From db0e6dfeb02382acd2dad1932db97ceb43be01d7 Mon Sep 17 00:00:00 2001 From: HB9HIL Date: Wed, 14 Aug 2024 15:01:12 +0200 Subject: [PATCH] bindings in helvetia model --- application/models/Helvetia_model.php | 52 +++++++++++++++++---------- 1 file changed, 33 insertions(+), 19 deletions(-) diff --git a/application/models/Helvetia_model.php b/application/models/Helvetia_model.php index 8af56a2e7..988212bf3 100644 --- a/application/models/Helvetia_model.php +++ b/application/models/Helvetia_model.php @@ -85,8 +85,7 @@ class helvetia_model extends CI_Model { /* * Function gets worked and confirmed summary on each band on the active stationprofile */ - function get_helvetia_summary($bands, $postdata) - { + function get_helvetia_summary($bands, $postdata) { $this->load->model('logbooks_model'); $logbooks_locations_array = $this->logbooks_model->list_logbook_relationships($this->session->userdata('active_station_logbook')); @@ -112,14 +111,15 @@ class helvetia_model extends CI_Model { return $helvetiaSummary; } - function getSummaryByBand($band, $postdata, $location_list) - { + function getSummaryByBand($band, $postdata, $location_list) { + $binding=[]; + $sql = "SELECT count(distinct thcv.col_state) as count FROM " . $this->config->item('table_name') . " thcv"; $sql .= " where station_id in (" . $location_list . ")"; if ($band == 'SAT') { - $sql .= " and thcv.col_prop_mode ='" . $band . "'"; + $sql .= " and thcv.col_prop_mode = 'SAT'"; } else if ($band == 'All') { $this->load->model('bands'); @@ -131,28 +131,31 @@ class helvetia_model extends CI_Model { " and thcv.col_prop_mode !='SAT'"; } else { $sql .= " and thcv.col_prop_mode !='SAT'"; - $sql .= " and thcv.col_band ='" . $band . "'"; + $sql .= " and thcv.col_band = ?"; + $binding[] = $band; } if ($postdata['mode'] != 'All') { - $sql .= " and (col_mode = '" . $postdata['mode'] . "' or col_submode = '" . $postdata['mode'] . "')"; + $sql .= " and (col_mode = ? or col_submode = ?)"; + $binding[] = $postdata['mode']; + $binding[] = $postdata['mode']; } $sql .= $this->addStateToQuery(); - $query = $this->db->query($sql); + $query = $this->db->query($sql, $binding); return $query->result(); } - function getSummaryByBandConfirmed($band, $postdata, $location_list) - { + function getSummaryByBandConfirmed($band, $postdata, $location_list) { + $binding=[]; $sql = "SELECT count(distinct thcv.col_state) as count FROM " . $this->config->item('table_name') . " thcv"; $sql .= " where station_id in (" . $location_list . ")"; if ($band == 'SAT') { - $sql .= " and thcv.col_prop_mode ='" . $band . "'"; + $sql .= " and thcv.col_prop_mode ='SAT'"; } else if ($band == 'All') { $this->load->model('bands'); @@ -164,18 +167,21 @@ class helvetia_model extends CI_Model { " and thcv.col_prop_mode !='SAT'"; } else { $sql .= " and thcv.col_prop_mode !='SAT'"; - $sql .= " and thcv.col_band ='" . $band . "'"; + $sql .= " and thcv.col_band = ?"; + $binding[] = $band; } if ($postdata['mode'] != 'All') { - $sql .= " and (col_mode = '" . $postdata['mode'] . "' or col_submode = '" . $postdata['mode'] . "')"; + $sql .= " and (col_mode = ? or col_submode = ?)"; + $binding[] = $postdata['mode']; + $binding[] = $postdata['mode']; } $sql .= $this->genfunctions->addQslToQuery($postdata); $sql .= $this->addStateToQuery(); - $query = $this->db->query($sql); + $query = $this->db->query($sql, $binding); return $query->result(); } @@ -185,11 +191,14 @@ class helvetia_model extends CI_Model { * $postdata contains data from the form, in this case Lotw or QSL are used */ function gethelvetiaWorked($location_list, $band, $postdata) { + $binding=[]; $sql = "SELECT distinct col_state FROM " . $this->config->item('table_name') . " thcv where station_id in (" . $location_list . ")"; if ($postdata['mode'] != 'All') { - $sql .= " and (col_mode = '" . $postdata['mode'] . "' or col_submode = '" . $postdata['mode'] . "')"; + $sql .= " and (col_mode = ? or col_submode = ?)"; + $binding[] = $postdata['mode']; + $binding[] = $postdata['mode']; } $sql .= $this->addStateToQuery(); @@ -201,7 +210,9 @@ class helvetia_model extends CI_Model { " and col_state = thcv.col_state"; if ($postdata['mode'] != 'All') { - $sql .= " and (col_mode = '" . $postdata['mode'] . "' or col_submode = '" . $postdata['mode'] . "')"; + $sql .= " and (col_mode = ? or col_submode = ?)"; + $binding[] = $postdata['mode']; + $binding[] = $postdata['mode']; } $sql .= $this->genfunctions->addBandToQuery($band); @@ -212,7 +223,7 @@ class helvetia_model extends CI_Model { $sql .= ")"; - $query = $this->db->query($sql); + $query = $this->db->query($sql, $binding); return $query->result(); } @@ -222,11 +233,14 @@ class helvetia_model extends CI_Model { * $postdata contains data from the form, in this case Lotw or QSL are used */ function gethelvetiaConfirmed($location_list, $band, $postdata) { + $binding=[]; $sql = "SELECT distinct col_state FROM " . $this->config->item('table_name') . " thcv where station_id in (" . $location_list . ")"; if ($postdata['mode'] != 'All') { - $sql .= " and (col_mode = '" . $postdata['mode'] . "' or col_submode = '" . $postdata['mode'] . "')"; + $sql .= " and (col_mode = ? or col_submode = ?)"; + $binding[] = $postdata['mode']; + $binding[] = $postdata['mode']; } $sql .= $this->addStateToQuery(); @@ -235,7 +249,7 @@ class helvetia_model extends CI_Model { $sql .= $this->genfunctions->addQslToQuery($postdata); - $query = $this->db->query($sql); + $query = $this->db->query($sql, $binding); return $query->result(); }