summaryrefslogtreecommitdiffstats
path: root/apps/unhosted
diff options
context:
space:
mode:
authorRobin Appelman <icewind1991@gmail.com>2011-09-17 02:29:35 +0200
committerRobin Appelman <icewind1991@gmail.com>2011-09-17 02:30:00 +0200
commitd0d3fecc9502733fadfa358bcb5e0e2baf46f224 (patch)
tree08fdf319123fd9b27c5b734a142a73df460b5a31 /apps/unhosted
parentf0da2a22580f1b3cde6eb36711a6070175617010 (diff)
downloadnextcloud-server-d0d3fecc9502733fadfa358bcb5e0e2baf46f224.tar.gz
nextcloud-server-d0d3fecc9502733fadfa358bcb5e0e2baf46f224.zip
no need to escape values when using prepared statements
Diffstat (limited to 'apps/unhosted')
-rw-r--r--apps/unhosted/lib_unhosted.php8
1 files changed, 0 insertions, 8 deletions
diff --git a/apps/unhosted/lib_unhosted.php b/apps/unhosted/lib_unhosted.php
index 304759c521c..59dc380c45c 100644
--- a/apps/unhosted/lib_unhosted.php
+++ b/apps/unhosted/lib_unhosted.php
@@ -2,9 +2,6 @@
class OC_UnhostedWeb {
public static function getValidTokens($ownCloudUser, $userAddress, $dataScope) {
- $user=OC_DB::escape($ownCloudUser);
- $userAddress=OC_DB::escape($userAddress);
- $dataScope=OC_DB::escape($dataScope);
$query=OC_DB::prepare("SELECT token,appUrl FROM *PREFIX*authtoken WHERE user=? AND userAddress=? AND dataScope=? LIMIT 100");
$result=$query->execute(array($user,$userAddress,$dataScope));
if( PEAR::isError($result)) {
@@ -43,7 +40,6 @@ class OC_UnhostedWeb {
public static function deleteToken($token) {
$user=OC_User::getUser();
- $token=OC_DB::escape($token);
$query=OC_DB::prepare("DELETE FROM *PREFIX*authtoken WHERE token=? AND user=?");
$result=$query->execute(array($token,$user));
if( PEAR::isError($result)) {
@@ -55,10 +51,6 @@ class OC_UnhostedWeb {
}
private static function addToken($token, $appUrl, $userAddress, $dataScope){
$user=OC_User::getUser();
- $token=OC_DB::escape($token);
- $appUrl=OC_DB::escape($appUrl);
- $userAddress=OC_DB::escape($userAddress);
- $dataScope=OC_DB::escape($dataScope);
$query=OC_DB::prepare("INSERT INTO *PREFIX*authtoken (`token`,`appUrl`,`user`,`userAddress`,`dataScope`) VALUES(?,?,?,?,?)");
$result=$query->execute(array($token,$appUrl,$user,$userAddress,$dataScope));
if( PEAR::isError($result)) {