From 4742ba3549a72b431fc8cad8bd9019e5f59aed9a Mon Sep 17 00:00:00 2001
From: Dries Buytaert <dries@buytaert.net>
Date: Sat, 29 Mar 2003 16:30:40 +0000
Subject: [PATCH] - Fixed some SQL query directives.

---
 includes/common.inc                  |  8 +++---
 modules/aggregator.module            | 38 ++++++++++++++--------------
 modules/aggregator/aggregator.module | 38 ++++++++++++++--------------
 modules/block.module                 |  6 ++---
 modules/block/block.module           |  6 ++---
 modules/blog.module                  |  2 +-
 modules/blog/blog.module             |  2 +-
 modules/cloud.module                 |  6 ++---
 modules/comment.module               |  2 +-
 modules/comment/comment.module       |  2 +-
 modules/import.module                | 38 ++++++++++++++--------------
 modules/node.module                  |  2 +-
 modules/node/node.module             |  2 +-
 modules/taxonomy.module              |  2 +-
 modules/taxonomy/taxonomy.module     |  2 +-
 modules/user.module                  | 12 ++++-----
 modules/user/user.module             | 12 ++++-----
 17 files changed, 90 insertions(+), 90 deletions(-)

diff --git a/includes/common.inc b/includes/common.inc
index 306433e6090..efc6900cbd0 100644
--- a/includes/common.inc
+++ b/includes/common.inc
@@ -640,13 +640,13 @@ function format_size($size) {
 }
 
 function cache_get($key) {
-  $cache = db_fetch_object(db_query("SELECT data, created FROM cache WHERE cid = '%s'", $key));
+  $cache = db_fetch_object(db_query("SELECT data, created FROM cache WHERE cid = '%d'", $key));
   return $cache->data ? $cache : 0;
 }
 
 function cache_set($cid, $data, $expire = 0) {
-  if (db_fetch_object(db_query("SELECT cid FROM cache WHERE cid = '%s'", $cid))) {
-    db_query("UPDATE cache SET data = '%s', created = %d, expire = %d WHERE cid = '%s'", $data, time(), $expire, $cid);
+  if (db_fetch_object(db_query("SELECT cid FROM cache WHERE cid = '%d'", $cid))) {
+    db_query("UPDATE cache SET data = '%s', created = %d, expire = %d WHERE cid = '%d'", $data, time(), $expire, $cid);
   }
   else {
     db_query("INSERT INTO cache (cid, data, created, expire) VALUES('%s', '%s', %d, %d)", $cid, $data, time(), $expire);
@@ -658,7 +658,7 @@ function cache_clear_all($cid = NULL) {
     db_query("DELETE FROM cache WHERE expire <> 0");
   }
   else {
-    db_query("DELETE FROM cache WHERE cid = '%s'", $cid);
+    db_query("DELETE FROM cache WHERE cid = '%d'", $cid);
   }
 }
 
diff --git a/modules/aggregator.module b/modules/aggregator.module
index 7fe21a63156..82605496713 100644
--- a/modules/aggregator.module
+++ b/modules/aggregator.module
@@ -92,7 +92,7 @@ function import_bundle_block($attributes) {
 }
 
 function import_feed_block($feed) {
-  $result = db_query_range("SELECT * FROM item WHERE fid = '%s' ORDER BY iid DESC ", $feed->fid, 0, variable_get("import_block_limit", 15));
+  $result = db_query_range("SELECT * FROM item WHERE fid = '%d' ORDER BY iid DESC ", $feed->fid, 0, variable_get("import_block_limit", 15));
 
   while ($item = db_fetch_object($result)) {
     $output .= import_format_item($item);
@@ -161,7 +161,7 @@ function import_get_feeds($attributes = 0) {
 }
 
 function import_remove($feed) {
-  db_query("DELETE FROM item WHERE fid = '%s'", $feed["fid"]);
+  db_query("DELETE FROM item WHERE fid = '%d'", $feed["fid"]);
   return t("removed news items from '%site'.", array("%site" => $feed["title"]));
 }
 
@@ -310,10 +310,10 @@ function import_refresh($feed) {
        */
 
       if ($link && $link != $feed["link"] && $link != $feed["url"]) {
-        $entry = db_fetch_object(db_query("SELECT iid FROM item WHERE fid = '%s' AND link = '%s'", $feed["fid"], $link));
+        $entry = db_fetch_object(db_query("SELECT iid FROM item WHERE fid = '%d' AND link = '%s'", $feed["fid"], $link));
       }
       else {
-        $entry = db_fetch_object(db_query("SELECT iid FROM item WHERE fid = '%s' AND title = '%s'", $feed["fid"], $title));
+        $entry = db_fetch_object(db_query("SELECT iid FROM item WHERE fid = '%d' AND title = '%s'", $feed["fid"], $title));
       }
 
       import_save_item(array(iid => $entry->iid, fid => $feed["fid"], title => $title, link => $link, author => $author, description => $description, attributes => $feed["attributes"]));
@@ -325,7 +325,7 @@ function import_refresh($feed) {
 
     unset($items);
 
