Fix DB statements

2025-02-12 21:48:42 +00:00 · 2025-02-12 21:48:42 +00:00 · f7481233c8
commit f7481233c8
parent debaa221e7
4 changed files with 138 additions and 111 deletions
--- a/config/rollover.php
+++ b/config/rollover.php
@ -66,7 +66,7 @@ function roll($currentfairyear, $newfairyear, $table, $where = '', $replace = ar
 	 */
 	/* Get field list for this table */
-	$q = $pdo->prepare("SHOW COLUMNS IN $table");
+	$q = $pdo->prepare("SHOW COLUMNS IN `$table`");
 	$q->execute();
 	show_pdo_errors_if_any($pdo);
 	while (($c = $q->fetch(PDO::FETCH_ASSOC))) {
@ -91,8 +91,8 @@ function roll($currentfairyear, $newfairyear, $table, $where = '', $replace = ar
 		$where = '1';
 	/* Get data */
-	$q = $pdo->prepare("SELECT * FROM $table WHERE year=? AND $where");
+	$q = $pdo->prepare("SELECT * FROM $table WHERE year='$currentfairyear' AND $where");
-	$q->execute([$currentfairyear]);
+	$q->execute();
 	show_pdo_errors_if_any($pdo);
 	$names = '`' . join('`,`', $fields) . '`';
@ -108,8 +108,8 @@ function roll($currentfairyear, $newfairyear, $table, $where = '', $replace = ar
 				$vals .= ',' . $pdo->quote($r[$f]);
 		}
-		$stmt = $pdo->prepare("INSERT INTO `$table` (`year`,?) VALUES (?,?)");
+		$stmt = $pdo->prepare("INSERT INTO `$table`(`year`,$names) VALUES ('$newfairyear'$vals)");
-		$stmt->execute([$names,$newfairyear,$vals]);
+		$stmt->execute();
 		show_pdo_errors_if_any($pdo);
 	}
 }
@ -134,119 +134,119 @@ if (get_value_from_array($_POST, 'action') == 'rollover' && get_value_from_array
 		// now the dates
 		echo i18n('Rolling dates') . '<br />';
-		$q = $pdo->prepare("SELECT DATE_ADD(date,INTERVAL 365 DAY) AS newdate,name,description FROM dates WHERE year=?");
+		$q = $pdo->prepare("SELECT DATE_ADD(date,INTERVAL 365 DAY) AS newdate,name,description FROM dates WHERE year='$currentfairyear'");
-		$q->execute([$currentfairyear]);
+		$q->execute();
 		show_pdo_errors_if_any($pdo);
 		while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 			$stmt = $pdo->prepare("INSERT INTO dates (date,name,description,year) VALUES (
-				?,
+				'" . $r->newdate . "',
-				?,
+				'" . $r->name . "',
-				?,
+				'" . $r->description . "',
-				?)");
+				'" . $newfairyear . "')");
-			$stmt->execute([$r->newdate,$r->name,$r->description,$newfairyear]);
+			$stmt->execute();
 			show_pdo_errors_if_any($pdo);
 		}
 		// page text
 		echo i18n('Rolling page texts') . '<br />';
-		$q = $pdo->prepare("SELECT * FROM pagetext WHERE year=?");
+		$q = $pdo->prepare("SELECT * FROM pagetext WHERE year='$currentfairyear'");
-		$q->execute([$currentfairyear]);
+		$q->execute();
 		show_pdo_errors_if_any($pdo);
 		while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 			$stmt = $pdo->prepare("INSERT INTO pagetext (textname,textdescription,text,lastupdate,year,lang) VALUES (
-				?,
+				'" . $r->textname . "',
-				?,
+				'" . $r->textdescription . "',
-				?,
+				'" . $r->text . "',
-				?,
+				'" . $r->lastupdate . "',
-				?,
+				'" . $newfairyear . "',
-                ?)");
+                '" . $r->lang . "')");
-			$stmt->execute([$r->textname,$r->textdescription,$r->text,$r->lastupdate,$newfairyear,$r->lang]);
+			$stmt->execute();
 			show_pdo_errors_if_any($pdo);
 		}
 		echo i18n('Rolling project categories') . '<br />';
