external/aurweb
0
0
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/aurweb.git synced 2025-02-03 10:43:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
aurweb/web/lib
History
Lukas Fleischer e53b91fe52 Escape wildcards in "LIKE" patterns 
Percent signs ("%") and underscores ("_") are not escaped by
mysql_real_escape_string() and are interpreted as wildcards if combined
with "LIKE". Write a wrapper function db_escape_like() and use it where
appropriate.

Note that we already fixed this for the RPC interface in commit
da2ebb667b but missed the other places.
This patch should fix all remaining flaws reported in FS#26527.

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-25 09:25:43 +02:00
..
acctfuncs.inc.php Escape wildcards in "LIKE" patterns 2011-10-25 09:25:43 +02:00
aur.inc.php Escape wildcards in "LIKE" patterns 2011-10-25 09:25:43 +02:00
aurjson.class.php Escape wildcards in "LIKE" patterns 2011-10-25 09:25:43 +02:00
cachefuncs.inc.php Make cache type selectable based on config value 2011-06-22 15:21:21 +02:00
config.inc.php.proto Replace "el_GR" translation by "el" 2011-08-20 18:27:43 +02:00
feedcreator.class.php RSS support implemented 2005-06-10 23:07:24 +00:00
gettext.php Add php-gettext libraries to "web/lib/". 2011-04-10 15:40:49 +02:00
pkgfuncs.inc.php Escape wildcards in "LIKE" patterns 2011-10-25 09:25:43 +02:00
stats.inc.php Wrap mysql_real_escape_string() in a function 2011-10-25 09:25:30 +02:00
streams.php Add php-gettext libraries to "web/lib/". 2011-04-10 15:40:49 +02:00
translator.inc.php rename *.inc files to *.inc.php and adjust imports and references 2011-06-22 15:15:04 +02:00
version.inc.php Release 1.9.0 2011-08-20 18:38:34 +02:00