// add parent-uri to sql command if specified by calling app
$sql_extra = ($parenturi != "" ? " AND `parent-uri` = '" . DBA::escape($parenturi) . "'" : "");
- // get data of the specified message id
- $r = q(
- "SELECT `id` FROM `mail` WHERE `uid` = %d AND `id` = %d" . $sql_extra,
- intval($uid),
- intval($id)
- );
-
// error message if specified id is not in database
- if (!DBA::isResult($r)) {
+ if (!DBA::exists('mail', ["`uid` = ? AND `id` = ? " . $sql_extra, $uid, $id])) {
if ($verbose == "true") {
$answer = ['result' => 'error', 'message' => 'message id not in database'];
return api_format_data("direct_messages_delete", $type, ['$result' => $answer]);
}
// delete message
- $result = q(
- "DELETE FROM `mail` WHERE `uid` = %d AND `id` = %d" . $sql_extra,
- intval($uid),
- intval($id)
- );
+ $result = DBA::delete('mail', ["`uid` = ? AND `id` = ? " . $sql_extra, $uid, $id]);
if ($verbose == "true") {
if ($result) {
// Display one photo
if ($datatype === 'image') {
// fetch image, item containing image, then comments
- $ph = q("SELECT * FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s'
- $sql_extra ORDER BY `scale` ASC ",
- intval($owner_uid),
- DBA::escape($datum)
- );
+ $ph = Photo::selectToArray([], ["`uid` = ? AND `resource-id` = ? " . $sql_extra, $owner_uid, $datum], ['order' => ['scale' => true]]);
if (!DBA::isResult($ph)) {
if (DBA::exists('photo', ['resource-id' => $datum, 'uid' => $owner_uid])) {
$order = 'DESC';
}
- $prvnxt = q("SELECT `resource-id` FROM `photo` WHERE `album` = '%s' AND `uid` = %d AND `scale` = 0
- $sql_extra ORDER BY `created` $order ",
- DBA::escape($ph[0]['album']),
- intval($owner_uid)
- );
+ $prvnxt = Photo::selectToArray(['resource-id'], ["`album` = ? AND `uid` = ? AND `scale` = ?" . $sql_extra, $ph[0]['album'], $owner_uid, 0]);
if (DBA::isResult($prvnxt)) {
$prv = null;