Bug 1763 fixed : [PostgreSQL] double quote used in queries

git-svn-id: http://piwigo.org/svn/trunk@6664 68402e56-0260-453c-a942-63ccdbb3a9ee
2025-04-29 04:39:56 +03:00 · 2010-07-05 21:18:14 +00:00 · 2010-07-05 21:18:14 +00:00 · a9849aa9b6
commit a9849aa9b6
parent 531ee35375
6 changed files with 10 additions and 10 deletions
--- a/admin/include/functions.php
+++ b/admin/include/functions.php
@ -294,7 +294,7 @@ DELETE FROM '.$table.'
  // destruction of the user
  $query = '
 DELETE FROM '.SESSIONS_TABLE.'
-  WHERE data LIKE "pwg_uid|i:'.(int)$user_id.';%"
+  WHERE data LIKE \'pwg_uid|i:'.(int)$user_id.';%\'
 ;';
  pwg_query($query);
--- a/admin/include/functions_permalinks.php
+++ b/admin/include/functions_permalinks.php
@ -47,7 +47,7 @@ function get_cat_id_from_old_permalink($permalink)
 SELECT c.id
  FROM '.OLD_PERMALINKS_TABLE.' op INNER JOIN '.CATEGORIES_TABLE.' c
    ON op.cat_id=c.id
-  WHERE op.permalink="'.$permalink.'"
+  WHERE op.permalink=\''.$permalink.'\'
  LIMIT 1';
  $result = pwg_query($query);
  $cat_id = null;
--- a/include/functions_category.inc.php
+++ b/include/functions_category.inc.php
@ -406,7 +406,7 @@ function get_cat_id_from_permalinks( $permalinks, &$idx )
  foreach($permalinks as $permalink)
  {
    if ( !empty($in) ) $in.=', ';
-    $in .= '"'.$permalink.'"';
+    $in .= '\''.$permalink.'\'';
  }
  $query ='
 SELECT cat_id AS id, permalink, 1 AS is_old
--- a/include/functions_search.inc.php
+++ b/include/functions_search.inc.php
@ -393,7 +393,7 @@ function get_qsearch_like_clause($q, $field, $before='%', $after='%')
      continue;
    if ( strlen($tokens[$i])==0)
      continue;
-    $clauses[] = $field.' LIKE "'.$before.addslashes($tokens[$i]).$after.'"';
+    $clauses[] = $field.' LIKE \''.$before.addslashes($tokens[$i]).$after.'\'';
  }
  return count($clauses) ? '('.implode(' OR ', $clauses).')' : null;
@ -434,7 +434,7 @@ function get_quick_search_results($q, $super_order_by, $images_where='')
  // Step 1 - first we find matches in #images table ===========================
-  $where_clauses='MATCH(i.name, i.comment) AGAINST( "'.$q.'" IN BOOLEAN MODE)';
+  $where_clauses='MATCH(i.name, i.comment) AGAINST( \''.$q.'\' IN BOOLEAN MODE)';
  if (!empty($q_like_clause))
  {
    $where_clauses .= '
@ -452,7 +452,7 @@ function get_quick_search_results($q, $super_order_by, $images_where='')
      );
  $query = '
 SELECT i.id,
-    MATCH(i.name, i.comment) AGAINST( "'.$q.'" IN BOOLEAN MODE) AS weight
+    MATCH(i.name, i.comment) AGAINST( \''.$q.'\' IN BOOLEAN MODE) AS weight
  FROM '.IMAGES_TABLE.' i
  WHERE '.implode("\n AND ", $where_clauses);
@ -505,7 +505,7 @@ SELECT id, name, permalink, nb_images
  FROM '.CATEGORIES_TABLE.'
    INNER JOIN '.USER_CACHE_CATEGORIES_TABLE.' ON id=cat_id
  WHERE user_id='.$user['id'].'
-    AND MATCH(name, comment) AGAINST( "'.$q.'" IN BOOLEAN MODE)'.
+    AND MATCH(name, comment) AGAINST( \''.$q.'\' IN BOOLEAN MODE)'.
  get_sql_condition_FandF (
      array( 'visible_categories' => 'cat_id' ), "\n    AND"
    );
--- a/include/section_init.inc.php
+++ b/include/section_init.inc.php
@ -259,7 +259,7 @@ if ('categories' == $page['section'])
 SELECT id
  FROM '.CATEGORIES_TABLE.'
  WHERE
-    uppercats LIKE "'.$page['category']['uppercats'].',%" '
+    uppercats LIKE \''.$page['category']['uppercats'].',%\' '
    .get_sql_condition_FandF(
      array
        (
--- a/plugins/LocalFilesEditor/update_config.php
+++ b/plugins/LocalFilesEditor/update_config.php
@ -37,8 +37,8 @@ if (isset($_POST['editarea']) and in_array($_POST['editarea'], $possible_values)
  }
  $query = '
 UPDATE ' . CONFIG_TABLE . '
-SET value = "' . $_POST['editarea'] . '"
+SET value = \'' . $_POST['editarea'] . '\'
-WHERE param="LocalFilesEditor"
+WHERE param=\'LocalFilesEditor\'
 LIMIT 1';
  pwg_query($query);
 }