function _adodb_column_sql(&$zthis, $action, $type, $fname, $fnameq, $arrFields, $magicq, $recurse = true) { if ($recurse) { switch ($zthis->dataProvider) { case 'postgres': if ($type == 'L') { $type = 'C'; } break; case 'oci8': return _adodb_column_sql_oci8($zthis, $action, $type, $fname, $fnameq, $arrFields, $magicq); } } $sql = ''; switch ($type) { case "C": case "X": case 'B': if ($action == 'I') { $sql = $zthis->qstr($arrFields[$fname], $magicq) . ", "; } else { $sql .= $fnameq . "=" . $zthis->qstr($arrFields[$fname], $magicq) . ", "; } break; case "D": if ($action == 'I') { $sql = $zthis->DBDate($arrFields[$fname]) . ", "; } else { $sql .= $fnameq . "=" . $zthis->DBDate($arrFields[$fname]) . ", "; } break; case "T": if ($action == 'I') { $sql = $zthis->DBTimeStamp($arrFields[$fname]) . ", "; } else { $sql .= $fnameq . "=" . $zthis->DBTimeStamp($arrFields[$fname]) . ", "; } break; default: $val = $arrFields[$fname]; if (empty($val)) { $val = '0'; } if ($action == 'I') { $sql .= $val . ", "; } else { $sql .= $fnameq . "=" . $val . ", "; } break; } return $sql; }
function _adodb_column_sql(&$zthis, $action, $type, $fname, $fnameq, $arrFields, $magicq, $recurse = true) { if ($recurse) { switch ($zthis->dataProvider) { case 'postgres': if ($type == 'L') { $type = 'C'; } break; case 'oci8': return _adodb_column_sql_oci8($zthis, $action, $type, $fname, $fnameq, $arrFields, $magicq); } } switch ($type) { case "C": case "X": case 'B': $val = $zthis->qstr($arrFields[$fname], $magicq); break; case "D": $val = $zthis->DBDate($arrFields[$fname]); break; case "T": $val = $zthis->DBTimeStamp($arrFields[$fname]); break; case "N": $val = $arrFields[$fname]; if (!is_numeric($val)) { $val = str_replace(',', '.', (double) $val); } break; case "I": case "R": $val = $arrFields[$fname]; if (!is_numeric($val)) { $val = (int) $val; } break; default: $val = str_replace(array("'", " ", "("), "", $arrFields[$fname]); // basic sql injection defence if (empty($val)) { $val = '0'; } break; } if ($action == 'I') { return $val . ", "; } return $fnameq . "=" . $val . ", "; }
function _adodb_column_sql(&$zthis, $action, $type, $fname, $fnameq, $arrFields, $magicq, $recurse = true) { if ($recurse) { switch ($zthis->dataProvider) { case 'postgres': if ($type == 'L') { $type = 'C'; } break; case 'oci8': return _adodb_column_sql_oci8($zthis, $action, $type, $fname, $fnameq, $arrFields, $magicq); } } switch ($type) { case "C": case "X": case 'B': $val = $zthis->qstr($arrFields[$fname], $magicq); break; case "D": $val = $zthis->DBDate($arrFields[$fname]); break; case "T": $val = $zthis->DBTimeStamp($arrFields[$fname]); break; // moodle change start - see readme_moodle.txt // moodle change start - see readme_moodle.txt case "F": //Floating point number //Floating point number case "N": //Numeric or decimal number $val = (double) $arrFields[$fname]; break; case "L": //Integer field suitable for storing booleans (0 or 1) //Integer field suitable for storing booleans (0 or 1) case "I": case "R": $val = (int) $arrFields[$fname]; break; // moodle change end // moodle change end default: $val = str_replace(array("'", " ", "("), "", $arrFields[$fname]); // basic sql injection defence if (empty($val)) { $val = '0'; } break; } if ($action == 'I') { return $val . ", "; } return $fnameq . "=" . $val . ", "; }