- Fixed node_save() and user_save() bug introduced by table prefix changes.
Modified patches from Gerhard. - Changed the order of the checks in node_teaser(). Patch from Kobus.4.3.x
Dries Buytaert
parent
d1b175cec7
commit
c39562ae03
|
|
@ -23,11 +23,18 @@ function db_connect($url) {
|
|||
|
||||
function db_query($query) {
|
||||
$args = func_get_args();
|
||||
|
||||
$query = db_prefix_tables($query);
|
||||
if (count($args) > 1) {
|
||||
$args = array_map("check_query", $args);
|
||||
$args[0] = $query;
|
||||
return _db_query(call_user_func_array("sprintf", $args));
|
||||
if(is_array($args[1])){
|
||||
$args1 = array_map("check_query", $args[1]);
|
||||
$nargs = array_merge(array($query), $args1);
|
||||
}
|
||||
else {
|
||||
$nargs = array_map("check_query", $args);
|
||||
$nargs[0] = $query;
|
||||
}
|
||||
return _db_query(call_user_func_array("sprintf", $nargs));
|
||||
}
|
||||
else {
|
||||
return _db_query($query);
|
||||
|
|
@ -39,9 +46,15 @@ function db_queryd($query) {
|
|||
$args = func_get_args();
|
||||
$query = db_prefix_tables($query);
|
||||
if (count($args) > 1) {
|
||||
$args = array_map("check_query", $args);
|
||||
$args[0] = $query;
|
||||
return _db_query(call_user_func_array("sprintf", $args), 1);
|
||||
if(is_array($args[1])){
|
||||
$args1 = array_map("check_query", $args[1]);
|
||||
$nargs = array_merge(array($query), $args1);
|
||||
}
|
||||
else {
|
||||
$nargs = array_map("check_query", $args);
|
||||
$nargs[0] = $query;
|
||||
}
|
||||
return _db_query(call_user_func_array("sprintf", $nargs), 1);
|
||||
}
|
||||
else {
|
||||
return _db_query($query, 1);
|
||||
|
|
|
|||
|
|
@ -25,11 +25,18 @@ function db_connect($url) {
|
|||
function db_query($query) {
|
||||
|
||||
$args = func_get_args();
|
||||
|
||||
$query = db_prefix_tables($query);
|
||||
if (count($args) > 1) {
|
||||
$args = array_map("check_query", $args);
|
||||
$args[0] = $query;
|
||||
return _db_query(call_user_func_array("sprintf", $args));
|
||||
if(is_array($args[1])){
|
||||
$args1 = array_map("check_query", $args[1]);
|
||||
$nargs = array_merge(array($query), $args1);
|
||||
}
|
||||
else {
|
||||
$nargs = array_map("check_query", $args);
|
||||
$nargs[0] = $query;
|
||||
}
|
||||
return _db_query(call_user_func_array("sprintf", $nargs));
|
||||
}
|
||||
else {
|
||||
return _db_query($query);
|
||||
|
|
@ -41,9 +48,15 @@ function db_queryd($query) {
|
|||
$args = func_get_args();
|
||||
$query = db_prefix_tables($query);
|
||||
if (count($args) > 1) {
|
||||
$args = array_map("check_query", $args);
|
||||
$args[0] = $query;
|
||||
return _db_query(call_user_func_array("sprintf", $args), 1);
|
||||
if(is_array($args[1])){
|
||||
$args1 = array_map("check_query", $args[1]);
|
||||
$nargs = array_merge(array($query), $args1);
|
||||
}
|
||||
else {
|
||||
$nargs = array_map("check_query", $args);
|
||||
$nargs[0] = $query;
|
||||
}
|
||||
return _db_query(call_user_func_array("sprintf", $nargs), 1);
|
||||
}
|
||||
else {
|
||||
return _db_query($query, 1);
|
||||
|
|
|
|||
|
|
@ -126,14 +126,6 @@ function node_teaser($body) {
|
|||
return $body;
|
||||
}
|
||||
|
||||
/*
|
||||
** If we have a short body, return the entire body:
|
||||
*/
|
||||
|
||||
if (strlen($body) < $size) {
|
||||
return $body;
|
||||
}
|
||||
|
||||
/*
|
||||
** If a valid delimiter has been specified, use it to
|
||||
** chop of the teaser. The delimiter can be outside
|
||||
|
|
@ -145,6 +137,14 @@ function node_teaser($body) {
|
|||
return substr($body, 0, $delimiter);
|
||||
}
|
||||
|
||||
/*
|
||||
** If we have a short body, return the entire body:
|
||||
*/
|
||||
|
||||
if (strlen($body) < $size) {
|
||||
return $body;
