View Issue Details

IDProjectCategoryView StatusLast Update
0004819OXID eShop (all versions)4.01. Database handlingpublic2015-12-01 09:24
ReporterFibreFoX 
PrioritynormalSeverityfeatureReproducibilityalways
Status assignedResolutionopen 
Product Version4.7.2 / 5.0.2 revision 53018 
Target VersionFixed in Version 
Summary0004819: escapeString should use adodb-lite quote-function
Descriptionthe quote/qstr-function from the adodb-lite-driver can be used, to there is no need to re-check which mysql/i-function-call is needed.


// before
    public function escapeString( $sString )
    {
        $myConfig = $this->getConfig();
        if ( 'mysql' == $myConfig->getConfigParam( "dbType" )) {
            return mysql_real_escape_string( $sString, $this->_getConnectionId() );
        } elseif ( 'mysqli' == $myConfig->getConfigParam( "dbType" )) {
            return mysqli_real_escape_string( $this->_getConnectionId(), $sString );
        } else {
            return mysql_real_escape_string( $sString, $this->_getConnectionId() );
        }
    }
    
// after
    // due to the fact that qstr is returnin 'something' (with quotation-marks), the result can't be returned unhandled
    public function escapeString( $sString )
    {
        $adoDBLiteQuoted = self::getDb()->quote( $sString ); // no need to worry about mysql/i here
        return substr( $adoDBLiteQuoted, 1, -1) ;
    }
Additional Informationthe function _getConnectionId from oxdb would get deprecated because it isn't needed anymore (at least in CE-version)
TagsNo tags attached.
ThemeNot defined
BrowserAll
PHP VersionNot defined
MySQL VersionNot defined

Activities

svetlana

2014-03-28 10:01

reporter   ~0009717

waiting for the PO decision.