svn commit: r331 - trunk/mapbender/http/php/database-pgsql.php

uli at osgeo.org uli at osgeo.org
Tue May 23 10:48:22 EDT 2006 

Author: uli
Date: 2006-05-23 14:48:22+0000
New Revision: 331

Modified:
   trunk/mapbender/http/php/database-pgsql.php

Log:
checkInput included

Modified: trunk/mapbender/http/php/database-pgsql.php
Url: https://mapbender.osgeo.org/source/browse/mapbender/trunk/mapbender/http/php/database-pgsql.php?view=diff&rev=331&p1=trunk/mapbender/http/php/database-pgsql.php&p2=trunk/mapbender/http/php/database-pgsql.php&r1=330&r2=331
==============================================================================
--- trunk/mapbender/http/php/database-pgsql.php	(original)
+++ trunk/mapbender/http/php/database-pgsql.php	2006-05-23 14:48:22+0000
@@ -54,7 +54,7 @@
  *  in other functions in this library
  */
 include_once("../../http/classes/class_mb_exception.php");
- 
+include_once("../../http/classes/class_checkInput.php");
 function db_escape_string($unescaped_string){
 	return @pg_escape_string(stripslashes($unescaped_string));
 }
@@ -139,22 +139,20 @@
  *  @param		$types (array types as strings)		
  */
 function db_prep_query($qstring, $params, $types){
-	if(is_array($params) == false){
-		$params = array($params);
-	}
-	if(is_array($types) == false){
-		$types = array($types);
-	}
-	if(count($params) != count($types)){
-		$e = new mb_exception("array params and array types have a different count  in ".$_SERVER['SCRIPT_FILENAME'].": Sql: ".$qstring);
-	}
+	$ci = new checkInput($qstring,$params,$types);
+	$params = $ci->v; 
 	if(PREPAREDSTATEMENTS == false){
 		for ($i=0; $i<count($params); $i++){
 			$needle = "$".strval($i+1);
 			$tmp = '';
-			if($types[$i] == 's'){ $tmp .= "'"; }
-			$tmp .= $params[$i];
-			if($types[$i] == 's'){ $tmp .= "'"; }
+			if($params[$i] !== NULL){
+				if($types[$i] == 's'){ $tmp .= "'"; }
+				$tmp .= $params[$i];
+				if($types[$i] == 's'){ $tmp .= "'"; }
+			}
+			else{
+				$tmp .= "NULL";
+			}
 			$posa = strpos($qstring, $needle);
 			$posb = strlen($needle);
 			$qstring = substr($qstring,0,$posa).$tmp.substr($qstring,($posa + $posb));	
@@ -162,7 +160,6 @@
 		$r = db_query($qstring);
 	}
 	else{
-		$t = md5(microtime());
 		$result = pg_prepare("", $qstring);
 		if(!$result){
 			$e = new mb_exception("Error while preparing statement in ".$_SERVER['SCRIPT_FILENAME'].": Sql: ".$qstring.", Error: ".db_error());

More information about the Mapbender_commits mailing list