Bug 1763 fixed : [PostgreSQL] double quote used in queries

Merge from trunk

git-svn-id: http://piwigo.org/svn/branches/2.1@6665 68402e56-0260-453c-a942-63ccdbb3a9ee

admin/include/functions.php

@@ -294,7 +294,7 @@ DELETE FROM '.$table.'
   // destruction of the user
   $query = '
 DELETE FROM '.SESSIONS_TABLE.'
-  WHERE data LIKE "pwg_uid|i:'.(int)$user_id.';%"
+  WHERE data LIKE \'pwg_uid|i:'.(int)$user_id.';%\'
 ;';
   pwg_query($query);
 

admin/include/functions_permalinks.php

@@ -47,7 +47,7 @@ function get_cat_id_from_old_permalink($permalink)
 SELECT c.id
   FROM '.OLD_PERMALINKS_TABLE.' op INNER JOIN '.CATEGORIES_TABLE.' c
     ON op.cat_id=c.id
-  WHERE op.permalink="'.$permalink.'"
+  WHERE op.permalink=\''.$permalink.'\'
   LIMIT 1';
   $result = pwg_query($query);
   $cat_id = null;

include/functions_category.inc.php

@@ -406,7 +406,7 @@ function get_cat_id_from_permalinks( $permalinks, &$idx )
   foreach($permalinks as $permalink)
   {
     if ( !empty($in) ) $in.=', ';
-    $in .= '"'.$permalink.'"';
+    $in .= '\''.$permalink.'\'';
   }
   $query ='
 SELECT cat_id AS id, permalink, 1 AS is_old

include/functions_search.inc.php

@@ -393,7 +393,7 @@ function get_qsearch_like_clause($q, $field, $before='%', $after='%')
       continue;
     if ( strlen($tokens[$i])==0)
       continue;
-    $clauses[] = $field.' LIKE "'.$before.addslashes($tokens[$i]).$after.'"';
+    $clauses[] = $field.' LIKE \''.$before.addslashes($tokens[$i]).$after.'\'';
   }
 
   return count($clauses) ? '('.implode(' OR ', $clauses).')' : null;
@@ -434,7 +434,7 @@ function get_quick_search_results($q, $super_order_by, $images_where='')
 
 
   // Step 1 - first we find matches in #images table ===========================
-  $where_clauses='MATCH(i.name, i.comment) AGAINST( "'.$q.'" IN BOOLEAN MODE)';
+  $where_clauses='MATCH(i.name, i.comment) AGAINST( \''.$q.'\' IN BOOLEAN MODE)';
   if (!empty($q_like_clause))
   {
     $where_clauses .= '
@@ -452,7 +452,7 @@ function get_quick_search_results($q, $super_order_by, $images_where='')
       );
   $query = '
 SELECT i.id,
-    MATCH(i.name, i.comment) AGAINST( "'.$q.'" IN BOOLEAN MODE) AS weight
+    MATCH(i.name, i.comment) AGAINST( \''.$q.'\' IN BOOLEAN MODE) AS weight
   FROM '.IMAGES_TABLE.' i
   WHERE '.implode("\n AND ", $where_clauses);
 
@@ -505,7 +505,7 @@ SELECT id, name, permalink, nb_images
   FROM '.CATEGORIES_TABLE.'
     INNER JOIN '.USER_CACHE_CATEGORIES_TABLE.' ON id=cat_id
   WHERE user_id='.$user['id'].'
-    AND MATCH(name, comment) AGAINST( "'.$q.'" IN BOOLEAN MODE)'.
+    AND MATCH(name, comment) AGAINST( \''.$q.'\' IN BOOLEAN MODE)'.
   get_sql_condition_FandF (
       array( 'visible_categories' => 'cat_id' ), "\n    AND"
     );

include/section_init.inc.php

@@ -259,7 +259,7 @@ if ('categories' == $page['section'])
 SELECT id
   FROM '.CATEGORIES_TABLE.'
   WHERE
-    uppercats LIKE "'.$page['category']['uppercats'].',%" '
+    uppercats LIKE \''.$page['category']['uppercats'].',%\' '
     .get_sql_condition_FandF(
       array
         (

plugins/LocalFilesEditor/update_config.php

@@ -37,8 +37,8 @@ if (isset($_POST['editarea']) and in_array($_POST['editarea'], $possible_values)
   }
   $query = '
 UPDATE ' . CONFIG_TABLE . '
-SET value = "' . $_POST['editarea'] . '"
-WHERE param="LocalFilesEditor"
+SET value = \'' . $_POST['editarea'] . '\'
+WHERE param=\'LocalFilesEditor\'
 LIMIT 1';
   pwg_query($query);
 }