/** * Esegue l'escape di una stringa per l'inserimento in una query * FUNZIONE CHIAMATA DAL MODULO DEVE ESSERE SEMPRE IMPLEMENTATA QUI * @param string $text * @return string */ public function escape($text) { if (version_compare(JVERSION, '1.6.0', 'ge')) { return $this->db->escape($text); } else { return $this->db->getEscaped($text); } }
/** * Method to quote and optionally escape a string to database requirements for insertion into the database. * @param string $text The string to quote. * @param bool $escape True to escape the string, false to leave it unchanged. * @return string The quoted input string. */ public function quote($text, $escape = true) { if (version_compare(JVERSION, '1.5.0', '>')) { $escape = false; } else { $escape = true; } return $this->db->quote($escape ? $this->db->escape($text) : $text); }
/** * @param $field * @param $data */ protected function stringMatch($field, $data) { $wheres = array(); foreach ($data as $match) { $match = trim($match); if (!empty($match)) { $wheres[] = $field . ' LIKE ' . $this->db->quote('%' . $this->db->escape($match, true) . '%'); } } if (!empty($wheres)) { $this->filter_where[] = '(' . implode(' OR ', $wheres) . ')'; } }
/** * Method to get a query expression for a table key. * * @param string $alias The table alias. * @param string $key The table key alias. * @param boolean $useAlias True to use the alias in the expression, false otherwise. * * @return string The table expression. * * @since 12.1 * @throws InvalidArgumentException */ protected function getTableKeyExpression($alias, $key, $useAlias = true) { $return = ''; // Assert that the table alias is defined. if (!array_key_exists($alias, $this->tables) || !array_key_exists($alias, $this->keys)) { throw new InvalidArgumentException(JText::sprintf('JDATABASEOBJECT_INVALID_TABLE', $alias)); } // Check if the key is a column. if (isset($this->keys[$alias][$key])) { // Quote the column name. $column = $this->db->quoteName($this->keys[$alias][$key]); } else { // Escape the expression. $column = $this->db->escape($key); } // Check if we should use the table alias. if ($useAlias) { $return .= $this->db->quoteName($alias) . '.'; } // Build the table expression. $return .= $column; return $return; }
/** * Get a database escaped string. For LIKE statemends: $db->Quote( $db->getEscaped( $text, true ) . '%', false ) * * @param string $text * @param boolean $escapeForLike : escape also % and _ wildcards for LIKE statements with % or _ in search strings (since CB 1.2.3) * @return string */ public function getEscaped($text, $escapeForLike = false) { return $this->_db->escape($text, $escapeForLike); }
/** * Get a database escaped string. For LIKE statemends: $db->Quote( $db->getEscaped( $text, true ) . '%', false ) * * @param string $text * @param boolean $escapeForLike : escape also % and _ wildcards for LIKE statements with % or _ in search strings (since CB 1.2.3) * @return string */ function getEscaped($text, $escapeForLike = false) { if (checkJversion() >= 2) { $result = $this->_db->escape($text); } else { $result = $this->_db->getEscaped($text); } if ($escapeForLike) { $result = str_replace(array('%', '_'), array("\\%", "\\_"), $result); } return $result; }