diff options
author | nikrou <nikrou@piwigo.org> | 2009-11-25 19:02:57 +0000 |
---|---|---|
committer | nikrou <nikrou@piwigo.org> | 2009-11-25 19:02:57 +0000 |
commit | 13ea9d50e35d9dd8cf7235a39d97a344e6091ea0 (patch) | |
tree | a3c6e08df8ea10d0d5f56ffc2f1f14d6cbcfcd67 /include/functions_user.inc.php | |
parent | d30639ec98f8e2929137ab6e00cb2fe3ba295957 (diff) |
Feature 1255: modification in sql queries
- manage random function
- manage regex syntax
- manage quote (single instead of double)
- manage interval
git-svn-id: http://piwigo.org/svn/trunk@4367 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to 'include/functions_user.inc.php')
-rw-r--r-- | include/functions_user.inc.php | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php index 51f8420c9..2a2ed79e9 100644 --- a/include/functions_user.inc.php +++ b/include/functions_user.inc.php @@ -385,8 +385,8 @@ INSERT INTO '.USER_CACHE_TABLE.' VALUES ('.$userdata['id'].',\''.boolean_to_string($userdata['need_update']).'\',' .$userdata['cache_update_time'].',\'' - .$userdata['forbidden_categories'].'\','.$userdata['nb_total_images'].',"' - .$userdata['image_access_type'].'","'.$userdata['image_access_list'].'")'; + .$userdata['forbidden_categories'].'\','.$userdata['nb_total_images'].',\'' + .$userdata['image_access_type'].'\',\''.$userdata['image_access_list'].'\')'; pwg_query($query); } } @@ -632,7 +632,7 @@ FROM '.CATEGORIES_TABLE.' as c if ( isset($filter_days) ) { - $query .= ' AND i.date_available > SUBDATE(CURRENT_DATE,INTERVAL '.$filter_days.' DAY)'; + $query .= ' AND i.date_available > '.pwg_db_get_recent_period_expression($filter_days); } if ( !empty($userdata['forbidden_categories']) ) @@ -1039,7 +1039,7 @@ function try_log_user($username, $password, $remember_me) SELECT '.$conf['user_fields']['id'].' AS id, '.$conf['user_fields']['password'].' AS password FROM '.USERS_TABLE.' - WHERE '.$conf['user_fields']['username'].' = \''.mysql_real_escape_string($username).'\' + WHERE '.$conf['user_fields']['username'].' = \''.pwg_db_real_escape_string($username).'\' ;'; $row = pwg_db_fetch_assoc(pwg_query($query)); if ($row['password'] == $conf['pass_convert']($password)) |