Drupal
/
drupal
mirror of https://git.drupalcode.org/project/drupal.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

- Sanatize title before doing LIKE matches.

4.4.x
Kjartan Mannes 2004-02-21 23:52:11 +00:00
parent 2d7d796d9b
commit 18160f02e8
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
modules/title.module
View File

@ -26,6 +26,7 @@ function title_page() {
$title = urldecode(arg(1));
$result = db_query("SELECT n.*, u.name, u.uid FROM {node} n INNER JOIN {users} u ON n.uid = u.uid WHERE n.title = '%s' AND n.status = 1 ORDER BY n.created DESC", $title);
$title = trim(str_replace(array('_', '%', '*'), ' ', $title));
if (db_num_rows($result) == 0) {
// No node with exact title found, try substring.
$result = db_query("SELECT n.*, u.name, u.uid FROM {node} n INNER JOIN {users} u ON n.uid = u.uid WHERE n.title LIKE '%%%s%%' AND n.status = 1 ORDER BY n.created DESC", $title);