From b20eb1c60e5d9eb2bd596bbd119d35d10ee46b20 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Roland=20H=C3=A4der?= Date: Tue, 3 Nov 2009 16:23:30 +0000 Subject: [PATCH] SQL_ESCAPE() rewritten for better caching of float numbers --- inc/db/lib-mysql3.php | 51 +++++++++++------------ inc/modules/admin/what-config_doubler.php | 4 +- 2 files changed, 26 insertions(+), 29 deletions(-) diff --git a/inc/db/lib-mysql3.php b/inc/db/lib-mysql3.php index a5b6d67c78..a0f4499b14 100644 --- a/inc/db/lib-mysql3.php +++ b/inc/db/lib-mysql3.php @@ -344,37 +344,34 @@ function SQL_INSERTID () { // Escape a string for the database function SQL_ESCAPE ($str, $secureString=true, $strip=true) { // Do we have cache? - if (isset($GLOBALS['sql_escapes'][$str])) { - // Then use it instead - return $GLOBALS['sql_escapes'][$str]; - } // END - if - - // Secure string first? (which is the default behaviour!) - if ($secureString === true) { - // Then do it here - $str = secureString($str, $strip); - } // END - if + if (!isset($GLOBALS['sql_escapes'][''.$str.''])) { + // Secure string first? (which is the default behaviour!) + if ($secureString === true) { + // Then do it here + $str = secureString($str, $strip); + } // END - if - if (!SQL_IS_LINK_UP()) { - // Fall-back to smartAddSlashes() when there is no link - $ret = smartAddSlashes($str); - } elseif (function_exists('mysql_real_escape_string')) { - // The new and improved version - //* DEBUG: */ print(__FUNCTION__."(".__LINE__."):str={$str}
"); - $ret = mysql_real_escape_string($str, SQL_GET_LINK()); - } elseif (function_exists('mysql_escape_string')) { - // The obsolete function - $ret = mysql_escape_string($str, SQL_GET_LINK()); - } else { - // If nothing else works, fall back to smartAddSlashes() again - $ret = smartAddSlashes($str); - } + if (!SQL_IS_LINK_UP()) { + // Fall-back to smartAddSlashes() when there is no link + $ret = smartAddSlashes($str); + } elseif (function_exists('mysql_real_escape_string')) { + // The new and improved version + //* DEBUG: */ print(__FUNCTION__."(".__LINE__."):str={$str}
"); + $ret = mysql_real_escape_string($str, SQL_GET_LINK()); + } elseif (function_exists('mysql_escape_string')) { + // The obsolete function + $ret = mysql_escape_string($str, SQL_GET_LINK()); + } else { + // If nothing else works, fall back to smartAddSlashes() again + $ret = smartAddSlashes($str); + } - // Cache result - $GLOBALS['sql_escapes'][$str] = $ret; + // Cache result + $GLOBALS['sql_escapes'][''.$str.''] = $ret; + } // END - if // Return it - return $ret; + return $GLOBALS['sql_escapes'][''.$str.'']; } // SELECT query string from table, columns and so on... ;-) diff --git a/inc/modules/admin/what-config_doubler.php b/inc/modules/admin/what-config_doubler.php index 69a6a46dc7..0694a039b8 100644 --- a/inc/modules/admin/what-config_doubler.php +++ b/inc/modules/admin/what-config_doubler.php @@ -46,8 +46,8 @@ addMenuDescription('admin', __FILE__); if (isFormSent()) { // Replace commata with decimal dot - setRequestPostElement('doubler_charge', convertCommaToDot(postRequestElement('doubler_charge')) / 100); - setRequestPostElement('doubler_ref' , convertCommaToDot(postRequestElement('doubler_ref')) / 100); + setRequestPostElement('doubler_charge', (convertCommaToDot(postRequestElement('doubler_charge')) / 100)); + setRequestPostElement('doubler_ref' , (convertCommaToDot(postRequestElement('doubler_ref')) / 100)); setRequestPostElement('doubler_min' , convertCommaToDot(postRequestElement('doubler_min'))); setRequestPostElement('doubler_max' , convertCommaToDot(postRequestElement('doubler_max'))); setRequestPostElement('doubler_left' , convertCommaToDot(postRequestElement('doubler_left'))); -- 2.39.5