Changeset 4385 for trunk/admin/include/plugins.class.php

Timestamp:

Nov 29, 2009, 1:35:19 PM (14 years ago)

Author:

nikrou

Message:

Feature_1255 :

• single quotes in queries
• start using $confdblayer

File:

• trunk/admin/include/plugins.class.php (modified) (4 diffs)

trunk/admin/include/plugins.class.php

@@ -81 +81 @@
         {
           $query = '
-INSERT INTO ' . PLUGINS_TABLE . ' (id,version) VALUES ("'
-. $plugin_id . '","' . $this->fs_plugins[$plugin_id]['version'] . '"
+INSERT INTO ' . PLUGINS_TABLE . ' (id,version) VALUES (\''
+. $plugin_id . '\',\'' . $this->fs_plugins[$plugin_id]['version'] . '\'
 )';
           pwg_query($query);
@@ -111 +111 @@
           $query = '
 UPDATE ' . PLUGINS_TABLE . '
-SET state="active", version="'.$this->fs_plugins[$plugin_id]['version'].'"
-WHERE id="' . $plugin_id . '"';
+SET state=\'active\', version=\''.$this->fs_plugins[$plugin_id]['version'].'\'
+WHERE id=\'' . $plugin_id . '\'';
           pwg_query($query);
         }
@@ -127 +127 @@
         }
         $query = '
-UPDATE ' . PLUGINS_TABLE . ' SET state="inactive" WHERE id="' . $plugin_id . '"';
+UPDATE ' . PLUGINS_TABLE . ' SET state=\'inactive\' WHERE id=\'' . $plugin_id . '\'';
         pwg_query($query);
         if (file_exists($file_to_include))
@@ -145 +145 @@
         }
         $query = '
-DELETE FROM ' . PLUGINS_TABLE . ' WHERE id="' . $plugin_id . '"';
+DELETE FROM ' . PLUGINS_TABLE . ' WHERE id=\'' . $plugin_id . '\'';
         pwg_query($query);
         if (file_exists($file_to_include))