mirror/php-adminer
1
0
Fork 0
mirror of https://github.com/vrana/adminer.git synced 2025-08-13 18:14:07 +02:00
Code Issues Releases Wiki Activity

Change escape_string to quote

Browse Source 
git-svn-id: https://adminer.svn.sourceforge.net/svnroot/adminer/trunk@747 7c3ca157-0c34-0410-bff1-cbf682f78f5c
This commit is contained in:
jakubvrana
2009-06-22 00:53:51 +00:00
parent e905f856aa
commit 36a3656089
14 changed files with 97 additions and 92 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
adminer/include/editing.inc.php
View File

@@ -73,29 +73,29 @@ function process_input($name, $field) {
} elseif ($field["type"] == "enum" || $field["auto_increment"] ? !strlen($value) : $function == "NULL") {
return "NULL";
} elseif ($field["type"] == "enum") {
return (isset($_GET["default"]) ? "'" . $dbh->escape_string($value) . "'" : intval($value));
return (isset($_GET["default"]) ? $dbh->quote($value) : intval($value));
} elseif ($field["type"] == "set") {
return (isset($_GET["default"]) ? "'" . implode(",", array_map(array($dbh, 'escape_string'), (array) $value)) . "'" : array_sum((array) $value));
return (isset($_GET["default"]) ? "'" . implode(",", array_map('escape_string', (array) $value)) . "'" : array_sum((array) $value));
} elseif (preg_match('~binary|blob~', $field["type"])) {
$file = get_file($idf);
if (!is_string($file)) {
return false; //! report errors
}
return "_binary'" . (is_string($file) ? $dbh->escape_string($file) : "") . "'";
return "_binary" . (is_string($file) ? $dbh->quote($file) : "");
} elseif ($field["type"] == "timestamp" && $value == "CURRENT_TIMESTAMP") {
return $value;
} elseif (preg_match('~^(now|uuid)$~', $function)) {
return "$function()";
} elseif (preg_match('~^[+-]$~', $function)) {
return idf_escape($name) . " $function '" . $dbh->escape_string($value) . "'";
return idf_escape($name) . " $function " . $dbh->quote($value);
} elseif (preg_match('~^[+-] interval$~', $function)) {
return idf_escape($name) . " $function " . (preg_match("~^([0-9]+|'[0-9.: -]') [A-Z_]+$~i", $value) ? $value : "'" . $dbh->escape_string($value) . "'");
return idf_escape($name) . " $function " . (preg_match("~^([0-9]+|'[0-9.: -]') [A-Z_]+$~i", $value) ? $value : $dbh->quote($value));
} elseif (preg_match('~^(addtime|subtime)$~', $function)) {
return "$function(" . idf_escape($name) . ", '" . $dbh->escape_string($value) . "')";
return "$function(" . idf_escape($name) . ", " . $dbh->quote($value) . ")";
} elseif (preg_match('~^(md5|sha1|password)$~', $function)) {
return "$function('" . $dbh->escape_string($value) . "')";
return "$function(" . $dbh->quote($value) . ")";
} else {
return "'" . $dbh->escape_string($value) . "'";
return $dbh->quote($value);
}
}
@@ -116,7 +116,7 @@ function process_type($field, $collate = "COLLATE") {
return " $field[type]"
. ($field["length"] && !preg_match('~^date|time$~', $field["type"]) ? "(" . process_length($field["length"]) . ")" : "")
. (preg_match('~int|float|double|decimal~', $field["type"]) && in_array($field["unsigned"], $unsigned) ? " $field[unsigned]" : "")
. (preg_match('~char|text|enum|set~', $field["type"]) && $field["collation"] ? " $collate '" . $dbh->escape_string($field["collation"]) . "'" : "")
. (preg_match('~char|text|enum|set~', $field["type"]) && $field["collation"] ? " $collate " . $dbh->quote($field["collation"]) : "")
;
}