diff options
| author | Thomas Bruederli <thomas@roundcube.net> | 2013-11-07 11:39:23 +0100 |
|---|---|---|
| committer | Thomas Bruederli <thomas@roundcube.net> | 2013-11-07 11:39:23 +0100 |
| commit | 884e1ecce94a41e705856b0cae6540a171f53461 (patch) | |
| tree | 8fe459e326459c4a3077af2f53d0fc21b9573ad7 /program/lib/Roundcube/rcube_db.php | |
| parent | 1e7d1240ed09c4abf411e9ad76eaccf93d4512c0 (diff) | |
| parent | 00de8ddf8d899a8c9a9ca89009f845f88eb7a6cc (diff) | |
Merge branch 'master' of github.com:roundcube/roundcubemail
Diffstat (limited to 'program/lib/Roundcube/rcube_db.php')
| -rw-r--r-- | program/lib/Roundcube/rcube_db.php | 29 |
1 files changed, 15 insertions, 14 deletions
diff --git a/program/lib/Roundcube/rcube_db.php b/program/lib/Roundcube/rcube_db.php index aaba28172..2828f26ee 100644 --- a/program/lib/Roundcube/rcube_db.php +++ b/program/lib/Roundcube/rcube_db.php @@ -392,7 +392,7 @@ class rcube_db */ protected function _query($query, $offset, $numrows, $params) { - $query = trim($query); + $query = ltrim($query); $this->db_connect($this->dsn_select($query), true); @@ -405,27 +405,28 @@ class rcube_db $query = $this->set_limit($query, $numrows, $offset); } - $params = (array) $params; - // Because in Roundcube we mostly use queries that are // executed only once, we will not use prepared queries $pos = 0; $idx = 0; - while ($pos = strpos($query, '?', $pos)) { - if ($query[$pos+1] == '?') { // skip escaped ? - $pos += 2; - } - else { - $val = $this->quote($params[$idx++]); - unset($params[$idx-1]); - $query = substr_replace($query, $val, $pos, 1); - $pos += strlen($val); + if (count($params)) { + while ($pos = strpos($query, '?', $pos)) { + if ($query[$pos+1] == '?') { // skip escaped '?' + $pos += 2; + } + else { + $val = $this->quote($params[$idx++]); + unset($params[$idx-1]); + $query = substr_replace($query, $val, $pos, 1); + $pos += strlen($val); + } } } - // replace escaped ? back to normal - $query = rtrim(strtr($query, array('??' => '?')), ';'); + // replace escaped '?' back to normal, see self::quote() + $query = str_replace('??', '?', $query); + $query = rtrim($query, " \t\n\r\0\x0B;"); $this->debug($query); |