|
@@ -14,18 +14,38 @@ |
14 |
14 |
|
public function getComment($id_user, $id_local) { |
15 |
15 |
|
$status = array(); |
16 |
16 |
|
|
17 |
|
- |
$queryComment = "SELECT c.id AS id_commento, id_locale, id_user, voto, descrizione, data, img, username, u.avatar as avatar |
|
17 |
+ |
/* ============= SUPPORTO IMMAGINI NEI COMMENTI DROPPATO =============== */ |
|
18 |
+ |
|
|
19 |
+ |
/*$queryComment = "SELECT c.id AS id_commento, id_locale, id_user, voto, descrizione, data, img, username, u.avatar as avatar |
18 |
20 |
|
FROM commenti as c |
19 |
21 |
|
LEFT JOIN immagini_commenti as i ON c.id=i.id_commento |
20 |
22 |
|
LEFT JOIN utente as u ON c.id_user=u.id |
21 |
|
- |
WHERE id_user=".$id_user." AND id_locale=".$id_local; |
|
23 |
+ |
WHERE id_user=".$id_user." AND id_locale=".$id_local;*/ |
|
24 |
+ |
|
|
25 |
+ |
/* =========== FINE SUPPORTO IMMAGINI NEI COMMENTI DROPPATO ============= */ |
|
26 |
+ |
|
|
27 |
+ |
/*$queryComment = "SELECT c.id AS id_commento, id_locale, id_user, voto, descrizione, data, username, u.avatar as avatar |
|
28 |
+ |
FROM commenti as c |
|
29 |
+ |
LEFT JOIN utente as u ON c.id_user=u.id |
|
30 |
+ |
WHERE id_user=".$id_user." AND id_locale=".$id_local;*/ |
22 |
31 |
|
|
23 |
32 |
|
//echo "<br/>".$queryComment."<br/>"; |
24 |
33 |
|
|
|
34 |
+ |
$queryComment = "SELECT c.id AS id_commento, id_locale, id_user, voto, descrizione, data, username, u.avatar as avatar |
|
35 |
+ |
FROM commenti as c |
|
36 |
+ |
LEFT JOIN utente as u ON c.id_user=u.id |
|
37 |
+ |
WHERE id_user=:id_user AND id_locale=:id_local"; |
|
38 |
+ |
|
25 |
39 |
|
$comment; |
26 |
40 |
|
|
27 |
41 |
|
try { |
28 |
|
- |
$query = $this->db->query($queryComment); |
|
42 |
+ |
|
|
43 |
+ |
$stmt = $this->db->prepare($queryComment); |
|
44 |
+ |
$stmt->bindParam(':id_user', $id_user); |
|
45 |
+ |
$stmt->bindParam(':id_local', $id_local); |
|
46 |
+ |
$query = $stmt->execute(); |
|
47 |
+ |
|
|
48 |
+ |
//$query = $this->db->query($queryComment); |
29 |
49 |
|
|
30 |
50 |
|
if (!$query) { |
31 |
51 |
|
$status = createErrorMessage(1, "Errore DB"); |
|
@@ -33,7 +53,8 @@ |
33 |
53 |
|
return $status; |
34 |
54 |
|
} |
35 |
55 |
|
|
36 |
|
- |
$row = ($query->rowCount()>0) ? $query->fetch() : null; |
|
56 |
+ |
//$row = ($query->rowCount()>0) ? $query->fetch() : null; |
|
57 |
+ |
$row = ($stmt->rowCount()>0) ? $stmt->fetch() : null; |
37 |
58 |
|
|
38 |
59 |
|
if (is_null($row)) { |
39 |
60 |
|
$status["return"] = 0; |
|
@@ -43,7 +64,9 @@ |
43 |
64 |
|
|
44 |
65 |
|
//$comment_id = $row["id_commento"]; |
45 |
66 |
|
|
46 |
|
- |
$imgRow = (!is_null($row["img"])) ? IMAGE_SERVER.IMAGES_PATH.$row["img"] : null; |
|
