diff options
| author | Meik Sievertsen <acydburn@phpbb.com> | 2007-06-23 12:16:20 +0000 |
|---|---|---|
| committer | Meik Sievertsen <acydburn@phpbb.com> | 2007-06-23 12:16:20 +0000 |
| commit | 318418b0f266998895f88e9fcbcd3873a518c4b5 (patch) | |
| tree | 7fb1714171d4744d4df35138da1a3e799f28db90 /phpBB/search.php | |
| parent | 1e2db705ca061228ddedd312e00d99cfce2a2ae6 (diff) | |
| download | forums-318418b0f266998895f88e9fcbcd3873a518c4b5.tar forums-318418b0f266998895f88e9fcbcd3873a518c4b5.tar.gz forums-318418b0f266998895f88e9fcbcd3873a518c4b5.tar.bz2 forums-318418b0f266998895f88e9fcbcd3873a518c4b5.tar.xz forums-318418b0f266998895f88e9fcbcd3873a518c4b5.zip | |
new wrapper for LIKE expressions to streamline the fixes. We actually need to adjust them for different DBMS as well as SQLite2 not supporting escaping characters in LIKE statements (which is a reason why we think about dropping sqlite support completely).
git-svn-id: file:///svn/phpbb/trunk@7788 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/search.php')
| -rw-r--r-- | phpBB/search.php | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/phpBB/search.php b/phpBB/search.php index 487411d613..5b8bdf5f20 100644 --- a/phpBB/search.php +++ b/phpBB/search.php @@ -100,10 +100,11 @@ if ($keywords || $author || $author_id || $search_id || $submit) trigger_error(sprintf($user->lang['TOO_FEW_AUTHOR_CHARS'], $config['min_search_author_chars'])); } - $sql_where = (strpos($author, '*') !== false) ? ' LIKE ' : ' = '; + $sql_where = (strpos($author, '*') !== false) ? ' username_clean ' . $db->sql_like_expression(str_replace('*', '%', utf8_clean_string($author))) : " username_clean = '" . $db->sql_escape(utf8_clean_string($author)) . "'"; + $sql = 'SELECT user_id FROM ' . USERS_TABLE . " - WHERE username_clean $sql_where '" . $db->sql_escape(preg_replace('#\*+#', '%', utf8_clean_string($author))) . "' + WHERE $sql_where AND user_type IN (" . USER_NORMAL . ', ' . USER_FOUNDER . ')'; $result = $db->sql_query_limit($sql, 100); |