diff options
author | nikrou <nikrou@piwigo.org> | 2010-06-17 18:10:11 +0000 |
---|---|---|
committer | nikrou <nikrou@piwigo.org> | 2010-06-17 18:10:11 +0000 |
commit | 324bdad746f97b257f904f4bef48e0c6bb30164f (patch) | |
tree | d425684a77bed8230c54a27dd14b751681b0380c /admin/include/functions_upgrade.php | |
parent | c14850486a897a0b41f25fa9897fe957ca03d379 (diff) |
Bug 1733 fixed : single quotes in queries
git-svn-id: http://piwigo.org/svn/trunk@6550 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to 'admin/include/functions_upgrade.php')
-rw-r--r-- | admin/include/functions_upgrade.php | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/admin/include/functions_upgrade.php b/admin/include/functions_upgrade.php index c2df4d5df..b3f4692e6 100644 --- a/admin/include/functions_upgrade.php +++ b/admin/include/functions_upgrade.php @@ -87,7 +87,7 @@ function deactivate_non_standard_plugins() SELECT id FROM '.PREFIX_TABLE.'plugins WHERE state = "active" -AND id NOT IN ("' . implode('","', $standard_plugins) . '") +AND id NOT IN (\'' . implode('\',\'', $standard_plugins) . '\') ;'; $result = pwg_query($query); @@ -102,7 +102,7 @@ AND id NOT IN ("' . implode('","', $standard_plugins) . '") $query = ' UPDATE '.PREFIX_TABLE.'plugins SET state="inactive" -WHERE id IN ("' . implode('","', $plugins) . '") +WHERE id IN (\'' . implode('\',\'', $plugins) . '\') ;'; pwg_query($query); @@ -162,7 +162,7 @@ SELECT status $query = ' SELECT password, status FROM '.USERS_TABLE.' -WHERE username = "'.$username.'" +WHERE username = \''.$username.'\' ;'; } else @@ -172,7 +172,7 @@ SELECT u.password, ui.status FROM '.USERS_TABLE.' AS u INNER JOIN '.USER_INFOS_TABLE.' AS ui ON u.'.$conf['user_fields']['id'].'=ui.user_id -WHERE '.$conf['user_fields']['username'].'="'.$username.'" +WHERE '.$conf['user_fields']['username'].'=\''.$username.'\' ;'; } $row = pwg_db_fetch_assoc(pwg_query($query)); |