-    $result = db_query("SELECT iid FROM item WHERE fid = '%s' ORDER BY timestamp", $feed["fid"]);
+    $result = db_query("SELECT iid FROM item WHERE fid = '%d' ORDER BY timestamp", $feed["fid"]);
 
     while ($item = db_fetch_object($result)) {
       $items[] = "iid = '$item->iid'";
@@ -345,10 +345,10 @@ function import_refresh($feed) {
 
 function import_save_item($edit) {
   if ($edit["iid"] && $edit["title"]) {
-    db_query("UPDATE item SET title = '%s', link = '%s', author = '%s', description = '%s', attributes = '%s' WHERE iid = '%s'", $edit["title"], $edit["link"], $edit["author"], $edit["description"], $edit["attributes"], $edit["iid"]);
+    db_query("UPDATE item SET title = '%s', link = '%s', author = '%s', description = '%s', attributes = '%s' WHERE iid = '%d'", $edit["title"], $edit["link"], $edit["author"], $edit["description"], $edit["attributes"], $edit["iid"]);
   }
   else if ($edit["iid"]) {
-    db_query("DELETE FROM item WHERE iid = '%s'", $edit["iid"]);
+    db_query("DELETE FROM item WHERE iid = '%d'", $edit["iid"]);
   }
   else if ($edit["title"] && $edit["link"]) {
     db_query("INSERT INTO item (fid, title, link, author, description, attributes, timestamp) VALUES ('%s', '%s', '%s', '%s', '%s', '%s', '%s')", $edit["fid"], $edit["title"], $edit["link"], $edit["author"], $edit["description"], $edit["attributes"], time());
@@ -372,10 +372,10 @@ function import_form_bundle($edit = array()) {
 
 function import_save_bundle($edit) {
   if ($edit["bid"] && $edit["title"]) {
-    db_query("UPDATE bundle SET title = '%s', attributes = '%s' WHERE bid = '%s'", $edit["title"], $edit["attributes"], $edit["bid"]);
+    db_query("UPDATE bundle SET title = '%s', attributes = '%s' WHERE bid = '%d'", $edit["title"], $edit["attributes"], $edit["bid"]);
   }
   else if ($edit["bid"]) {
-    db_query("DELETE FROM bundle WHERE bid = '%s'", $edit["bid"]);
+    db_query("DELETE FROM bundle WHERE bid = '%d'", $edit["bid"]);
   }
   else if ($edit["title"]) {
     // a single unique id for bundles and feeds, to use in blocks
@@ -409,12 +409,12 @@ function import_form_feed($edit = array()) {
 
 function import_save_feed($edit) {
   if ($edit["fid"] && $edit["title"]) {
-    db_query("UPDATE feed SET title = '%s', url = '%s', attributes = '%s', refresh = '%s' WHERE fid = '%s'", $edit["title"], $edit["url"], $edit["attributes"], $edit["refresh"], $edit["fid"]);
-    db_query("DELETE FROM item WHERE fid = '%s'", $edit["fid"]);
+    db_query("UPDATE feed SET title = '%s', url = '%s', attributes = '%s', refresh = '%s' WHERE fid = '%d'", $edit["title"], $edit["url"], $edit["attributes"], $edit["refresh"], $edit["fid"]);
+    db_query("DELETE FROM item WHERE fid = '%d'", $edit["fid"]);
   }
   else if ($edit["fid"]) {
-    db_query("DELETE FROM feed WHERE fid = '%s'", $edit["fid"]);
-    db_query("DELETE FROM item WHERE fid = '%s'", $edit["fid"]);
+    db_query("DELETE FROM feed WHERE fid = '%d'", $edit["fid"]);
+    db_query("DELETE FROM item WHERE fid = '%d'", $edit["fid"]);
   }
   else if ($edit["title"]) {
     // a single unique id for bundles and feeds, to use in blocks
@@ -425,17 +425,17 @@ function import_save_feed($edit) {
 
 function import_save_attributes($edit) {
   foreach ($edit as $iid => $value) {
-    db_query("UPDATE item SET attributes = '%s' WHERE iid = '%s'", $value, $iid);
+    db_query("UPDATE item SET attributes = '%s' WHERE iid = '%d'", $value, $iid);
   }
   return "attributes has been saved";
 }
 
 function import_get_feed($fid) {
-  return db_fetch_array(db_query("SELECT * FROM feed WHERE fid = '%s'", $fid));
+  return db_fetch_array(db_query("SELECT * FROM feed WHERE fid = '%d'", $fid));
 }
 
 function import_get_bundle($bid) {
-  return db_fetch_array(db_query("SELECT * FROM bundle WHERE bid = '%s'", $bid));
+  return db_fetch_array(db_query("SELECT * FROM bundle WHERE bid = '%d'", $bid));
 }
 
 function import_view() {
@@ -586,13 +586,13 @@ function import_page_last() {
 function import_page_feed($fid) {
 
 
-  $feed = db_fetch_object(db_query("SELECT * FROM feed WHERE fid = '%s'", $fid));
+  $feed = db_fetch_object(db_query("SELECT * FROM feed WHERE fid = '%d'", $fid));
 
   $header .= "<p><b>". t("Website") .":</b><div style=\"margin-left: 20px;\"><a href=\"$feed->link\">$feed->link</a></div></p>";
   $header .= "<p><b>". t("Description") .":</b><div style=\"margin-left: 20px;\">$feed->description</div></p>";
   $header .= "<p><b>". t("Last update") .":</b><div style=\"margin-left: 20px;\">". format_interval(time() - $feed->timestamp) ." ". t("ago") ." <a href=\"$feed->url\"><img src=\"". theme("image", "xml.gif") ."\" width=\"36\" height=\"14\" align=\"right\" border=\"0\" alt=\"\" /></a><br /><br /></div></p>\n";
 
-  $result = db_query_range("SELECT * FROM item WHERE fid = '%s' ORDER BY iid DESC", $fid, 0, variable_get("import_page_limit", 75));
+  $result = db_query_range("SELECT * FROM item WHERE fid = '%d' ORDER BY iid DESC", $fid, 0, variable_get("import_page_limit", 75));
 
   $output .= "<table border=\"0\" cellpadding=\"4\" cellspacing=\"2\">";
   while ($item = db_fetch_object($result)) {
@@ -622,7 +622,7 @@ function import_page_feed($fid) {
 function import_page_bundle($bid) {
 
 
-  $bundle = db_fetch_object(db_query("SELECT * FROM bundle WHERE bid = '%s'", $bid));
+  $bundle = db_fetch_object(db_query("SELECT * FROM bundle WHERE bid = '%d'", $bid));
 
