SQLFix() public method

Also, please note that the SQLUnfix function was removed for compatibility.
public SQLFix ( string $value ) : string
$value string
return string SQL formatted value
Beispiel #1
0
 /**
  * Save a new secure key for a customer to the database. This key is stored in the clients cookie and used
  * to reauthenticate the customer.
  *
  * @author sl
  * @param $customerId
  * @param $keymai
  */
 public function customer_loginSetKey($customerId, $keymai)
 {
     $p = $this->kga['server_prefix'];
     $query = "UPDATE {$p}customers SET secure='{$keymai}' WHERE customerID='" . $this->conn->SQLFix($customerId) . "';";
     $this->conn->Query($query);
 }
Beispiel #2
0
     $_SESSION['filter_pages_name'] = $filter_pages_name;
     $_SESSION['filter_pages_title'] = $filter_pages_title;
     $_SESSION['filter_pages_subheader'] = $filter_pages_subheader;
 }
 // construct the WHERE clause for the page list now:
 if (!empty($filter_pages_name) || !empty($filter_pages_title) || !empty($filter_pages_subheader)) {
     if (!empty($filter_pages_name)) {
         $page_selectquery_restriction = "urlpage LIKE '%" . MySQL::SQLFix($filter_pages_name) . "%'";
     }
     if (!empty($filter_pages_title)) {
         $page_selectquery_restriction .= strlen($page_selectquery_restriction) > 0 ? ' AND ' : '';
         $page_selectquery_restriction .= "pagetitle LIKE '%" . MySQL::SQLFix($filter_pages_title) . "%'";
     }
     if (!empty($filter_pages_subheader)) {
         $page_selectquery_restriction .= strlen($page_selectquery_restriction) > 0 ? ' AND ' : '';
         $page_selectquery_restriction .= "subheader LIKE '%" . MySQL::SQLFix($filter_pages_subheader) . "%'";
     }
     $page_selectquery_restriction = 'WHERE ' . $page_selectquery_restriction;
 }
 function gen_span4pagelist_filterheader($name, $title)
 {
     global $ccms;
     if (!empty($name) && !empty($_SESSION[$name])) {
         echo '<span class="sprite livefilter livefilter_active" rel="' . $name . '" title="' . ucfirst($ccms['lang']['forms']['edit_remove']) . ' ' . strtolower($title) . ' -- ' . $ccms['lang']['forms']['filter_showing'] . ': \'' . htmlspecialchars($_SESSION[$name], ENT_COMPAT, 'UTF-8') . '\'">&#160;</span>';
     } else {
         echo '<span class="sprite livefilter livefilter_add" rel="' . $name . '" title="' . ucfirst($ccms['lang']['forms']['add']) . ' ' . strtolower($title) . '">&#160;</span>';
     }
 }
 /*
 Required to keep the HTML output compliant: a 'id' attribute must be globally unique in the page!
 */