removed the $is_encoded variable that is unnecessary and which use caused some bugs
This commit is contained in:
Loïc Chapeaux
@@ -19,6 +19,8 @@ $Source$
|
|||||||
* lang/norwegian.inc.php3: fixed some typos and re-sorted a bit.
|
* lang/norwegian.inc.php3: fixed some typos and re-sorted a bit.
|
||||||
* ldi_table.php3: removed some unnecessary lines of code.
|
* ldi_table.php3: removed some unnecessary lines of code.
|
||||||
* sql.php3, lines 51-66: fixed bug #456254 - Crash select on a table.
|
* sql.php3, lines 51-66: fixed bug #456254 - Crash select on a table.
|
||||||
|
* tbl_replace.php3: removed the $is_encoded variable that is unnecessary
|
||||||
|
and which use caused some bugs.
|
||||||
|
|
||||||
2001-08-29 Olivier M<>ller <om@omnis.ch>
|
2001-08-29 Olivier M<>ller <om@omnis.ch>
|
||||||
* left.php3: on login with std_auth, only the databases on which
|
* left.php3: on login with std_auth, only the databases on which
|
||||||
|
|||||||
@@ -29,16 +29,9 @@ if ($goto == 'sql.php3') {
|
|||||||
reset($fields);
|
reset($fields);
|
||||||
reset($funcs);
|
reset($funcs);
|
||||||
// Misc
|
// Misc
|
||||||
$is_encoded = FALSE;
|
|
||||||
if (isset($submit_type)) {
|
|
||||||
if (get_magic_quotes_gpc()) {
|
if (get_magic_quotes_gpc()) {
|
||||||
$submit_type = stripslashes($submit_type);
|
$submit_type = stripslashes($submit_type);
|
||||||
}
|
}
|
||||||
// values have been urlencoded in tbl_change.php3
|
|
||||||
if ($submit_type == $strSave || $submit_type == $strInsertAsNewRow) {
|
|
||||||
$is_encoded = TRUE;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@@ -46,43 +39,26 @@ if (isset($submit_type)) {
|
|||||||
*/
|
*/
|
||||||
if (isset($primary_key) && ($submit_type != $strInsertAsNewRow)) {
|
if (isset($primary_key) && ($submit_type != $strInsertAsNewRow)) {
|
||||||
// Restore the "primary key" to a convenient format
|
// Restore the "primary key" to a convenient format
|
||||||
if ($is_encoded) {
|
|
||||||
$primary_key = urldecode($primary_key);
|
$primary_key = urldecode($primary_key);
|
||||||
}
|
|
||||||
else if (get_magic_quotes_gpc()) {
|
|
||||||
$primary_key = stripslashes($primary_key);
|
|
||||||
}
|
|
||||||
|
|
||||||
// Defines the SET part of the sql query
|
// Defines the SET part of the sql query
|
||||||
$valuelist = '';
|
$valuelist = '';
|
||||||
while (list($key, $val) = each($fields)) {
|
while (list($key, $val) = each($fields)) {
|
||||||
if ($is_encoded) {
|
|
||||||
$encoded_key = $key;
|
$encoded_key = $key;
|
||||||
$key = urldecode($key);
|
$key = urldecode($key);
|
||||||
} else {
|
|
||||||
$encoded_key = urlencode($key);
|
|
||||||
}
|
|
||||||
|
|
||||||
switch (strtolower($val)) {
|
switch (strtolower($val)) {
|
||||||
case 'null':
|
case 'null':
|
||||||
break;
|
break;
|
||||||
case '$enum$':
|
case '$enum$':
|
||||||
// if we have an enum, then construct the value
|
// if we have an enum, then construct the value
|
||||||
if ($is_encoded) {
|
|
||||||
$f = 'field_' . md5($key);
|
$f = 'field_' . md5($key);
|
||||||
} else {
|
|
||||||
$f = 'field_' . $key;
|
|
||||||
}
|
|
||||||
if (!empty($$f)) {
|
if (!empty($$f)) {
|
||||||
$val = implode(',', $$f);
|
$val = implode(',', $$f);
|
||||||
if ($val == 'null') {
|
if ($val == 'null') {
|
||||||
// void
|
// void
|
||||||
} else if ($is_encoded) {
|
|
||||||
$val = "'" . sql_addslashes(urldecode($val)) . "'";
|
|
||||||
} else if (get_magic_quotes_gpc()) {
|
|
||||||
$val = "'" . str_replace('\\"', '"', $val) . "'";
|
|
||||||
} else {
|
} else {
|
||||||
$val = "'" . sql_addslashes($val) . "'";
|
$val = "'" . sql_addslashes(urldecode($val)) . "'";
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
