From 318418b0f266998895f88e9fcbcd3873a518c4b5 Mon Sep 17 00:00:00 2001
From: Meik Sievertsen <acydburn@phpbb.com>
Date: Sat, 23 Jun 2007 12:16:20 +0000
Subject: new wrapper for LIKE expressions to streamline the fixes. We actually
 need to adjust them for different DBMS as well as SQLite2 not supporting
 escaping characters in LIKE statements (which is a reason why we think about
 dropping sqlite support completely).

git-svn-id: file:///svn/phpbb/trunk@7788 89ea8834-ac86-4346-8a33-228a782c2dd0
---
 phpBB/includes/auth.php | 21 ++-------------------
 1 file changed, 2 insertions(+), 19 deletions(-)

(limited to 'phpBB/includes/auth.php')

diff --git a/phpBB/includes/auth.php b/phpBB/includes/auth.php
index c7b53b4a9a..6601527026 100644
--- a/phpBB/includes/auth.php
+++ b/phpBB/includes/auth.php
@@ -842,15 +842,7 @@ class auth
 		{
 			if (strpos($auth_options, '%') !== false)
 			{
-				if (strpos($auth_options, '_') !== false && $db->sql_layer !== 'sqlite')
-				{
-					$sql_opts = "AND $key LIKE '" . $db->sql_escape(str_replace('_', "\_", $auth_options)) . "'";
-					$sql_opts .= ($db->sql_layer == 'mssql' || $db->sql_layer == 'mssql_odbc') ? " ESCAPE '\\' " : '';
-				}
-				else
-				{
-					$sql_opts = "AND $key LIKE '" . $db->sql_escape($auth_options) . "'";
-				}
+				$sql_opts = "AND $key " . $db->sql_like_expression($auth_options);
 			}
 			else
 			{
@@ -881,16 +873,7 @@ class auth
 				{
 					if (strpos($option, '%') !== false)
 					{
-						if (strpos($option, '_') !== false && $db->sql_layer !== 'sqlite')
-						{
-							$_sql = $key . " LIKE '" . $db->sql_escape(str_replace('_', "\_", $option)) . "'";
-							$_sql .= ($db->sql_layer == 'mssql' || $db->sql_layer == 'mssql_odbc') ? " ESCAPE '\\'" : '';
-							$sql[] = $_sql;
-						}
-						else
-						{
-							$sql[] = $key . " LIKE '" . $db->sql_escape($option) . "'";
-						}
+						$sql[] = $key . ' ' . $db->sql_like_expression($option);
 					}
 					else
 					{
-- 
cgit v1.2.1