diff options
author | nikrou <nikrou@piwigo.org> | 2010-07-03 12:20:38 +0000 |
---|---|---|
committer | nikrou <nikrou@piwigo.org> | 2010-07-03 12:20:38 +0000 |
commit | 267c1c63a2e77ce74c41254e2f1a215b1f52e306 (patch) | |
tree | 3a6146693cebcb6a23c239f08ae92d7bcd61b0de | |
parent | dd955526ae97b8f830db2f499ab5c57efe874e5b (diff) |
Bug 1755 : Needs single quotes in queries official plugins
git-svn-id: http://piwigo.org/svn/trunk@6654 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to '')
-rw-r--r-- | admin/include/functions_upgrade.php | 4 | ||||
-rw-r--r-- | include/functions_category.inc.php | 2 | ||||
-rw-r--r-- | picture.php | 4 | ||||
-rw-r--r-- | plugins/LocalFilesEditor/maintain.inc.php | 4 | ||||
-rw-r--r-- | plugins/c13y_upgrade/initialize.inc.php | 2 |
5 files changed, 8 insertions, 8 deletions
diff --git a/admin/include/functions_upgrade.php b/admin/include/functions_upgrade.php index b3f4692e6..50150f64a 100644 --- a/admin/include/functions_upgrade.php +++ b/admin/include/functions_upgrade.php @@ -86,7 +86,7 @@ function deactivate_non_standard_plugins() $query = ' SELECT id FROM '.PREFIX_TABLE.'plugins -WHERE state = "active" +WHERE state = \'active\' AND id NOT IN (\'' . implode('\',\'', $standard_plugins) . '\') ;'; @@ -101,7 +101,7 @@ AND id NOT IN (\'' . implode('\',\'', $standard_plugins) . '\') { $query = ' UPDATE '.PREFIX_TABLE.'plugins -SET state="inactive" +SET state=\'inactive\' WHERE id IN (\'' . implode('\',\'', $plugins) . '\') ;'; pwg_query($query); diff --git a/include/functions_category.inc.php b/include/functions_category.inc.php index 263e26708..e6ebf5c84 100644 --- a/include/functions_category.inc.php +++ b/include/functions_category.inc.php @@ -431,7 +431,7 @@ SELECT id, permalink, 0 AS is_old { $query=' UPDATE '.OLD_PERMALINKS_TABLE.' SET last_hit=NOW(), hit=hit+1 - WHERE permalink="'.$permalinks[$i].'" AND cat_id='.$cat_id.' + WHERE permalink=\''.$permalinks[$i].'\' AND cat_id='.$cat_id.' LIMIT 1'; pwg_query($query); } diff --git a/picture.php b/picture.php index 2aa28f886..2fae0cda4 100644 --- a/picture.php +++ b/picture.php @@ -52,9 +52,9 @@ SELECT id, file, level else {// url given by file name assert( !empty($page['image_file']) ); - $query .= 'file LIKE "' . + $query .= 'file LIKE \'' . str_replace(array('_','%'), array('/_','/%'), $page['image_file'] ). - '.%" ESCAPE "/" LIMIT 1'; + '.%\' ESCAPE \'/\' LIMIT 1'; } if ( ! ( $row = pwg_db_fetch_assoc(pwg_query($query)) ) ) {// element does not exist diff --git a/plugins/LocalFilesEditor/maintain.inc.php b/plugins/LocalFilesEditor/maintain.inc.php index 35aca4b30..0f1d31e3f 100644 --- a/plugins/LocalFilesEditor/maintain.inc.php +++ b/plugins/LocalFilesEditor/maintain.inc.php @@ -27,7 +27,7 @@ function plugin_install() $query = ' INSERT INTO ' . CONFIG_TABLE . ' (param,value,comment) -VALUES ("LocalFilesEditor" , "off" , "LocalFiles Editor plugin parameters");'; +VALUES (\'LocalFilesEditor\' , \'off\' , \'LocalFiles Editor plugin parameters\');'; pwg_query($query); } @@ -36,7 +36,7 @@ function plugin_uninstall() { global $prefixeTable; - $query = 'DELETE FROM ' . CONFIG_TABLE . ' WHERE param="LocalFilesEditor" LIMIT 1;'; + $query = 'DELETE FROM ' . CONFIG_TABLE . ' WHERE param=\'LocalFilesEditor\' LIMIT 1;'; pwg_query($query); } diff --git a/plugins/c13y_upgrade/initialize.inc.php b/plugins/c13y_upgrade/initialize.inc.php index 768643a70..00effd05e 100644 --- a/plugins/c13y_upgrade/initialize.inc.php +++ b/plugins/c13y_upgrade/initialize.inc.php @@ -47,7 +47,7 @@ where group by upper('.$conf['user_fields']['email'].') having count(*) > 1 -limit 0,1 +limit 1 ;'; if (pwg_db_fetch_row(pwg_query($query))) |