fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-09 03:32:00 +09:00
Code Issues Projects Releases Packages Wiki Activity

r8032 보안

Browse source 
git-svn-id: http://xe-core.googlecode.com/svn/sandbox@8035 201d5d3c-b55e-5fd7-737f-ddc643e51545
This commit is contained in:
ngleader 2011-01-20 09:17:02 +00:00
parent fdab40757a
commit 144a922954
8 changed files with 217 additions and 77 deletions
Download patch file Download diff file Expand all files Collapse all files

21
classes/db/DBMysql.class.php
View file

@ -534,7 +534,9 @@
}
$click_count = array();
if(!$output->columns) $output->columns = array('*');
if(!$output->columns){
$output->columns = array(array('name'=>'*'));
}
$column_list = array();
foreach($output->columns as $key => $val)
@ -616,7 +618,13 @@
if(count($output->arg_columns))
{
$columns = '`' . join('`,`',$output->arg_columns) . '`';
$columns = array();
foreach($output->arg_columns as $col){
if(strpos($col,'`')===false && strpos($col,' ')==false) $columns[] = '`'.$col.'`';
else $columns[] = $col;
}
$columns = join(',',$columns);
}
$query = sprintf("select %s from %s %s %s %s", $columns, implode(',',$table_list),implode(' ',$left_join), $condition, $groupby_query.$orderby_query);
@ -628,7 +636,6 @@
$result = $this->_query($query);
if($this->isError()) return;
if(count($click_count) && count($output->conditions)){
$_query = '';
foreach($click_count as $k => $c) $_query .= sprintf(',%s=%s+1 ',$c,$c);
@ -715,7 +722,13 @@
if(count($output->arg_columns))
{
$columns = '`' . join('`,`',$output->arg_columns) . '`';
$columns = array();
foreach($output->arg_columns as $col){
if(strpos($col,'`')===false && strpos($col,' ')==false) $columns[] = '`'.$col.'`';
else $columns[] = $col;
}
$columns = join(',',$columns);
}
$query = sprintf("select %s from %s %s %s %s", $columns, implode(',',$table_list), implode(' ',$left_join), $condition, $groupby_query.$orderby_query);