gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-05-12 20:51:30 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

- added method qstr() to inc.DBAccess.php and use it class Session

Browse Source
This commit is contained in:
steinm 2011-11-29 07:17:29 +00:00
parent f2e279f4c5
commit c3c1694826
2 changed files with 12 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
LetoDMS_Core/Core/inc.DBAccess.php
View File

@ -120,6 +120,17 @@ class LetoDMS_Core_DatabaseAccess {
else return true; else return true;
} /* }}} */ } /* }}} */
/**
* Sanitize String used in database operations
*
* @param string text
* @return string sanitized string
*/
function qstr($text) { /* {{{ */
return $this->_conn->qstr($text);
} /* }}} */
/** /**
* Execute SQL query and return result * Execute SQL query and return result
* *

2
inc/inc.ClassSession.php
View File

@ -66,7 +66,7 @@ class LetoDMS_Session {
* @return boolean true if successful otherwise false * @return boolean true if successful otherwise false
*/ */
function load($id) { /* {{{ */ function load($id) { /* {{{ */
$queryStr = "SELECT * FROM tblSessions WHERE id = '".$id."'"; $queryStr = "SELECT * FROM tblSessions WHERE id = ".$this->db->qstr($id)."";
$resArr = $this->db->getResultArray($queryStr); $resArr = $this->db->getResultArray($queryStr);
if (is_bool($resArr) && $resArr == false) if (is_bool($resArr) && $resArr == false)
return false; return false;