   $header .= "<p><b>". t("Website") .":</b><div style=\"margin-left: 20px;\">". l($bundle->title, "import/bundle/$bundle->bid") ."</div></p>";
   $header .= "<p><b>". t("Description") .":</b><div style=\"margin-left: 20px;\">". t("A composite news feed about") ." $bundle->attributes.</div></p>";
diff --git a/modules/aggregator/aggregator.module b/modules/aggregator/aggregator.module
index 7fe21a63156..82605496713 100644
--- a/modules/aggregator/aggregator.module
+++ b/modules/aggregator/aggregator.module
@@ -92,7 +92,7 @@ function import_bundle_block($attributes) {
 }
 
 function import_feed_block($feed) {
-  $result = db_query_range("SELECT * FROM item WHERE fid = '%s' ORDER BY iid DESC ", $feed->fid, 0, variable_get("import_block_limit", 15));
+  $result = db_query_range("SELECT * FROM item WHERE fid = '%d' ORDER BY iid DESC ", $feed->fid, 0, variable_get("import_block_limit", 15));
 
   while ($item = db_fetch_object($result)) {
     $output .= import_format_item($item);
@@ -161,7 +161,7 @@ function import_get_feeds($attributes = 0) {
 }
 
 function import_remove($feed) {
-  db_query("DELETE FROM item WHERE fid = '%s'", $feed["fid"]);
+  db_query("DELETE FROM item WHERE fid = '%d'", $feed["fid"]);
   return t("removed news items from '%site'.", array("%site" => $feed["title"]));
 }
 
@@ -310,10 +310,10 @@ function import_refresh($feed) {
        */
 
       if ($link && $link != $feed["link"] && $link != $feed["url"]) {
-        $entry = db_fetch_object(db_query("SELECT iid FROM item WHERE fid = '%s' AND link = '%s'", $feed["fid"], $link));
+        $entry = db_fetch_object(db_query("SELECT iid FROM item WHERE fid = '%d' AND link = '%s'", $feed["fid"], $link));
       }
       else {
-        $entry = db_fetch_object(db_query("SELECT iid FROM item WHERE fid = '%s' AND title = '%s'", $feed["fid"], $title));
+        $entry = db_fetch_object(db_query("SELECT iid FROM item WHERE fid = '%d' AND title = '%s'", $feed["fid"], $title));
       }
 
       import_save_item(array(iid => $entry->iid, fid => $feed["fid"], title => $title, link => $link, author => $author, description => $description, attributes => $feed["attributes"]));
@@ -325,7 +325,7 @@ function import_refresh($feed) {
 
     unset($items);
 
-    $result = db_query("SELECT iid FROM item WHERE fid = '%s' ORDER BY timestamp", $feed["fid"]);
+    $result = db_query("SELECT iid FROM item WHERE fid = '%d' ORDER BY timestamp", $feed["fid"]);
 
     while ($item = db_fetch_object($result)) {
       $items[] = "iid = '$item->iid'";
@@ -345,10 +345,10 @@ function import_refresh($feed) {
 
 function import_save_item($edit) {
   if ($edit["iid"] && $edit["title"]) {
-    db_query("UPDATE item SET title = '%s', link = '%s', author = '%s', description = '%s', attributes = '%s' WHERE iid = '%s'", $edit["title"], $edit["link"], $edit["author"], $edit["description"], $edit["attributes"], $edit["iid"]);
+    db_query("UPDATE item SET title = '%s', link = '%s', author = '%s', description = '%s', attributes = '%s' WHERE iid = '%d'", $edit["title"], $edit["link"], $edit["author"], $edit["description"], $edit["attributes"], $edit["iid"]);
   }
   else if ($edit["iid"]) {
-    db_query("DELETE FROM item WHERE iid = '%s'", $edit["iid"]);
+    db_query("DELETE FROM item WHERE iid = '%d'", $edit["iid"]);
   }
   else if ($edit["title"] && $edit["link"]) {
     db_query("INSERT INTO item (fid, title, link, author, description, attributes, timestamp) VALUES ('%s', '%s', '%s', '%s', '%s', '%s', '%s')", $edit["fid"], $edit["title"], $edit["link"], $edit["author"], $edit["description"], $edit["attributes"], time());
@@ -372,10 +372,10 @@ function import_form_bundle($edit = array()) {
 
 function import_save_bundle($edit) {
   if ($edit["bid"] && $edit["title"]) {
-    db_query("UPDATE bundle SET title = '%s', attributes = '%s' WHERE bid = '%s'", $edit["title"], $edit["attributes"], $edit["bid"]);
+    db_query("UPDATE bundle SET title = '%s', attributes = '%s' WHERE bid = '%d'", $edit["title"], $edit["attributes"], $edit["bid"]);
   }
   else if ($edit["bid"]) {
-    db_query("DELETE FROM bundle WHERE bid = '%s'", $edit["bid"]);
+    db_query("DELETE FROM bundle WHERE bid = '%d'", $edit["bid"]);
   }
   else if ($edit["title"]) {
     // a single unique id for bundles and feeds, to use in blocks
@@ -409,12 +409,12 @@ function import_form_feed($edit = array()) {
 
 function import_save_feed($edit) {
   if ($edit["fid"] && $edit["title"]) {
-    db_query("UPDATE feed SET title = '%s', url = '%s', attributes = '%s', refresh = '%s' WHERE fid = '%s'", $edit["title"], $edit["url"], $edit["attributes"], $edit["refresh"], $edit["fid"]);
-    db_query("DELETE FROM item WHERE fid = '%s'", $edit["fid"]);
+    db_query("UPDATE feed SET title = '%s', url = '%s', attributes = '%s', refresh = '%s' WHERE fid = '%d'", $edit["title"], $edit["url"], $edit["attributes"], $edit["refresh"], $edit["fid"]);
+    db_query("DELETE FROM item WHERE fid = '%d'", $edit["fid"]);
   }
   else if ($edit["fid"]) {
-    db_query("DELETE FROM feed WHERE fid = '%s'", $edit["fid"]);
-    db_query("DELETE FROM item WHERE fid = '%s'", $edit["fid"]);
+    db_query("DELETE FROM feed WHERE fid = '%d'", $edit["fid"]);
+    db_query("DELETE FROM item WHERE fid = '%d'", $edit["fid"]);
   }
   else if ($edit["title"]) {
     // a single unique id for bundles and feeds, to use in blocks
@@ -425,17 +425,17 @@ function import_save_feed($edit) {
 
