iarv/Piwigo
1
0
Fork 0
mirror of https://github.com/Piwigo/Piwigo.git synced 2026-03-28 17:42:57 +01:00
Code Issues Packages Projects Releases Wiki Activity

fixes #1068 escape the rank new MySQL 8 reserved word

Browse Source 
This time, we do it right before sending the query to MySQL, in the pwg_query
function. This is not optimal, because we add extra processing, useless most
of the time. This solution has less impact on code, and automatically work for
all core and plugins SQL queries.
This commit is contained in:
plegall
2019-08-30 12:11:47 +02:00
parent bf39de788a
commit 5b65fca36c
1 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
include/dblayer/functions_mysqli.inc.php
View File

@@ -128,6 +128,15 @@ function pwg_query($query)
{ {
global $mysqli, $conf, $page, $debug, $t2; global $mysqli, $conf, $page, $debug, $t2;
// starting with MySQL 8, rank becomes a reserved keyword, we need to escape it
if (preg_match('/\brank\b/', $query))
{
// first we unescape what's already escaped (to avoid double escaping)
$query = preg_replace('/`rank`/', 'rank', $query);
// then we escape the keyword
$query = preg_replace('/\brank\b/', '`rank`', $query);
}
$start = microtime(true); $start = microtime(true);
($result = $mysqli->query($query)) or my_error($query, $conf['die_on_sql_error']); ($result = $mysqli->query($query)) or my_error($query, $conf['die_on_sql_error']);