Changed database access to PDO using prepared statements

user.php

@@ -10,18 +10,13 @@ SPDX-License-Identifier: GPL-3.0-or-later
 include("includes.php");
 include("header.php");
 
-$query = "SELECT
-		user_id,
-		user_name,
-		user_displayname
-	FROM
-		user
-	ORDER BY
-		user_name";
-	
-$users = $db->db_select($query);
+$sql = "SELECT user_id AS id, user_name AS name,
+            user_displayname AS  displayname
+	FROM user
+	ORDER BY user_name";
+$sth = $dbh->query($sql);
+$smarty->assign("users", $sth->fetchAll(PDO::FETCH_ASSOC));
 
-$smarty->assign("users", $users);
 $smarty->display("user.tpl");
 		
 include("footer.php");