67 |
+ |
/* ============= SUPPORTO IMMAGINI NEI COMMENTI DROPPATO =============== */ |
|
68 |
+ |
|
|
69 |
+ |
/*$imgRow = (!is_null($row["img"])) ? IMAGE_SERVER.IMAGES_PATH.$row["img"] : null; |
47 |
70 |
|
|
48 |
71 |
|
if (!isset($comment)) { |
49 |
72 |
|
$comment = new Comment(); |
|
@@ -58,8 +81,100 @@ |
58 |
81 |
|
$comment->imgs = (!is_null($imgRow)) ? array($imgRow) : array(); |
59 |
82 |
|
} else if (!is_null($imgRow)) { |
60 |
83 |
|
array_push($comment->imgs, $imgRow); |
|
84 |
+ |
}*/ |
|
85 |
+ |
|
|
86 |
+ |
/* =========== FINE SUPPORTO IMMAGINI NEI COMMENTI DROPPATO ============= */ |
|
87 |
+ |
|
|
88 |
+ |
$comment = new Comment(); |
|
89 |
+ |
$comment->id = $row["id_commento"]; |
|
90 |
+ |
$comment->id_locale = $id_local; |
|
91 |
+ |
$comment->id_user = (!is_null($row["id_user"]) && $row["id_user"]!="") ? $row["id_user"] : -1; |
|
92 |
+ |
$comment->user_avatar = (!is_null($row["avatar"]) && $row["avatar"]!="") ? IMAGE_SERVER.AVATAR_PATH.$row["avatar"] : ""; |
|
93 |
+ |
$comment->username = $row["username"]; |
|
94 |
+ |
$comment->voto = $row["voto"]; |
|
95 |
+ |
$comment->descrizione = $row["descrizione"]; |
|
96 |
+ |
$comment->data = $row["data"]; |
|
97 |
+ |
|
|
98 |
+ |
$status["return"] = 0; |
|
99 |
+ |
$status["comment"] = $comment; |
|
100 |
+ |
return $status; |
|
101 |
+ |
|
|
102 |
+ |
} catch (PDOException $e) { |
|
103 |
+ |
echo $e->getMessage(); |
|
104 |
+ |
$status = createErrorMessage(1, "Errore DB"); |
|
105 |
+ |
$status["comment"] = null; |
|
106 |
+ |
return $status; |
|
107 |
+ |
} |
|
108 |
+ |
|
|
109 |
+ |
} |
|
110 |
+ |
|
|
111 |
+ |
|
|
112 |
+ |
public function getCommentById($id_comment) { |
|
113 |
+ |
$status = array(); |
|
114 |
+ |
|
|
115 |
+ |
$queryComment = "SELECT c.id AS id_commento, id_locale, id_user, voto, descrizione, data, username, u.avatar as avatar |
|
116 |
+ |
FROM commenti as c |
|
117 |
+ |
LEFT JOIN utente as u ON c.id_user=u.id |
|
118 |
+ |
WHERE c.id=:id_commento"; |
|
119 |
+ |
|
|
120 |
+ |
$comment; |
|
121 |
+ |
|
|
122 |
+ |
try { |
|
123 |
+ |
|
|
124 |
+ |
$stmt = $this->db->prepare($queryComment); |
|
125 |
+ |
$stmt->bindParam(':id_commento', $id_comment); |
|
126 |
+ |
$query = $stmt->execute(); |
|
127 |
+ |
|
|
128 |
+ |
//$query = $this->db->query($queryComment); |
|
129 |
+ |
|
|
130 |
+ |
if (!$query) { |
|
131 |
+ |
$status = createErrorMessage(1, "Errore DB"); |
|
132 |
+ |
$status["comment"] = null; |
|
133 |
+ |
return $status; |
61 |
134 |
|
} |
62 |
135 |
|
|
|
136 |
+ |
//$row = ($query->rowCount()>0) ? $query->fetch() : null; |
|
137 |
+ |
$row = ($stmt->rowCount()>0) ? $stmt->fetch() : null; |
|
138 |
+ |