 		// project categories
-		$q = $pdo->prepare("SELECT * FROM projectcategories WHERE year=?");
+		$q = $pdo->prepare("SELECT * FROM projectcategories WHERE year='$currentfairyear'");
-		$q->execute([$currentfairyear]);
+		$q->execute();
 		show_pdo_errors_if_any($pdo);
 		while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 			$stmt = $pdo->prepare("INSERT INTO projectcategories (id,category,category_shortform,mingrade,maxgrade,year) VALUES (
-				?,
+				'" . $r->id . "',
-				?,
+				'" . $r->category . "',
-				?,
+				'" . $r->category_shortform . "',
-				?,
+				'" . $r->mingrade . "',
-				?,
+				'" . $r->maxgrade . "',
-				?)");
+				'" . $newfairyear . "')");
-			$stmt->execute([$r->id,$r->category,$r->category_shortform,$r->mingrade,$r->maxgrade,$newfairyear]);
+			$stmt->execute();
 			show_pdo_errors_if_any($pdo);
 		}
 		echo i18n('Rolling project divisions') . '<br />';
 		// project divisions
-		$q = $pdo->prepare("SELECT * FROM projectdivisions WHERE year=?");
+		$q = $pdo->prepare("SELECT * FROM projectdivisions WHERE year='$currentfairyear'");
-		$q->execute([$currentfairyear]);
+		$q->execute();
 		show_pdo_errors_if_any($pdo);
 		while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 			$stmt = $pdo->prepare("INSERT INTO projectdivisions (id,division,division_shortform,cwsfdivisionid,year) VALUES (
-				?,
+				'" . $r->id . "',
-				?,
+				'" . $r->division . "',
-				?,
+				'" . $r->division_shortform . "',
-				?,
+				'" . $r->cwsfdivisionid . "',
-				?)");
+				'" . $newfairyear . "')");
-			$stmt->execute([$r->id,$r->division,$r->division_shortform,$r->cwsfdivisionid,$newfairyear]);
+			$stmt->execute();
 			show_pdo_errors_if_any($pdo);
 		}
 		echo i18n('Rolling project category-division links') . '<br />';
 		// project categories divisions links
-		$q = $pdo->prepare("SELECT * FROM projectcategoriesdivisions_link WHERE year=?");
+		$q = $pdo->prepare("SELECT * FROM projectcategoriesdivisions_link WHERE year='$currentfairyear'");
-		$q->execute([$currentfairyear]);
+		$q->execute();
 		show_pdo_errors_if_any($pdo);
 		while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 			$stmt = $pdo->prepare("INSERT INTO projectcategoriesdivisions_link (projectdivisions_id,projectcategories_id,year) VALUES (
-				?,
+				'" . $r->projectdivisions_id . "',
-				?,
+				'" . $r->projectcategories_id . "',
-				?)");
+				'" . $newfairyear . "')");
-			$stmt->execute([$r->projectdivisions_id,$r->projectcategories_id ,$newfairyear]);
+			$stmt->execute();
 			show_pdo_errors_if_any($pdo);
 		}
 		echo i18n('Rolling project sub-divisions') . '<br />';
 		// project subdivisions
-		$q = $pdo->prepare("SELECT * FROM projectsubdivisions WHERE year=?");
+		$q = $pdo->prepare("SELECT * FROM projectsubdivisions WHERE year='$currentfairyear'");
-		$q->execute([$currentfairyear]);
+		$q->execute();
 		show_pdo_errors_if_any($pdo);
 		while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 			$stmt = $pdo->prepare("INSERT INTO projectsubdivisions (id,projectdivisions_id,subdivision,year) VALUES (
-				?,
+				'" . $r->id . "',
-				?,
+				'" . $r->projectsubdivisions_id . "',
-				?,
+				'" . $r->subdivision . "',
-				?)");
+				'" . $newfairyear . "')");
