extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2024-11-07 16:44:07 +01:00
Code Issues Packages Projects Releases Wiki Activity

* ProjectManager: fix SQL error if searching for string containing numbers and underscore or percent

Browse Source 
skip user-wildcards (*,?) in is_numeric test, but not SQL wildcards, which get escaped and give sql-error
This commit is contained in:
Ralf Becker 2013-08-14 08:02:23 +00:00
parent 7e1a785615
commit fabc787fc3
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
etemplate/inc/class.so_sql.inc.php
View File

@ -1295,7 +1295,8 @@ class so_sql
$GLOBALS['egw']->db->quote($wildcard.str_replace(array('%','_','*','?'),array('\\%','\\_','%','_'),$token).$wildcard);
// Compare numeric token as equality for numeric columns
if(is_numeric(str_replace(array('%','_','*','?'), '', $token)))
// skip user-wildcards (*,?) in is_numeric test, but not SQL wildcards, which get escaped and give sql-error
if (is_numeric(str_replace(array('*','?'), '', $token)))
{
$numeric_filter = array();
foreach($numeric_columns as $col)
@ -1305,7 +1306,7 @@ class so_sql
// Token has a wildcard from user, use LIKE
$numeric_filter[] = "($col IS NOT NULL AND CAST($col AS CHAR) " .
$this->db->capabilities['case_insensitive_like'] . ' ' .
$GLOBALS['egw']->db->quote(str_replace(array('%','_','*','?'),array('\\%','\\_','%','_'),$token)) . ')';
$GLOBALS['egw']->db->quote(str_replace(array('*','?'), array('%','_'), $token)) . ')';
}
else
{