Skip to content

Commit

Permalink
Fix requesting updates or messages with invalid parameters.
Browse files Browse the repository at this point in the history
  • Loading branch information
@noplanman
noplanman committed Sep 10, 2017
1 parent 0806b5a commit 6313c24
Showing 1 changed file with 17 additions and 9 deletions.
26 changes: 17 additions & 9 deletions src/DB.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -185,23 +185,28 @@ public static function selectTelegramUpdate($limit = null, $id = null)
}

try {
$sql = 'SELECT `id` FROM `' . TB_TELEGRAM_UPDATE . '`';
$sql = '
SELECT `id`
FROM `' . TB_TELEGRAM_UPDATE . '`
';

if ($id !== null) {
$sql .= ' WHERE `id` = :id';
} else {
$sql .= ' ORDER BY `id` DESC';
}

$sql .= ' ORDER BY `id` DESC';

if ($limit !== null) {
$sql .= ' LIMIT :limit';
}

$sth = self::$pdo->prepare($sql);
$sth->bindParam(':limit', $limit, PDO::PARAM_INT);

if ($limit !== null) {
$sth->bindValue(':limit', $limit, PDO::PARAM_INT);
}
if ($id !== null) {
$sth->bindParam(':id', $id, PDO::PARAM_STR);
$sth->bindValue(':id', $id);
}

$sth->execute();
Expand Down Expand Up @@ -230,16 +235,19 @@ public static function selectMessages($limit = null)
$sql = '
SELECT *
FROM `' . TB_MESSAGE . '`
WHERE `update_id` != 0
ORDER BY `message_id` DESC
ORDER BY `id` DESC
';

if ($limit !== null) {
$sql .= 'LIMIT :limit';
$sql .= ' LIMIT :limit';
}

$sth = self::$pdo->prepare($sql);
$sth->bindParam(':limit', $limit, PDO::PARAM_INT);

if ($limit !== null) {
$sth->bindValue(':limit', $limit, PDO::PARAM_INT);
}

$sth->execute();

return $sth->fetchAll(PDO::FETCH_ASSOC);
Expand Down

0 comments on commit 6313c24

Please sign in to comment.