From 1e08a91e669ca4b88033024c22a9c351666f406a Mon Sep 17 00:00:00 2001
From: David Grudl <david@grudl.com>
Date: Tue, 2 Jun 2009 09:05:13 +0000
Subject: [PATCH] - DibiTranslator: fixed strange security bug! (thanks to
 Matej Kravjar)

---
 dibi/libs/DibiTranslator.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/dibi/libs/DibiTranslator.php b/dibi/libs/DibiTranslator.php
index f20608ed..b06b6d64 100644
--- a/dibi/libs/DibiTranslator.php
+++ b/dibi/libs/DibiTranslator.php
@@ -251,7 +251,7 @@ final class DibiTranslator extends DibiObject
 				foreach ($value as $k => $v) {
 					$pair = explode('%', $k, 2); // split into identifier & modifier
 					$vx[] = $this->delimite($pair[0]) . '='
-						. $this->formatValue($v, isset($pair[1]) ? $pair[1] : is_array($v) ? 'ex' : FALSE);
+						. $this->formatValue($v, isset($pair[1]) ? $pair[1] : (is_array($v) ? 'ex' : FALSE));
 				}
 				return implode(', ', $vx);
 
@@ -259,7 +259,7 @@ final class DibiTranslator extends DibiObject
 			case 'l': // (val, val, ...)
 				foreach ($value as $k => $v) {
 					$pair = explode('%', $k, 2); // split into identifier & modifier
-					$vx[] = $this->formatValue($v, isset($pair[1]) ? $pair[1] : is_array($v) ? 'ex' : FALSE);
+					$vx[] = $this->formatValue($v, isset($pair[1]) ? $pair[1] : (is_array($v) ? 'ex' : FALSE));
 				}
 				return '(' . ($vx ? implode(', ', $vx) : 'NULL') . ')';
 
@@ -268,7 +268,7 @@ final class DibiTranslator extends DibiObject
 				foreach ($value as $k => $v) {
 					$pair = explode('%', $k, 2); // split into identifier & modifier
 					$kx[] = $this->delimite($pair[0]);
-					$vx[] = $this->formatValue($v, isset($pair[1]) ? $pair[1] : is_array($v) ? 'ex' : FALSE);
+					$vx[] = $this->formatValue($v, isset($pair[1]) ? $pair[1] : (is_array($v) ? 'ex' : FALSE));
 				}
 				return '(' . implode(', ', $kx) . ') VALUES (' . implode(', ', $vx) . ')';