3 files changed, 27 insertions, 53 deletions
diff --git a/modules/system/system.api.php b/modules/system/system.api.php
index da3d489ee..1251187ab 100644
--- a/modules/system/system.api.php
+++ b/modules/system/system.api.php
@@ -138,53 +138,6 @@ function hook_cron() {
 }
 
 /**
- * Rewrite database queries, usually for access control.
- *
- * Add JOIN and WHERE statements to queries and decide whether the primary_field
- * shall be made DISTINCT. For node objects, primary field is always called nid.
- * For taxonomy terms, it is tid and for vocabularies it is vid. For comments,
- * it is cid. Primary table is the table where the primary object (node, file,
- * taxonomy_term_node etc.) is.
- *
- * You shall return an associative array. Possible keys are 'join', 'where' and
- * 'distinct'. The value of 'distinct' shall be 1 if you want that the
- * primary_field made DISTINCT.
- *
- * @param $query
- *   Query to be rewritten.
- * @param $primary_table
- *   Name or alias of the table which has the primary key field for this query.
- *   Typical table names would be: {block}, {comment}, {forum}, {node},
- *   {menu}, {taxonomy_term_data} or {taxonomy_vocabulary}. However, it is more common for
- *   $primary_table to contain the usual table alias: b, c, f, n, m, t or v.
- * @param $primary_field
- *   Name of the primary field.
- * @param $args
- *   Array of additional arguments.
- * @return
- *   An array of join statements, where statements, distinct decision.
- */
-function hook_db_rewrite_sql($query, $primary_table, $primary_field, $args) {
-  switch ($primary_field) {
-    case 'nid':
-      // this query deals with node objects
-      $return = array();
-      if ($primary_table != 'n') {
-        $return['join'] = "LEFT JOIN {node} n ON $primary_table.nid = n.nid";
-      }
-      $return['where'] = 'created >' . mktime(0, 0, 0, 1, 1, 2005);
-      return $return;
-      break;
-    case 'tid':
-      // this query deals with taxonomy objects
-      break;
-    case 'vid':
-      // this query deals with vocabulary objects
-      break;
-  }
-}
-
-/**
  * Allows modules to declare their own Forms API element types and specify their
  * default values.
  *
@@ -1432,7 +1385,7 @@ function hook_file_move($file, $source) {
  */
 function hook_file_references($file) {
   // If upload.module is still using a file, do not let other modules delete it.
-  $file_used = (bool) db_query_range('SELECT 1 FROM {upload} WHERE fid = :fid', array(':fid' => $file->fid), 0, 1)->fetchField();
+  $file_used = (bool) db_query_range('SELECT 1 FROM {upload} WHERE fid = :fid', 0, 1, array(':fid' => $file->fid))->fetchField();
   if ($file_used) {
     // Return the name of the module and how many references it has to the file.
     return array('upload' => $count);
diff --git a/modules/system/system.install b/modules/system/system.install
index 380d679fc..85423a0a4 100644
--- a/modules/system/system.install
+++ b/modules/system/system.install
@@ -350,17 +350,38 @@ function system_install() {
   // uid 2 which is not what we want. So we insert the first user here, the
   // anonymous user. uid is 1 here for now, but very soon it will be changed
   // to 0.
-  db_query("INSERT INTO {users} (name, mail) VALUES('%s', '%s')", '', '');
+  db_insert('users')
+    ->fields(array(
+      'name' => '',
+      'mail' => '',
+    ))
+    ->execute();
   // We need some placeholders here as name and mail are uniques and data is
   // presumed to be a serialized array. Install will change uid 1 immediately
   // anyways. So we insert the superuser here, the uid is 2 here for now, but
   // very soon it will be changed to 1.
-  db_query("INSERT INTO {users} (name, mail, created, status, data) VALUES('%s', '%s', %d, %d, '%s')", 'placeholder-for-uid-1', 'placeholder-for-uid-1', REQUEST_TIME, 1, serialize(array()));
+
+  db_insert('users')
+    ->fields(array(
+      'name' => 'placeholder-for-uid-1',
+      'mail' => 'placeholder-for-uid-1',
+      'created' => REQUEST_TIME,
+      'status' => 1,
+      'data' => serialize(array()),
+    ))
+    ->execute();
   // This sets the above two users uid 0 (anonymous). We avoid an explicit 0
   // otherwise MySQL might insert the next auto_increment value.
-  db_query("UPDATE {users} SET uid = uid - uid WHERE name = '%s'", '');
+  db_update('users')
+    ->expression('uid', 'uid - uid')
+    ->condition('name', '')
+    ->execute();
+
   // This sets uid 1 (superuser). We skip uid 2 but that's not a big problem.
-  db_query("UPDATE {users} SET uid = 1 WHERE name = '%s'", 'placeholder-for-uid-1');
+  db_update('users')
+    ->fields(array('uid' => 1))
+    ->condition('name', 'placeholder-for-uid-1')
+    ->execute();
 
   // Built-in roles.
   $rid_anonymous = db_insert('role')
diff --git a/modules/system/system.queue.inc b/modules/system/system.queue.inc
index 1970c50c3..bdaca4efb 100644
--- a/modules/system/system.queue.inc
+++ b/modules/system/system.queue.inc
@@ -204,7 +204,7 @@ class SystemQueue implements DrupalQueueInterface {
     // meantime. Therefore loop until an item is successfully claimed or we are
     // reasonably sure there are no unclaimed items left.
     while (TRUE) {
-      $item = db_query_range('SELECT data, item_id FROM {queue} q WHERE consumer_id = 0 AND name = :name ORDER BY created ASC', array(':name' => $this->name), 0, 1)->fetchObject();
+      $item = db_query_range('SELECT data, item_id FROM {queue} q WHERE consumer_id = 0 AND name = :name ORDER BY created ASC', 0, 1, array(':name' => $this->name))->fetchObject();
       if ($item) {
         // Try to mark the item as ours. We cannot rely on REQUEST_TIME
         // because items might be claimed by a single consumer which runs