,7 +185,7 @@ function getmsg($post,$data){ $sql = "UPDATE `{$data['db_prefix']}cache` SET `time` = UNIX_TIMESTAMP() WHERE uname = :uname AND - process = 1"; + process = 1;"; $sql_array = array( 'uname' => $this->global['id'] ); @@ -214,7 +214,7 @@ function getmsg($post,$data){ if($post['first_run'] == 'true'){ //runing at first time - $sql = "SELECT `id`,(select concat(fname,' ',lname) as username from {$data['db_prefix']}users where id = sender_id limit 1) as username,`msg`,`time`,`sender_id`,`mid` from {$data['db_prefix']}msgs WHERE mid >= 0 and `grp_id` = :grp_id2 and (select count(`id`) FROM `{$data['db_prefix']}group_users` WHERE `users` = :user AND `grupid` = :grp_id) != 0 ORDER BY id DESC limit 25"; + $sql = "SELECT `id`,(select concat(fname,' ',lname) as username from {$data['db_prefix']}users where id = sender_id limit 1) as username,`msg`,`time`,`sender_id`,`mid` from {$data['db_prefix']}msgs WHERE mid >= 0 and `grp_id` = :grp_id2 and (select count(`id`) FROM `{$data['db_prefix']}group_users` WHERE `users` = :user AND `grupid` = :grp_id) != 0 ORDER BY id DESC limit 25;"; $sql_array = array( 'grp_id2' => $grp_id, @@ -224,7 +224,7 @@ function getmsg($post,$data){ }else{ //runing at all time - $sql = "SELECT `id`,(select concat(fname,' ',lname) as username from {$data['db_prefix']}users where id = sender_id limit 1) as username,`msg`,`time`,`sender_id`,`mid` from {$data['db_prefix']}msgs WHERE mid > (select `seens` from `{$data['db_prefix']}group_users` where grupid = :grp_id0 and users = :user0 limit 1) and `grp_id` = :grp_id1 and (select count(`id`) FROM `{$data['db_prefix']}group_users` WHERE `users` = :user1 AND `grupid` = :grp_id2) != 0 ORDER BY id DESC"; + $sql = "SELECT `id`,(select concat(fname,' ',lname) as username from {$data['db_prefix']}users where id = sender_id limit 1) as username,`msg`,`time`,`sender_id`,`mid` from {$data['db_prefix']}msgs WHERE mid > (select `seens` from `{$data['db_prefix']}group_users` where grupid = :grp_id0 and users = :user0 limit 1) and `grp_id` = :grp_id1 and (select count(`id`) FROM `{$data['db_prefix']}group_users` WHERE `users` = :user1 AND `grupid` = :grp_id2) != 0 ORDER BY id DESC;"; $sql_array = array( 'grp_id0' => $grp_id, 'user0' => $this->global['id'], @@ -268,7 +268,7 @@ function getmsg($post,$data){ //updating message status if(isset($lastseen)){ - $stmt = $this->global['pdo']->prepare("UPDATE `{$data['db_prefix']}Group_users` SET `seens` = :seens where users = :users and grupid = :grupid"); + $stmt = $this->global['pdo']->prepare("UPDATE `{$data['db_prefix']}Group_users` SET `seens` = :seens where users = :users and grupid = :grupid;"); $stmt->execute( array( 'seens' => $lastseen, @@ -283,7 +283,7 @@ function getmsg($post,$data){ $offset = $_POST['offset']; if($offset != 'none'){ //run to get old msgs - $sql = "SELECT `id`,(select concat(fname,' ',lname) as username from {$data['db_prefix']}users where id = sender_id limit 1) as username,`msg`,`time`,`sender_id`,`mid` from {$data['db_prefix']}msgs WHERE mid >= 0 and mid < :mid and `grp_id` = :grp_id1 and (select count(`id`) FROM `{$data['db_prefix']}group_users` WHERE `users` = :users AND `grupid` = :grp_id2) != 0 ORDER BY id DESC limit 10"; + $sql = "SELECT `id`,(select