aboutsummaryrefslogtreecommitdiffstats
path: root/admin/include/functions_upgrade.php
diff options
context:
space:
mode:
authornikrou <nikrou@piwigo.org>2010-06-17 18:10:11 +0000
committernikrou <nikrou@piwigo.org>2010-06-17 18:10:11 +0000
commit324bdad746f97b257f904f4bef48e0c6bb30164f (patch)
treed425684a77bed8230c54a27dd14b751681b0380c /admin/include/functions_upgrade.php
parentc14850486a897a0b41f25fa9897fe957ca03d379 (diff)
Bug 1733 fixed : single quotes in queries
git-svn-id: http://piwigo.org/svn/trunk@6550 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to 'admin/include/functions_upgrade.php')
-rw-r--r--admin/include/functions_upgrade.php8
1 files changed, 4 insertions, 4 deletions
diff --git a/admin/include/functions_upgrade.php b/admin/include/functions_upgrade.php
index c2df4d5df..b3f4692e6 100644
--- a/admin/include/functions_upgrade.php
+++ b/admin/include/functions_upgrade.php
@@ -87,7 +87,7 @@ function deactivate_non_standard_plugins()
SELECT id
FROM '.PREFIX_TABLE.'plugins
WHERE state = "active"
-AND id NOT IN ("' . implode('","', $standard_plugins) . '")
+AND id NOT IN (\'' . implode('\',\'', $standard_plugins) . '\')
;';
$result = pwg_query($query);
@@ -102,7 +102,7 @@ AND id NOT IN ("' . implode('","', $standard_plugins) . '")
$query = '
UPDATE '.PREFIX_TABLE.'plugins
SET state="inactive"
-WHERE id IN ("' . implode('","', $plugins) . '")
+WHERE id IN (\'' . implode('\',\'', $plugins) . '\')
;';
pwg_query($query);
@@ -162,7 +162,7 @@ SELECT status
$query = '
SELECT password, status
FROM '.USERS_TABLE.'
-WHERE username = "'.$username.'"
+WHERE username = \''.$username.'\'
;';
}
else
@@ -172,7 +172,7 @@ SELECT u.password, ui.status
FROM '.USERS_TABLE.' AS u
INNER JOIN '.USER_INFOS_TABLE.' AS ui
ON u.'.$conf['user_fields']['id'].'=ui.user_id
-WHERE '.$conf['user_fields']['username'].'="'.$username.'"
+WHERE '.$conf['user_fields']['username'].'=\''.$username.'\'
;';
}
$row = pwg_db_fetch_assoc(pwg_query($query));