Ignore:
Timestamp:
Mar 12, 2018, 8:53:21 PM (6 years ago)
Author:
roby
Message:
 
File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/client/modules.php

    r241 r253  
    9999
    100100
    101 
    102 
     101$dbi = new PDO("mysql:host=$dbhost;charset=latin1", $dbuname, $dbpass, array(PDO::ATTR_EMULATE_PREPARES => false,
     102                                                                                                PDO::ATTR_ERRMODE=>PDO::ERRMODE_EXCEPTION));   
     103$sql = "use $dbname";
     104$dbi->exec($sql);
     105
     106/*
    103107
    104108if(!$dbi = mysql_connect($dbhost, $dbuname, $dbpass)){
     
    110114}
    111115mysql_query("SET NAMES 'utf8'", $dbi);
    112 
     116*/
    113117# protezione csrf ottobre 2012 - by l.apolito
    114118if (file_exists("inc/csrf-magic/csrf-magic.php")) {
     
    122126
    123127# carica i parametri di default sulla tabella
    124 $res = mysql_query("SELECT * FROM ".$prefix."_config" , $dbi);
    125 $row = mysql_fetch_array($res);
     128$sql = $dbi->prepare("SELECT * FROM ".$prefix."_config");
     129$sql->execute();
     130while($riga = $sql->fetchAll(PDO::FETCH_ASSOC)){$row=$riga[0];
    126131$sitename = stripslashes($row['sitename']);
    127132$siteurl = $row['siteurl'];
     
    146151$ed_user = $row['ed_user'];
    147152#tema mobile
    148 
     153}
    149154
    150155
    151156
    152157# altre config
    153 $res = mysql_query("SELECT * FROM ".$prefix."_ele_comuni where id_comune='$siteistat' ", $dbi);
    154 $row = mysql_fetch_array($res);
     158$sql = $dbi->prepare("SELECT * FROM ".$prefix."_ele_comuni where id_comune='$siteistat' ");
     159$sql->execute();
     160$riga = $sql->fetchAll(PDO::FETCH_ASSOC);
     161$row=$riga[0];
    155162$id_cons_pred = intval($row['id_cons']);
    156163if($id_cons_pred=='0')$id_cons_pred='';
    157164if(!isset($id_cons_gen)) $id_cons_gen=$id_cons_pred;
    158165# carica il metodo d'hontd
    159 $res = mysql_query("SELECT * FROM ".$prefix."_ele_cons_comune where id_cons_gen='$id_cons_gen' ", $dbi);
    160 $row = mysql_fetch_array($res);
    161 
    162 
    163 
     166##$sql = $dbi->prepare("SELECT * FROM ".$prefix."_ele_cons_comune where id_cons_gen='$id_cons_gen' ");
     167##$sql->execute();
    164168
    165169$param=strip_tags(strtolower($_SERVER['REQUEST_METHOD'])) == 'get' ? $_GET : $_POST;
     
    170174$id_cons_bak=intval($param['id_cons_gen']);
    171175if (isset($param['id_comune'])) $id_combak=intval($param['id_comune']); else $id_combak=$_SESSION['id_comune'];
    172 $res = mysql_query("SELECT id_cons,id_conf FROM ".$prefix."_ele_cons_comune where id_cons_gen='$id_cons_bak' and id_comune='$id_combak'" , $dbi);
    173 list($id_cons,$hondt) = mysql_fetch_row($res);
     176$sql = $dbi->prepare("SELECT id_cons,id_conf FROM ".$prefix."_ele_cons_comune where id_cons_gen='$id_cons_bak' and id_comune='$id_combak'");
     177$sql->execute();
     178$row = $sql->fetchAll(PDO::FETCH_ASSOC);
     179$id_cons=$row[1];$hondt=$row[2];
    174180
    175181// incluso in consiglieri.php, ma io carico le vecchie variabili per compatibilit'a all'indietro
    176182if($hondt>=1){
    177183# proiezione consiglio
    178       $res = mysql_query("SELECT * FROM ".$prefix."_ele_conf where id_conf='$hondt'", $dbi);
    179       $row = mysql_fetch_array($res);
     184      $row = $dbi->exec("SELECT * FROM ".$prefix."_ele_conf where id_conf='$hondt'");
     185     
    180186      $descrizione_consiglio = $row['descrizione'];
    181187      $LIMITE = intval($row['limite']);
Note: See TracChangeset for help on using the changeset viewer.