 function import_save_attributes($edit) {
   foreach ($edit as $iid => $value) {
-    db_query("UPDATE item SET attributes = '%s' WHERE iid = '%s'", $value, $iid);
+    db_query("UPDATE item SET attributes = '%s' WHERE iid = '%d'", $value, $iid);
   }
   return "attributes has been saved";
 }
 
 function import_get_feed($fid) {
-  return db_fetch_array(db_query("SELECT * FROM feed WHERE fid = '%s'", $fid));
+  return db_fetch_array(db_query("SELECT * FROM feed WHERE fid = '%d'", $fid));
 }
 
 function import_get_bundle($bid) {
-  return db_fetch_array(db_query("SELECT * FROM bundle WHERE bid = '%s'", $bid));
+  return db_fetch_array(db_query("SELECT * FROM bundle WHERE bid = '%d'", $bid));
 }
 
 function import_view() {
@@ -586,13 +586,13 @@ function import_page_last() {
 function import_page_feed($fid) {
 
 
-  $feed = db_fetch_object(db_query("SELECT * FROM feed WHERE fid = '%s'", $fid));
+  $feed = db_fetch_object(db_query("SELECT * FROM feed WHERE fid = '%d'", $fid));
 
   $header .= "<p><b>". t("Website") .":</b><div style=\"margin-left: 20px;\"><a href=\"$feed->link\">$feed->link</a></div></p>";
   $header .= "<p><b>". t("Description") .":</b><div style=\"margin-left: 20px;\">$feed->description</div></p>";
   $header .= "<p><b>". t("Last update") .":</b><div style=\"margin-left: 20px;\">". format_interval(time() - $feed->timestamp) ." ". t("ago") ." <a href=\"$feed->url\"><img src=\"". theme("image", "xml.gif") ."\" width=\"36\" height=\"14\" align=\"right\" border=\"0\" alt=\"\" /></a><br /><br /></div></p>\n";
 
-  $result = db_query_range("SELECT * FROM item WHERE fid = '%s' ORDER BY iid DESC", $fid, 0, variable_get("import_page_limit", 75));
+  $result = db_query_range("SELECT * FROM item WHERE fid = '%d' ORDER BY iid DESC", $fid, 0, variable_get("import_page_limit", 75));
 
   $output .= "<table border=\"0\" cellpadding=\"4\" cellspacing=\"2\">";
   while ($item = db_fetch_object($result)) {
@@ -622,7 +622,7 @@ function import_page_feed($fid) {
 function import_page_bundle($bid) {
 
 
-  $bundle = db_fetch_object(db_query("SELECT * FROM bundle WHERE bid = '%s'", $bid));
+  $bundle = db_fetch_object(db_query("SELECT * FROM bundle WHERE bid = '%d'", $bid));
 
   $header .= "<p><b>". t("Website") .":</b><div style=\"margin-left: 20px;\">". l($bundle->title, "import/bundle/$bundle->bid") ."</div></p>";
   $header .= "<p><b>". t("Description") .":</b><div style=\"margin-left: 20px;\">". t("A composite news feed about") ." $bundle->attributes.</div></p>";
diff --git a/modules/block.module b/modules/block.module
index b210fa1d7d3..ff8793ef406 100644
--- a/modules/block.module
+++ b/modules/block.module
@@ -213,7 +213,7 @@ function block_admin_preview() {
 }
 
 function block_box_get($bid) {
-  return db_fetch_array(db_query("SELECT * FROM boxes WHERE bid = '%s'", $bid));
+  return db_fetch_array(db_query("SELECT * FROM boxes WHERE bid = '%d'", $bid));
 }
 
 function block_box_form($edit = array()) {
@@ -241,7 +241,7 @@ function block_box_save($edit) {
   }
 
   if ($edit["bid"]) {
-    db_query("UPDATE boxes SET title = '%s', body = '%s', info = '%s', type = '%s' WHERE bid = '%s'", $edit["title"], $edit["body"], $edit["info"], $edit["type"], $edit["bid"]);
+    db_query("UPDATE boxes SET title = '%s', body = '%s', info = '%s', type = '%s' WHERE bid = '%d'", $edit["title"], $edit["body"], $edit["info"], $edit["type"], $edit["bid"]);
     return t("the block has been updated.");
   }
   else {
@@ -252,7 +252,7 @@ function block_box_save($edit) {
 
 function block_box_delete($bid) {
   if ($bid) {
-    db_query("DELETE FROM boxes WHERE bid = '%s'", $bid);
+    db_query("DELETE FROM boxes WHERE bid = '%d'", $bid);
     return t("the block has been deleted.");
   }
 }
diff --git a/modules/block/block.module b/modules/block/block.module
index b210fa1d7d3..ff8793ef406 100644
--- a/modules/block/block.module
+++ b/modules/block/block.module
@@ -213,7 +213,7 @@ function block_admin_preview() {
 }
 
 function block_box_get($bid) {
-  return db_fetch_array(db_query("SELECT * FROM boxes WHERE bid = '%s'", $bid));
+  return db_fetch_array(db_query("SELECT * FROM boxes WHERE bid = '%d'", $bid));
 }
 
 function block_box_form($edit = array()) {
@@ -241,7 +241,7 @@ function block_box_save($edit) {
   }
 
