Fixed backup view, sanitization.

[fa-stable.git] / includes / db / references_db.inc

diff --git a/includes/db/references_db.inc b/includes/db/references_db.inc
index 71314463339be1294347e99fa546e718c371e5e4..ca086541bb55ce019c778e1ab48a8eb16a7e346d 100644 (file)
--- a/includes/db/references_db.inc
+++ b/includes/db/references_db.inc
@@ -20,23 +20,12 @@ function get_reference($type, $id)
     return $row['reference'];
 }
 
-//--------------------------------------------------------------------------------------------------
-
-function add_reference($type, $id, $reference)
-{
-       $sql = "INSERT INTO ".TB_PREF."refs (type, id, reference)
-               VALUES (".db_escape($type).", ".db_escape($id).", "
-                       . db_escape(trim($reference)) . ")";
-
-       db_query($sql, "could not add reference entry");
-}
-
 //--------------------------------------------------------------------------------------------------
  
 function update_reference($type, $id, $reference)
 {
-    $sql = "UPDATE ".TB_PREF."refs SET reference=".db_escape($reference)
-                       ." WHERE type=".db_escape($type)." AND id=".db_escape($id);
+    $sql = "REPLACE ".TB_PREF."refs SET reference=".db_escape($reference)
+                       .", type=".db_escape($type).", id=".db_escape($id);
     db_query($sql, "could not update reference entry");
 }
 
@@ -44,7 +33,7 @@ function update_reference($type, $id, $reference)
 
 function delete_reference($type, $id)
 {
-       $sql = "DELETE FROM ".TB_PREF."refs WHERE type=$type AND id=".db_escape($id);
+       $sql = "DELETE FROM ".TB_PREF."refs WHERE type=".db_escape($type)." AND id=".db_escape($id);
 
        return db_query($sql, "could not delete from reference table");
 }