more pear/mdb2 integration

git-svn-id: https://svn.roundcube.net/trunk@58 208e9e7b-5314-0410-a742-e7e81cd9613c
author: sparc <sparc@208e9e7b-5314-0410-a742-e7e81cd9613c> 2005-10-25 15:04:17 +0000
committer: sparc <sparc@208e9e7b-5314-0410-a742-e7e81cd9613c> 2005-10-25 15:04:17 +0000
commit: 245939ed7116e018fb877fcd4f4a129eade9423c (patch)
tree: 79ad707eacc1cf82f7fe0b2a5992ca1e39f447af /roundcubemail/program/steps/mail/addcontact.inc
parent: 5816625cc300075c43c6ef43a200dd35e1b8257d (diff)
1 files changed, 11 insertions, 14 deletions
diff --git a/roundcubemail/program/steps/mail/addcontact.inc b/roundcubemail/program/steps/mail/addcontact.inc
index 465ed3125..6ead67812 100644
--- a/roundcubemail/program/steps/mail/addcontact.inc
+++ b/roundcubemail/program/steps/mail/addcontact.inc
@@ -29,13 +29,11 @@ if ($_GET['_address'])
     $contact = $contact_arr[1];
 
     if ($contact['mailto'])
-      $sql_result = $DB->query(sprintf("SELECT 1 FROM %s
-                                        WHERE  user_id=%d
-                                        AND    email='%s'
-                                        AND    del!='1'",
-                                       get_table_name('contacts'),
-                                       $_SESSION['user_id'],
-                                       $contact['mailto']));
+      $sql_result = $DB->query("SELECT 1 FROM ".get_table_name('contacts')."
+                                WHERE  user_id=?
+                                AND    email=?
+                                AND    del<>'1'",
+                                $_SESSION['user_id'],$contact['mailto']);
 
     // contact entry with this mail address exists
     if ($sql_result && $DB->num_rows($sql_result))
@@ -43,13 +41,12 @@ if ($_GET['_address'])
 
     else if ($contact['mailto'])
       {
-      $DB->query(sprintf("INSERT INTO %s
-                          (user_id, name, email)
-                          VALUES (%d, '%s', '%s')",
-                         get_table_name('contacts'),
-                         $_SESSION['user_id'],
-                         $contact['name'],
-                         $contact['mailto']));
+      $DB->query("INSERT INTO ".get_table_name('contacts')."
+                  (user_id, name, email)
+                  VALUES (?, ?, ?)",
+                  $_SESSION['user_id'],
+                  $contact['name'],
+                  $contact['mailto']);
 
       $added = $DB->insert_id();
       }
author	sparc <sparc@208e9e7b-5314-0410-a742-e7e81cd9613c>	2005-10-25 15:04:17 +0000
committer	sparc <sparc@208e9e7b-5314-0410-a742-e7e81cd9613c>	2005-10-25 15:04:17 +0000
commit	245939ed7116e018fb877fcd4f4a129eade9423c (patch)
tree	79ad707eacc1cf82f7fe0b2a5992ca1e39f447af /roundcubemail/program/steps/mail/addcontact.inc
parent	5816625cc300075c43c6ef43a200dd35e1b8257d (diff)