-			$stmt->execute([$r->id,$r->projectsubdivisions_id,$r->subdivision,$newfairyear]);
+			$stmt->execute();
 			show_pdo_errors_if_any($pdo);
 		}
 		echo i18n('Rolling safety questions') . '<br />';
 		// safety questions
-		$q = $pdo->prepare("SELECT * FROM safetyquestions WHERE year=?");
+		$q = $pdo->prepare("SELECT * FROM safetyquestions WHERE year='$currentfairyear'");
-		$q->execute([$currentfairyear]);
+		$q->execute();
 		show_pdo_errors_if_any($pdo);
 		while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 			$stmt = $pdo->prepare("INSERT INTO safetyquestions (question,type,required,ord,year) VALUES (
-				?,
+				'" . $r->question . "',
-				?,
+				'" . $r->type . "',
-				?,
+				'" . $r->required . "',
-				?,
+				'" . $r->ord . "',
-				?");
+				'" . $newfairyear . "')");
-			$stmt->execute([$r->question,$r->type,$r->required ,$r->ord,$newfairyear]);
+			$stmt->execute();
 			show_pdo_errors_if_any($pdo);
 		}
 		echo i18n('Rolling awards') . '<br />';
 		// awards
-		$q = $pdo->prepare("SELECT * FROM award_awards WHERE year=?");
+		$q = $pdo->prepare("SELECT * FROM award_awards WHERE year='$currentfairyear'");
-		$q->execute([$currentfairyear]);
+		$q->execute();
 		show_pdo_errors_if_any($pdo);
 		while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 			/* Roll the one award */
@ -265,42 +265,69 @@ if (get_value_from_array($_POST, 'action') == 'rollover' && get_value_from_array
 		echo i18n('Rolling award types') . '<br />';
 		// award types
-		$q = $pdo->prepare("SELECT * FROM award_types WHERE year=?");
+		$q = $pdo->prepare("SELECT * FROM award_types WHERE year='$currentfairyear'");
-		$q->execute([$currentfairyear]);
+		$q->execute();
 		show_pdo_errors_if_any($pdo);
 		while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 			$stmt = $pdo->prepare("INSERT INTO award_types (id,type,`order`,year) VALUES (
-				?,
+				'" . $r->id . "',
-				?,
+				'" . $r->type . "',
-				?,
+				'" . $r->order . "',
-				?)");
+				'" . $newfairyear . "')");
-			$stmt->execute([$r->id,$r->type,$r->order,$newfairyear]);
+			$stmt->execute();
 			show_pdo_errors_if_any($pdo);
 		}
 		echo i18n('Rolling schools') . '<br />';
 		// award types
-		$q = $pdo->prepare("SELECT * FROM schools WHERE year=?");
+		$q = $pdo->prepare("SELECT * FROM schools WHERE year='$currentfairyear'");
-		$q->execute([$currentfairyear]);
+		$q->execute();
 		show_pdo_errors_if_any($pdo);
 		while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 			$puid = ($r->principal_uid == null) ? 'NULL' : ("'" . intval($r->principal_uid) . "'");
 			$shuid = ($r->sciencehead_uid == null) ? 'NULL' : ("'" . intval($r->sciencehead_uid) . "'");
-			$stmt = $pdo->prepare('INSERT INTO schools (school, schoollang, schoollevel, board, district, phone, fax, address, city, province_code, postalcode, principal_uid, schoolemail, sciencehead_uid, accesscode, lastlogin, junior, intermediate, senior, registration_password, projectlimit, projectlimitper, year) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, NULL, ?, ?, ?, ?, ?, ?, ?)');
+			$stmt = $pdo->prepare('INSERT INTO schools (school,schoollang,schoollevel,board,district,phone,fax,address,city,province_code,postalcode,principal_uid,schoolemail,sciencehead_uid,accesscode,lastlogin,junior,intermediate,senior,registration_password,projectlimit,projectlimitper,year) VALUES (
