aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authornikrou <nikrou@piwigo.org>2010-07-05 21:18:14 +0000
committernikrou <nikrou@piwigo.org>2010-07-05 21:18:14 +0000
commita9849aa9b661cce3563b5db1013d88091da4faa6 (patch)
treebdc081e24990f946a7ea270d65d10896532c8116
parent531ee3537559c2a03220b189c17f9c96d73bafc5 (diff)
Bug 1763 fixed : [PostgreSQL] double quote used in queries
git-svn-id: http://piwigo.org/svn/trunk@6664 68402e56-0260-453c-a942-63ccdbb3a9ee
-rw-r--r--admin/include/functions.php2
-rw-r--r--admin/include/functions_permalinks.php2
-rw-r--r--include/functions_category.inc.php2
-rw-r--r--include/functions_search.inc.php8
-rw-r--r--include/section_init.inc.php2
-rw-r--r--plugins/LocalFilesEditor/update_config.php4
6 files changed, 10 insertions, 10 deletions
diff --git a/admin/include/functions.php b/admin/include/functions.php
index 1d7fda97c..8b3861253 100644
--- a/admin/include/functions.php
+++ b/admin/include/functions.php
@@ -294,7 +294,7 @@ DELETE FROM '.$table.'
// destruction of the user
$query = '
DELETE FROM '.SESSIONS_TABLE.'
- WHERE data LIKE "pwg_uid|i:'.(int)$user_id.';%"
+ WHERE data LIKE \'pwg_uid|i:'.(int)$user_id.';%\'
;';
pwg_query($query);
diff --git a/admin/include/functions_permalinks.php b/admin/include/functions_permalinks.php
index a61ed32a0..4073970fd 100644
--- a/admin/include/functions_permalinks.php
+++ b/admin/include/functions_permalinks.php
@@ -47,7 +47,7 @@ function get_cat_id_from_old_permalink($permalink)
SELECT c.id
FROM '.OLD_PERMALINKS_TABLE.' op INNER JOIN '.CATEGORIES_TABLE.' c
ON op.cat_id=c.id
- WHERE op.permalink="'.$permalink.'"
+ WHERE op.permalink=\''.$permalink.'\'
LIMIT 1';
$result = pwg_query($query);
$cat_id = null;
diff --git a/include/functions_category.inc.php b/include/functions_category.inc.php
index e6ebf5c84..7c4634c3f 100644
--- a/include/functions_category.inc.php
+++ b/include/functions_category.inc.php
@@ -406,7 +406,7 @@ function get_cat_id_from_permalinks( $permalinks, &$idx )
foreach($permalinks as $permalink)
{
if ( !empty($in) ) $in.=', ';
- $in .= '"'.$permalink.'"';
+ $in .= '\''.$permalink.'\'';
}
$query ='
SELECT cat_id AS id, permalink, 1 AS is_old
diff --git a/include/functions_search.inc.php b/include/functions_search.inc.php
index 425de3e6c..06fa6f423 100644
--- a/include/functions_search.inc.php
+++ b/include/functions_search.inc.php
@@ -393,7 +393,7 @@ function get_qsearch_like_clause($q, $field, $before='%', $after='%')
continue;
if ( strlen($tokens[$i])==0)
continue;
- $clauses[] = $field.' LIKE "'.$before.addslashes($tokens[$i]).$after.'"';
+ $clauses[] = $field.' LIKE \''.$before.addslashes($tokens[$i]).$after.'\'';
}
return count($clauses) ? '('.implode(' OR ', $clauses).')' : null;
@@ -434,7 +434,7 @@ function get_quick_search_results($q, $super_order_by, $images_where='')
// Step 1 - first we find matches in #images table ===========================
- $where_clauses='MATCH(i.name, i.comment) AGAINST( "'.$q.'" IN BOOLEAN MODE)';
+ $where_clauses='MATCH(i.name, i.comment) AGAINST( \''.$q.'\' IN BOOLEAN MODE)';
if (!empty($q_like_clause))
{
$where_clauses .= '
@@ -452,7 +452,7 @@ function get_quick_search_results($q, $super_order_by, $images_where='')
);
$query = '
SELECT i.id,
- MATCH(i.name, i.comment) AGAINST( "'.$q.'" IN BOOLEAN MODE) AS weight
+ MATCH(i.name, i.comment) AGAINST( \''.$q.'\' IN BOOLEAN MODE) AS weight
FROM '.IMAGES_TABLE.' i
WHERE '.implode("\n AND ", $where_clauses);
@@ -505,7 +505,7 @@ SELECT id, name, permalink, nb_images
FROM '.CATEGORIES_TABLE.'
INNER JOIN '.USER_CACHE_CATEGORIES_TABLE.' ON id=cat_id
WHERE user_id='.$user['id'].'
- AND MATCH(name, comment) AGAINST( "'.$q.'" IN BOOLEAN MODE)'.
+ AND MATCH(name, comment) AGAINST( \''.$q.'\' IN BOOLEAN MODE)'.
get_sql_condition_FandF (
array( 'visible_categories' => 'cat_id' ), "\n AND"
);
diff --git a/include/section_init.inc.php b/include/section_init.inc.php
index d0d815214..4e731c2e8 100644
--- a/include/section_init.inc.php
+++ b/include/section_init.inc.php
@@ -259,7 +259,7 @@ if ('categories' == $page['section'])
SELECT id
FROM '.CATEGORIES_TABLE.'
WHERE
- uppercats LIKE "'.$page['category']['uppercats'].',%" '
+ uppercats LIKE \''.$page['category']['uppercats'].',%\' '
.get_sql_condition_FandF(
array
(
diff --git a/plugins/LocalFilesEditor/update_config.php b/plugins/LocalFilesEditor/update_config.php
index dee442a84..da181ec97 100644
--- a/plugins/LocalFilesEditor/update_config.php
+++ b/plugins/LocalFilesEditor/update_config.php
@@ -37,8 +37,8 @@ if (isset($_POST['editarea']) and in_array($_POST['editarea'], $possible_values)
}
$query = '
UPDATE ' . CONFIG_TABLE . '
-SET value = "' . $_POST['editarea'] . '"
-WHERE param="LocalFilesEditor"
+SET value = \'' . $_POST['editarea'] . '\'
+WHERE param=\'LocalFilesEditor\'
LIMIT 1';
pwg_query($query);
}