concat(fname,' ',lname) as username from {$data['db_prefix']}users where id = sender_id limit 1) as username,`msg`,`time`,`sender_id`,`mid` from {$data['db_prefix']}msgs WHERE mid >= 0 and mid < :mid and `grp_id` = :grp_id1 and (select count(`id`) FROM `{$data['db_prefix']}group_users` WHERE `users` = :users AND `grupid` = :grp_id2) != 0 ORDER BY id DESC limit 10;"; $sql_array = array( 'mid' => $offset, @@ -349,14 +349,14 @@ function js($data){ _p("global.heading = \"KChat\";\n"); _p("global.dept = "); $dept = array(); - $stmt = $this->global['pdo']->prepare("SELECT `id`,`dept` FROM `{$data['db_prefix']}department`"); + $stmt = $this->global['pdo']->prepare("SELECT `id`,`dept` FROM `{$data['db_prefix']}department`;"); $stmt->execute(array()); $row = $stmt->fetchAll(); _p(json_encode($row).";\n"); } function css($data){ - $stmt = $this->global['pdo']->prepare("SELECT `selecter`,`value`,`type`,`css` FROM `{$data['db_prefix']}setting`"); + $stmt = $this->global['pdo']->prepare("SELECT `selecter`,`value`,`type`,`css` FROM `{$data['db_prefix']}setting`;"); $stmt->execute(array()); $css = array(); $row = $stmt->fetchAll(); diff --git a/kchat/actions/conline.php b/kchat/actions/conline.php index 038c40a..d2cde96 100644 --- a/kchat/actions/conline.php +++ b/kchat/actions/conline.php @@ -22,8 +22,8 @@ function action(){ $ip4db = $this->data['config']['path'].'/kchat/data/GeoLiteCity.dat'; $ip6db = $this->data['config']['path'].'/kchat/data/GeoLiteCityv6.dat'; - $stmt = $this->data['pdo']->prepare("SELECT `id`,(SELECT concat(`fname`,' ',`lname`) from {$this->dbprefix}users WHERE id = {$this->dbprefix}guest.id) as guest ,`ip`,`country_code`,`time_zone`,`latitude`,`longitude` from {$this->dbprefix}guest where `id` IN (SELECT `support_id` FROM `{$this->dbprefix}temp`);"); - $stmt->execute(); + $stmt = $this->data['pdo']->prepare("SELECT `id`,(SELECT concat(`fname`,' ',`lname`) from {$this->dbprefix}users WHERE id = {$this->dbprefix}guest.id) as guest ,`ip`,`country_code`,`time_zone`,`latitude`,`longitude` from {$this->dbprefix}guest where `id` IN (SELECT `support_id` FROM `{$this->dbprefix}cache` where (`time` > (unix_timestamp() - 5)));"); + $stmt->execute(array()); while ($row = $stmt->fetch()) { $conline[] = $row; @@ -59,7 +59,7 @@ function action(){ if(isset($update)){ foreach($update as $value){ - $stmt = $this->data['pdo']->prepare("UPDATE `{$this->dbprefix}guest` SET `country_code` = :country_code, `time_zone` = :time_zone, `latitude` = :latitude, `longitude` = :longitude where id = :id"); + $stmt = $this->data['pdo']->prepare("UPDATE `{$this->dbprefix}guest` SET `country_code` = :country_code, `time_zone` = :time_zone, `latitude` = :latitude, `longitude` = :longitude where id = :id;"); $stmt->execute($value); } } diff --git a/kchat/actions/createchat.php b/kchat/actions/createchat.php index fe4a504..33290f9 100644 --- a/kchat/actions/createchat.php +++ b/kchat/actions/createchat.php @@ -37,7 +37,7 @@ function action(){ $row = $stmt->fetchAll(); if(!count($row)){ - $stmt = $this->data['pdo']->prepare("INSERT INTO `{$this->dbprefix}groups` (`id`,`groupid`) VALUES (:id,:groupid)"); + $stmt = $this->data['pdo']->prepare("INSERT INTO `{$this->dbprefix}groups` (`id`,`groupid`) VALUES (:id,:groupid);"); $stmt->execute( array( 'id' => $group, @@ -46,7 +46,7 @@ function action(){ ); foreach($users as $user){ - $stmt = $this->data['pdo']->prepare("INSERT INTO `{$this->dbprefix}group_users` (`grupid`,`users`) VALUES (:grupid,:users)"); + $stmt = $this->data['pdo']->prepare("INSERT INTO `{$this->dbprefix}group_users` (`grupid`,`users`) VALUES (:grupid,:users);"); $stmt->execute( array( 'grupid' => $group, @@ -55,7 +55,7 @@ function action(){ ); } - $stmt = $this->data['pdo']->prepare("INSERT INTO `{$this->dbprefix}msgs` (`mid`,`msg`,`grp_id`,`sender_id`) VALUES (1,:msg,:grp_id,:sender_id)"); + $stmt = $this->data['pdo']->prepare("INSERT INTO `{$this->dbprefix}msgs` (`mid`,`msg`,`grp_id`,`sender_id`) VALUES (1,:msg,:grp_id,:sender_id);"); $stmt->execute( array( 'msg' => 'You are now connected on KChat', diff --git a/kchat/actions/createuser.php b/kchat/actions/createuser.php index 14c3062..fb1d0fa 100644 --- a/kchat/actions/createuser.php +++ b/kchat/actions/createuser.php @@ -21,7 +21,7 @@ function action(){ ) ); - $stmt = $this->data['pdo']->prepare("SELECT uname FROM {$this->dbprefix}users where uname =:uname"); + $stmt = $this->data['pdo']->prepare("SELECT uname FROM {$this->dbprefix}users where uname =:uname;"); $stmt->execute(array('uname' => $_POST['user_name'])); $row = $stmt->fetch(); if(isset($row['uname'])){ @@ -29,7 +29,7 @@ function action(){ return false; } - $stmt = $this->data['pdo']->prepare("insert into {$this->dbprefix}pusers (`fname`, `lname`, `uname`, `secret`, `depart`, `email`) values(:fname,:lname,:uname,:secret,:dept,:user_email)"); + $stmt = $this->data['pdo']->prepare("insert into {$this->dbprefix}pusers (`fname`, `lname`, `uname`, `secret`, `depart`, `email`) values(:fname,:lname,:uname,:secret,:dept,:user_email);"); $stmt->execute($arr['verify']); $link = $this->data['config']['purl'].'/login/verify/'.base64_encode($arr['verify']['secret'].serialize($arr)); //SENDING MAIL TO NEW USER EMAIL diff --git a/kchat/actions/getdepart.php b/kchat/actions/getdepart.php index 82e1c83..801d5dd 100644 --- a/kchat/actions/getdepart.php +++ b/kchat/actions/getdepart.php @@ -11,7 +11,7 @@ class getdepart extends action{ function action(){ $dept = array(); - $stmt = $this->data['pdo']->prepare("SELECT * FROM `{$this->dbprefix}department`"); + $stmt = $this->data['pdo']->prepare("SELECT * FROM `{$this->dbprefix}department`;"); $stmt->execute(array()); while ($row = $stmt->fetch()) { diff --git a/kchat/actions/guestlist.php b/kchat/actions/guestlist.php index bfb7443..48b2c4c 100644 --- a/kchat/actions/guestlist.php +++ b/kchat/actions/guestlist.php @@ -19,7 +19,7 @@ function action(){ $limit = 10; } - $stmt = $this->data['pdo']->prepare("SELECT u.id,u.fname,u.lname,u.uname,g.ip,g.country_code,g.time_zone,g.latitude,g.longitude,u.ctime FROM {$this->dbprefix}users u join {$this->dbprefix}guest g WHERE u.role = 3 and u.id = g.id limit :limit offset :offset"); + $stmt = $this->data['pdo']->prepare("SELECT u.id,u.fname,u.lname,u.uname,g.ip,g.country_code,g.time_zone,g.latitude,g.longitude,u.ctime FROM {$this->dbprefix}users u join {$this->dbprefix}guest g WHERE u.role = 3 and u.id = g.id limit :limit offset :offset;"); $stmt->execute(array('limit' => $limit,'offset' => $offset)); while ($row = $stmt->fetch()) { diff --git a/kchat/actions/login.php b/kchat/actions/login.php index 5c5f996..e2eab6a 100644 --- a/kchat/actions/login.php +++ b/kchat/actions/login.php @@ -11,7 +11,7 @@ function action(){ if(isset($_POST['username'])){ $user = $_POST['username']; $password = $_POST['password']; - $stmt = $this->data['pdo']->prepare("SELECT * FROM `{$this->dbprefix}users` where uname = :uname"); + $stmt = $this->data['pdo']->prepare("SELECT * FROM `{$this->dbprefix}users` where uname = :uname;"); $stmt->execute(array('uname' => $user)); $success = 'fail'; while ($row = $stmt->fetch()) diff --git a/kchat/actions/msgs.php b/kchat/actions/msgs.php index b021b8b..b27e407 100644 --- a/kchat/actions/msgs.php +++ b/kchat/actions/msgs.php @@ -77,7 +77,7 @@ function action($data){ function getstatus($data){ $return = array(); $output = array(); - $stmt = $data['pdo']->prepare("SELECT * FROM `{$this->dbprefix}temp` where `group` = :group;"); + $stmt = $data['pdo']->prepare("select * from `{$this->dbprefix}cache` where (`time` > (unix_timestamp() - 5)) and `group` = :group;"); $this->qfired++; $stmt->execute(array( 'group' => getGroup($data) @@ -190,7 +190,7 @@ function chats($data){ //updating message status if(isset($lastseen)){ - $stmt = $data['pdo']->prepare("UPDATE `{$this->dbprefix}group_users` SET `notify` = :notify where users = :users and grupid = :grupid"); + $stmt = $data['pdo']->prepare("UPDATE `{$this->dbprefix}group_users` SET `notify` = :notify where users = :users and grupid = :grupid;"); $this->qfired++; $stmt->execute( array( @@ -213,7 +213,7 @@ function msg_insert($data,$msg){ } // getting group id - $stmt = $data['pdo']->prepare("SELECT IFNULL(MAX(`mid`) + 1, 0) as mid FROM `{$this->dbprefix}msgs` WHERE `grp_id` = :grp_id"); + $stmt = $data['pdo']->prepare("SELECT IFNULL(MAX(`mid`) + 1, 0) as mid FROM `{$this->dbprefix}msgs` WHERE `grp_id` = :grp_id;"); $this->qfired++; $stmt->execute( array( @@ -225,7 +225,7 @@ function msg_insert($data,$msg){ $mid = $row['mid']; } - $stmt = $data['pdo']->prepare("INSERT INTO `{$this->dbprefix}msgs` (`msg`,`grp_id`,`sender_id`,`mid`) VALUES (:msg, :grp_id, :sender_id, :mid)"); + $stmt = $data['pdo']->prepare("INSERT INTO `{$this->dbprefix}msgs` (`msg`,`grp_id`,`sender_id`,`mid`) VALUES (:msg, :grp_id, :sender_id, :mid);"); $this->qfired++; $stmt->execute( @@ -243,7 +243,7 @@ function msg_insert($data,$msg){ $sql = "UPDATE `{$this->dbprefix}cache` SET `time` = UNIX_TIMESTAMP() WHERE uname = :uname AND - process = 2"; + process = 2;"; $sql_array = array( 'uname' => $data['user']['uname'] ); @@ -276,7 +276,7 @@ function message($data){ if($_POST['first_run'] == 'true'){ //runing at first time - $sql = "SELECT `id`,(select concat(fname,' ',lname) as username from {$this->dbprefix}users where id = sender_id limit 1) as username,`msg`,`time`,`sender_id`,`mid` from {$this->dbprefix}msgs WHERE mid >= 0 and `grp_id` = :grp_id2 and (select count(`id`) FROM `{$this->dbprefix}group_users` WHERE `users` = :user AND `grupid` = :grp_id) != 0 ORDER BY id DESC limit 25"; + $sql = "SELECT `id`,(select concat(fname,' ',lname) as username from {$this->dbprefix}users where id = sender_id limit 1) as username,`msg`,`time`,`sender_id`,`mid` from {$this->dbprefix}msgs WHERE mid >= 0 and `grp_id` = :grp_id2 and (select count(`id`) FROM `{$this->dbprefix}group_users` WHERE `users` = :user AND `grupid` = :grp_id) != 0 ORDER BY id DESC limit 25;"; $sql_array = array( 'grp_id2' => $grp_id, @@ -286,7 +286,7 @@ function message($data){ }else{ //runing at all time - $sql = "SELECT `id`,(select concat(fname,' ',lname) as username from {$this->dbprefix}users where id = sender_id limit 1) as username,`msg`,`time`,`sender_id`,`mid` from {$this->dbprefix}msgs WHERE mid > (select `seens` from `{$this->dbprefix}group_users` where grupid = :grp_id0 and users = :user0 limit 1) and `grp_id` = :grp_id1 and (select count(`id`) FROM `{$this->dbprefix}group_users` WHERE `users` = :user1 AND `grupid` = :grp_id2) != 0 ORDER BY id DESC"; + $sql = "SELECT `id`,(select concat(fname,' ',lname) as username from {$this->dbprefix}users where id = sender_id limit 1) as username,`msg`,`time`,`sender_id`,`mid` from {$this->dbprefix}msgs WHERE mid > (select `seens` from `{$this->dbprefix}group_users` where grupid = :grp_id0 and users = :user0 limit 1) and `grp_id` = :grp_id1 and (select count(`id`) FROM `{$this->dbprefix}group_users` WHERE `users` = :user1 AND `grupid` = :grp_id2) != 0 ORDER BY id DESC;"; $sql_array = array( 'grp_id0' => $grp_id, 'user0' => $data['user']['id'], @@ -333,7 +333,7 @@ function message($data){ // lastseen is set first time for limit 25 and sets seens to last row witch is selected at first run hance second time msgs are fetch because seen in not equals to last msg id //updating message status if(isset($lastseen)){ - $sql = "UPDATE `{$this->dbprefix}group_users` SET `seens` = :seens where users = :users and grupid = :grupid"; + $sql = "UPDATE `{$this->dbprefix}group_users` SET `seens` = :seens where users = :users and grupid = :grupid;"; $sql_array = array( 'seens' => $lastseen, 'users' => $data['user']['id'], @@ -349,7 +349,7 @@ function message($data){ $offset = $_POST['offset']; if($offset != 'none'){ //run to get old msgs - $sql = "SELECT `id`,(select concat(fname,' ',lname) as username from {$this->dbprefix}users where id = sender_id limit 1) as username,`msg`,`time`,`sender_id`,`mid` from {$this->dbprefix}msgs WHERE mid >= 0 and mid < :mid and `grp_id` = :grp_id1 and (select count(`id`) FROM `{$this->dbprefix}group_users` WHERE `users` = :users AND `grupid` = :grp_id2) != 0 ORDER BY id DESC limit 10"; + $sql = "SELECT `id`,(select concat(fname,' ',lname) as username from {$this->dbprefix}users where id = sender_id limit 1) as username,`msg`,`time`,`sender_id`,`mid` from {$this->dbprefix}msgs WHERE mid >= 0 and mid < :mid and `grp_id` = :grp_id1 and (select count(`id`) FROM `{$this->dbprefix}group_users` WHERE `users` = :users AND `grupid` = :grp_id2) != 0 ORDER BY id DESC limit 10;"; $sql_array = array( 'mid' => $offset, @@ -416,7 +416,7 @@ function lastaccess($data){ SET `time` = UNIX_TIMESTAMP(), `group` = :group WHERE uname = :uname AND - process = 1"; + process = 1;"; $sql_array = array( 'group' => getGroup($data), 'uname' => $data['user']['uname'] diff --git a/kchat/actions/plotly.php b/kchat/actions/plotly.php index 711b881..6c42c6b 100644 --- a/kchat/actions/plotly.php +++ b/kchat/actions/plotly.php @@ -16,8 +16,8 @@ function action(){ $json = 'cache/Plotly.json'; //create cache in every 5 second on access if((time() - @filemtime($json)) > 5){ - $stmt = $this->data['pdo']->prepare("SELECT `x`, `y` from {$this->dbprefix}plotly WHERE x >= DATE_SUB(NOW(), INTERVAL 7 DAY)"); - $stmt->execute(); + $stmt = $this->data['pdo']->prepare("SELECT `x`, `y` from {$this->dbprefix}plotly WHERE x >= DATE_SUB(NOW(), INTERVAL 7 DAY);"); + $stmt->execute(array()); while ($row = $stmt->fetch()) { $graph_json[$row['x']] = $row['y']; diff --git a/kchat/actions/profile.php b/kchat/actions/profile.php index a57dd52..7b6d3fb 100644 --- a/kchat/actions/profile.php +++ b/kchat/actions/profile.php @@ -22,14 +22,14 @@ function action(){ echo "Password Doesn't match"; } - $stmt = $this->data['pdo']->prepare("SELECT * FROM {$this->dbprefix}users where uname =:uname"); + $stmt = $this->data['pdo']->prepare("SELECT * FROM {$this->dbprefix}users where uname =:uname;"); $stmt->execute(array('uname' => $_POST['uname'])); $row = $stmt->fetch(); if(empty($arr['profile']['password'])){ $arr['profile']['password'] = $row['password']; } if(isset($row['uname'])){ - $sql = "UPDATE {$this->dbprefix}users SET fname = :fname,lname = :lname,password = :password WHERE uname = :uname"; + $sql = "UPDATE {$this->dbprefix}users SET fname = :fname,lname = :lname,password = :password WHERE uname = :uname;"; $stmt = $this->data['pdo']->prepare($sql); $stmt->execute($arr['profile']); session::setSession($this->data,$row); diff --git a/kchat/actions/typing.php b/kchat/actions/typing.php index 27d57bf..3db99a3 100644 --- a/kchat/actions/typing.php +++ b/kchat/actions/typing.php @@ -13,7 +13,7 @@ function action(){ $sql = "UPDATE `{$this->dbprefix}cache` SET `time` = UNIX_TIMESTAMP() WHERE uname = :uname AND - process = 3"; + process = 3;"; $sql_array = array( 'uname' => $this->data['user']['uname'] ); diff --git a/kchat/actions/userslist.php b/kchat/actions/userslist.php index 3248234..b9485f3 100644 --- a/kchat/actions/userslist.php +++ b/kchat/actions/userslist.php @@ -19,8 +19,8 @@ function action(){ $limit = 10; } - $stmt = $this->data['pdo']->prepare("SELECT (select `dept` from {$this->dbprefix}department where id = role) as role,id,fname,lname,uname,ctime FROM {$this->dbprefix}users WHERE `role` != 3 limit :limit offset :offset"); - $stmt->execute(array('limit' => $limit,'offset' => $offset)); + $stmt = $this->data['pdo']->prepare("SELECT (select `dept` from {$this->dbprefix}department where id = role) as role,id,fname,lname,uname,ctime FROM {$this->dbprefix}users WHERE `role` != 3 limit :l_imit offset :o_ffset;"); + $stmt->execute(array('l_imit' => $limit,'o_ffset' => $offset)); while ($row = $stmt->fetch()) { $users[] = array( diff --git a/kchat/ctrl/ajax.php b/kchat/ctrl/ajax.php index 3af5c63..d62c8bf 100644 --- a/kchat/ctrl/ajax.php +++ b/kchat/ctrl/ajax.php @@ -167,7 +167,7 @@ function settings(){ foreach($setting[0] as $k => $v){ if(isset($setting[1][$k])){ - $sql = "UPDATE {$this->dbprefix}setting SET `value` = :value WHERE `key` = :key"; + $sql = "UPDATE {$this->dbprefix}setting SET `value` = :value WHERE `key` = :key;"; $stmt = $this->data['pdo']->prepare($sql); $stmt->execute(array( 'value' => $setting[1][$k],