function SQL_ESCAPE ($str, $secureString = true, $strip = true) {
// Do we have cache?
if (!isset($GLOBALS['sql_escapes'][''.$str.''])) {
+ // Prepare the string here
+ $str = SQL_PREPARE_SQL_STRING($str);
+
// Secure string first? (which is the default behaviour!)
if ($secureString === true) {
// Then do it here
function SQL_PREPARE_SQL_STRING ($sqlString, $enableCodes = true) {
// Is it already cached?
if (!isset($GLOBALS['sql_strings'][$sqlString])) {
- // Compile config+expression code
- $sqlString2 = FILTER_COMPILE_EXPRESSION_CODE(FILTER_COMPILE_CONFIG($sqlString));
+ // Compile URI codes+config+expression code
+ $sqlString2 = FILTER_COMPILE_EXPRESSION_CODE(FILTER_COMPILE_CONFIG(compileUriCode($sqlString)));
// Do final compilation
$GLOBALS['sql_strings'][$sqlString] = doFinalCompilation($sqlString2, false, $enableCodes);
- //die($sqlString.'<br />'.$sqlString2.'<br />'.$GLOBALS['sql_strings'][$sqlString]);
} // END - if
// Return it
$module = mapModuleToTable($module);
// Guest and member menu is 'main' as the default
- if (empty($data['action'])) $data['action'] = 'main';
+ if (empty($data['action'])) {
+ $data['action'] = 'main';
+ } // END - if
// Load from database
$result = SQL_QUERY_ESC("SELECT `action` FROM `{?_MYSQL_PREFIX?}_%s_menu` WHERE `what`='%s' LIMIT 1",
- array($module, $what), __FUNCTION__, __LINE__);
+ array(
+ $module,
+ $what
+ ), __FUNCTION__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
// Load action value and pray that this one is the right you want... ;-)
$data = SQL_FETCHARRAY($result);
// Compile characters which are allowed in URLs
function compileUriCode ($code, $simple = true) {
// Compile constants
- if ($simple === false) $code = str_replace('{--', '".', str_replace('--}', '."', $code));
+ if ($simple === false) {
+ $code = str_replace('{--', '".', str_replace('--}', '."', $code));
+ } // END - if
// Compile QUOT and other non-HTML codes
$code = str_replace('{DOT}', '.',
projects / mailer.git / commitdiff