-			$stmt->execute([$r->school, $r->schoollang, $r->schoollevel, $r->board, $r->district, $r->phone, $r->fax, $r->address, $r->city, $r->province_code, $r->postalcode, $puid, $r->schoolemail, $shuid, $r->accesscode, $r->junior, $r->intermediate, $r->senior, $r->registration_password, $r->projectlimit, $r->projectlimitper, $newfairyear]);
+				' . $pdo->quote($r->school) . ',
-			
+				' . $pdo->quote($r->schoollang) . ',
 				' . $pdo->quote($r->schoollevel) . ',
 				' . $pdo->quote($r->board) . ',
 				' . $pdo->quote($r->district) . ',
 				' . $pdo->quote($r->phone) . ',
 				' . $pdo->quote($r->fax) . ',
 				' . $pdo->quote($r->address) . ',
 				' . $pdo->quote($r->city) . ',
 				' . $pdo->quote($r->province_code) . ',
 				' . $pdo->quote($r->postalcode) . ",$puid,
 				" . $pdo->quote($r->schoolemail) . ",$shuid,
 				" . $pdo->quote($r->accesscode) . ',
 				NULL,
 				' . $pdo->quote($r->junior) . ',
 				' . $pdo->quote($r->intermediate) . ',
 				' . $pdo->quote($r->senior) . ',
 				' . $pdo->quote($r->registration_password) . ',
 				' . $pdo->quote($r->projectlimit) . ',
 				' . $pdo->quote($r->projectlimitper) . ',
 				' . $newfairyear . ')');
 			$stmt->execute();
 			show_pdo_errors_if_any($pdo);
 		}
 		echo i18n('Rolling questions') . '<br />';
-		$q = $pdo->prepare("SELECT * FROM questions WHERE year=?");
+		$q = $pdo->prepare("SELECT * FROM questions WHERE year='$currentfairyear'");
-		$q->execute([$currentfairyear]);
+		$q->execute();
 		show_pdo_errors_if_any($pdo);
 		while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-			$stmt = $pdo->prepare("INSERT INTO questions (id, year, section, db_heading, question, type, required, ord) VALUES ('', ?, ?, ?, ?, ?, ?, ?)");
+			$stmt = $pdo->prepare("INSERT INTO questions (id,year,section,db_heading,question,type,required,ord) VALUES (
-			$stmt->execute([$newfairyear, $r->section, $r->db_heading, $r->question, $r->type, $r->required, $r->ord]);
+				'',
-
+				'$newfairyear',
 				" . $pdo->quote($r->section) . ',
 				' . $pdo->quote($r->db_heading) . ',
 				' . $pdo->quote($r->question) . ',
 				' . $pdo->quote($r->type) . ',
 				' . $pdo->quote($r->required) . ',
 				' . $pdo->quote($r->ord) . ')');
 			$stmt->execute();
 			show_pdo_errors_if_any($pdo);
 		}
@ -314,32 +341,32 @@ if (get_value_from_array($_POST, 'action') == 'rollover' && get_value_from_array
 		// timeslots and rounds
 		echo i18n('Rolling judging timeslots and rounds') . '<br />';
-		$q = $pdo->prepare("SELECT * FROM judges_timeslots WHERE year=? AND round_id='0'");
+		$q = $pdo->prepare("SELECT * FROM judges_timeslots WHERE year='$currentfairyear' AND round_id='0'");
-		$q->execute([$currentfairyear]);
+		$q->execute();
 		show_pdo_errors_if_any($pdo);
 		while ($r = $q->fetch(PDO::FETCH_ASSOC)) {
 			$d = $newfairyear - $currentfairyear;
 			$stmt = $pdo->prepare("INSERT INTO judges_timeslots (`year`,`round_id`,`type`,`date`,`starttime`,`endtime`,`name`)
-				VALUES (?,'0',?,DATE_ADD(?, INTERVAL ? YEAR),
+				VALUES ('$newfairyear','0','{$r['type']}',DATE_ADD('{$r['date']}', INTERVAL $d YEAR),
-					?,?,?)");
+					'{$r['starttime']}','{$r['endtime']}','{$r['name']}')");
