--- C:/wamp/www/xnova-legacies_2009.2/buddy.php	lun. oct.  5 16:04:14 2009
+++ C:/wamp/www/releases/buddy.php	sam. juil. 17 14:19:42 2010
@@ -1,11 +1,11 @@
 <?php
 /**
- * Tis file is part of XNova:Legacies
+ * This file is part of XNova:Legacies
  *
  * @license http://www.gnu.org/licenses/gpl-3.0.txt
  * @see http://www.xnova-ng.org/
  *
- * Copyright (c) 2009-Present, XNova Support Team <http://www.xnova-ng.org>
+ * Copyright (c) 2009-2010, XNova Support Team <http://www.xnova-ng.org>
  * All rights reserved.
  *
  * This program is free software: you can redistribute it and/or modify
@@ -34,6 +34,9 @@
 
 	includeLang('buddy');
 
+$readConnection = Nova::getSingleton('core/database_connection_pool')
+    ->getConnection('core_read');
+
 $a = $_GET['a'];
 $e = $_GET['e'];
 $s = $_GET['s'];
@@ -42,32 +45,49 @@
 if ( $s == 1 && isset( $_GET['bid'] ) ) {
 	// Effacer une entree de la liste d'amis
 	$bid = intval( $_GET['bid'] );
-
-	$buddy = doquery( "SELECT * FROM {{table}} WHERE `id` = '".$bid."';", 'buddy', true );
+	$buddy = $readConnection ->select()
+	  ->from($readConnection->getDeprecatedTable('buddy'))
+	  ->where('id =?', $bid)
+	  ->query()
+	  ->fetch();
 	if ( $buddy['owner'] == $user['id'] ) {
 		if ( $buddy['active'] == 0 && $a == 1 ) {
-			doquery( "DELETE FROM {{table}} WHERE `id` = '".$bid."';", 'buddy' );
+			$readConnection->delete($readConnection->getDeprecatedTable('buddy'), array ('id =?' => $bid));
 		} elseif ( $buddy['active'] == 1 ) {
-			doquery( "DELETE FROM {{table}} WHERE `id` = '".$bid."';", 'buddy' );
+			$readConnection->delete($readConnection->getDeprecatedTable('buddy'), array ('id =?' => $bid));
 		} elseif ( $buddy['active'] == 0 ) {
-			doquery( "UPDATE {{table}} SET `active` = '1' WHERE `id` = '".$bid."';", 'buddy' );
+			$readConnection->update($readConnection->getDeprecatedTable('buddy'), array ('active =?' => 1), array ('id =?' => $bid));
 		}
 	} elseif ( $buddy['sender'] == $user['id'] ) {
-		doquery( "DELETE FROM {{table}} WHERE `id` = '".$bid."';", 'buddy' );
+		$readConnection->delete($readConnection->getDeprecatedTable('buddy'), array ('id =?' => $bid));
 	}
 } elseif ( $_POST["s"] == 3 && $_POST["a"] == 1 && $_POST["e"] == 1 && isset( $_POST["u"] ) ) {
 	// Traitement de l'enregistrement de la demande d'entree dans la liste d'amis
 	$uid = $user["id"];
 	$u = intval( $_POST["u"] );
+	$buddy = $readConnecion ->select()
+	  ->from($readConnection->getDeprecatedTable('buddy'))
+	  ->where('sender =?', $uid)
+	  ->where('owner =?', $u)
+	  ->where('sender =?', $u)
+	  ->where('owner =?', $uid)
+	  ->query()
+	  ->fetch();
 
-	$buddy = doquery( "SELECT * FROM {{table}} WHERE sender={$uid} AND owner={$u} OR sender={$u} AND owner={$uid}", 'buddy', true );
-
 	if ( !$buddy ) {
 		if ( strlen( $_POST['text'] ) > 5000 ) {
 			message( "Le texte ne doit pas faire plus de 5000 caract&egrave;res !", "Erreur" );
 		}
 		$text = mysql_escape_string( strip_tags( $_POST['text'] ) );
-		doquery( "INSERT INTO {{table}} SET sender={$uid}, owner={$u}, active=0, text='{$text}'", 'buddy' );
+		$sql = array(
+		    'sender' => $uid,
+			'owner' => $u,
+			'active' => 0,
+			'text' => $text
+		);
+		
+		$readConnection->insert($readConnection->getDeprecatedTable('buddy'), $sql);
+		   
 		message( $lang['Request_sent'], $lang['Buddy_request'], 'buddy.php' );
 	} else {
 		message( $lang['A_request_exists_already_for_this_user'], $lang['Buddy_request'] );
@@ -78,7 +98,12 @@
 
 if ( $a == 2 && isset( $u ) ) {
 	// Saisie texte de demande d'entree dans la liste d'amis
-	$u = doquery( "SELECT * FROM {{table}} WHERE id='$u'", "users", true );
+	$u = $readConnection ->select()
+	 ->from($readConnection->getDeprecatedTable('users'))
+	 ->where('id =?', $u)
+	 ->query()
+	 ->fetch();
+	 
 	if ( isset( $u ) && $u["id"] != $user["id"] ) {
 		$page .= "
 		<script src=\"scripts/cntchar.js\" type=\"text/javascript\"></script>
@@ -144,9 +169,11 @@
 } else {
 	$query = "WHERE active=1 AND sender=" . $user["id"] . " OR active=1 AND owner=" . $user["id"];
 }
-$buddyrow = doquery( "SELECT * FROM {{table}} " . $query, 'buddy' );
+$buddyrow = $readConnection ->select()
+   ->from($readConnection->getDeprecatedTable('buddy'), $query);
+   
 
-while ( $b = mysql_fetch_array( $buddyrow ) ) {
+while ( $b = mysql_fetch_assoc( $buddyrow ) ) {
 	// para solicitudes
 	if ( !isset( $i ) && isset( $a ) ) {
 		$page .= "
@@ -163,7 +190,18 @@
 	$i++;
 	$uid = ( $b["owner"] == $user["id"] ) ? $b["sender"] : $b["owner"];
 	// query del user
-	$u = doquery( "SELECT id,username,galaxy,system,planet,onlinetime,ally_id,ally_name FROM {{table}} WHERE id=" . $uid, "users", true );
+	$u = $readConnection ->select('id',
+	                              'username',
+								  'galaxy',
+								  'system',
+								  'planet',
+								  'olinetime',
+								  'ally_id',
+								  'ally_name'
+	 ->from($readConnection->getDeprecatedTable('users'))
+	 ->where('id =?', $uid)
+	 ->query()
+	 ->fetch();
 	// $g = doquery("SELECT galaxy, system, planet FROM {{table}} WHERE id_planet=".$u["id_planet"],"galaxy",true);
 	// $a = doquery("SELECT * FROM {{table}} WHERE id=".$uid,"aliance",true);
 	if ( $u["ally_id"] != 0 ) { // Alianza