|
||||
}
|
||||
|
||||
/*
|
||||
** In some cases no delimiter has been specified (eg.
|
||||
** when posting using the Blogger API) in which case
|
||||
|
|
@ -302,12 +302,17 @@ function node_save($node) {
|
|||
foreach ($node as $key => $value) {
|
||||
if (in_array($key, $fields)) {
|
||||
$k[] = check_query($key);
|
||||
$v[] = "'". check_query($value) ."'";
|
||||
$v[] = $value;
|
||||
$s[] = "'%s'";
|
||||
}
|
||||
}
|
||||
|
||||
$keysfmt = implode(", ", $s);
|
||||
// need to quote the placeholders for the values
|
||||
$valsfmt = "'". implode("', '", $s) ."'";
|
||||
|
||||
// Insert the node into the database:
|
||||
db_query("INSERT INTO {node} (". implode(", ", $k) .") VALUES (". implode(", ", $v) .")");
|
||||
db_query("INSERT INTO {node} (". implode(", ", $k) .") VALUES(". implode(", ", $s) .")", $v);
|
||||
|
||||
// Call the node specific callback (if any):
|
||||
node_invoke($node, "insert");
|
||||
|
|
@ -325,12 +330,13 @@ function node_save($node) {
|
|||
// Prepare the query:
|
||||
foreach ($node as $key => $value) {
|
||||
if (in_array($key, $fields)) {
|
||||
$q[] = check_query($key) ." = '". check_query($value) ."'";
|
||||
$q[] = check_query($key) ." = '%s'";
|
||||
$v[] = $value;
|
||||
}
|
||||
}
|
||||
|
||||
// Update the node in the database:
|
||||
db_query("UPDATE {node} SET ". implode(", ", $q) ." WHERE nid = '$node->nid'");
|
||||
db_query("UPDATE {node} SET ". implode(", ", $q) ." WHERE nid = '$node->nid'", $v);
|
||||
|
||||
// Call the node specific callback (if any):
|
||||
node_invoke($node, "update");
|
||||
|
|
|
|||
|
|
@ -126,14 +126,6 @@ function node_teaser($body) {
|
|||
return $body;
|
||||
}
|
||||
|
||||
/*
|
||||
** If we have a short body, return the entire body:
|
||||
*/
|
||||
|
||||
if (strlen($body) < $size) {
|
||||
return $body;
|
||||
}
|
||||
|
||||
/*
|
||||
** If a valid delimiter has been specified, use it to
|
||||
** chop of the teaser. The delimiter can be outside
|
||||
|
|
@ -145,6 +137,14 @@ function node_teaser($body) {
|
|||
return substr($body, 0, $delimiter);
|
||||
}
|
||||
|
||||
/*
|
||||
** If we have a short body, return the entire body:
|
||||
*/
|
||||
|
||||
if (strlen($body) < $size) {
|
||||
return $body;
