# This patch file was generated by NetBeans IDE
# This patch can be applied using context Tools: Apply Diff Patch action on respective folder.
# It uses platform neutral UTF-8 encoding.
# Above lines and this line are ignored by the patching process.
--- administrator/components/com_comprofiler/comprofiler.class.php
+++ administrator/components/com_comprofiler/comprofiler.class.php
@@ -2906,42 +2906,75 @@
 * @param int viewed user id
 * @param IP address of viewing user
 */
-function recordViewHit ( $viewerId, $profileId, $currip) {
+function recordViewHit( $viewerId, $profileId, $currip ) {
 	global $_CB_framework, $_CB_database, $ueConfig;
 
-	$query = "SELECT * FROM #__comprofiler_views WHERE viewer_id = " . (int) $viewerId . " AND profile_id = " . (int) $profileId;
-	if ($viewerId == 0) $query .= " AND lastip = '" . $_CB_database->getEscaped($currip) . "'";
+	$query					=	'SELECT *'
+							.	"\n FROM " . $_CB_database->NameQuote( '#__comprofiler_views' )
+							.	"\n WHERE " . $_CB_database->NameQuote( 'viewer_id' ) . " = " . (int) $viewerId
+							.	"\n AND " . $_CB_database->NameQuote( 'profile_id' ) . " = " . (int) $profileId
+							.	( $viewerId == 0 ? "\n AND " . $_CB_database->NameQuote( 'lastip' ) . " = " . $_CB_database->Quote( $currip ) : null )
+							.	"\n ORDER BY " . $_CB_database->NameQuote( 'lastview' ) . " ASC";
 	$_CB_database->setQuery( $query );
-	$views = null;
-	if ( !( $_CB_database->loadObject( $views ) ) ) {
-		$query = "INSERT INTO #__comprofiler_views ( viewer_id, profile_id, lastip, lastview, viewscount )"
-		. "\n VALUES ( " . (int) $viewerId . ", " . (int) $profileId . ", '" . $_CB_database->getEscaped($currip) . "', NOW(), 1 )";
+	$views					=	$_CB_database->loadObjectList();
+
+	if ( ! $views ) {
+		$query				=	'INSERT INTO ' . $_CB_database->NameQuote( '#__comprofiler_views' )
+							.	"\n ( " . $_CB_database->NameQuote( 'viewer_id' )
+							.	', ' . $_CB_database->NameQuote( 'profile_id' )
+							.	', ' . $_CB_database->NameQuote( 'lastip' )
+							.	', ' . $_CB_database->NameQuote( 'lastview' )
+							.	', ' . $_CB_database->NameQuote( 'viewscount' ) . ' )'
+							.	"\n VALUES ( "
+							.	(int) $viewerId
+							.	', ' . (int) $profileId
+							.	', ' . $_CB_database->Quote( $currip )
+							.	', NOW()'
+							.	', 1 )';
 		$_CB_database->setQuery( $query );
-		if (!$_CB_database->query()) {
-			echo "<script type=\"text/javascript\"> alert('InsertViews: ".$_CB_database->getErrorMsg()."');</script>\n";
-			// exit();
+		if ( ! $_CB_database->query() ) {
+			echo "<script type=\"text/javascript\">alert( 'InsertViews: " . htmlspecialchars( cbGetEscaped( $_CB_database->getErrorMsg() ) ) . "' );</script>\n";
 		}
-		_incHits($profileId);
+
+		_incHits( $profileId );
 	} else {
-		$lastview = strtotime($views->lastview);
-		if ($currip != $views->lastip || $_CB_framework->now() - $lastview > $ueConfig['minHitsInterval']*60) {
-			$query = "UPDATE #__comprofiler_views"
-			. "\n SET viewscount = (viewscount+1),"
-			. "\n lastview = NOW(),"
-			. "\n lastip = '" . $_CB_database->getEscaped($currip) . "'"
-			. "\n WHERE viewer_id = " . (int) $viewerId . " AND profile_id = " . (int) $profileId;
-			if ($viewerId == 0) $query .= " AND lastip = '" . $_CB_database->getEscaped($currip) . "'";
+		$count				=	count( $views );
+
+		foreach ( $views as $view ) {
+			$lastview		=	strtotime( $view->lastview );
+
+			if ( $count > 1 ) {
+				$query		=	'DELETE FROM ' . $_CB_database->NameQuote( '#__comprofiler_views' )
+							.	"\n WHERE " . $_CB_database->NameQuote( 'viewer_id' ) . " = " . (int) $viewerId
+							.	"\n AND " . $_CB_database->NameQuote( 'profile_id' ) . " = " . (int) $profileId
+							.	"\n AND " . $_CB_database->NameQuote( 'lastip' ) . " = " . $_CB_database->Quote( $view->lastip )
+							.	"\n AND " . $_CB_database->NameQuote( 'lastview' ) . " = " . $_CB_database->Quote( $view->lastview );
 			$_CB_database->setQuery( $query );
-			if (!$_CB_database->query()) {
-				echo "<script type=\"text/javascript\"> alert('UpdateViews: ".$_CB_database->getErrorMsg()."');</script>\n";
-				// exit();
+				if ( ! $_CB_database->query() ) {
+					echo "<script type=\"text/javascript\">alert( 'DeleteViews: " . htmlspecialchars( cbGetEscaped( $_CB_database->getErrorMsg() ) ) . "' );</script>\n";
 			}
-			_incHits($profileId);
-		// } else {
-		//	echo "ALREADY_HIT!!!";
+
+				$count		-= 1;
+			} else {
+				if ( ( $currip != $view->lastip ) || ( ( $_CB_framework->now() - $lastview ) > ( $ueConfig['minHitsInterval'] * 60 ) ) ) {
+					$query	=	'UPDATE ' . $_CB_database->NameQuote( '#__comprofiler_views' )
+							.	"\n SET " . $_CB_database->NameQuote( 'viewscount' ) . " = ( " . $_CB_database->NameQuote( 'viewscount' ) . " + 1 )"
+							.	', ' . $_CB_database->NameQuote( 'lastview' ) . " = NOW()"
+							.	', ' . $_CB_database->NameQuote( 'lastip' ) . " = " . $_CB_database->Quote( $currip )
+							.	"\n WHERE " . $_CB_database->NameQuote( 'viewer_id' ) . " = " . (int) $viewerId
+							.	"\n AND " . $_CB_database->NameQuote( 'profile_id' ) . " = " . (int) $profileId
+							.	( $viewerId == 0 ? "\n AND " . $_CB_database->NameQuote( 'lastip' ) . " = " . $_CB_database->Quote( $currip ) : null );
+					$_CB_database->setQuery( $query );
+					if ( ! $_CB_database->query() ) {
+						echo "<script type=\"text/javascript\">alert( 'UpdateViews: " . htmlspecialchars( cbGetEscaped( $_CB_database->getErrorMsg() ) ) . "' );</script>\n";
 		}
+
+					_incHits( $profileId );
 	}
 }
+		}
+	}
+}
 
 /**
 * Calendars for date fields handler