mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-05-06 07:35:29 +02:00
Code Issues Releases Wiki Activity

#10255

Browse Source 
git-svn-id: file:///svn/phpbb/trunk@7427 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
David M 2007-04-29 20:22:38 +00:00
parent 290187c6c7
commit 202861eec9
2 changed files with 15 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
phpBB/includes/acp/auth.php
View File

@ -969,10 +969,19 @@ class auth_admin extends auth
if ($permission_type !== false)
{
// Get permission type
$sql = 'SELECT auth_option, auth_option_id
FROM ' . ACL_OPTIONS_TABLE . "
WHERE auth_option LIKE '" . $db->sql_escape(str_replace('_', "\_", $permission_type)) . "%'";
$sql .= ($db->sql_layer == 'mssql' || $db->sql_layer == 'mssql_odbc') ? " ESCAPE '\\'" : '';
if ($db->sql_layer == 'sqlite')
{
$sql = 'SELECT auth_option, auth_option_id
FROM ' . ACL_OPTIONS_TABLE . "
WHERE auth_option LIKE '" . $db->sql_escape($permission_type) . "%'";
}
else
{
$sql = 'SELECT auth_option, auth_option_id
FROM ' . ACL_OPTIONS_TABLE . "
WHERE auth_option LIKE '" . $db->sql_escape(str_replace('_', "\_", $permission_type)) . "%'";
$sql .= ($db->sql_layer == 'mssql' || $db->sql_layer == 'mssql_odbc') ? " ESCAPE '\\'" : '';
}
$result = $db->sql_query($sql);

4
phpBB/includes/auth.php
View File

@ -842,7 +842,7 @@ class auth
{
if (strpos($auth_options, '%') !== false)
{
if (strpos($auth_options, '_') !== false)
if (strpos($auth_options, '_') !== false && $db->sql_layer !== 'sqlite')
{
$sql_opts = "AND $key LIKE '" . $db->sql_escape(str_replace('_', "\_", $auth_options)) . "'";
$sql_opts .= ($db->sql_layer == 'mssql' || $db->sql_layer == 'mssql_odbc') ? " ESCAPE '\\' " : '';
@ -881,7 +881,7 @@ class auth
{
if (strpos($option, '%') !== false)
{
if (strpos($option, '_') !== false)
if (strpos($option, '_') !== false && $db->sql_layer !== 'sqlite')
{
$_sql = $key . " LIKE '" . $db->sql_escape(str_replace('_', "\_", $option)) . "'";
$_sql .= ($db->sql_layer == 'mssql' || $db->sql_layer == 'mssql_odbc') ? " ESCAPE '\\'" : '';