From e9d2e83670f66050455efda3e17c58c374adf894 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20T=C3=A4nzer?= <neo@nhng.de>
Date: Thu, 29 Apr 2010 21:32:48 +0200
Subject: [PATCH] quoteInto() only accepts '?' as place holder
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Michael Tänzer <neo@nhng.de>
---
 .../application/controllers/AddPointsController.php | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/manager/application/controllers/AddPointsController.php b/manager/application/controllers/AddPointsController.php
index 891ee5d..b7f3541 100644
--- a/manager/application/controllers/AddPointsController.php
+++ b/manager/application/controllers/AddPointsController.php
@@ -103,16 +103,15 @@ class AddPointsController extends Zend_Controller_Action
         
         // Fix the assurer flag
         $where = array();
-        $query = '`users`.`id` = :user';
-        $query_params['user'] = $user['id'];
-        $where[] = $this->db->quoteInto($query, $query_params);
+        $query = '`users`.`id` = ?';
+        $where[] = $this->db->quoteInto($query, $user['id']);
         $query = 'exists(select * from `cats_passed` as `cp`, ' .
         	'`cats_variant` as `cv` where `cp`.`variant_id` = `cv`.`id` and ' .
-        	'`cv`.`type_id` = 1 and `cp`.`user_id` = :user';
-        $where[] = $this->db->quoteInto($query, $query_params);
-        $query = '(select sum(`points`) from `notary` where `to`= :user and ' .
+        	'`cv`.`type_id` = 1 and `cp`.`user_id` = ?';
+        $where[] = $this->db->quoteInto($query, $user['id']);
+        $query = '(select sum(`points`) from `notary` where `to`= ? and ' .
         	'`expire` > now()) >= 100';
-        $where[] = $this->db->quoteInto($query, $query_params);
+        $where[] = $this->db->quoteInto($query, $user['id']);
         $this->db->update('users', array('assurer' => 1), $where);
         
         return;