- $r = q("SELECT COUNT(*) AS `total` FROM `contact` WHERE
- `uid` = %d AND `network` = '%s' AND `rel` IN (%d, %d)",
- intval($uid),
- dbesc(NETWORK_OSTATUS),
- intval(CONTACT_IS_FRIEND),
- intval(CONTACT_IS_SHARING));
+ $r = q("SELECT COUNT(*) AS `total` FROM `contact` WHERE
+ `uid` = %d AND `network` = '%s' AND `rel` IN (%d, %d)",
+ intval($uid),
+ DBA::escape(Protocol::OSTATUS),
+ intval(Contact::FRIEND),
+ intval(Contact::SHARING));