diff options
author | Nathan Gass | 2021-01-27 12:22:50 +0100 |
---|---|---|
committer | Nathan Gass | 2021-01-27 12:22:50 +0100 |
commit | 904d3827bdc4b1647b3f7f90cfa93c41ad916c42 (patch) | |
tree | 77d6d38a026eacd4f691817935bb9bc2ca0834e8 | |
parent | c03eb11f8fa370460cb8f74b80117d9568a4ca8b (diff) | |
download | itools-904d3827bdc4b1647b3f7f90cfa93c41ad916c42.tar.gz itools-904d3827bdc4b1647b3f7f90cfa93c41ad916c42.tar.bz2 itools-904d3827bdc4b1647b3f7f90cfa93c41ad916c42.zip |
add support for type specific escape functions
-rw-r--r-- | it_dbi.class | 26 |
1 files changed, 24 insertions, 2 deletions
diff --git a/it_dbi.class b/it_dbi.class index 6268105..65c083e 100644 --- a/it_dbi.class +++ b/it_dbi.class @@ -281,7 +281,12 @@ function _expressions($tags, $force = false) else if (substr($field, 0, 1) === '-') # Unquoted value (always added) $result[substr($field, 1)] = $value; else if ($force || (isset($value) && isset($this->_data[$field]) ? strval($value) !== strval($this->_data[$field]) : $value !== $this->_data[$field] || !array_key_exists($field, $this->_data))) - $result[$field] = isset($value) ? $this->escape_string($value) : 'NULL'; + { + if (isset($value)) + $result[$field] = $this->_escapefunc[$field] ? $this->_escapefunc[$field]($value) : $this->escape_string($value); + else + $result[$field] = 'NULL'; + } } if ($alldyns) @@ -924,6 +929,16 @@ function escape_name($str) } /** + * Escapes a bool value for use in a DB query + * @param The bool to be quoted + * @return The quoted value + */ +static function escape_bool($bool) +{ + return $bool ? 'TRUE' : 'FALSE'; +} + +/** * INTERNAL: Store information about a table's fields in $this->_fields, possibly from cache. * @return array(keyfield, autoincrement, randomid) */ @@ -939,7 +954,12 @@ function _get_field_info() foreach ($this->_get_field_defs() as $name => $field) { $this->_fields[$name] = $field + array('Length' => preg_match('/date|time/', $field['Type']) ? 20 : intval(it::match('\d+', $field['Type']))); - if (preg_match('/^(tiny|small|medium|)int|^float|^double/', $field['Type'])) + if ($field['_convertfunc'] || $field['_escapefunc']) + { + $this->_convertfunc[$name] = $field['_convertfunc']; + $this->_escapefunc[$name] = $field['_escapefunc']; + } + else if (preg_match('/^(tiny|small|medium|)int|^float|^double$/', $field['Type'])) $this->_convertfunc[$name] = it::match('int', $field['Type']) ? "intval" : "floatval"; } $this->_fieldnames = "," . implode(",", array_keys((array)$this->_fields)) . ","; @@ -951,12 +971,14 @@ function _get_field_info() $state = static::_state_get($dbid); # State could have been modified by query above $state['fields'][$this->_p['table']] = $this->_fields; $state['convertfunc'][$this->_p['table']] = $this->_convertfunc; + $state['escapefunc'][$this->_p['table']] = $this->_escapefunc; $state['localizedfields'][$this->_p['table']] = $this->_localizedfields; static::_state_put($dbid, $state); } else # Existing _fields, copy other info too { $this->_convertfunc = $state['convertfunc'][$this->_p['table']]; + $this->_escapefunc = $state['escapefunc'][$this->_p['table']]; $this->_localizedfields = $state['localizedfields'][$this->_p['table']]; } |