Update of /cvsroot/mantisbt/mantisbt/core
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv12363/core
Modified Files:
database_api.php
Log Message:
Fixed 4911: db_prepare_string() doesn't work with mysqli
Index: database_api.php
===================================================================
RCS file: /cvsroot/mantisbt/mantisbt/core/database_api.php,v
retrieving revision 1.36
retrieving revision 1.37
diff -u -d -r1.36 -r1.37
--- database_api.php 20 Nov 2004 14:06:02 -0000 1.36
+++ database_api.php 30 Nov 2004 11:00:49 -0000 1.37
@@ -237,6 +237,7 @@
# prepare a string before DB insertion
# @@@ should default be return addslashes( $p_string ); or generate an
error
function db_prepare_string( $p_string ) {
+ global $g_db;
$t_db_type = config_get( 'db_type' );
switch( $t_db_type ) {
@@ -247,8 +248,12 @@
case 'mysql':
return mysql_escape_string( $p_string );
+ # For some reason mysqli_escape_string( $p_string )
always returns an empty
+ # string. This is happening with PHP v5.0.2.
+ # @@@ Consider using ADODB escaping for all databases.
case 'mysqli':
- return mysqli_escape_string( $p_string );
+ $t_escaped = $g_db->qstr( $p_string, false );
+ return substr( $t_escaped, 1, strlen(
$t_escaped ) - 2 );
case 'postgres':
case 'postgres64':
@@ -370,4 +375,4 @@
db_pconnect( $g_hostname, $g_db_username,
$g_db_password, $g_database_name );
}
}
-?>
\ No newline at end of file
+?>
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://productguide.itmanagersjournal.com/
|
Try Searching:
servers, voip, java, networking, microsoft ...
|
|
|
| 
