makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 22:28:51 +00:00
Code Issues Projects Releases Packages Wiki Activity

[ticket/13310] Always use sql_build_query in acp_email.php

Browse source 
PHPBB3-13310
This commit is contained in:
Oliver Schramm 2014-11-09 02:46:50 +01:00
parent 101945acf9
commit 054ab67771
1 changed files with 10 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
phpBB/includes/acp/acp_email.php
View file

@ -72,11 +72,15 @@ class acp_email
if ($usernames) if ($usernames)
{ {
// If giving usernames the admin is able to email inactive users too... // If giving usernames the admin is able to email inactive users too...
$sql = 'SELECT username, user_email, user_jabber, user_notify_type, user_lang $sql_ary = array(
FROM ' . USERS_TABLE . ' 'SELECT' => 'username, user_email, user_jabber, user_notify_type, user_lang',
WHERE ' . $db->sql_in_set('username_clean', array_map('utf8_clean_string', explode("\n", $usernames))) . ' 'FROM' => array(
AND user_allow_massemail = 1 USERS_TABLE => '',
ORDER BY user_lang, user_notify_type'; // , SUBSTRING(user_email FROM INSTR(user_email, '@')) ),
'WHERE' => $db->sql_in_set('username_clean', array_map('utf8_clean_string', explode("\n", $usernames))) . '
AND user_allow_massemail = 1',
'ORDER_BY' => 'user_lang, user_notify_type',
);
} }
else else
{ {
@ -123,8 +127,8 @@ class acp_email
), ),
); );
} }
$sql = $db->sql_build_query('SELECT', $sql_ary);
} }
$sql = $db->sql_build_query('SELECT', $sql_ary);
$result = $db->sql_query($sql); $result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result); $row = $db->sql_fetchrow($result);