// Escape a string for the database
function SQL_ESCAPE ($str, $secureString=true, $strip=true) {
// Do we have cache?
- if (isset($GLOBALS['sql_escapes'][$str])) {
- // Then use it instead
- return $GLOBALS['sql_escapes'][$str];
- } // END - if
-
- // Secure string first? (which is the default behaviour!)
- if ($secureString === true) {
- // Then do it here
- $str = secureString($str, $strip);
- } // END - if
+ if (!isset($GLOBALS['sql_escapes'][''.$str.''])) {
+ // Secure string first? (which is the default behaviour!)
+ if ($secureString === true) {
+ // Then do it here
+ $str = secureString($str, $strip);
+ } // END - if
- if (!SQL_IS_LINK_UP()) {
- // Fall-back to smartAddSlashes() when there is no link
- $ret = smartAddSlashes($str);
- } elseif (function_exists('mysql_real_escape_string')) {
- // The new and improved version
- //* DEBUG: */ print(__FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):str={$str}<br />");
- $ret = mysql_real_escape_string($str, SQL_GET_LINK());
- } elseif (function_exists('mysql_escape_string')) {
- // The obsolete function
- $ret = mysql_escape_string($str, SQL_GET_LINK());
- } else {
- // If nothing else works, fall back to smartAddSlashes() again
- $ret = smartAddSlashes($str);
- }
+ if (!SQL_IS_LINK_UP()) {
+ // Fall-back to smartAddSlashes() when there is no link
+ $ret = smartAddSlashes($str);
+ } elseif (function_exists('mysql_real_escape_string')) {
+ // The new and improved version
+ //* DEBUG: */ print(__FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):str={$str}<br />");
+ $ret = mysql_real_escape_string($str, SQL_GET_LINK());
+ } elseif (function_exists('mysql_escape_string')) {
+ // The obsolete function
+ $ret = mysql_escape_string($str, SQL_GET_LINK());
+ } else {
+ // If nothing else works, fall back to smartAddSlashes() again
+ $ret = smartAddSlashes($str);
+ }
- // Cache result
- $GLOBALS['sql_escapes'][$str] = $ret;
+ // Cache result
+ $GLOBALS['sql_escapes'][''.$str.''] = $ret;
+ } // END - if
// Return it
- return $ret;
+ return $GLOBALS['sql_escapes'][''.$str.''];
}
// SELECT query string from table, columns and so on... ;-)
if (isFormSent()) {
// Replace commata with decimal dot
- setRequestPostElement('doubler_charge', convertCommaToDot(postRequestElement('doubler_charge')) / 100);
- setRequestPostElement('doubler_ref' , convertCommaToDot(postRequestElement('doubler_ref')) / 100);
+ setRequestPostElement('doubler_charge', (convertCommaToDot(postRequestElement('doubler_charge')) / 100));
+ setRequestPostElement('doubler_ref' , (convertCommaToDot(postRequestElement('doubler_ref')) / 100));
setRequestPostElement('doubler_min' , convertCommaToDot(postRequestElement('doubler_min')));
setRequestPostElement('doubler_max' , convertCommaToDot(postRequestElement('doubler_max')));
setRequestPostElement('doubler_left' , convertCommaToDot(postRequestElement('doubler_left')));
projects / mailer.git / commitdiff