|
|
139 |
+ |
if (is_null($row)) { |
|
140 |
+ |
$status["return"] = 0; |
|
141 |
+ |
$status["comment"] = null; |
|
142 |
+ |
return $status; |
|
143 |
+ |
} |
|
144 |
+ |
|
|
145 |
+ |
//$comment_id = $row["id_commento"]; |
|
146 |
+ |
|
|
147 |
+ |
/* ============= SUPPORTO IMMAGINI NEI COMMENTI DROPPATO =============== */ |
|
148 |
+ |
|
|
149 |
+ |
/*$imgRow = (!is_null($row["img"])) ? IMAGE_SERVER.IMAGES_PATH.$row["img"] : null; |
|
150 |
+ |
|
|
151 |
+ |
if (!isset($comment)) { |
|
152 |
+ |
$comment = new Comment(); |
|
153 |
+ |
$comment->id = $row["id_commento"]; |
|
154 |
+ |
$comment->id_locale = $id_local; |
|
155 |
+ |
$comment->id_user = (!is_null($row["id_user"]) && $row["id_user"]!="") ? $row["id_user"] : -1; |
|
156 |
+ |
$comment->user_avatar = (!is_null($row["avatar"]) && $row["avatar"]!="") ? IMAGE_SERVER.AVATAR_PATH.$row["avatar"] : ""; |
|
157 |
+ |
$comment->username = $row["username"]; |
|
158 |
+ |
$comment->voto = $row["voto"]; |
|
159 |
+ |
$comment->descrizione = $row["descrizione"]; |
|
160 |
+ |
$comment->data = $row["data"]; |
|
161 |
+ |
$comment->imgs = (!is_null($imgRow)) ? array($imgRow) : array(); |
|
162 |
+ |
} else if (!is_null($imgRow)) { |
|
163 |
+ |
array_push($comment->imgs, $imgRow); |
|
164 |
+ |
}*/ |
|
165 |
+ |
|
|
166 |
+ |
/* =========== FINE SUPPORTO IMMAGINI NEI COMMENTI DROPPATO ============= */ |
|
167 |
+ |
|
|
168 |
+ |
$comment = new Comment(); |
|
169 |
+ |
$comment->id = $row["id_commento"]; |
|
170 |
+ |
$comment->id_locale = $row["id_locale"]; |
|
171 |
+ |
$comment->id_user = (!is_null($row["id_user"]) && $row["id_user"]!="") ? $row["id_user"] : -1; |
|
172 |
+ |
$comment->user_avatar = (!is_null($row["avatar"]) && $row["avatar"]!="") ? IMAGE_SERVER.AVATAR_PATH.$row["avatar"] : ""; |
|
173 |
+ |
$comment->username = $row["username"]; |
|
174 |
+ |
$comment->voto = $row["voto"]; |
|
175 |
+ |
$comment->descrizione = $row["descrizione"]; |
|
176 |
+ |
$comment->data = $row["data"]; |
|
177 |
+ |
|
63 |
178 |
|
$status["return"] = 0; |
64 |
179 |
|
$status["comment"] = $comment; |
65 |
180 |
|
return $status; |
|
@@ -83,32 +198,58 @@ |
83 |
198 |
|
if ($previousComment["return"] != 0) { //errore nella getComment() |
84 |
199 |
|
return $previousComment; |
85 |
200 |
|
} /*else if ($previousComment["return"] == 0 && !is_null($previousComment["comment"])) { |
86 |
|
- |
$status = createErrorMessage(1, "Commento gi� inserito dall'utente"); |
|
201 |
+ |
$status = createErrorMessage(1, "Commento già inserito dall'utente"); |
87 |
202 |
|
$status["id"] = -1; |
88 |
203 |
|
return $status; |
89 |
204 |
|
}*/ |
90 |
205 |
|
|
91 |
|
- |
