diff options
author | Aleksander Machniak <alec@alec.pl> | 2013-04-17 19:33:42 +0200 |
---|---|---|
committer | Aleksander Machniak <alec@alec.pl> | 2013-04-17 19:34:37 +0200 |
commit | 51f52b525bc3b10b8008d916353f3034a9081cee (patch) | |
tree | 11f84181e401b90eac1b27f968ac0394707b30ad /program | |
parent | 7af32a95bb7816787516968638b1b80e1a77180d (diff) |
Add rcube_db::escape() method, fix escapeSimple() to use escape instead of quote()
Diffstat (limited to 'program')
-rw-r--r-- | program/lib/Roundcube/rcube_db.php | 28 |
1 files changed, 22 insertions, 6 deletions
diff --git a/program/lib/Roundcube/rcube_db.php b/program/lib/Roundcube/rcube_db.php index 9104a85d8..62ece1ba5 100644 --- a/program/lib/Roundcube/rcube_db.php +++ b/program/lib/Roundcube/rcube_db.php @@ -634,6 +634,22 @@ class rcube_db } /** + * Escapes a string so it can be safely used in a query + * + * @param string $str A string to escape + * + * @return string Escaped string for use in a query + */ + public function escape($str) + { + if (is_null($str)) { + return 'NULL'; + } + + return substr($this->quote($str), 1, -1); + } + + /** * Quotes a string so it can be safely used as a table or column name * * @param string $str Value to quote @@ -648,17 +664,17 @@ class rcube_db } /** - * Quotes a string so it can be safely used as a table or column name + * Escapes a string so it can be safely used in a query * - * @param string $str Value to quote + * @param string $str A string to escape * - * @return string Quoted string for use in query - * @deprecated Replaced by rcube_db::quote - * @see rcube_db::quote + * @return string Escaped string for use in a query + * @deprecated Replaced by rcube_db::escape + * @see rcube_db::escape */ public function escapeSimple($str) { - return $this->quote($str); + return $this->escape($str); } /** |