summaryrefslogtreecommitdiff
path: root/program
diff options
context:
space:
mode:
Diffstat (limited to 'program')
-rw-r--r--program/include/rcube_addressbook.php2
-rw-r--r--program/include/rcube_db.php18
2 files changed, 13 insertions, 7 deletions
diff --git a/program/include/rcube_addressbook.php b/program/include/rcube_addressbook.php
index 069ea5715..f4f255322 100644
--- a/program/include/rcube_addressbook.php
+++ b/program/include/rcube_addressbook.php
@@ -465,7 +465,7 @@ abstract class rcube_addressbook
$fn = $contact['name'];
if (!$fn) // default display name composition according to vcard standard
- $fn = join(' ', array_filter(array($contact['prefix'], $contact['firstname'], $contact['middlename'], $contact['surname'], $contact['suffix'])));
+ $fn = trim(join(' ', array_filter(array($contact['prefix'], $contact['firstname'], $contact['middlename'], $contact['surname'], $contact['suffix']))));
// use email address part for name
$email = is_array($contact['email']) ? $contact['email'][0] : $contact['email'];
diff --git a/program/include/rcube_db.php b/program/include/rcube_db.php
index f97d70ab3..eb1ad31b2 100644
--- a/program/include/rcube_db.php
+++ b/program/include/rcube_db.php
@@ -388,13 +388,19 @@ class rcube_db
$idx = 0;
while ($pos = strpos($query, '?', $pos)) {
- $val = $this->quote($params[$idx++]);
- unset($params[$idx-1]);
- $query = substr_replace($query, $val, $pos, 1);
- $pos += strlen($val);
+ if ($query[$pos+1] == '?') { // skip escaped ?
+ $pos += 2;
+ }
+ else {
+ $val = $this->quote($params[$idx++]);
+ unset($params[$idx-1]);
+ $query = substr_replace($query, $val, $pos, 1);
+ $pos += strlen($val);
+ }
}
- $query = rtrim($query, ';');
+ // replace escaped ? back to normal
+ $query = rtrim(strtr($query, array('??' => '?')), ';');
$this->debug($query);
@@ -591,7 +597,7 @@ class rcube_db
'integer' => PDO::PARAM_INT,
);
$type = isset($map[$type]) ? $map[$type] : PDO::PARAM_STR;
- return $this->dbh->quote($input, $type);
+ return strtr($this->dbh->quote($input, $type), array('?' => '??')); // escape ?
}
return 'NULL';