   if ($edit["bid"]) {
-    db_query("UPDATE boxes SET title = '%s', body = '%s', info = '%s', type = '%s' WHERE bid = '%s'", $edit["title"], $edit["body"], $edit["info"], $edit["type"], $edit["bid"]);
+    db_query("UPDATE boxes SET title = '%s', body = '%s', info = '%s', type = '%s' WHERE bid = '%d'", $edit["title"], $edit["body"], $edit["info"], $edit["type"], $edit["bid"]);
     return t("the block has been updated.");
   }
   else {
@@ -252,7 +252,7 @@ function block_box_save($edit) {
 
 function block_box_delete($bid) {
   if ($bid) {
-    db_query("DELETE FROM boxes WHERE bid = '%s'", $bid);
+    db_query("DELETE FROM boxes WHERE bid = '%d'", $bid);
     return t("the block has been deleted.");
   }
 }
diff --git a/modules/blog.module b/modules/blog.module
index b52131422cd..7f8b04f1df0 100644
--- a/modules/blog.module
+++ b/modules/blog.module
@@ -151,7 +151,7 @@ function blog_form(&$node, &$help, &$error) {
       $node->body = "<i>". $blog->body ."</i> [". l($blog->name, "node/view/$nid") ."]";
     }
 
-    if ($iid && $item = db_fetch_object(db_query("SELECT i.*, f.title as ftitle, f.link as flink FROM item i, feed f WHERE i.iid = '%s' AND i.fid = f.fid", $iid))) {
+    if ($iid && $item = db_fetch_object(db_query("SELECT i.*, f.title as ftitle, f.link as flink FROM item i, feed f WHERE i.iid = '%d' AND i.fid = f.fid", $iid))) {
       $node->title = $item->title;
       $node->body = "<a href=\"$item->link\">$item->title</a> - <i>". check_output($item->description) ."</i> [<a href=\"$item->flink\">$item->ftitle</a>]\n";
     }
diff --git a/modules/blog/blog.module b/modules/blog/blog.module
index b52131422cd..7f8b04f1df0 100644
--- a/modules/blog/blog.module
+++ b/modules/blog/blog.module
@@ -151,7 +151,7 @@ function blog_form(&$node, &$help, &$error) {
       $node->body = "<i>". $blog->body ."</i> [". l($blog->name, "node/view/$nid") ."]";
     }
 
-    if ($iid && $item = db_fetch_object(db_query("SELECT i.*, f.title as ftitle, f.link as flink FROM item i, feed f WHERE i.iid = '%s' AND i.fid = f.fid", $iid))) {
+    if ($iid && $item = db_fetch_object(db_query("SELECT i.*, f.title as ftitle, f.link as flink FROM item i, feed f WHERE i.iid = '%d' AND i.fid = f.fid", $iid))) {
       $node->title = $item->title;
       $node->body = "<a href=\"$item->link\">$item->title</a> - <i>". check_output($item->description) ."</i> [<a href=\"$item->flink\">$item->ftitle</a>]\n";
     }
diff --git a/modules/cloud.module b/modules/cloud.module
index a796593c17e..60c565d8cab 100644
--- a/modules/cloud.module
+++ b/modules/cloud.module
@@ -107,15 +107,15 @@ function cloud_form($edit = array()) {
 }
 
 function cloud_get_site($sid) {
-  return db_fetch_array(db_query("SELECT * FROM site WHERE sid = '%s'", $sid));
+  return db_fetch_array(db_query("SELECT * FROM site WHERE sid = '%d'", $sid));
 }
 
 function cloud_save($edit) {
   if ($edit["sid"] && $edit["name"]) {
-    db_query("UPDATE site SET name = '%s', link = '%s', feed = '%s', refresh = '%s', threshold = '%s' WHERE sid = '%s'", $edit["name"], $edit["link"], $edit["feed"], $edit["refresh"], $edit["threshold"], $edit["sid"]);
+    db_query("UPDATE site SET name = '%s', link = '%s', feed = '%s', refresh = '%s', threshold = '%s' WHERE sid = '%d'", $edit["name"], $edit["link"], $edit["feed"], $edit["refresh"], $edit["threshold"], $edit["sid"]);
   }
   else if ($edit["sid"]) {
-    db_query("DELETE FROM site WHERE sid = '%s'", $edit["sid"]);
+    db_query("DELETE FROM site WHERE sid = '%d'", $edit["sid"]);
   }
   else {
     db_query("INSERT INTO site (name, link, feed, refresh, threshold) VALUES  ('%s', '%s', '%s', '%s', '%s')", $edit["name"], $edit["link"], $edit["feed"], $edit["refresh"], $edit["threshold"]);
diff --git a/modules/comment.module b/modules/comment.module
index 21218bf7208..50f9aaeeca2 100644
--- a/modules/comment.module
+++ b/modules/comment.module
@@ -1264,7 +1264,7 @@ function comment_moderate() {
       foreach ($moderation as $cid => $vote) {
         if ($vote) {
           if (($vote == 'offline') && (user_access("administer comments"))) {
-            db_query("UPDATE comments SET status = 1 WHERE cid = '%s'", $cid);
+            db_query("UPDATE comments SET status = 1 WHERE cid = '%d'", $cid);
             watchdog("special", "comment: unpublished comment #". $cid);
 
             /*
diff --git a/modules/comment/comment.module b/modules/comment/comment.module
index 21218bf7208..50f9aaeeca2 100644
--- a/modules/comment/comment.module
+++ b/modules/comment/comment.module
@@ -1264,7 +1264,7 @@ function comment_moderate() {
       foreach ($moderation as $cid => $vote) {
         if ($vote) {
           if (($vote == 'offline') && (user_access("administer comments"))) {
-            db_query("UPDATE comments SET status = 1 WHERE cid = '%s'", $cid);
+            db_query("UPDATE comments SET status = 1 WHERE cid = '%d'", $cid);
             watchdog("special", "comment: unpublished comment #". $cid);
 
