use executeAudited in sabredav lock

2013-06-14 12:23:44 +02:00 · 2013-06-14 12:23:44 +02:00 · 471b9c055a
parent 961a001af3
commit 471b9c055a
1 changed files with 12 additions and 13 deletions
--- a/lib/connector/sabre/locks.php
+++ b/lib/connector/sabre/locks.php
@ -88,9 +88,8 @@ class OC_Connector_Sabre_Locks extends Sabre_DAV_Locks_Backend_Abstract {
 		}
 		$query.=')';
-		$stmt = OC_DB::prepare( $query );
+		$result = OC_DB::executeAudited( $query, $params );
-		$result = $stmt->execute( $params );
+		
 		$lockList = array();
 		while( $row = $result->fetchRow()) {
@ -131,10 +130,10 @@ class OC_Connector_Sabre_Locks extends Sabre_DAV_Locks_Backend_Abstract {
 		}
 		if ($exists) {
-			$query = OC_DB::prepare( 'UPDATE `*PREFIX*locks`'
+			$sql = 'UPDATE `*PREFIX*locks`'
-				.' SET `owner` = ?, `timeout` = ?, `scope` = ?, `depth` = ?, `uri` = ?, `created` = ?'
+				 .' SET `owner` = ?, `timeout` = ?, `scope` = ?, `depth` = ?, `uri` = ?, `created` = ?'
-				.' WHERE `userid` = ? AND `token` = ?' );
+				 .' WHERE `userid` = ? AND `token` = ?';
-			$result = $query->execute( array(
+			$result = OC_DB::executeAudited( $sql, array(
 				$lockInfo->owner,
 				$lockInfo->timeout,
 				$lockInfo->scope,
@ -145,10 +144,10 @@ class OC_Connector_Sabre_Locks extends Sabre_DAV_Locks_Backend_Abstract {
 				$lockInfo->token)
 			);
 		} else {
-			$query = OC_DB::prepare( 'INSERT INTO `*PREFIX*locks`'
+			$sql = 'INSERT INTO `*PREFIX*locks`'
-				.' (`userid`,`owner`,`timeout`,`scope`,`depth`,`uri`,`created`,`token`)'
+				 .' (`userid`,`owner`,`timeout`,`scope`,`depth`,`uri`,`created`,`token`)'
-				.' VALUES (?,?,?,?,?,?,?,?)' );
+				 .' VALUES (?,?,?,?,?,?,?,?)';
-			$result = $query->execute( array(
+			$result = OC_DB::executeAudited( $sql, array(
 				OC_User::getUser(),
 				$lockInfo->owner,
 				$lockInfo->timeout,
@ -173,8 +172,8 @@ class OC_Connector_Sabre_Locks extends Sabre_DAV_Locks_Backend_Abstract {
 	 */
 	public function unlock($uri, Sabre_DAV_Locks_LockInfo $lockInfo) {
-		$query = OC_DB::prepare( 'DELETE FROM `*PREFIX*locks` WHERE `userid` = ? AND `uri` = ? AND `token` = ?' );
+		$sql = 'DELETE FROM `*PREFIX*locks` WHERE `userid` = ? AND `uri` = ? AND `token` = ?';
-		$result = $query->execute( array(OC_User::getUser(), $uri, $lockInfo->token));
+		$result = OC_DB::executeAudited( $sql, array(OC_User::getUser(), $uri, $lockInfo->token));
 		return $result->numRows() === 1;