diff --git a/ChangeLog b/ChangeLog index 7f39eff89..fd37473eb 100755 --- a/ChangeLog +++ b/ChangeLog @@ -13,8 +13,9 @@ $Source$ added variables to define (text) color for marked and hovered objects thanks to Juergen Wind - windkiel for hinting this bug (patch #1503529) * Documentation.html: updated style config option descriptions - * libraries/common.lib.php: added PMA_escapeJsString() to escape strings for - JavaScript inside CDATA blocks + * libraries/common.lib.php: + - added PMA_escapeJsString() to escape strings for JavaScript inside CDATA blocks + - added PMA_unQuote() to remove quotes from strings * libraries/footer.inc.php: correctly escape strings inside JavaScript (part of bug #1532721) diff --git a/libraries/common.lib.php b/libraries/common.lib.php index 1a16fe93f..3bc63f716 100644 --- a/libraries/common.lib.php +++ b/libraries/common.lib.php @@ -723,6 +723,39 @@ if (!defined('PMA_MINIMUM_COMMON')) { return $name; } // end of the 'PMA_unescape_mysql_wildcards()' function + /** + * removes quotes (',",`) from a quoted string + * + * checks if the sting is quoted and removes this quotes + * + * @param string $quoted_string string to remove quotes from + * @param string $quote type of quote to remove + * @return string unqoted string + */ + function PMA_unQuote($quoted_string, $quote = null) + { + $quotes = array(); + + if (null === $quote) { + $quotes[] = '`'; + $quotes[] = '"'; + $quotes[] = "'"; + } else { + $quotes[] = $quote; + } + + foreach ($quotes as $quote) { + if (substr($quoted_string, 0, 1) === $quote + && substr($quoted_string, 1, 1) !== $quote + && substr($quoted_string, -1, 1) === $quote + && substr($quoted_string, -2, 1) !== $quote ) { + return substr($quoted_string, 1, -1); + } + } + + return $quoted_string; + } + /** * format sql strings *