summaryrefslogtreecommitdiff
path: root/program/lib/Roundcube/rcube_db.php
diff options
context:
space:
mode:
authorThomas Bruederli <thomas@roundcube.net>2013-11-07 11:39:23 +0100
committerThomas Bruederli <thomas@roundcube.net>2013-11-07 11:39:23 +0100
commit884e1ecce94a41e705856b0cae6540a171f53461 (patch)
tree8fe459e326459c4a3077af2f53d0fc21b9573ad7 /program/lib/Roundcube/rcube_db.php
parent1e7d1240ed09c4abf411e9ad76eaccf93d4512c0 (diff)
parent00de8ddf8d899a8c9a9ca89009f845f88eb7a6cc (diff)
Merge branch 'master' of github.com:roundcube/roundcubemail
Diffstat (limited to 'program/lib/Roundcube/rcube_db.php')
-rw-r--r--program/lib/Roundcube/rcube_db.php29
1 files changed, 15 insertions, 14 deletions
diff --git a/program/lib/Roundcube/rcube_db.php b/program/lib/Roundcube/rcube_db.php
index aaba28172..2828f26ee 100644
--- a/program/lib/Roundcube/rcube_db.php
+++ b/program/lib/Roundcube/rcube_db.php
@@ -392,7 +392,7 @@ class rcube_db
*/
protected function _query($query, $offset, $numrows, $params)
{
- $query = trim($query);
+ $query = ltrim($query);
$this->db_connect($this->dsn_select($query), true);
@@ -405,27 +405,28 @@ class rcube_db
$query = $this->set_limit($query, $numrows, $offset);
}
- $params = (array) $params;
-
// Because in Roundcube we mostly use queries that are
// executed only once, we will not use prepared queries
$pos = 0;
$idx = 0;
- while ($pos = strpos($query, '?', $pos)) {
- if ($query[$pos+1] == '?') { // skip escaped ?
- $pos += 2;
- }
- else {
- $val = $this->quote($params[$idx++]);
- unset($params[$idx-1]);
- $query = substr_replace($query, $val, $pos, 1);
- $pos += strlen($val);
+ if (count($params)) {
+ while ($pos = strpos($query, '?', $pos)) {
+ if ($query[$pos+1] == '?') { // skip escaped '?'
+ $pos += 2;
+ }
+ else {
+ $val = $this->quote($params[$idx++]);
+ unset($params[$idx-1]);
+ $query = substr_replace($query, $val, $pos, 1);
+ $pos += strlen($val);
+ }
}
}
- // replace escaped ? back to normal
- $query = rtrim(strtr($query, array('??' => '?')), ';');
+ // replace escaped '?' back to normal, see self::quote()
+ $query = str_replace('??', '?', $query);
+ $query = rtrim($query, " \t\n\r\0\x0B;");
$this->debug($query);