From: Jörn Friedrich Dreyer <jfd@butonic.de>
Date: Fri, 14 Jun 2013 10:23:44 +0000 (+0200)
Subject: use executeAudited in sabredav lock
X-Git-Tag: v6.0.0alpha2~628^2~3
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=471b9c055a16b3f7b8100870e40fffe4d6b2d646;p=nextcloud-server.git

use executeAudited in sabredav lock
---

diff --git a/lib/connector/sabre/locks.php b/lib/connector/sabre/locks.php
index 745523c7a5b..1364aae0103 100644
--- a/lib/connector/sabre/locks.php
+++ b/lib/connector/sabre/locks.php
@@ -88,9 +88,8 @@ class OC_Connector_Sabre_Locks extends Sabre_DAV_Locks_Backend_Abstract {
 		}
 		$query.=')';
 
-		$stmt = OC_DB::prepare( $query );
-		$result = $stmt->execute( $params );
-
+		$result = OC_DB::executeAudited( $query, $params );
+		
 		$lockList = array();
 		while( $row = $result->fetchRow()) {
 
@@ -131,10 +130,10 @@ class OC_Connector_Sabre_Locks extends Sabre_DAV_Locks_Backend_Abstract {
 		}
 
 		if ($exists) {
-			$query = OC_DB::prepare( 'UPDATE `*PREFIX*locks`'
-				.' SET `owner` = ?, `timeout` = ?, `scope` = ?, `depth` = ?, `uri` = ?, `created` = ?'
-				.' WHERE `userid` = ? AND `token` = ?' );
-			$result = $query->execute( array(
+			$sql = 'UPDATE `*PREFIX*locks`'
+				 .' SET `owner` = ?, `timeout` = ?, `scope` = ?, `depth` = ?, `uri` = ?, `created` = ?'
+				 .' WHERE `userid` = ? AND `token` = ?';
+			$result = OC_DB::executeAudited( $sql, array(
 				$lockInfo->owner,
 				$lockInfo->timeout,
 				$lockInfo->scope,
@@ -145,10 +144,10 @@ class OC_Connector_Sabre_Locks extends Sabre_DAV_Locks_Backend_Abstract {
 				$lockInfo->token)
 			);
 		} else {
-			$query = OC_DB::prepare( 'INSERT INTO `*PREFIX*locks`'
-				.' (`userid`,`owner`,`timeout`,`scope`,`depth`,`uri`,`created`,`token`)'
-				.' VALUES (?,?,?,?,?,?,?,?)' );
-			$result = $query->execute( array(
+			$sql = 'INSERT INTO `*PREFIX*locks`'
+				 .' (`userid`,`owner`,`timeout`,`scope`,`depth`,`uri`,`created`,`token`)'
+				 .' VALUES (?,?,?,?,?,?,?,?)';
+			$result = OC_DB::executeAudited( $sql, array(
 				OC_User::getUser(),
 				$lockInfo->owner,
 				$lockInfo->timeout,
@@ -173,8 +172,8 @@ class OC_Connector_Sabre_Locks extends Sabre_DAV_Locks_Backend_Abstract {
 	 */
 	public function unlock($uri, Sabre_DAV_Locks_LockInfo $lockInfo) {
 
-		$query = OC_DB::prepare( 'DELETE FROM `*PREFIX*locks` WHERE `userid` = ? AND `uri` = ? AND `token` = ?' );
-		$result = $query->execute( array(OC_User::getUser(), $uri, $lockInfo->token));
+		$sql = 'DELETE FROM `*PREFIX*locks` WHERE `userid` = ? AND `uri` = ? AND `token` = ?';
+		$result = OC_DB::executeAudited( $sql, array(OC_User::getUser(), $uri, $lockInfo->token));
 
 		return $result->numRows() === 1;