Changeset:
1004daa79fd8
https://sourceforge.net/p/mrbs/hg-code/ci/1004daa79fd8baa4edb1f55bb2efb56386a2cc61
Author:
Campbell Morrison <[email protected]>
Date:
Mon Nov 09 10:43:55 2015 +0000
Log message:
Fixed another problem with unquoted column names
diffstat:
web/search.php | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diffs (19 lines):
diff -r c7a94a70a159 -r 1004daa79fd8 web/search.php
--- a/web/search.php Mon Nov 09 10:30:36 2015 +0000
+++ b/web/search.php Mon Nov 09 10:43:55 2015 +0000
@@ -216,13 +216,13 @@
// assume PHP5
if (($key !== '') && (strpos(utf8_strtolower($value),
utf8_strtolower($search_str)) !== FALSE))
{
- $sql_pred .= " OR E." . $field['name'] . "='" . sql_escape($key) .
"'";
+ $sql_pred .= " OR E." . sql_quote($field['name']) . "='" .
sql_escape($key) . "'";
}
}
}
elseif ($field['nature'] == 'character')
{
- $sql_pred .= " OR " . sql_syntax_caseless_contains("E." .
$field['name'], $search_str);
+ $sql_pred .= " OR " . sql_syntax_caseless_contains("E." .
sql_quote($field['name']), $search_str);
}
}
}
------------------------------------------------------------------------------
Presto, an open source distributed SQL query engine for big data, initially
developed by Facebook, enables you to easily query your data on Hadoop in a
more interactive manner. Teradata is also now providing full enterprise
support for Presto. Download a free open source copy now.
http://pubads.g.doubleclick.net/gampad/clk?id=250295911&iu=/4140
_______________________________________________
Mrbs-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/mrbs-commits
