diff options
Diffstat (limited to 'lib/notes/view.php')
| -rw-r--r-- | lib/notes/view.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/lib/notes/view.php b/lib/notes/view.php index a6a014c..d29732d 100644 --- a/lib/notes/view.php +++ b/lib/notes/view.php @@ -3,12 +3,12 @@ assert_redir(count($args) == 3, 'notes'); $noteid = intval($args[2]); -$note = mysql_fetch_assoc(sql( +$note = sql( "SELECT na.id AS id, na.title AS title, na.text_html AS html, na.public AS public, na.owner AS owner, ". "nb.title AS parent_title, nb.id AS parent_id, account.login AS ownername FROM notes na ". "LEFT JOIN notes nb ON na.parent = nb.id LEFT JOIN account ON account.id = na.owner ". - "WHERE na.id = $noteid" -)); + "WHERE na.id = ?", $noteid +)->fetch(); assert_error($note && ($note['public'] != 0 || $note['owner'] == $user['id'] || $user['priv'] >= $priv_admin), "This note does not exist, or you are not allowed to see it."); |