From c73820ca3c425ffa4ef280eb5804b1a6a0ded5d7 Mon Sep 17 00:00:00 2001
From: Kelly Rauchenberger <fefferburbia@gmail.com>
Date: Sun, 7 Sep 2008 02:08:36 +0000
Subject: Central: Fixed a few errors

[15]

Refs #28
---
 central/trunk/xmlrpc.php | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

(limited to 'central/trunk/xmlrpc.php')

diff --git a/central/trunk/xmlrpc.php b/central/trunk/xmlrpc.php
index ab64d53..f8f5beb 100644
--- a/central/trunk/xmlrpc.php
+++ b/central/trunk/xmlrpc.php
@@ -80,7 +80,9 @@ function sendFromUpdate($subscriptionSeriesURL, $subscriptionID, $title, $author
 	$subscriptionURL = instaDisc_resolveSubscription($subscriptionSeriesURL, $subscriptionID);
 	if ($subscriptionURL != 'false')
 	{
-		$getsed = "SELECT * FROM subscriptions WHERE url = \"" . mysql_real_escape_string($subscriptionSeriesURL) . "\" AND identity = \"" . mysql_real_escape_string($subscriptionID) . "\"";
+		$subscriptionURL = $subscriptionURL['url'];
+
+		$getsed = "SELECT * FROM subscriptions WHERE url = \"" . mysql_real_escape_string($subscriptionURL) . "\"";
 		$getsed2 = mysql_query($getsed);
 		$i=0;
 		while ($getsed3[$i] = mysql_fetch_array($getsed2))
@@ -99,12 +101,12 @@ function deleteSubscription($username, $verification, $verificationID, $subscrip
 {
 	if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password'))
 	{
-		$getsub = "SELECT * FROM subscriptions WHERE url = \"" . mysql_real_escape_string($subscription) . "\" AND username = \"" . mysql_real_escape_string($username) . "\" AND owner = \"false\"";
+		$getsub = "SELECT * FROM subscriptions WHERE url = \"" . mysql_real_escape_string($subscription) . "\" AND username = \"" . mysql_real_escape_string($username) . "\"";
 		$getsub2 = mysql_query($getsub);
 		$getsub3 = mysql_fetch_array($getsub2);
 		if ($getsub3['url'] == $subscription)	
 		{
-			$delsub = "DELETE FROM subscriptions WHERE url = \"" . mysql_real_escape_string($subscription) . "\" AND username = \"" . mysql_real_escape_string($username) . "\" AND owner = \"false\"";
+			$delsub = "DELETE FROM subscriptions WHERE url = \"" . mysql_real_escape_string($subscription) . "\" AND username = \"" . mysql_real_escape_string($username) . "\"";
 			$delsub2 = mysql_query($delsub);
 
 			return new xmlrpcresp(new xmlrpcval(0, "int"));
@@ -118,12 +120,12 @@ function addSubscription($username, $verification, $verificationID, $subscriptio
 {
 	if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password'))
 	{
-		$getsub = "SELECT * FROM subscriptions WHERE url = \"" . mysql_real_escape_string($subscription) . "\" AND username = \"" . mysql_real_escape_string($username) . "\" AND owner = \"false\"";
-		$getsub2 = mysql_query($getsub);
+		$getsub = "SELECT * FROM subscriptions WHERE url = \"" . mysql_real_escape_string($subscription) . "\" AND username = \"" . mysql_real_escape_string($username) . "\"";
+		$getsub2 = mysql_query($getsub) or die($getsub);
 		$getsub3 = mysql_fetch_array($getsub2);
 		if ($getsub3['url'] != $subscription)	
 		{
-			$inssub = "INSERT INTO subscriptions (url, username, owner, category) VALUES (\"" . mysql_real_escape_string($subscription) . "\", \"" . mysql_real_escape_string($username) . "\", \"false\", \"" . mysql_real_escape_string($category) . "\")";
+			$inssub = "INSERT INTO subscriptions (url, username, category) VALUES (\"" . mysql_real_escape_string($subscription) . "\", \"" . mysql_real_escape_string($username) . "\", \"" . mysql_real_escape_string($category) . "\")";
 			$inssub2 = mysql_query($inssub);
 
 			return new xmlrpcresp(new xmlrpcval(0, "int"));
-- 
cgit 1.4.1