@@ -140,9 +140,8 @@ public static function moodleoverflow_add_rating($moodleoverflow, $postid, $rati
140140 // Get other ratings in the discussion.
141141 $ sql"SELECT *
142142 FROM {moodleoverflow_ratings}
143- WHERE discussionid = $ discussionid AND rating = $ rating
144- LIMIT 1 "
145- $ otherrating$ DB get_record_sql ($ sql
143+ WHERE discussionid = ? AND rating = ? "
144+ $ otherrating$ DB get_record_sql ($ sql$ discussionid , $ rating
146145
147146 // If there is an old rating, update it. Else create a new rating record.
148147 if ($ otherrating
@@ -347,10 +346,9 @@ public static function moodleoverflow_user_rated($postid, $userid = null) {
347346 // Get the rating.
348347 $ sql"SELECT firstrated, rating
349348 FROM {moodleoverflow_ratings}
350- WHERE userid = $ userid AND postid = $ postid AND (rating = 1 OR rating = 2)
351- LIMIT 1 "
349+ WHERE userid = ? AND postid = ? AND (rating = 1 OR rating = 2) "
352350
353- return ($ DB get_record_sql ($ sql
351+ return ($ DB get_record_sql ($ sql, [ $ userid , $ postid ] ));
354352 }
355353
356354 /**
@@ -390,9 +388,9 @@ public static function moodleoverflow_get_ratings_by_discussion($discussionid, $
390388 (SELECT COUNT(rating) FROM {moodleoverflow_ratings} WHERE postid=p.id AND rating = 3) AS issolved,
391389 (SELECT COUNT(rating) FROM {moodleoverflow_ratings} WHERE postid=p.id AND rating = 4) AS ishelpful
392390 FROM {moodleoverflow_posts} p
393- WHERE p.discussion = $ discussionid
391+ WHERE p.discussion = ?
394392 GROUP BY p.id "
395- $ votes$ DB get_records_sql ($ sql
393+ $ votes$ DB get_records_sql ($ sql, [ $ discussionid ] );
396394
397395 // A single post is requested.
398396 if ($ postid
@@ -596,9 +594,8 @@ private static function moodleoverflow_check_old_rating($postid, $userid, $oldra
596594 // Get the normal rating.
597595 $ sql"SELECT *
598596 FROM {moodleoverflow_ratings}
599- WHERE userid = $ userid AND postid = $ postid AND (rating = 1 OR rating = 2)
600- LIMIT 1 "
601- $ rating'normal ' ] = $ DB get_record_sql ($ sql
597+ WHERE userid = ? AND postid = ? AND (rating = 1 OR rating = 2) "
598+ $ rating'normal ' ] = $ DB get_record_sql ($ sql$ userid$ postid
602599
603600 // Return the rating if it is requested.
604601 if ($ oldratingRATING_DOWNVOTE OR $ oldratingRATING_UPVOTE ) {
@@ -608,9 +605,8 @@ private static function moodleoverflow_check_old_rating($postid, $userid, $oldra
608605 // Get the solved rating.
609606 $ sql"SELECT *
610607 FROM {moodleoverflow_ratings}
611- WHERE userid = $ userid AND postid = $ postid AND rating = 3
612- LIMIT 1 "
613- $ rating'solved ' ] = $ DB get_record_sql ($ sql
608+ WHERE userid = ? AND postid = ? AND rating = 3 "
609+ $ rating'solved ' ] = $ DB get_record_sql ($ sql$ userid$ postid
614610
615611 // Return the rating if it is requested.
616612 if ($ oldratingRATING_SOLVED ) {
@@ -620,9 +616,8 @@ private static function moodleoverflow_check_old_rating($postid, $userid, $oldra
620616 // Get the helpful rating.
621617 $ sql"SELECT *
622618 FROM {moodleoverflow_ratings}
623- WHERE userid = $ userid AND postid = $ postid AND rating = 4
624- LIMIT 1 "
625- $ rating'helpful ' ] = $ DB get_record_sql ($ sql
619+ WHERE userid = ? AND postid = ? AND rating = 4 "
620+ $ rating'helpful ' ] = $ DB get_record_sql ($ sql$ userid$ postid
626621
627622 // Return the rating if it is requested.
628623 if ($ oldratingRATING_HELPFUL ) {
0 commit comments