if ($previousComment["return"] == 0 && !is_null($previousComment["comment"])) { //commento da sovrascrivere |
92 |
|
- |
$queryComment = "UPDATE commenti |
93 |
|
- |
SET descrizione='".$comment->descrizione."',voto='".$comment->voto."', data='".$comment->data."' |
94 |
|
- |
WHERE id=".$previousComment["comment"]->id; |
95 |
|
- |
$toUpdate = true; |
96 |
|
- |
} else { |
97 |
|
- |
$queryComment = "INSERT INTO commenti(id_locale, id_user, voto, descrizione, data) |
98 |
|
- |
VALUES ('".$comment->id_locale."', |
99 |
|
- |
'".$comment->id_user."', |
100 |
|
- |
'".$comment->voto."', |
101 |
|
- |
'".$comment->descrizione."', |
102 |
|
- |
'".$comment->data."')"; |
103 |
|
- |
} |
|
206 |
+ |
$stmt; |
104 |
207 |
|
|
105 |
|
- |
//echo "<br/>".$queryComment."<br/>"; |
|
208 |
+ |
try { |
106 |
209 |
|
|
107 |
|
- |
$imgs = $comment->imgs; |
108 |
|
- |
$imgsToInsert = array(); |
|
210 |
+ |
if ($previousComment["return"] == 0 && !is_null($previousComment["comment"])) { //commento da sovrascrivere |
|
211 |
+ |
/*$queryComment = "UPDATE commenti |
|
212 |
+ |
SET descrizione='".$comment->descrizione."',voto='".$comment->voto."', data='".$comment->data."' |
|
213 |
+ |
WHERE id=".$previousComment["comment"]->id;*/ |
|
214 |
+ |
|
|
215 |
+ |
$queryComment = "UPDATE commenti |
|
216 |
+ |
SET descrizione=:descrizione,voto=:voto, data=:data |
|
217 |
+ |
WHERE id=:id"; |
|
218 |
+ |
|
|
219 |
+ |
$stmt = $this->db->prepare($queryComment); |
|
220 |
+ |
$stmt->bindParam(':descrizione', $comment->descrizione); |
|
221 |
+ |
$stmt->bindParam(':voto', $comment->voto); |
|
222 |
+ |
$stmt->bindParam(':data', $comment->data); |
|
223 |
+ |
$stmt->bindParam(':id', $previousComment["comment"]->id); |
|
224 |
+ |
|
|
225 |
+ |
$toUpdate = true; |
|
226 |
+ |
} else { |
|
227 |
+ |
/*$queryComment = "INSERT INTO commenti(id_locale, id_user, voto, descrizione, data) |
|
228 |
+ |
VALUES ('".$comment->id_locale."', |
|
229 |
+ |
'".$comment->id_user."', |
|
230 |
+ |
'".$comment->voto."', |
|
231 |
+ |
'".$comment->descrizione."', |
|
232 |
+ |
'".$comment->data."')";*/ |
|
233 |
+ |
|
|
234 |
+ |
$queryComment = "INSERT INTO commenti(id_locale, id_user, voto, descrizione, data) |
|
235 |
+ |
VALUES (:id_locale, :id_user, :voto, :descrizione, :data)"; |
|
236 |
+ |
|
|
237 |
+ |
$stmt = $this->db->prepare($queryComment); |
|
238 |
+ |
$stmt->bindParam(':id_locale', $comment->id_locale); |
|
239 |
+ |
$stmt->bindParam(':id_user', $comment->id_user); |
|
240 |
+ |
$stmt->bindParam(':voto', $comment->voto); |
|
241 |
+ |
$stmt->bindParam(':descrizione', $comment->descrizione); |
|
242 |
+ |
$stmt->bindParam(':data', $comment->data); |
|
243 |