|
||||
}
|
||||
|
||||
/*
|
||||
** In some cases no delimiter has been specified (eg.
|
||||
** when posting using the Blogger API) in which case
|
||||
|
|
@ -302,12 +302,17 @@ function node_save($node) {
|
|||
foreach ($node as $key => $value) {
|
||||
if (in_array($key, $fields)) {
|
||||
$k[] = check_query($key);
|
||||
$v[] = "'". check_query($value) ."'";
|
||||
$v[] = $value;
|
||||
$s[] = "'%s'";
|
||||
}
|
||||
}
|
||||
|
||||
$keysfmt = implode(", ", $s);
|
||||
// need to quote the placeholders for the values
|
||||
$valsfmt = "'". implode("', '", $s) ."'";
|
||||
|
||||
// Insert the node into the database:
|
||||
db_query("INSERT INTO {node} (". implode(", ", $k) .") VALUES (". implode(", ", $v) .")");
|
||||
db_query("INSERT INTO {node} (". implode(", ", $k) .") VALUES(". implode(", ", $s) .")", $v);
|
||||
|
||||
// Call the node specific callback (if any):
|
||||
node_invoke($node, "insert");
|
||||
|
|
@ -325,12 +330,13 @@ function node_save($node) {
|
|||
// Prepare the query:
|
||||
foreach ($node as $key => $value) {
|
||||
if (in_array($key, $fields)) {
|
||||
$q[] = check_query($key) ." = '". check_query($value) ."'";
|
||||
$q[] = check_query($key) ." = '%s'";
|
||||
$v[] = $value;
|
||||
}
|
||||
}
|
||||
|
||||
// Update the node in the database:
|
||||
db_query("UPDATE {node} SET ". implode(", ", $q) ." WHERE nid = '$node->nid'");
|
||||
db_query("UPDATE {node} SET ". implode(", ", $q) ." WHERE nid = '$node->nid'", $v);
|
||||
|
||||
// Call the node specific callback (if any):
|
||||
node_invoke($node, "update");
|
||||
|
|
|
|||
|
|
@ -122,12 +122,14 @@ function user_save($account, $array = array()) {
|
|||
foreach ($array as $key => $value) {
|
||||
if ($key == "pass") {
|
||||
$fields[] = check_query($key);
|
||||
$values[] = "'". md5($value) ."'";
|
||||
$values[] = md5($value);
|
||||
$s[] = "'%s'";
|
||||
}
|
||||
else if (substr($key, 0, 4) !== "auth") {
|
||||
if (in_array($key, $user_fields)) {
|
||||
$fields[] = check_query($key);
|
||||
$values[] = "'". check_query($value) ."'";
|
||||
$values[] = $value;
|
||||
$s[] = "'%s'";
|
||||
}
|
||||
else {
|
||||
$data[$key] = $value;
|
||||
|
|
@ -136,9 +138,10 @@ function user_save($account, $array = array()) {
|
|||
}
|
||||
|
||||
$fields[] = "data";
|
||||
$values[] = "'". check_query(serialize($data)) ."'";
|
||||
$values[] = serialize($data);
|
||||
$s[] = "'%s'";
|
||||
|
||||
db_query("INSERT INTO {users} (". implode(", ", $fields) .") VALUES (". implode(", ", $values) .")");
|
||||
db_query("INSERT INTO {users} (". implde(", ", $fields) .") VALUES (". implde(", ", $s) .")", $values);
|
||||
|
||||
$user = user_load(array("name" => $array["name"]));
|
||||
}
|
||||
|
|
|
|||
|
|
@ -122,12 +122,14 @@ function user_save($account, $array = array()) {
|
|||
foreach ($array as $key => $value) {
|
||||
if ($key == "pass") {
|
||||
$fields[] = check_query($key);
|
||||
$values[] = "'". md5($value) ."'";
|
||||
$values[] = md5($value);
|
||||
$s[] = "'%s'";
|
||||
}
|
||||
else if (substr($key, 0, 4) !== "auth") {
|
||||
if (in_array($key, $user_fields)) {
|
||||
$fields[] = check_query($key);
|
||||
$values[] = "'". check_query($value) ."'";
|
||||
$values[] = $value;
|
||||
$s[] = "'%s'";
|
||||
}
|
||||
else {
|
||||
$data[$key] = $value;
|
||||
|
|
@ -136,9 +138,10 @@ function user_save($account, $array = array()) {
|
|||
}
|
||||
|
||||
$fields[] = "data";
|
||||
$values[] = "'". check_query(serialize($data)) ."'";
|
||||
$values[] = serialize($data);
|
||||
$s[] = "'%s'";
|
||||
|
||||
db_query("INSERT INTO {users} (". implode(", ", $fields) .") VALUES (". implode(", ", $values) .")");
|
||||
db_query("INSERT INTO {users} (". implde(", ", $fields) .") VALUES (". implde(", ", $s) .")", $values);
|
||||
|
||||
$user = user_load(array("name" => $array["name"]));
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue