external/aurweb
0
0
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/aurweb.git synced 2025-02-03 10:43:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
aurweb/web/lib
History
Lukas Fleischer 47c5167acb Escape wildcards in "LIKE" patterns 
Percent signs ("%") and underscores ("_") are not escaped by
mysql_real_escape_string() and are interpreted as wildcards if combined
with "LIKE". Write a wrapper function db_escape_like() and use it where
appropriate.

Note that we already fixed this for the RPC interface in commit
da2ebb667b but missed the other places.
This patch should fix all remaining flaws reported in FS#26527.

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-24 17:57:54 +02:00
..
acctfuncs.inc.php Escape wildcards in "LIKE" patterns 2011-10-24 17:57:54 +02:00
aur.inc.php Escape wildcards in "LIKE" patterns 2011-10-24 17:57:54 +02:00
aurjson.class.php Escape wildcards in "LIKE" patterns 2011-10-24 17:57:54 +02:00
cachefuncs.inc.php Make cache type selectable based on config value 2011-06-22 15:21:21 +02:00
config.inc.php.proto Move SUPPORTED_LANGS out of config.inc.php 2011-10-24 17:57:51 +02:00
feedcreator.class.php RSS support implemented 2005-06-10 23:07:24 +00:00
gettext.php Add php-gettext libraries to "web/lib/". 2011-04-10 15:40:49 +02:00
pkgfuncs.inc.php Escape wildcards in "LIKE" patterns 2011-10-24 17:57:54 +02:00
stats.inc.php Wrap mysql_real_escape_string() in a function 2011-10-24 17:57:54 +02:00
streams.php Add php-gettext libraries to "web/lib/". 2011-04-10 15:40:49 +02:00
translator.inc.php Move SUPPORTED_LANGS out of config.inc.php 2011-10-24 17:57:51 +02:00
version.inc.php Release 1.9.0 2011-08-20 18:38:34 +02:00