-			$stmt->execute([$newfairyear,$r['type'],$r['date'],$d,$r['starttime'],$r['endtime'],$r['name']]);
+			$stmt->execute();
 			show_pdo_errors_if_any($pdo);
 			$round_id = $pdo->lastInsertId();
-			$qq = $pdo->prepare("SELECT * FROM judges_timeslots WHERE round_id=?");
+			$qq = $pdo->prepare("SELECT * FROM judges_timeslots WHERE round_id='{$r['id']}'");
-			$qq->execute([$r['id']]);
+			$qq->execute();
 			show_pdo_errors_if_any($pdo);
 			while ($rr = $qq->fetch(PDO::FETCH_ASSOC)) {
 				$stmt = $pdo->prepare("INSERT INTO judges_timeslots (`year`,`round_id`,`type`,`date`,`starttime`,`endtime`)
-						VALUES (?,?,'timeslot',DATE_ADD(?, INTERVAL ? YEAR),
+						VALUES ('$newfairyear','$round_id','timeslot',DATE_ADD('{$rr['date']}', INTERVAL $d YEAR),
-							?,?)");
+							'{$rr['starttime']}','{$rr['endtime']}')");
-				$stmt->execute([$newfairyear,$round_id,$rr['date'],$d,$rr['starttime'],$rr['endtime']]);
+				$stmt->execute();
 				show_pdo_errors_if_any($pdo);
 			}
 		}
 		echo '<br /><br />';
-		$stmt = $pdo->prepare("UPDATE config SET val=? WHERE var='FAIRYEAR' AND year=0");
+		$stmt = $pdo->prepare("UPDATE config SET val='$newfairyear' WHERE var='FAIRYEAR' AND year=0");
-		$stmt->execute([$newfairyear]);
+		$stmt->execute();
 		show_pdo_errors_if_any($pdo);
 		echo happy(i18n('Fair year has been rolled over from %1 to %2', array($currentfairyear, $newfairyear)));
 		send_footer();
--- a/config/rolloverfiscal.php
+++ b/config/rolloverfiscal.php
@ -82,8 +82,8 @@ function rolloverfiscalyear($newYear)
 	// first we'll roll over fundraising_campaigns:
 	$fields = '`name`,`type`,`startdate`,`enddate`,`followupdate`,`active`,`target`,`fundraising_goal`,`filterparameters`';
-	$q = $pdo->prepare("SELECT $fields FROM fundraising_campaigns WHERE fiscalyear =?");
+	$q = $pdo->prepare("SELECT $fields FROM fundraising_campaigns WHERE fiscalyear = $oldYear");
-	$q->execute([$oldYear]);
+	$q->execute();
 	while ($pdo->errorInfo()[0] == 0 && $r = $q->fetch(PDO::FETCH_ASSOC)) {
 		foreach (array('startdate', 'enddate', 'followupdate') as $dateField) {
@ -100,16 +100,16 @@ function rolloverfiscalyear($newYear)
 		foreach ($values as $idx => $val) {
 			$values[$idx] = $val;
 		}
-		$query = 'INSERT INTO fundraising_campaigns (`' . implode('`,`', $fields) . "`) VALUES(?)";
+		$query = 'INSERT INTO fundraising_campaigns (`' . implode('`,`', $fields) . "`) VALUES('" . implode("','", $values) . "')";
 		$stmt = $pdo->prepare($query);
-		$stmt->execute([implode("','", $values)]);
+		$stmt->execute();
 	}
 	// next we'll hit findraising_donor_levels
 	$fields = '`level`,`min`,`max`,`description`';
 	if ($pdo->errorInfo()[0] == 0)
-		$q = $pdo->prepare("SELECT $fields FROM fundraising_donor_levels WHERE fiscalyear =?");
+		$q = $pdo->prepare("SELECT $fields FROM fundraising_donor_levels WHERE fiscalyear = $oldYear");
-	$q->execute([$oldYear]);
+	$q->execute();
 	while ($pdo->errorInfo()[0] == 0 && $r = $q->fetch(PDO::FETCH_ASSOC)) {
 		$r['fiscalyear'] = $newYear;
 		$fields = array_keys($r);
@ -117,16 +117,16 @@ function rolloverfiscalyear($newYear)
 		foreach ($values as $idx => $val) {
 			$values[$idx] = $val;
 		}
-		$query = 'INSERT INTO fundraising_donor_levels (`' . implode('`,`', $fields) . "`) VALUES(?)";