             /*
diff --git a/modules/import.module b/modules/import.module
index 7fe21a63156..82605496713 100644
--- a/modules/import.module
+++ b/modules/import.module
@@ -92,7 +92,7 @@ function import_bundle_block($attributes) {
 }
 
 function import_feed_block($feed) {
-  $result = db_query_range("SELECT * FROM item WHERE fid = '%s' ORDER BY iid DESC ", $feed->fid, 0, variable_get("import_block_limit", 15));
+  $result = db_query_range("SELECT * FROM item WHERE fid = '%d' ORDER BY iid DESC ", $feed->fid, 0, variable_get("import_block_limit", 15));
 
   while ($item = db_fetch_object($result)) {
     $output .= import_format_item($item);
@@ -161,7 +161,7 @@ function import_get_feeds($attributes = 0) {
 }
 
 function import_remove($feed) {
-  db_query("DELETE FROM item WHERE fid = '%s'", $feed["fid"]);
+  db_query("DELETE FROM item WHERE fid = '%d'", $feed["fid"]);
   return t("removed news items from '%site'.", array("%site" => $feed["title"]));
 }
 
@@ -310,10 +310,10 @@ function import_refresh($feed) {
        */
 
       if ($link && $link != $feed["link"] && $link != $feed["url"]) {
-        $entry = db_fetch_object(db_query("SELECT iid FROM item WHERE fid = '%s' AND link = '%s'", $feed["fid"], $link));
+        $entry = db_fetch_object(db_query("SELECT iid FROM item WHERE fid = '%d' AND link = '%s'", $feed["fid"], $link));
       }
       else {
-        $entry = db_fetch_object(db_query("SELECT iid FROM item WHERE fid = '%s' AND title = '%s'", $feed["fid"], $title));
+        $entry = db_fetch_object(db_query("SELECT iid FROM item WHERE fid = '%d' AND title = '%s'", $feed["fid"], $title));
       }
 
       import_save_item(array(iid => $entry->iid, fid => $feed["fid"], title => $title, link => $link, author => $author, description => $description, attributes => $feed["attributes"]));
@@ -325,7 +325,7 @@ function import_refresh($feed) {
 
     unset($items);
 
-    $result = db_query("SELECT iid FROM item WHERE fid = '%s' ORDER BY timestamp", $feed["fid"]);
+    $result = db_query("SELECT iid FROM item WHERE fid = '%d' ORDER BY timestamp", $feed["fid"]);
 
     while ($item = db_fetch_object($result)) {
       $items[] = "iid = '$item->iid'";
@@ -345,10 +345,10 @@ function import_refresh($feed) {
 
 function import_save_item($edit) {
   if ($edit["iid"] && $edit["title"]) {
-    db_query("UPDATE item SET title = '%s', link = '%s', author = '%s', description = '%s', attributes = '%s' WHERE iid = '%s'", $edit["title"], $edit["link"], $edit["author"], $edit["description"], $edit["attributes"], $edit["iid"]);
+    db_query("UPDATE item SET title = '%s', link = '%s', author = '%s', description = '%s', attributes = '%s' WHERE iid = '%d'", $edit["title"], $edit["link"], $edit["author"], $edit["description"], $edit["attributes"], $edit["iid"]);
   }
   else if ($edit["iid"]) {
-    db_query("DELETE FROM item WHERE iid = '%s'", $edit["iid"]);
+    db_query("DELETE FROM item WHERE iid = '%d'", $edit["iid"]);
   }
   else if ($edit["title"] && $edit["link"]) {
     db_query("INSERT INTO item (fid, title, link, author, description, attributes, timestamp) VALUES ('%s', '%s', '%s', '%s', '%s', '%s', '%s')", $edit["fid"], $edit["title"], $edit["link"], $edit["author"], $edit["description"], $edit["attributes"], time());
@@ -372,10 +372,10 @@ function import_form_bundle($edit = array()) {
 
 function import_save_bundle($edit) {
   if ($edit["bid"] && $edit["title"]) {
-    db_query("UPDATE bundle SET title = '%s', attributes = '%s' WHERE bid = '%s'", $edit["title"], $edit["attributes"], $edit["bid"]);
+    db_query("UPDATE bundle SET title = '%s', attributes = '%s' WHERE bid = '%d'", $edit["title"], $edit["attributes"], $edit["bid"]);
   }
   else if ($edit["bid"]) {
-    db_query("DELETE FROM bundle WHERE bid = '%s'", $edit["bid"]);
+    db_query("DELETE FROM bundle WHERE bid = '%d'", $edit["bid"]);
   }
   else if ($edit["title"]) {
     // a single unique id for bundles and feeds, to use in blocks
@@ -409,12 +409,12 @@ function import_form_feed($edit = array()) {
 
 function import_save_feed($edit) {
   if ($edit["fid"] && $edit["title"]) {
-    db_query("UPDATE feed SET title = '%s', url = '%s', attributes = '%s', refresh = '%s' WHERE fid = '%s'", $edit["title"], $edit["url"], $edit["attributes"], $edit["refresh"], $edit["fid"]);
-    db_query("DELETE FROM item WHERE fid = '%s'", $edit["fid"]);
+    db_query("UPDATE feed SET title = '%s', url = '%s', attributes = '%s', refresh = '%s' WHERE fid = '%d'", $edit["title"], $edit["url"], $edit["attributes"], $edit["refresh"], $edit["fid"]);
+    db_query("DELETE FROM item WHERE fid = '%d'", $edit["fid"]);
   }
   else if ($edit["fid"]) {
-    db_query("DELETE FROM feed WHERE fid = '%s'", $edit["fid"]);
-    db_query("DELETE FROM item WHERE fid = '%s'", $edit["fid"]);
+    db_query("DELETE FROM feed WHERE fid = '%d'", $edit["fid"]);
+    db_query("DELETE FROM item WHERE fid = '%d'", $edit["fid"]);
   }
   else if ($edit["title"]) {
     // a single unique id for bundles and feeds, to use in blocks
@@ -425,17 +425,17 @@ function import_save_feed($edit) {
 
