From: Hypolite Petovan Date: Wed, 27 Jul 2022 23:54:02 +0000 (-0400) Subject: Use DBA::quoteIdentifier in Database::escapeFields X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=e445975c2033c339fb9d1c0acf3bd11a35a2f7f6;p=friendica.git Use DBA::quoteIdentifier in Database::escapeFields --- diff --git a/src/Database/DBA.php b/src/Database/DBA.php index 9ce2b61473..677bf1a27f 100644 --- a/src/Database/DBA.php +++ b/src/Database/DBA.php @@ -531,9 +531,9 @@ class DBA } /** - * Escape an identifier (table or field name) optional with a schema like (schema.)table + * Escape an identifier (table or field name) optional with a schema like ((schema.)table.)field * - * @param $identifier Table, field name + * @param string $identifier Table, field name * @return string Quotes table or field name */ public static function quoteIdentifier(string $identifier): string diff --git a/src/Database/Database.php b/src/Database/Database.php index 3276e90e52..cd2803c0fc 100644 --- a/src/Database/Database.php +++ b/src/Database/Database.php @@ -1438,7 +1438,7 @@ class Database array_walk($fields, function(&$value, $key) use ($options) { $field = $value; - $value = '`' . str_replace('`', '``', $value) . '`'; + $value = DBA::quoteIdentifier($field); if (!empty($options['group_by']) && !in_array($field, $options['group_by'])) { $value = 'ANY_VALUE(' . $value . ') AS ' . $value;