aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes/db/dbal.php
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/includes/db/dbal.php')
-rw-r--r--phpBB/includes/db/dbal.php32
1 files changed, 29 insertions, 3 deletions
diff --git a/phpBB/includes/db/dbal.php b/phpBB/includes/db/dbal.php
index 8660c43546..dcf9947ddf 100644
--- a/phpBB/includes/db/dbal.php
+++ b/phpBB/includes/db/dbal.php
@@ -199,7 +199,14 @@ class dbal
}
else if (is_string($var))
{
- $values[] = "'" . $this->sql_escape($var) . "'";
+ if (strpos($key, 'bitfield') === false)
+ {
+ $values[] = "'" . $this->sql_escape($var) . "'";
+ }
+ else
+ {
+ $values[] = $this->sql_escape_binary($var);
+ }
}
else if (is_array($var) && is_string($var[0]))
{
@@ -228,7 +235,14 @@ class dbal
}
else if (is_string($var))
{
- $values[] = "'" . $this->sql_escape($var) . "'";
+ if (strpos($key, 'bitfield') === false)
+ {
+ $values[] = "'" . $this->sql_escape($var) . "'";
+ }
+ else
+ {
+ $values[] = $this->sql_escape_binary($var);
+ }
}
else
{
@@ -251,7 +265,14 @@ class dbal
}
else if (is_string($var))
{
- $values[] = "$key = '" . $this->sql_escape($var) . "'";
+ if (strpos($key, 'bitfield') === false)
+ {
+ $values[] = "$key = '" . $this->sql_escape($var) . "'";
+ }
+ else
+ {
+ $values[] = "$key = " . $this->sql_escape_binary($var);
+ }
}
else
{
@@ -264,6 +285,11 @@ class dbal
return $query;
}
+ function sql_escape_binary($msg)
+ {
+ return "'" . $this->sql_escape($msg) . "'";
+ }
+
/**
* Build sql statement from array for select and select distinct statements
*
generated by cgit v1.2.1 (git 2.21.0) at 2025-07-18 16:10:05 +0000