$val = "''";
|
$val = "''";
|
||||||
@@ -90,20 +66,10 @@ if (isset($primary_key) && ($submit_type != $strInsertAsNewRow)) {
|
|||||||
break;
|
break;
|
||||||
case '$set$':
|
case '$set$':
|
||||||
// if we have a set, then construct the value
|
// if we have a set, then construct the value
|
||||||
if ($is_encoded) {
|
|
||||||
$f = 'field_' . md5($key);
|
$f = 'field_' . md5($key);
|
||||||
} else {
|
|
||||||
$f = 'field_' . $key;
|
|
||||||
}
|
|
||||||
if (!empty($$f)) {
|
if (!empty($$f)) {
|
||||||
$val = implode(',', $$f);
|
$val = implode(',', $$f);
|
||||||
if ($is_encoded) {
|
|
||||||
$val = "'" . sql_addslashes(urldecode($val)) . "'";
|
$val = "'" . sql_addslashes(urldecode($val)) . "'";
|
||||||
} else if (get_magic_quotes_gpc()) {
|
|
||||||
$val = "'" . str_replace('\\"', '"', $val) . "'";
|
|
||||||
} else {
|
|
||||||
$val = "'" . sql_addslashes($val) . "'";
|
|
||||||
}
|
|
||||||
} else {
|
} else {
|
||||||
$val = "''";
|
$val = "''";
|
||||||
}
|
}
|
||||||
@@ -162,16 +128,8 @@ else {
|
|||||||
$fieldlist = '';
|
$fieldlist = '';
|
||||||
$valuelist = '';
|
$valuelist = '';
|
||||||
while (list($key, $val) = each($fields)) {
|
while (list($key, $val) = each($fields)) {
|
||||||
if ($is_encoded) {
|
|
||||||
$encoded_key = $key;
|
$encoded_key = $key;
|
||||||
$key = urldecode($key);
|
$key = urldecode($key);
|
||||||
} else {
|
|
||||||
$encoded_key = urlencode($key);
|
|
||||||
// the 'query' row is urlencoded in sql.php3
|
|
||||||
if ($key == 'query') {
|
|
||||||
$val = urldecode($val);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
$fieldlist .= backquote($key) . ', ';
|
$fieldlist .= backquote($key) . ', ';
|
||||||
|
|
||||||
switch (strtolower($val)) {
|
switch (strtolower($val)) {
|
||||||
@@ -179,21 +137,13 @@ else {
|
|||||||
break;
|
break;
|
||||||
case '$enum$':
|
case '$enum$':
|
||||||
// if we have a set, then construct the value
|
// if we have a set, then construct the value
|
||||||
if ($is_encoded) {
|
|
||||||
$f = 'field_' . md5($key);
|
$f = 'field_' . md5($key);
|
||||||
} else {
|
|
||||||
$f = 'field_' . $key;
|
|
||||||
}
|
|
||||||
if (!empty($$f)) {
|
if (!empty($$f)) {
|
||||||
$val = implode(',', $$f);
|
$val = implode(',', $$f);
|
||||||
if ($val == 'null') {
|
if ($val == 'null') {
|
||||||
// void
|
// void
|
||||||
} else if ($is_encoded) {
|
|
||||||
$val = "'" . sql_addslashes(urldecode($val)) . "'";
|
|
||||||
} else if (get_magic_quotes_gpc()) {
|
|
||||||
$val = "'" . str_replace('\\"', '"', $val) . "'";
|
|
||||||
} else {
|
} else {
|
||||||
$val = "'" . sql_addslashes($val) . "'";
|
$val = "'" . sql_addslashes(urldecode($val)) . "'";
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
$val = "''";
|
$val = "''";
|
||||||
@@ -201,20 +151,10 @@ else {
|
|||||||
break;
|
break;
|
||||||
case '$set$':
|
case '$set$':
|
||||||
// if we have a set, then construct the value
|
// if we have a set, then construct the value
|
||||||
if ($is_encoded) {
|
|
||||||
$f = 'field_' . md5($key);
|
$f = 'field_' . md5($key);
|
||||||
} else {
|
|
||||||
$f = 'field_' . $key;
|
|
||||||
}
|
|
||||||
if (!empty($$f)) {
|
if (!empty($$f)) {
|
||||||
$val = implode(',', $$f);
|
$val = implode(',', $$f);
|
||||||
if ($is_encoded) {
|
|
||||||
$val = "'" . sql_addslashes(urldecode($val)) . "'";
|
$val = "'" . sql_addslashes(urldecode($val)) . "'";
|
||||||
} else if (get_magic_quotes_gpc()) {
|
|
||||||
$val = "'" . str_replace('\\"', '"', $val) . "'";
|
|
||||||
} else {
|
|
||||||
$val = "'" . sql_addslashes($val) . "'";
|
|
||||||
}
|
|
||||||
} else {
|
} else {
|
||||||
$val = "''";
|
$val = "''";
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user