diff options
author | nikrou <nikrou@piwigo.org> | 2010-06-17 18:11:11 +0000 |
---|---|---|
committer | nikrou <nikrou@piwigo.org> | 2010-06-17 18:11:11 +0000 |
commit | dbe75d113b43cae453ac5d3331157927fedd6ae7 (patch) | |
tree | 32f261b5fda06b6ac6ccb9cc8a23c706742aa36b /admin/include/functions_upgrade.php | |
parent | 5baa3409e5d3bedcdce35da97c89bd577561165c (diff) |
Bug 1733 fixed : merge from trunk
single quotes in queries
git-svn-id: http://piwigo.org/svn/branches/2.1@6551 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to 'admin/include/functions_upgrade.php')
-rw-r--r-- | admin/include/functions_upgrade.php | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/admin/include/functions_upgrade.php b/admin/include/functions_upgrade.php index c2df4d5df..b3f4692e6 100644 --- a/admin/include/functions_upgrade.php +++ b/admin/include/functions_upgrade.php @@ -87,7 +87,7 @@ function deactivate_non_standard_plugins() SELECT id FROM '.PREFIX_TABLE.'plugins WHERE state = "active" -AND id NOT IN ("' . implode('","', $standard_plugins) . '") +AND id NOT IN (\'' . implode('\',\'', $standard_plugins) . '\') ;'; $result = pwg_query($query); @@ -102,7 +102,7 @@ AND id NOT IN ("' . implode('","', $standard_plugins) . '") $query = ' UPDATE '.PREFIX_TABLE.'plugins SET state="inactive" -WHERE id IN ("' . implode('","', $plugins) . '") +WHERE id IN (\'' . implode('\',\'', $plugins) . '\') ;'; pwg_query($query); @@ -162,7 +162,7 @@ SELECT status $query = ' SELECT password, status FROM '.USERS_TABLE.' -WHERE username = "'.$username.'" +WHERE username = \''.$username.'\' ;'; } else @@ -172,7 +172,7 @@ SELECT u.password, ui.status FROM '.USERS_TABLE.' AS u INNER JOIN '.USER_INFOS_TABLE.' AS ui ON u.'.$conf['user_fields']['id'].'=ui.user_id -WHERE '.$conf['user_fields']['username'].'="'.$username.'" +WHERE '.$conf['user_fields']['username'].'=\''.$username.'\' ;'; } $row = pwg_db_fetch_assoc(pwg_query($query)); |