A.L.E.C wrote: > Dennis P. Nikolaenko wrote: > >> _skipDelimitedStrings() essentially counts ' to >> get the idea where strings start and end. It does not handle the case >> when string contains embedded \' >> > > I thought it was fixed in MDB2 package, see > http://trac.roundcube.net/log/trunk/roundcubemail/program/lib/MDB2.php > > I think you're both right. It looks like the heart of the problem behind (http://trac.roundcube.net/ticket/1485504) is that MDB2.php in roundcube's svn trunk hasn't been updated with that fix. Thanks Dennis and Alec.
$sql = "update contacts set firstname = 'test\'s' where contact_id=?"; $sql_result = $RCMAIL->db->query($sql,'91'); Fails with the rc's version of MDB2.php and succeeds with MDB2.php 2.5.0b1 I'm sorry I first reported it as a quoting/stripping problem in roundcube's contact logic. Best, Ziba _______________________________________________ List info: http://lists.roundcube.net/dev/
