From 5aa220bcd21c6e3decd8f2b9833dc90a8ee6a274 Mon Sep 17 00:00:00 2001
From: Meik Sievertsen <acydburn@phpbb.com>
Date: Sun, 24 Jun 2007 12:49:13 +0000
Subject: tweak the sql_like_expression feature a little bit to allow correct
 escaping

git-svn-id: file:///svn/phpbb/trunk@7789 89ea8834-ac86-4346-8a33-228a782c2dd0
---
 phpBB/includes/template.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'phpBB/includes/template.php')

diff --git a/phpBB/includes/template.php b/phpBB/includes/template.php
index 9a4d259df2..9095a31dba 100644
--- a/phpBB/includes/template.php
+++ b/phpBB/includes/template.php
@@ -226,7 +226,7 @@ class template
 				FROM ' . STYLES_TEMPLATE_DATA_TABLE . '
 				WHERE template_id = ' . $user->theme['template_id'] . "
 					AND (template_filename = '" . $db->sql_escape($this->filename[$handle]) . "'
-						OR template_included " . $db->sql_like_expression('%' . $this->filename[$handle] . ':%') . ')';
+						OR template_included " . $db->sql_like_expression($db->any_char . $this->filename[$handle] . ':' . $db->any_char) . ')';
 			$result = $db->sql_query($sql);
 			$row = $db->sql_fetchrow($result);
 
-- 
cgit v1.2.1