1 files changed, 39 insertions, 15 deletions
diff --git a/modules/system/system.install b/modules/system/system.install
index 260bbcde6..a2f0df89c 100644
--- a/modules/system/system.install
+++ b/modules/system/system.install
@@ -322,14 +322,14 @@ function system_install() {
       \'SELECT greatest($1, greatest($2, $3));\'
       LANGUAGE \'sql\''
     );
-    if (!db_result(db_query("SELECT COUNT(*) FROM pg_proc WHERE proname = 'rand'"))) {
+    if (!db_query("SELECT COUNT(*) FROM pg_proc WHERE proname = 'rand'")->fetchField()) {
       db_query('CREATE OR REPLACE FUNCTION "rand"() RETURNS float AS
         \'SELECT random();\'
         LANGUAGE \'sql\''
       );
     }
 
-    if (!db_result(db_query("SELECT COUNT(*) FROM pg_proc WHERE proname = 'concat'"))) {
+    if (!db_query("SELECT COUNT(*) FROM pg_proc WHERE proname = 'concat'")->fetchField()) {
       db_query('CREATE OR REPLACE FUNCTION "concat"(text, text) RETURNS text AS
         \'SELECT $1 || $2;\'
         LANGUAGE \'sql\''
@@ -2808,7 +2808,7 @@ function system_update_6049() {
 function system_update_7000() {
   $ret = array();
   $result = db_query("SELECT rid, perm FROM {permission} ORDER BY rid");
-  while ($role = db_fetch_object($result)) {
+  foreach ($result as $role) {
     $renamed_permission = preg_replace('/(?<=^|,\ )create\ blog\ entries(?=,|$)/', 'create blog content', $role->perm);
     $renamed_permission = preg_replace('/(?<=^|,\ )edit\ own\ blog\ entries(?=,|$)/', 'edit own blog content', $role->perm);
     $renamed_permission = preg_replace('/(?<=^|,\ )edit\ any\ blog\ entry(?=,|$)/', 'edit any blog content', $role->perm);
@@ -2878,7 +2878,10 @@ function system_update_7002() {
 function system_update_7003() {
   $ret = array();
   $type = 'host';
-  $result = db_query("SELECT mask FROM {access} WHERE status = %d AND TYPE = '%s'", 0, $type);
+  $result = db_query("SELECT mask FROM {access} WHERE status = :status AND type = :type", array(
+    ':status' => 0,
+    ':type' => $type,
+  ));
   while ($blocked = db_fetch_object($result)) {
     if (filter_var($blocked->mask, FILTER_VALIDATE_IP, FILTER_FLAG_NO_RES_RANGE) !== FALSE) {
       $ret[] = update_sql("INSERT INTO {blocked_ips} (ip) VALUES ('$blocked->mask')");
@@ -2894,8 +2897,11 @@ function system_update_7003() {
   }
   // Make sure not to block any IP addresses that were specifically allowed by access rules.
   if (!empty($result)) {
-    $result = db_query("SELECT mask FROM {access} WHERE status = %d AND type = '%s'", 1, $type);
-    while ($allowed = db_fetch_object($result)) {
+    $result = db_query("SELECT mask FROM {access} WHERE status = :status AND type = :type", array(
+      ':status' => 1,
+      ':type' => $type,
+    ));
+    foreach ($result as $allowed) {
       $ret[] = update_sql("DELETE FROM {blocked_ips} WHERE LOWER(ip) LIKE LOWER('$allowed->mask')");
     }
   }
@@ -2939,7 +2945,12 @@ function system_update_7004(&$sandbox) {
       foreach ($renamed_deltas as $module => $deltas) {
         foreach ($deltas as $old_delta => $new_delta) {
           // Only do the update if the old block actually exists.
-          if (db_result(db_query("SELECT COUNT(*) FROM {" . $table . "} WHERE module = '%s' AND delta = '%s'", $module, $old_delta))) {
+          $block_exists = db_query("SELECT COUNT(*) FROM {" . $table . "} WHERE module = :module AND delta = :delta",array(
+            ':module' => $module,
+            ':delta' => $old_delta,
+          ))
+          ->fetchField();
+          if ($block_exists) {
             $ret[] = update_sql("UPDATE {" . $table . "} SET delta = '" . $new_delta . "' WHERE module = '" . $module . "' AND delta = '" . $old_delta . "'");
           }
         }
@@ -2959,12 +2970,17 @@ function system_update_7004(&$sandbox) {
     // Initialize batch update information.
     $sandbox['progress'] = 0;
     $sandbox['last_user_processed'] = -1;
-    $sandbox['max'] = db_result(db_query("SELECT COUNT(*) FROM {users} WHERE data IS NOT NULL"));
+    $sandbox['max'] = db_query("SELECT COUNT(*) FROM {users} WHERE data IS NOT NULL")->fetchField();
   }
   // Now do the batch update of the user-specific block visibility settings.
   $limit = 100;
-  $result = db_query_range("SELECT uid, data FROM {users} WHERE uid > %d AND data IS NOT NULL", $sandbox['last_user_processed'], 0, $limit);
-  while ($row = db_fetch_object($result)) {
+  $result = db_select('users', 'u')
+    ->fields('u', array('uid', 'data'))
+    ->condition('uid', $sandbox['last_user_processed'], '>')
+    ->where('data IS NOT NULL')
+    ->range(0, $limit)
+    ->execute();
+  foreach ($result as $row) {
     $data = unserialize($row->data);
     $user_needs_update = FALSE;
     foreach ($renamed_deltas as $module => $deltas) {
@@ -2980,7 +2996,10 @@ function system_update_7004(&$sandbox) {
     }
     // Update the current user.
     if ($user_needs_update) {
-      db_query("UPDATE {users} SET data = '%s' WHERE uid = %d", serialize($data), $row->uid);
+      db_update('users')
+        ->fields(array('data' => serialize($data)))
+        ->condition('uid', $row->uid)
+        ->execute();
     }
     // Update our progress information for the batch update.
     $sandbox['progress']++;
@@ -3088,12 +3107,17 @@ function system_update_7007() {
 
