Changed database access to PDO using prepared statements

nodeedit.php

@@ -12,37 +12,15 @@ include("includes.php");
 $node_id = sanitize($_GET['node_id']);
 		
 include("header.php");
-		
-$query = "SELECT
-		a.asset_id,
-		n.node_id,
-		n.node_ip,
-		n.node_mac,
-		n.node_dns1,
-		n.node_dns2,
-		n.node_info,
-		s.subnet_id,
-		n.zone_id
-	FROM
-		asset AS a,
-		node AS n,
-		subnet AS s
-	WHERE
-		a.asset_id=n.asset_id
-		AND n.node_id=" . $node_id . "
-		AND s.subnet_id=n.subnet_id";
 
-$node = $db->db_select($query);
-
-$smarty->assign("node_id", $node[0]['node_id']);
-$smarty->assign("node_ip", $node[0]['node_ip']);
-$smarty->assign("node_mac", write_mac($node[0]['node_mac']));
-$smarty->assign("node_dns1", $node[0]['node_dns1']);
-$smarty->assign("node_dns2", $node[0]['node_dns2']);
-$smarty->assign("node_info", $node[0]['node_info']);
-$smarty->assign("asset_id", $node[0]['asset_id']);
-$smarty->assign("subnet_id", $node[0]['subnet_id']);
-$smarty->assign("zone_id", $node[0]['zone_id']);
+$sql = "SELECT node_id AS id, node_ip AS ip, node_mac AS mac,
+            node_dns1 AS dns1, node_dns2 AS dns2, node_info AS info,
+            zone_id, asset_id, subnet_id
+	FROM node
+	WHERE node_id=?";
+$sth = $dbh->prepare($sql);
+$sth->execute([$node_id]);
+$smarty->assign("node", $sth->fetch(PDO::FETCH_OBJ));
 
 $smarty->assign("asset_options", $db->options_asset());
 $smarty->assign("subnet_options", $db->options_subnet());