From 31baeaa715312a1ac8e8a2c94cb4f0740d09a8f0 Mon Sep 17 00:00:00 2001
From: jacob <jacob>
Date: Thu, 18 Nov 2010 15:59:22 +0000
Subject: [PATCH] SQL error fix

---
 api.php      | 3 +--
 testapi.php  | 3 +++
 user.inc.php | 2 +-
 3 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/api.php b/api.php
index 2938ea1..1f6f056 100644
--- a/api.php
+++ b/api.php
@@ -26,13 +26,12 @@ include "common.inc.php";
 require_once("account.inc.php");
 require_once("user.inc.php");
 require_once("schedule.inc.php");
-/*
 if($_SERVER['HTTPS']!="on") {
 	$ret['status']="error";
 	$ret['error']="SSL is required for API access, please access the API over https";
 	echo json_encode($ret);
 	exit;
-}*/
+}
 $request=explode("/",$_GET['request']);
 $ret=array();
 
diff --git a/testapi.php b/testapi.php
index fdb8655..dac08fb 100644
--- a/testapi.php
+++ b/testapi.php
@@ -113,6 +113,9 @@ Link username to email? <input type="radio" name="link_username_to_email" value=
 <input type="submit" value="Edit Team">
 </form>
 
+<h1>User Stuff</h1>
+<a href="api/user/view/">View the user</a><br/>
+
 <h1>Event Schedule</h1>
 <a href="api/schedule/list">Schedule Listing</a><br/>
 
diff --git a/user.inc.php b/user.inc.php
index 2c36611..088415d 100644
--- a/user.inc.php
+++ b/user.inc.php
@@ -725,7 +725,7 @@ function user_save(&$u)
 	){
 		mysql_query("DELETE FROM schedule_users_availability_link WHERE users_id = {$u['id']}");
 		if(count($u['available_events']) > 0){
-			$query = "INSERT INTO schedule_users_availability_link (users_id, schedule_id), VALUES (" . $u['id'] . ", ";
+			$query = "INSERT INTO schedule_users_availability_link (users_id, schedule_id) VALUES (" . $u['id'] . ", ";
 			$query .= implode('), (' . $u['id'] . ', ', $u['available_events']);
 			$query .= ")";
 			mysql_query($query);