View Issue Details

IDProjectCategoryView StatusLast Update
0004819OXID eShop (all versions)4.01. Database handlingpublic2022-01-31 15:54
ReporterFibreFoX Assigned To 
Status resolvedResolutionwon't fix 
Product Version4.7.2 / 5.0.2 revision 53018 
Summary0004819: escapeString should use adodb-lite quote-function
Descriptionthe quote/qstr-function from the adodb-lite-driver can be used, to there is no need to re-check which mysql/i-function-call is needed.

// before
    public function escapeString( $sString )
        $myConfig = $this->getConfig();
        if ( 'mysql' == $myConfig->getConfigParam( "dbType" )) {
            return mysql_real_escape_string( $sString, $this->_getConnectionId() );
        } elseif ( 'mysqli' == $myConfig->getConfigParam( "dbType" )) {
            return mysqli_real_escape_string( $this->_getConnectionId(), $sString );
        } else {
            return mysql_real_escape_string( $sString, $this->_getConnectionId() );
// after
    // due to the fact that qstr is returnin 'something' (with quotation-marks), the result can't be returned unhandled
    public function escapeString( $sString )
        $adoDBLiteQuoted = self::getDb()->quote( $sString ); // no need to worry about mysql/i here
        return substr( $adoDBLiteQuoted, 1, -1) ;
Additional Informationthe function _getConnectionId from oxdb would get deprecated because it isn't needed anymore (at least in CE-version)
TagsNo tags attached.
ThemeNot defined
PHP VersionNot defined
Database VersionNot defined



2014-03-28 10:01

reporter   ~0009717

waiting for the PO decision.


2022-01-31 15:54

administrator   ~0013620

ADOdb Lite was removed and replaced by Doctrine. Also escapeString was replaced and refactored