colder Wed Apr 18 16:07:18 2007 UTC
Modified files:
/phpdoc/en/reference/mysql/functions mysql-real-escape-string.xml
Log:
Take magic_quotes_sybase in account (Thanks arpad for the hint)
http://cvs.php.net/viewvc.cgi/phpdoc/en/reference/mysql/functions/mysql-real-escape-string.xml?r1=1.27&r2=1.28&diff_format=u
Index: phpdoc/en/reference/mysql/functions/mysql-real-escape-string.xml
diff -u phpdoc/en/reference/mysql/functions/mysql-real-escape-string.xml:1.27
phpdoc/en/reference/mysql/functions/mysql-real-escape-string.xml:1.28
--- phpdoc/en/reference/mysql/functions/mysql-real-escape-string.xml:1.27
Thu Jan 18 20:36:11 2007
+++ phpdoc/en/reference/mysql/functions/mysql-real-escape-string.xml Wed Apr
18 16:07:17 2007
@@ -1,5 +1,5 @@
<?xml version="1.0" encoding="iso-8859-1"?>
-<!-- $Revision: 1.27 $ -->
+<!-- $Revision: 1.28 $ -->
<refentry id="function.mysql-real-escape-string">
<refnamediv>
<refname>mysql_real_escape_string</refname>
@@ -134,18 +134,23 @@
} else {
- // Reverse magic_quotes_gpc effects on those vars if ON.
+ // Reverse magic_quotes_gpc/magic_quotes_sybase effects on those vars
if ON.
if(get_magic_quotes_gpc()) {
- $product_name = stripslashes($_POST['product_name']);
- $product_description = stripslashes($_POST['product_description']);
+ if(ini_get('magic_quotes_sybase')) {
+ $product_name = str_replace("''", "'",
$_POST['product_name']);
+ $product_description = str_replace("''", "'",
$_POST['product_description']);
+ } else {
+ $product_name = stripslashes($_POST['product_name']);
+ $product_description =
stripslashes($_POST['product_description']);
+ }
} else {
$product_name = $_POST['product_name'];
$product_description = $_POST['product_description'];
}
// Make a safe query
- $query = sprintf("INSERT INTO products (`name`, `description`,
`user_id`) VALUES ('%s', '%s', '%d')",
+ $query = sprintf("INSERT INTO products (`name`, `description`,
`user_id`) VALUES ('%s', '%s', %d)",
mysql_real_escape_string($product_name, $link),
mysql_real_escape_string($product_description, $link),
$_POST['user_id']);
