/** * @covers PDOforRunalyze::escape */ public function testEscape() { $this->assertEquals('NULL', $this->object->escape(null)); $this->assertEquals(1, $this->object->escape(true)); $this->assertEquals(0, $this->object->escape(false)); $this->assertEquals(array(0.123, '\'5\\" OR 1=1\''), $this->object->escape(array(0.123, '5" OR 1=1'))); }
/** * Get order * @return string */ protected function getOrder() { $sort = !isset($_POST['search-sort-by']) || array_key_exists($_POST['search-sort-by'], $this->AllowedKeys) ? '`time`' : $this->DB->escape($_POST['search-sort-by'], false); $order = !isset($_POST['search-sort-order']) ? 'DESC' : $this->DB->escape($_POST['search-sort-order'], false); if ($sort == 'vdot' && Configuration::Vdot()->useElevationCorrection()) { return ' ORDER BY IF(`t`.`vdot_with_elevation`>0, `t`.`vdot_with_elevation`, `t`.`vdot`) ' . $order; } if ($sort == 'pace') { return ' ORDER BY IF(`t`.`distance`>0, `t`.`s`/`t`.`distance`, 0) ' . $order; } return ' ORDER BY `t`.' . $sort . ' ' . $order; }