tweak the sql_like_expression feature a little bit to allow correct escaping

git-svn-id: file:///svn/phpbb/trunk@7789 89ea8834-ac86-4346-8a33-228a782c2dd0

phpBB/includes/acp/acp_permission_roles.php

@@ -239,7 +239,7 @@ class acp_permission_roles
 				{
 					$sql = 'SELECT auth_option_id, auth_option
 						FROM ' . ACL_OPTIONS_TABLE . "
-						WHERE auth_option " . $db->sql_like_expression($permission_type . '%') . "
+						WHERE auth_option " . $db->sql_like_expression($permission_type . $db->any_char) . "
 							AND auth_option <> '{$permission_type}'
 						ORDER BY auth_option_id";
 					$result = $db->sql_query($sql);
@@ -305,7 +305,7 @@ class acp_permission_roles
 				// We need to fill the auth options array with ACL_NO options ;)
 				$sql = 'SELECT auth_option_id, auth_option
 					FROM ' . ACL_OPTIONS_TABLE . "
-					WHERE auth_option " . $db->sql_like_expression($permission_type . '%') . "
+					WHERE auth_option " . $db->sql_like_expression($permission_type . $db->any_char) . "
 						AND auth_option <> '{$permission_type}'
 					ORDER BY auth_option_id";
 				$result = $db->sql_query($sql);
@@ -490,7 +490,7 @@ class acp_permission_roles
 		// Get complete auth array
 		$sql = 'SELECT auth_option, auth_option_id
 			FROM ' . ACL_OPTIONS_TABLE . "
-			WHERE auth_option " . $db->sql_like_expression($permission_type . '%');
+			WHERE auth_option " . $db->sql_like_expression($permission_type . $db->any_char);
 		$result = $db->sql_query($sql);
 
 		$auth_settings = array();

phpBB/includes/acp/acp_permissions.php

@@ -1069,7 +1069,7 @@ class acp_permissions
 		global $db, $user;
 
 		$sql_forum_id = ($permission_scope == 'global') ? 'AND a.forum_id = 0' : ((sizeof($forum_id)) ? 'AND ' . $db->sql_in_set('a.forum_id', $forum_id) : 'AND a.forum_id <> 0');
-		$sql_permission_option = ' AND o.auth_option ' . $db->sql_like_expression($permission_type . '%');
+		$sql_permission_option = ' AND o.auth_option ' . $db->sql_like_expression($permission_type . $db->any_char);
 		
 		$sql = $db->sql_build_query('SELECT_DISTINCT', array(
 			'SELECT'	=> 'u.username, u.username_clean, u.user_regdate, u.user_id',

phpBB/includes/acp/acp_prune.php

@@ -393,8 +393,8 @@ class acp_prune
 			$sort_by_types = array('username', 'user_email', 'user_posts', 'user_regdate', 'user_lastvisit');
 
 			$where_sql = '';
-			$where_sql .= ($username) ? ' AND username_clean ' . $db->sql_like_expression(str_replace('*', '%', utf8_clean_string($username))) : '';
-			$where_sql .= ($email) ? ' AND user_email ' . $db->sql_like_expression(str_replace('*', '%', $email)) . ' ' : '';
+			$where_sql .= ($username) ? ' AND username_clean ' . $db->sql_like_expression(str_replace('*', $db->any_char, utf8_clean_string($username))) : '';
+			$where_sql .= ($email) ? ' AND user_email ' . $db->sql_like_expression(str_replace('*', $db->any_char, $email)) . ' ' : '';
 			$where_sql .= (sizeof($joined)) ? " AND user_regdate " . $key_match[$joined_select] . ' ' . gmmktime(0, 0, 0, (int) $joined[1], (int) $joined[2], (int) $joined[0]) : '';
 			$where_sql .= ($count !== '') ? " AND user_posts " . $key_match[$count_select] . ' ' . (int) $count . ' ' : '';
 			$where_sql .= (sizeof($active)) ? " AND user_lastvisit " . $key_match[$active_select] . " " . gmmktime(0, 0, 0, (int) $active[1], (int) $active[2], (int) $active[0]) : '';

phpBB/includes/acp/acp_users.php

@@ -1831,7 +1831,7 @@ class acp_users
 					// Select auth options
 					$sql = 'SELECT auth_option, is_local, is_global
 						FROM ' . ACL_OPTIONS_TABLE . '
-						WHERE auth_option ' . $db->sql_like_expression('%_') . '
+						WHERE auth_option ' . $db->sql_like_expression($db->any_char . '_') . '
 							AND is_global = 1
 						ORDER BY auth_option';
 					$result = $db->sql_query($sql);
@@ -1851,7 +1851,7 @@ class acp_users
 				{
 					$sql = 'SELECT auth_option, is_local, is_global
 						FROM ' . ACL_OPTIONS_TABLE . "
-						WHERE auth_option " . $db->sql_like_expression('%_') . "
+						WHERE auth_option " . $db->sql_like_expression($db->any_char . '_') . "
 							AND is_local = 1
 						ORDER BY is_global DESC, auth_option";
 					$result = $db->sql_query($sql);

phpBB/includes/acp/auth.php

@@ -968,7 +968,7 @@ class auth_admin extends auth
 			// Get permission type
 			$sql = 'SELECT auth_option, auth_option_id
 				FROM ' . ACL_OPTIONS_TABLE . "
-				WHERE auth_option " . $db->sql_like_expression($permission_type . '%');
+				WHERE auth_option " . $db->sql_like_expression($permission_type . $db->any_char);
 			$result = $db->sql_query($sql);
 
 			$auth_id_ary = array();