+ |
} |
109 |
244 |
|
|
110 |
|
- |
try { |
111 |
|
- |
$this->db->exec($queryComment); |
|
245 |
+ |
//echo "<br/>".$queryComment."<br/>"; |
|
246 |
+ |
|
|
247 |
+ |
/*$imgs = $comment->imgs; |
|
248 |
+ |
$imgsToInsert = array();*/ |
|
249 |
+ |
|
|
250 |
+ |
$query = $stmt->execute(); |
|
251 |
+ |
|
|
252 |
+ |
//$this->db->exec($queryComment); |
112 |
253 |
|
$id_commento = ($toUpdate) ? $previousComment["comment"]->id : $this->db->lastInsertId(); |
113 |
254 |
|
|
114 |
255 |
|
/*foreach($imgs as $img) { |
|
@@ -157,22 +298,50 @@ |
157 |
298 |
|
$comment_list = array(); |
158 |
299 |
|
$queryComments; |
159 |
300 |
|
|
160 |
|
- |
$sqlComments = "SELECT id |
|
301 |
+ |
/* ============= SUPPORTO IMMAGINI NEI COMMENTI DROPPATO =============== */ |
|
302 |
+ |
|
|
303 |
+ |
/*$sqlComments = "SELECT id |
161 |
304 |
|
FROM commenti |
162 |
305 |
|
WHERE id_locale=".$id_local." |
163 |
|
- |
ORDER BY data ".$data_order." |
164 |
|
- |
LIMIT ".$start_index.",".$length; |
|
306 |
+ |
LIMIT ".$start_index.",".$length;*/ |
|
307 |
+ |
|
|
308 |
+ |
/* =========== FINE SUPPORTO IMMAGINI NEI COMMENTI DROPPATO ============= */ |
|
309 |
+ |
|
|
310 |
+ |
/*$sqlComments = "SELECT c.id AS id_commento, id_locale, id_user, voto, descrizione, data, username, u.avatar as avatar |
|
311 |
+ |
FROM commenti as c |
|
312 |
+ |
LEFT JOIN utente as u ON c.id_user=u.id |
|
313 |
+ |
WHERE c.id_locale=".$id_local." |
|
314 |
+ |
ORDER BY c.data ".$data_order." |
|
315 |
+ |
LIMIT ".$start_index.",".$length;*/ |
165 |
316 |
|
|
166 |
317 |
|
//echo "<br/>".$sqlComments."<br/>"; |
167 |
318 |
|
|
|
319 |
+ |
$sqlComments = "SELECT c.id AS id_commento, id_locale, id_user, voto, descrizione, data, username, u.avatar as avatar |
|
320 |
+ |
FROM commenti as c |
|
321 |
+ |
LEFT JOIN utente as u ON c.id_user=u.id |
|
322 |
+ |
WHERE c.id_locale=:id_local |
|
323 |
+ |
ORDER BY c.data $data_order |
|
324 |
+ |
LIMIT :start_index, :length"; |
|
325 |
+ |
|
|
326 |
+ |
|
|
327 |
+ |
|
168 |
328 |
|
try { |
169 |
|
- |
$query = $this->db->query($sqlComments); |
|
329 |
+ |
$stmt = $this->db->prepare($sqlComments); |
|
330 |
+ |
$stmt->bindParam(':id_local', $id_local); |
|
331 |
+ |
$stmt->bindParam(':start_index', intval($start_index), PDO::PARAM_INT); |
|
332 |
+ |
$stmt->bindParam(':length', intval($length), PDO::PARAM_INT); |
|
333 |
+ |
$query = $stmt->execute(); |
170 |
334 |
|
|
171 |
|
- |
if (!$query || $query->rowCount()==0) return $comment_list; |
|
335 |
+ |
//$query = $this->db->query($sqlComments); |
172 |
336 |
|
|
173 |
|
- |
$rows = $query->fetchAll(PDO::FETCH_ASSOC); |
|
337 |
+ |
if (!$query || $stmt->rowCount()==0) return $comment_list; |
