diff options
Diffstat (limited to 'program/include')
| -rw-r--r-- | program/include/rcube_addressbook.php | 2 | ||||
| -rw-r--r-- | program/include/rcube_db.php | 18 |
2 files changed, 13 insertions, 7 deletions
diff --git a/program/include/rcube_addressbook.php b/program/include/rcube_addressbook.php index 069ea5715..f4f255322 100644 --- a/program/include/rcube_addressbook.php +++ b/program/include/rcube_addressbook.php @@ -465,7 +465,7 @@ abstract class rcube_addressbook $fn = $contact['name']; if (!$fn) // default display name composition according to vcard standard - $fn = join(' ', array_filter(array($contact['prefix'], $contact['firstname'], $contact['middlename'], $contact['surname'], $contact['suffix']))); + $fn = trim(join(' ', array_filter(array($contact['prefix'], $contact['firstname'], $contact['middlename'], $contact['surname'], $contact['suffix'])))); // use email address part for name $email = is_array($contact['email']) ? $contact['email'][0] : $contact['email']; diff --git a/program/include/rcube_db.php b/program/include/rcube_db.php index f97d70ab3..eb1ad31b2 100644 --- a/program/include/rcube_db.php +++ b/program/include/rcube_db.php @@ -388,13 +388,19 @@ class rcube_db $idx = 0; while ($pos = strpos($query, '?', $pos)) { - $val = $this->quote($params[$idx++]); - unset($params[$idx-1]); - $query = substr_replace($query, $val, $pos, 1); - $pos += strlen($val); + if ($query[$pos+1] == '?') { // skip escaped ? + $pos += 2; + } + else { + $val = $this->quote($params[$idx++]); + unset($params[$idx-1]); + $query = substr_replace($query, $val, $pos, 1); + $pos += strlen($val); + } } - $query = rtrim($query, ';'); + // replace escaped ? back to normal + $query = rtrim(strtr($query, array('??' => '?')), ';'); $this->debug($query); @@ -591,7 +597,7 @@ class rcube_db 'integer' => PDO::PARAM_INT, ); $type = isset($map[$type]) ? $map[$type] : PDO::PARAM_STR; - return $this->dbh->quote($input, $type); + return strtr($this->dbh->quote($input, $type), array('?' => '??')); // escape ? } return 'NULL'; |