 function import_save_attributes($edit) {
   foreach ($edit as $iid => $value) {
-    db_query("UPDATE item SET attributes = '%s' WHERE iid = '%s'", $value, $iid);
+    db_query("UPDATE item SET attributes = '%s' WHERE iid = '%d'", $value, $iid);
   }
   return "attributes has been saved";
 }
 
 function import_get_feed($fid) {
-  return db_fetch_array(db_query("SELECT * FROM feed WHERE fid = '%s'", $fid));
+  return db_fetch_array(db_query("SELECT * FROM feed WHERE fid = '%d'", $fid));
 }
 
 function import_get_bundle($bid) {
-  return db_fetch_array(db_query("SELECT * FROM bundle WHERE bid = '%s'", $bid));
+  return db_fetch_array(db_query("SELECT * FROM bundle WHERE bid = '%d'", $bid));
 }
 
 function import_view() {
@@ -586,13 +586,13 @@ function import_page_last() {
 function import_page_feed($fid) {
 
 
-  $feed = db_fetch_object(db_query("SELECT * FROM feed WHERE fid = '%s'", $fid));
+  $feed = db_fetch_object(db_query("SELECT * FROM feed WHERE fid = '%d'", $fid));
 
   $header .= "<p><b>". t("Website") .":</b><div style=\"margin-left: 20px;\"><a href=\"$feed->link\">$feed->link</a></div></p>";
   $header .= "<p><b>". t("Description") .":</b><div style=\"margin-left: 20px;\">$feed->description</div></p>";
   $header .= "<p><b>". t("Last update") .":</b><div style=\"margin-left: 20px;\">". format_interval(time() - $feed->timestamp) ." ". t("ago") ." <a href=\"$feed->url\"><img src=\"". theme("image", "xml.gif") ."\" width=\"36\" height=\"14\" align=\"right\" border=\"0\" alt=\"\" /></a><br /><br /></div></p>\n";
 
-  $result = db_query_range("SELECT * FROM item WHERE fid = '%s' ORDER BY iid DESC", $fid, 0, variable_get("import_page_limit", 75));
+  $result = db_query_range("SELECT * FROM item WHERE fid = '%d' ORDER BY iid DESC", $fid, 0, variable_get("import_page_limit", 75));
 
   $output .= "<table border=\"0\" cellpadding=\"4\" cellspacing=\"2\">";
   while ($item = db_fetch_object($result)) {
@@ -622,7 +622,7 @@ function import_page_feed($fid) {
 function import_page_bundle($bid) {
 
 
-  $bundle = db_fetch_object(db_query("SELECT * FROM bundle WHERE bid = '%s'", $bid));
+  $bundle = db_fetch_object(db_query("SELECT * FROM bundle WHERE bid = '%d'", $bid));
 
   $header .= "<p><b>". t("Website") .":</b><div style=\"margin-left: 20px;\">". l($bundle->title, "import/bundle/$bundle->bid") ."</div></p>";
   $header .= "<p><b>". t("Description") .":</b><div style=\"margin-left: 20px;\">". t("A composite news feed about") ." $bundle->attributes.</div></p>";
diff --git a/modules/node.module b/modules/node.module
index f17436db9b1..a0950a0bca6 100644
--- a/modules/node.module
+++ b/modules/node.module
@@ -472,7 +472,7 @@ function node_filter_link($text) {
 function node_comment_mode($nid) {
   static $comment_mode;
   if (!isset($comment_mode[$nid])) {
-    $comment_mode[$nid] = db_result(db_query("SELECT comment FROM node WHERE nid = '%s'", $nid));
+    $comment_mode[$nid] = db_result(db_query("SELECT comment FROM node WHERE nid = '%d'", $nid));
   }
   return $comment_mode[$nid];
 }
diff --git a/modules/node/node.module b/modules/node/node.module
index f17436db9b1..a0950a0bca6 100644
--- a/modules/node/node.module
+++ b/modules/node/node.module
@@ -472,7 +472,7 @@ function node_filter_link($text) {
 function node_comment_mode($nid) {
   static $comment_mode;
   if (!isset($comment_mode[$nid])) {
-    $comment_mode[$nid] = db_result(db_query("SELECT comment FROM node WHERE nid = '%s'", $nid));
+    $comment_mode[$nid] = db_result(db_query("SELECT comment FROM node WHERE nid = '%d'", $nid));
   }
   return $comment_mode[$nid];
 }
diff --git a/modules/taxonomy.module b/modules/taxonomy.module
index f746b0eb80d..64ad32cdc95 100644
--- a/modules/taxonomy.module
+++ b/modules/taxonomy.module
@@ -347,7 +347,7 @@ function taxonomy_node_form($type, $node = '') {
 
 // return 1 if node identified by $nid contains a taxonomy term identified by $tid in his body or title
 function taxonomy_node_has_term($nid, $tid) {
-  $term_name = db_result(db_query("SELECT name FROM term_data WHERE tid = '%s'", $tid));
+  $term_name = db_result(db_query("SELECT name FROM term_data WHERE tid = '%d'", $tid));
 
   return db_result(db_query("SELECT COUNT(n.nid) FROM node n WHERE n.nid = '%d' AND ((n.body LIKE '%%%s%%') OR (n.body LIKE '%%%s%%'))", $nid, $term_name, $term_name));
 }
diff --git a/modules/taxonomy/taxonomy.module b/modules/taxonomy/taxonomy.module
index f746b0eb80d..64ad32cdc95 100644
--- a/modules/taxonomy/taxonomy.module
+++ b/modules/taxonomy/taxonomy.module
@@ -347,7 +347,7 @@ function taxonomy_node_form($type, $node = '') {
 