174 |
338 |
|
|
175 |
|
- |
foreach ($rows as $row) { |
|
339 |
+ |
$rows = $stmt->fetchAll(PDO::FETCH_ASSOC); |
|
340 |
+ |
|
|
341 |
+ |
/* ============= SUPPORTO IMMAGINI NEI COMMENTI DROPPATO =============== */ |
|
342 |
+ |
|
|
343 |
+ |
|
|
344 |
+ |
/*foreach ($rows as $row) { |
176 |
345 |
|
array_push($comment_id_list, $row["id"]); |
177 |
346 |
|
} |
178 |
347 |
|
|
|
@@ -192,6 +361,7 @@ |
192 |
361 |
|
|
193 |
362 |
|
$rows = $query->fetchAll(PDO::FETCH_ASSOC); |
194 |
363 |
|
|
|
364 |
+ |
|
195 |
365 |
|
foreach ($rows as $row) { |
196 |
366 |
|
$comment_id = $row["id_commento"]; |
197 |
367 |
|
|
|
@@ -214,9 +384,28 @@ |
214 |
384 |
|
array_push($comment_list[$comment_id]->imgs, $imgRow); |
215 |
385 |
|
} |
216 |
386 |
|
|
|
387 |
+ |
} */ |
|
388 |
+ |
|
|
389 |
+ |
/* =========== FINE SUPPORTO IMMAGINI NEI COMMENTI DROPPATO ============= */ |
|
390 |
+ |
|
|
391 |
+ |
foreach ($rows as $row) { |
|
392 |
+ |
$comment_id = $row["id_commento"]; |
|
393 |
+ |
|
|
394 |
+ |
$new_comment = new Comment(); |
|
395 |
+ |
$new_comment->id = $comment_id; |
|
396 |
+ |
$new_comment->id_locale = $id_local; |
|
397 |
+ |
$new_comment->id_user = (!is_null($row["id_user"]) && $row["id_user"]!="") ? $row["id_user"] : -1; |
|
398 |
+ |
$new_comment->user_avatar = (!is_null($row["avatar"]) && $row["avatar"]!="") ? IMAGE_SERVER.AVATAR_PATH.$row["avatar"] : ""; |
|
399 |
+ |
$new_comment->username = $row["username"]; |
|
400 |
+ |
$new_comment->voto = $row["voto"]; |
|
401 |
+ |
$new_comment->descrizione = $row["descrizione"]; |
|
402 |
+ |
$new_comment->data = $row["data"]; |
|
403 |
+ |
|
|
404 |
+ |
array_push($comment_list, $new_comment); |
217 |
405 |
|
} |
218 |
406 |
|
|
219 |
|
- |
return array_values($comment_list); |
|
407 |
+ |
//return array_values($comment_list); |
|
408 |
+ |
return $comment_list; |
220 |
409 |
|
} catch (PDOException $e) { |
221 |
410 |
|
echo $e->getMessage(); |
222 |
411 |
|
return null; |
|
@@ -225,9 +414,15 @@ |
225 |
414 |
|
} |
226 |
415 |
|
|
227 |
416 |
|
public function editComment($id_comment, $content) { |
228 |
|
- |
$query = "UPDATE commenti SET descrizione='".$content."' WHERE id=".$id_comment; |
|
417 |
+ |
//$query = "UPDATE commenti SET descrizione='".$content."' WHERE id=".$id_comment; |
|
418 |
+ |
$query = "UPDATE commenti SET descrizione=:descrizione WHERE id=:id"; |
229 |
419 |
|
try { |
230 |
|
- |
$this->db->exec($query); |
|
420 |
+ |
$stmt = $this->db->prepare($query); |
|
421 |
+ |
$stmt->bindParam(':id', $id_comment); |
|
422 |
+ |
$stmt->bindParam(':descrizione', $content); |
|
423 |
+ |
$stmt->execute(); |
|
424 |
+ |
|
|
425 |
