public function testCleanString()
{
$this->assertEquals('', PU_CleanString(''));
$this->assertEquals('a', PU_CleanString('a'));
$this->assertEquals('a', PU_CleanString('a"'));
$this->assertEquals('ab', PU_CleanString('a"\'\\\\b"'));
}
/**
* Deal with constraints given as parameters of the query:
* - a single numeric parameter is considered as a user_id
* - a single string is considered as a user_name (ie login)
* - an array is searched for keys: 'id' (id or name, as above), 'group' (numerical group id)
*
* @see stable/phpdevshell/includes/PHPDS_query#check_parameters($parameters)
*/
public function checkParameters(&$parameters = null)
{
$this->where = ' 1 ';
$main_group = '';
if (!empty($parameters)) {
if (!is_array($parameters)) {
$parameters = array('id' => $parameters);
} elseif (is_array($parameters)) {
if (isset($parameters[0]) && is_array($parameters[0])) {
$parameters = $parameters[0];
}
}
foreach ($parameters as $key => $value) {
switch ($key) {
case 'id':
if (is_numeric($value)) {
$this->where .= ' AND user_id = ' . intval($value);
} else {
$this->where .= ' AND user_name = "' . PU_CleanString($value) . '"';
}
break;
case 'user_name':
$this->where .= ' AND user_name = "' . PU_CleanString($value) . '"';
break;
case 'group':
$main_group = intval($value);
$this->where .= $this->primary_script ? " AND user_group = {$main_group} " : " AND (user_group = {$main_group} OR user_group_id = {$main_group}) ";
break;
}
}
}
$this->where .= $this->sql_group();
return true;
}
