fixed some decoding bugs

2001-08-17 11:18:10 +00:00
parent 7c35a94f5d
commit ab073e93e6
1 changed files with 20 additions and 10 deletions
--- a/tbl_replace.php3
+++ b/tbl_replace.php3
@@ -46,12 +46,12 @@ if (isset($submit_type)) {
 */
 if (isset($primary_key) && ($submit_type != $strInsertAsNewRow)) {
    // Restore the "primary key" to a convenient format
-    if (get_magic_quotes_gpc()) {
-        $primary_key = stripslashes($primary_key);
-    }
    if ($is_encoded) {
        $primary_key = urldecode($primary_key);
    }
+    else if (get_magic_quotes_gpc()) {
+        $primary_key = stripslashes($primary_key);
+    }

    // Defines the SET part of the sql query
    $valuelist = '';
@@ -76,6 +76,8 @@ if (isset($primary_key) && ($submit_type != $strInsertAsNewRow)) {
                        // void
                    } else if ($is_encoded) {
                        $val = "'" . sql_addslashes(urldecode($val)) . "'";
+                    } else if (get_magic_quotes_gpc()) {
+                        $val = "'" . str_replace('\\"', '"', $val) . "'";
                    } else {
                        $val = "'" . sql_addslashes($val) . "'";
                    }
@@ -91,10 +93,13 @@ if (isset($primary_key) && ($submit_type != $strInsertAsNewRow)) {
                    $f = 'field_' . $key;
                }
                if (!empty($$f)) {
+                    $val    = implode(',', $$f);
                    if ($is_encoded) {
-                        $val = "'" . sql_addslashes(urldecode(implode(',', $$f))) . "'";
+                        $val = "'" . sql_addslashes(urldecode(',', $val)) . "'";
+                    } else if (get_magic_quotes_gpc()) {
+                        $val = "'" . str_replace('\\"', '"', $val) . "'";
                    } else {
-                        $val = "'" . sql_addslashes(implode(',', $$f)) . "'";
+                        $val = "'" . sql_addslashes($val) . "'";
                    }
                } else {
                    $val = "''";
@@ -172,6 +177,8 @@ else {
                    $val     = implode(',', $$f);
                    if ($val == 'null') {
                        // void
+                    } else if ($is_encoded) {
+                        $val = "'" . sql_addslashes(urldecode($val)) . "'";
                    } else if (get_magic_quotes_gpc()) {
                        $val = "'" . str_replace('\\"', '"', $val) . "'";
                    } else {
@@ -189,10 +196,13 @@ else {
                    $f = 'field_' . $key;
                }
                if (!empty($$f)) {
-                    if (get_magic_quotes_gpc()) {
-                        $val = "'" . str_replace('\\"', '"', implode(',', $$f)) . "'";
+                    $val    = implode(',', $$f);
+                    if ($is_encoded) {
+                        $val = "'" . sql_addslashes(urldecode(',', $val)) . "'";
+                    } else if (get_magic_quotes_gpc()) {
+                        $val = "'" . str_replace('\\"', '"', $val) . "'";
                    } else {
-                        $val = "'" . sql_addslashes(implode(',', $$f)) . "'";
+                        $val = "'" . sql_addslashes($val) . "'";
                    }
                } else {
                    $val     = "''";