 // return 1 if node identified by $nid contains a taxonomy term identified by $tid in his body or title
 function taxonomy_node_has_term($nid, $tid) {
-  $term_name = db_result(db_query("SELECT name FROM term_data WHERE tid = '%s'", $tid));
+  $term_name = db_result(db_query("SELECT name FROM term_data WHERE tid = '%d'", $tid));
 
   return db_result(db_query("SELECT COUNT(n.nid) FROM node n WHERE n.nid = '%d' AND ((n.body LIKE '%%%s%%') OR (n.body LIKE '%%%s%%'))", $nid, $term_name, $term_name));
 }
diff --git a/modules/user.module b/modules/user.module
index c656e683d5c..d6f61b431de 100644
--- a/modules/user.module
+++ b/modules/user.module
@@ -1201,7 +1201,7 @@ function user_admin_access($edit = array()) {
     }
   }
   else if ($id) {
-    db_query("DELETE FROM access WHERE aid = '%s'", $id);
+    db_query("DELETE FROM access WHERE aid = '%d'", $id);
   }
 
   $header = array(t("type"), t("mask"), t("operations"));
@@ -1258,7 +1258,7 @@ function user_admin_perm($edit = array()) {
     while ($role = db_fetch_object($result)) {
       // delete, so if we clear every checkbox we reset that role;
       // otherwise permissions are active and denied everywhere
-      db_query("DELETE FROM permission WHERE rid = '%s'", $role->rid);
+      db_query("DELETE FROM permission WHERE rid = '%d'", $role->rid);
       $perm = $edit[$role->rid] ? implode(", ", array_keys($edit[$role->rid])) : "";
       if ($perm) {
         db_query("INSERT INTO permission (rid, perm) VALUES ('%s', '%s')", $role->rid, $perm);
@@ -1321,11 +1321,11 @@ function user_admin_role($edit = array()) {
   $id = arg(3);
 
   if ($op == t("Save role")) {
-    db_query("UPDATE role SET name = '%s' WHERE rid = '%s'", $edit["name"], $id);
+    db_query("UPDATE role SET name = '%s' WHERE rid = '%d'", $edit["name"], $id);
   }
   else if ($op == t("Delete role")) {
-    db_query("DELETE FROM role WHERE rid = '%s'", $id);
-    db_query("DELETE FROM permission WHERE rid = '%s'", $id);
+    db_query("DELETE FROM role WHERE rid = '%d'", $id);
+    db_query("DELETE FROM permission WHERE rid = '%d'", $id);
   }
   else if ($op == t("Add role")) {
     db_query("INSERT INTO role (name) VALUES ('%s')", $edit["name"]);
@@ -1335,7 +1335,7 @@ function user_admin_role($edit = array()) {
     ** Display role form:
     */
 
-    $role = db_fetch_object(db_query("SELECT * FROM role WHERE rid = '%s'", $id));
+    $role = db_fetch_object(db_query("SELECT * FROM role WHERE rid = '%d'", $id));
 
     $output .= form_textfield(t("Role name"), "name", $role->name, 32, 64, t("The name for this role.  Example: 'moderator', 'editorial board', 'site architect'."));
     $output .= form_submit(t("Save role"));
diff --git a/modules/user/user.module b/modules/user/user.module
index c656e683d5c..d6f61b431de 100644
--- a/modules/user/user.module
+++ b/modules/user/user.module
@@ -1201,7 +1201,7 @@ function user_admin_access($edit = array()) {
     }
   }
   else if ($id) {
-    db_query("DELETE FROM access WHERE aid = '%s'", $id);
+    db_query("DELETE FROM access WHERE aid = '%d'", $id);
   }
 
   $header = array(t("type"), t("mask"), t("operations"));
@@ -1258,7 +1258,7 @@ function user_admin_perm($edit = array()) {
     while ($role = db_fetch_object($result)) {
       // delete, so if we clear every checkbox we reset that role;
       // otherwise permissions are active and denied everywhere
-      db_query("DELETE FROM permission WHERE rid = '%s'", $role->rid);
+      db_query("DELETE FROM permission WHERE rid = '%d'", $role->rid);
       $perm = $edit[$role->rid] ? implode(", ", array_keys($edit[$role->rid])) : "";
       if ($perm) {
         db_query("INSERT INTO permission (rid, perm) VALUES ('%s', '%s')", $role->rid, $perm);
@@ -1321,11 +1321,11 @@ function user_admin_role($edit = array()) {
   $id = arg(3);
 
   if ($op == t("Save role")) {
-    db_query("UPDATE role SET name = '%s' WHERE rid = '%s'", $edit["name"], $id);
+    db_query("UPDATE role SET name = '%s' WHERE rid = '%d'", $edit["name"], $id);
   }
   else if ($op == t("Delete role")) {
-    db_query("DELETE FROM role WHERE rid = '%s'", $id);
-    db_query("DELETE FROM permission WHERE rid = '%s'", $id);
+    db_query("DELETE FROM role WHERE rid = '%d'", $id);
+    db_query("DELETE FROM permission WHERE rid = '%d'", $id);
   }
   else if ($op == t("Add role")) {
     db_query("INSERT INTO role (name) VALUES ('%s')", $edit["name"]);
@@ -1335,7 +1335,7 @@ function user_admin_role($edit = array()) {
     ** Display role form:
     */
 
-    $role = db_fetch_object(db_query("SELECT * FROM role WHERE rid = '%s'", $id));
+    $role = db_fetch_object(db_query("SELECT * FROM role WHERE rid = '%d'", $id));
 
     $output .= form_textfield(t("Role name"), "name", $role->name, 32, 64, t("The name for this role.  Example: 'moderator', 'editorial board', 'site architect'."));
     $output .= form_submit(t("Save role"));