diff options
author | nikrou <nikrou@piwigo.org> | 2010-07-05 21:18:14 +0000 |
---|---|---|
committer | nikrou <nikrou@piwigo.org> | 2010-07-05 21:18:14 +0000 |
commit | a9849aa9b661cce3563b5db1013d88091da4faa6 (patch) | |
tree | bdc081e24990f946a7ea270d65d10896532c8116 | |
parent | 531ee3537559c2a03220b189c17f9c96d73bafc5 (diff) |
Bug 1763 fixed : [PostgreSQL] double quote used in queries
git-svn-id: http://piwigo.org/svn/trunk@6664 68402e56-0260-453c-a942-63ccdbb3a9ee
-rw-r--r-- | admin/include/functions.php | 2 | ||||
-rw-r--r-- | admin/include/functions_permalinks.php | 2 | ||||
-rw-r--r-- | include/functions_category.inc.php | 2 | ||||
-rw-r--r-- | include/functions_search.inc.php | 8 | ||||
-rw-r--r-- | include/section_init.inc.php | 2 | ||||
-rw-r--r-- | plugins/LocalFilesEditor/update_config.php | 4 |
6 files changed, 10 insertions, 10 deletions
diff --git a/admin/include/functions.php b/admin/include/functions.php index 1d7fda97c..8b3861253 100644 --- a/admin/include/functions.php +++ b/admin/include/functions.php @@ -294,7 +294,7 @@ DELETE FROM '.$table.' // destruction of the user $query = ' DELETE FROM '.SESSIONS_TABLE.' - WHERE data LIKE "pwg_uid|i:'.(int)$user_id.';%" + WHERE data LIKE \'pwg_uid|i:'.(int)$user_id.';%\' ;'; pwg_query($query); diff --git a/admin/include/functions_permalinks.php b/admin/include/functions_permalinks.php index a61ed32a0..4073970fd 100644 --- a/admin/include/functions_permalinks.php +++ b/admin/include/functions_permalinks.php @@ -47,7 +47,7 @@ function get_cat_id_from_old_permalink($permalink) SELECT c.id FROM '.OLD_PERMALINKS_TABLE.' op INNER JOIN '.CATEGORIES_TABLE.' c ON op.cat_id=c.id - WHERE op.permalink="'.$permalink.'" + WHERE op.permalink=\''.$permalink.'\' LIMIT 1'; $result = pwg_query($query); $cat_id = null; diff --git a/include/functions_category.inc.php b/include/functions_category.inc.php index e6ebf5c84..7c4634c3f 100644 --- a/include/functions_category.inc.php +++ b/include/functions_category.inc.php @@ -406,7 +406,7 @@ function get_cat_id_from_permalinks( $permalinks, &$idx ) foreach($permalinks as $permalink) { if ( !empty($in) ) $in.=', '; - $in .= '"'.$permalink.'"'; + $in .= '\''.$permalink.'\''; } $query =' SELECT cat_id AS id, permalink, 1 AS is_old diff --git a/include/functions_search.inc.php b/include/functions_search.inc.php index 425de3e6c..06fa6f423 100644 --- a/include/functions_search.inc.php +++ b/include/functions_search.inc.php @@ -393,7 +393,7 @@ function get_qsearch_like_clause($q, $field, $before='%', $after='%') continue; if ( strlen($tokens[$i])==0) continue; - $clauses[] = $field.' LIKE "'.$before.addslashes($tokens[$i]).$after.'"'; + $clauses[] = $field.' LIKE \''.$before.addslashes($tokens[$i]).$after.'\''; } return count($clauses) ? '('.implode(' OR ', $clauses).')' : null; @@ -434,7 +434,7 @@ function get_quick_search_results($q, $super_order_by, $images_where='') // Step 1 - first we find matches in #images table =========================== - $where_clauses='MATCH(i.name, i.comment) AGAINST( "'.$q.'" IN BOOLEAN MODE)'; + $where_clauses='MATCH(i.name, i.comment) AGAINST( \''.$q.'\' IN BOOLEAN MODE)'; if (!empty($q_like_clause)) { $where_clauses .= ' @@ -452,7 +452,7 @@ function get_quick_search_results($q, $super_order_by, $images_where='') ); $query = ' SELECT i.id, - MATCH(i.name, i.comment) AGAINST( "'.$q.'" IN BOOLEAN MODE) AS weight + MATCH(i.name, i.comment) AGAINST( \''.$q.'\' IN BOOLEAN MODE) AS weight FROM '.IMAGES_TABLE.' i WHERE '.implode("\n AND ", $where_clauses); @@ -505,7 +505,7 @@ SELECT id, name, permalink, nb_images FROM '.CATEGORIES_TABLE.' INNER JOIN '.USER_CACHE_CATEGORIES_TABLE.' ON id=cat_id WHERE user_id='.$user['id'].' - AND MATCH(name, comment) AGAINST( "'.$q.'" IN BOOLEAN MODE)'. + AND MATCH(name, comment) AGAINST( \''.$q.'\' IN BOOLEAN MODE)'. get_sql_condition_FandF ( array( 'visible_categories' => 'cat_id' ), "\n AND" ); diff --git a/include/section_init.inc.php b/include/section_init.inc.php index d0d815214..4e731c2e8 100644 --- a/include/section_init.inc.php +++ b/include/section_init.inc.php @@ -259,7 +259,7 @@ if ('categories' == $page['section']) SELECT id FROM '.CATEGORIES_TABLE.' WHERE - uppercats LIKE "'.$page['category']['uppercats'].',%" ' + uppercats LIKE \''.$page['category']['uppercats'].',%\' ' .get_sql_condition_FandF( array ( diff --git a/plugins/LocalFilesEditor/update_config.php b/plugins/LocalFilesEditor/update_config.php index dee442a84..da181ec97 100644 --- a/plugins/LocalFilesEditor/update_config.php +++ b/plugins/LocalFilesEditor/update_config.php @@ -37,8 +37,8 @@ if (isset($_POST['editarea']) and in_array($_POST['editarea'], $possible_values) } $query = ' UPDATE ' . CONFIG_TABLE . ' -SET value = "' . $_POST['editarea'] . '" -WHERE param="LocalFilesEditor" +SET value = \'' . $_POST['editarea'] . '\' +WHERE param=\'LocalFilesEditor\' LIMIT 1'; pwg_query($query); } |