use executeAudited in sabredav lock

author Jörn Friedrich Dreyer <jfd@butonic.de>

Fri, 14 Jun 2013 10:23:44 +0000 (12:23 +0200)

committer Jörn Friedrich Dreyer <jfd@butonic.de>

Fri, 14 Jun 2013 10:23:44 +0000 (12:23 +0200)
author Jörn Friedrich Dreyer <jfd@butonic.de>
Fri, 14 Jun 2013 10:23:44 +0000 (12:23 +0200)
committer Jörn Friedrich Dreyer <jfd@butonic.de>
Fri, 14 Jun 2013 10:23:44 +0000 (12:23 +0200)
diff --git a/lib/connector/sabre/locks.php b/lib/connector/sabre/locks.php

index 745523c7a5b356bab24fa532c6907722dc532a35..1364aae0103598ab3a065a0660fc699a3c4d3503 100644 (file)
--- a/lib/connector/sabre/locks.php
+++ b/lib/connector/sabre/locks.php
@@ -88,9 +88,8 @@ class OC_Connector_Sabre_Locks extends Sabre_DAV_Locks_Backend_Abstract {
                 }
                 $query.=')';
  
-               $stmt = OC_DB::prepare( $query );
-               $result = $stmt->execute( $params );
-
+               $result = OC_DB::executeAudited( $query, $params );
+               
                 $lockList = array();
                 while( $row = $result->fetchRow()) {
  
@@ -131,10 +130,10 @@ class OC_Connector_Sabre_Locks extends Sabre_DAV_Locks_Backend_Abstract {
                 }
  
                 if ($exists) {
-                       $query = OC_DB::prepare( 'UPDATE `*PREFIX*locks`'
-                               .' SET `owner` = ?, `timeout` = ?, `scope` = ?, `depth` = ?, `uri` = ?, `created` = ?'
-                               .' WHERE `userid` = ? AND `token` = ?' );
-                       $result = $query->execute( array(
+                       $sql = 'UPDATE `*PREFIX*locks`'
+                                .' SET `owner` = ?, `timeout` = ?, `scope` = ?, `depth` = ?, `uri` = ?, `created` = ?'
+                                .' WHERE `userid` = ? AND `token` = ?';
+                       $result = OC_DB::executeAudited( $sql, array(
                                 $lockInfo->owner,
                                 $lockInfo->timeout,
                                 $lockInfo->scope,
@@ -145,10 +144,10 @@ class OC_Connector_Sabre_Locks extends Sabre_DAV_Locks_Backend_Abstract {
                                 $lockInfo->token)
                         );
                 } else {
-                       $query = OC_DB::prepare( 'INSERT INTO `*PREFIX*locks`'
-                               .' (`userid`,`owner`,`timeout`,`scope`,`depth`,`uri`,`created`,`token`)'
-                               .' VALUES (?,?,?,?,?,?,?,?)' );
-                       $result = $query->execute( array(
+                       $sql = 'INSERT INTO `*PREFIX*locks`'
+                                .' (`userid`,`owner`,`timeout`,`scope`,`depth`,`uri`,`created`,`token`)'
+                                .' VALUES (?,?,?,?,?,?,?,?)';
+                       $result = OC_DB::executeAudited( $sql, array(
                                 OC_User::getUser(),
                                 $lockInfo->owner,
                                 $lockInfo->timeout,
@@ -173,8 +172,8 @@ class OC_Connector_Sabre_Locks extends Sabre_DAV_Locks_Backend_Abstract {
          */
         public function unlock($uri, Sabre_DAV_Locks_LockInfo $lockInfo) {
  
-               $query = OC_DB::prepare( 'DELETE FROM `*PREFIX*locks` WHERE `userid` = ? AND `uri` = ? AND `token` = ?' );
-               $result = $query->execute( array(OC_User::getUser(), $uri, $lockInfo->token));
+               $sql = 'DELETE FROM `*PREFIX*locks` WHERE `userid` = ? AND `uri` = ? AND `token` = ?';
+               $result = OC_DB::executeAudited( $sql, array(OC_User::getUser(), $uri, $lockInfo->token));
  
                 return $result->numRows() === 1;
author	Jörn Friedrich Dreyer <jfd@butonic.de>
	Fri, 14 Jun 2013 10:23:44 +0000 (12:23 +0200)
committer	Jörn Friedrich Dreyer <jfd@butonic.de>
	Fri, 14 Jun 2013 10:23:44 +0000 (12:23 +0200)