No SQL injection in Poject_model.php

Avoid potential SQL injections by either:
- ensuring all raw SQL query strings are passed through
  $this->db->escape()
- using parametrized queries of the form
  $this->db->query($sql, <params>)

The following unused functions are removed:
- get_projects_summary()
- get_projects_by_author_status()

There's also a _search_all_terms() that is called only once, and is
implemented weirdly. Inline it, and use the correct $this->db->like()
syntax.

application/controllers/api/Feed.php

@@ -86,10 +86,10 @@ public function authors_get()
 		}
 	}
 
-	public function lastest_releases_get()
+	public function latest_releases_get()
 	{
 		$this->load->model('project_model');
-		$projects = $this->project_model->get_lastest_releases(10);
+		$projects = $this->project_model->get_latest_releases(10);
 
 		if ($projects)
 		{

application/controllers/private/Stats.php

@@ -22,10 +22,6 @@ public function index($user_id = 0)
 
 		$this->load->model('project_model');
 
-		// This will not fully run - queries need re-write
-		//$this->data['active_stats'] = $this->project_model->get_projects_summary($user_id);
-		//$this->data['inactive_stats'] = $this->project_model->get_projects_summary($user_id, 'inactive');
-
 		$this->insertMethodCSS();
 		$this->insertMethodJS();
 

application/controllers/rss/Rss.php

@@ -82,7 +82,7 @@ function _build_sections()
 	function latest_releases()
 	{
 		$this->load->model('project_model');
-		$this->data['projects'] = $this->project_model->get_lastest_releases(10);
+		$this->data['projects'] = $this->project_model->get_latest_releases(10);
 
 		if ($this->data['projects'])
 		{
@@ -119,4 +119,4 @@ function latest_releases()
 
 		$this->load->view('rss/latest_releases', $this->data, FALSE);
 	}
-}
+}