From 174252252e63bb6ca9ef1c12ba1bdf7eb128c2c4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lo=C3=AFc=20Chapeaux?= <lolo@phpheaven.net>
Date: Sat, 30 Jun 2001 16:04:38 +0000
Subject: [PATCH] Merged patch #437514

---
 tbl_select.php3 | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/tbl_select.php3 b/tbl_select.php3
index e73f86178..777fcf545 100755
--- a/tbl_select.php3
+++ b/tbl_select.php3
@@ -83,7 +83,7 @@ else {
   }
   $sql_query .= " from $table";
   if ($where != "") {
-    $sql_query .= " where $where";
+    $sql_query .= ' where ' . ((get_magic_quotes_gpc()) ? stripslashes($where) : $where);
   }
   else {
     $sql_query .= " where 1";
@@ -93,14 +93,20 @@ else {
         if ($types[$i]=="string"||$types[$i]=="blob") {
           $quot="\"";
           $cmp="like";
+          if (!get_magic_quotes_gpc()) $fields[$i] = str_replace('"', '\\"', $fields[$i]);
         }
-        elseif($types[$i]=="date"||$types[$i]=="time") {
+        else if ($types[$i]=="date"||$types[$i]=="time") {
           $quot="\"";
           $cmp="=";
         }
         else {
-          $cmp="=";
-          $quot="";
+          if (strstr($fields[$i], '%')) {
+            $cmp='LIKE';
+            $quot='"';
+          } else {
+            $cmp='=';
+            $quot='';
+          }
           if (substr($fields[$i],0,1)=="<" || substr($fields[$i],0,1)==">") $cmp="";
         }
         $sql_query .= " and $names[$i] $cmp $quot$fields[$i]$quot";