diff options
Diffstat (limited to 'phpBB/db/mysql.php')
| -rw-r--r-- | phpBB/db/mysql.php | 18 |
1 files changed, 8 insertions, 10 deletions
diff --git a/phpBB/db/mysql.php b/phpBB/db/mysql.php index 1864fedfc2..fe2e93fee5 100644 --- a/phpBB/db/mysql.php +++ b/phpBB/db/mysql.php @@ -205,17 +205,17 @@ class sql_db } // Idea for this from Ikonboard - function sql_query_array($query = '', $assoc_ary = false) + function sql_build_array($query, $assoc_ary = false) { if (!is_array($assoc_ary)) { return false; } - if (preg_match('/^INSERT/', $query)) + $fields = array(); + $values = array(); + if ($query == 'INSERT') { - $fields = array(); - $values = array(); foreach ($assoc_ary as $key => $var) { $fields[] = $key; @@ -226,7 +226,7 @@ class sql_db } elseif (is_string($var)) { - $values[] = "'" . str_replace("'", "''", $var) . "'"; + $values[] = "'" . str_replace('\\\'', '\'\'', $var) . "'"; } else { @@ -236,7 +236,7 @@ class sql_db $query = $query . ' (' . implode(', ', $fields) . ') VALUES (' . implode(', ', $values) . ')'; } - else + else if ($query == 'UPDATE') { $values = array(); foreach ($assoc_ary as $key => $var) @@ -247,18 +247,16 @@ class sql_db } elseif (is_string($var)) { - $values[] = "$key = '" . str_replace("'", "''", $var) . "'"; + $values[] = "$key = '" . str_replace('\\\'', '\'\'', $var) . "'"; } else { $values[] = (is_bool($var)) ? "$key = " . intval($var) : "$key = $var"; } } - - $query = preg_replace('/^(.*? SET )(.*?)$/is', '\1' . implode(', ', $values) . ' \2', $query); } - return $this->sql_query($query); + return implode(', ', $values); } // |