+ |
//$this->db->exec($query); |
231 |
426 |
|
$status["return"] = 0; |
232 |
427 |
|
$status["content"] = $content; |
233 |
428 |
|
return $status; |
|
@@ -239,9 +434,14 @@ |
239 |
434 |
|
} |
240 |
435 |
|
|
241 |
436 |
|
public function removeComment($id_comment) { |
242 |
|
- |
$query = "DELETE FROM commenti WHERE id=".$id_comment; |
|
437 |
+ |
//$query = "DELETE FROM commenti WHERE id=".$id_comment; |
|
438 |
+ |
$query = "DELETE FROM commenti WHERE id=:id"; |
243 |
439 |
|
try { |
244 |
|
- |
$this->db->exec($query); |
|
440 |
+ |
$stmt = $this->db->prepare($query); |
|
441 |
+ |
$stmt->bindParam(':id', $id_comment); |
|
442 |
+ |
$stmt->execute(); |
|
443 |
+ |
|
|
444 |
+ |
//$this->db->exec($query); |
245 |
445 |
|
$status["return"] = 0; |
246 |
446 |
|
return $status; |
247 |
447 |
|
} catch (PDOException $e) { |
|
@@ -255,16 +455,22 @@ |
255 |
455 |
|
$comment = new Comment(); |
256 |
456 |
|
$query; |
257 |
457 |
|
|
258 |
|
- |
$sql = "SELECT img |
|
458 |
+ |
/*$sql = "SELECT img |
259 |
459 |
|
FROM immagini_commenti |
260 |
|
- |
WHERE id_commento=".$id_comment; |
|
460 |
+ |
WHERE id_commento=".$id_comment;*/ |
|
461 |
+ |
|
|
462 |
+ |
$sql = "SELECT img FROM immagini_commenti WHERE id_commento=:id_commento"; |
261 |
463 |
|
|
262 |
464 |
|
try { |
263 |
|
- |
$query = $this->db->query($sql); |
|
465 |
+ |
$stmt = $this->db->prepare($sql); |
|
466 |
+ |
$stmt->bindParam(':id_commento', $id_comment); |
|
467 |
+ |
$query = $stmt->execute(); |
|
468 |
+ |
|
|
469 |
+ |
//$query = $this->db->query($sql); |
264 |
470 |
|
|
265 |
471 |
|
if (!$query) return null; |
266 |
472 |
|
|
267 |
|
- |
$rows = $query->fetchAll(PDO::FETCH_ASSOC); |
|
473 |
+ |
$rows = $stmt->fetchAll(PDO::FETCH_ASSOC); |
268 |
474 |
|
|
269 |
475 |
|
$comment->imgs = array(); |
270 |
476 |
|
|
|
@@ -311,9 +517,15 @@ |
311 |
517 |
|
} |
312 |
518 |
|
|
313 |
519 |
|
public function deleteImage($id_comment, $img) { |
314 |
|
- |
$sql = "DELETE FROM immagini_commenti WHERE id_commento=".$id_comment." AND img='".$img."'"; |
|
520 |
+ |
//$sql = "DELETE FROM immagini_commenti WHERE id_commento=".$id_comment." AND img='".$img."'"; |
|
521 |
+ |
$sql = "DELETE FROM immagini_commenti WHERE id_commento=:id_commento AND img=:img"; |
|
522 |
+ |
|
315 |
523 |
|
try { |
316 |
|
- |
$this->db->exec($sql); |
|
524 |
+ |
$stmt = $this->db->prepare($sql); |
|
525 |
+ |
$stmt->bindParam(':id_commento', $id_comment); |
|
526 |
+ |
$stmt->bindParam(':img', $img); |
|
527 |
+ |
$stmt->execute(); |
|
528 |
+ |
//$this->db->exec($sql); |
317 |
529 |
|
return 0; |
318 |
530 |
|
} catch (PDOException $e) { |
319 |
531 |
|
echo $e->getMessage(); |