+		$query = 'INSERT INTO fundraising_donor_levels (`' . implode('`,`', $fields) . "`) VALUES('" . implode("','", $values) . "')";
 		$stmt = $pdo->prepare($query);
-		$stmt->execute([implode("','", $values)]);
+		$stmt->execute();
 	}
 	// and now we'll do findraising_goals
 	$fields = '`goal`,`name`,`description`,`system`,`budget`,`deadline`';
 	if ($pdo->errorInfo()[0] == 0) {
-		$q = $pdo->prepare("SELECT ? FROM fundraising_goals WHERE fiscalyear =?");
+		$q = $pdo->prepare("SELECT $fields FROM fundraising_goals WHERE fiscalyear = $oldYear");
-		$q->execute([$fields,$oldYear]);
+		$q->execute();
 	}
 	while ($pdo->errorInfo()[0] == 0 && $r = $q->fetch(PDO::FETCH_ASSOC)) {
 		$dateval = $r['deadline'];
@ -142,15 +142,15 @@ function rolloverfiscalyear($newYear)
 		foreach ($values as $idx => $val) {
 			$values[$idx] = $val;
 		}
-		$query = 'INSERT INTO fundraising_goals (`' . implode('`,`', $fields) . "`) VALUES(?)";
+		$query = 'INSERT INTO fundraising_goals (`' . implode('`,`', $fields) . "`) VALUES('" . implode("','", $values) . "')";
 		$stmt = $pdo->prepare($query);
-		$stmt->execute([implode("','", $values)]);
+		$stmt->execute();
 	}
 	// finally, let's update the fiscal year itself:
 	if ($pdo->errorInfo()[0] == 0) {
-		$stmt = $pdo->prepare("UPDATE config SET val=? WHERE var='FISCALYEAR'");
+		$stmt = $pdo->prepare("UPDATE config SET val='$newYear' WHERE var='FISCALYEAR'");
-		$stmt->execute([$newYear]);
+		$stmt->execute();
 	}
 	if ($pdo->errorInfo()[0] == 0) {
--- a/scripts/rolloverschools.php
+++ b/scripts/rolloverschools.php
@ -34,8 +34,8 @@ require_once ('../config_editor.inc.php');
 function roll($currentfairyear, $newfairyear, $table, $fields)
 {
 	global $pdo;
-	$q = $pdo->prepare("SELECT * FROM $table WHERE year=?");
+	$q = $pdo->prepare("SELECT * FROM $table WHERE year='$currentfairyear'");
-	$q->execute([$currentfairyear]);
+	$q->execute();
 	show_pdo_errors_if_any($pdo);
 	$names = '`' . join('`,`', $fields) . '`';
 	while ($r = $q->fetch(PDO::FETCH_ASSOC)) {
@ -44,8 +44,8 @@ function roll($currentfairyear, $newfairyear, $table, $fields)
 			$vals .= ",'" . $r[$f] . "'";
 		}
-		$stmt = $pdo->prepare("INSERT INTO $table(`year`,?) VALUES (?,?)");
+		$stmt = $pdo->prepare("INSERT INTO $table(`year`,$names) VALUES ('$newfairyear'$vals)");
-		$stmt->execute([$names,$newfairyear,$vals]);
+		$stmt->execute();
 		show_pdo_errors_if_any($pdo);
 	}
 }
@ -55,8 +55,8 @@ $newfairyear = 2010;
 echo i18n('Rolling schools') . '<br />';
 // award types
-$q = $pdo->prepare("SELECT * FROM schools WHERE year=?");
+$q = $pdo->prepare("SELECT * FROM schools WHERE year='$currentfairyear'");
-$q->execute([$currentfairyear]);
+$q->execute();
 show_pdo_errors_if_any($pdo);
 while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 	$puid = ($r->principal_uid == null) ? 'NULL' : ("'" . intval($r->principal_uid) . "'");
--- a/scripts/science-ation_db_update.php
+++ b/scripts/science-ation_db_update.php
@ -81,7 +81,7 @@ function theme_config() {
 function path_config() {
    global $pdo;
-    $q = $pdo->prepare("UPDATE `config` SET `val`='/' WHERE `var`='SFIABDIRECTORY'");
+    $q = $pdo->prepare("UPDATE `config` SET `val`='' WHERE `var`='SFIABDIRECTORY'");
    $q->execute();
 }