   // Copy the permissions from the old {permission} table to the new {role_permission} table.
   $result = db_query("SELECT rid, perm FROM {permission} ORDER BY rid ASC");
-  while ($role = db_fetch_object($result)) {
+  $query = db_insert('role_permission')->fields(array('rid', 'permission'));
+  foreach ($result as $role) {
     foreach (explode(', ', $role->perm) as $perm) {
-      db_query("INSERT INTO {role_permission} (rid, permission) VALUES (%d, '%s')", $role->rid, $perm);
+      $query->values(array(
+        'rid' => $role->rid,
+        'permission' => $perm,
+      ));
     }
     $ret[] = array('success' => TRUE, 'query' => "Inserted into {role_permission} the permissions for role ID " . $role->rid);
   }
+  $query->execute();
   db_drop_table($ret, 'permission');
 
   return $ret;
@@ -3190,7 +3214,7 @@ function system_update_7013() {
   // the time zone name and use it as the default time zone.
   if (!$timezone && ($timezone_id = variable_get('date_default_timezone_id', 0))) {
     try {
-      $timezone_name = db_result(db_query('SELECT name FROM {event_timezones} WHERE timezone = :timezone_id', array(':timezone_id' => $timezone_id)));
+      $timezone_name = db_query('SELECT name FROM {event_timezones} WHERE timezone = :timezone_id', array(':timezone_id' => $timezone_id))->fetchField();
       if (($timezone_name = str_replace(' ', '_', $timezone_name)) && isset($timezones[$timezone_name])) {
         $timezone = $timezone_name;
       }
@@ -3247,7 +3271,7 @@ function system_update_7016() {
                         LEFT JOIN pg_class c ON (c.oid =  a.attrelid)
                         WHERE pg_catalog.pg_table_is_visible(c.oid) AND c.relkind = 'r'
                         AND pg_catalog.format_type(a.atttypid, a.atttypmod) LIKE '%unsigned%'");
-    while ($row = db_fetch_object($result)) {
+    foreach ($result as $row) {
       switch ($row->type) {
         case 'smallint_unsigned':
           $datatype = 'int';