From cfed9721ad3398bd6df33473f1c6a05807580eab Mon Sep 17 00:00:00 2001 From: stronk7 Date: Thu, 15 Mar 2007 19:03:07 +0000 Subject: [PATCH] DB escaping comments. MDL-8918 Merged from MOODLE_18_STABLE --- lib/xmldb/classes/generators/mysql/mysql.class.php | 2 +- lib/xmldb/classes/generators/oci8po/oci8po.class.php | 2 +- lib/xmldb/classes/generators/postgres7/postgres7.class.php | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/xmldb/classes/generators/mysql/mysql.class.php b/lib/xmldb/classes/generators/mysql/mysql.class.php index 30967ab546..2d0c5546dc 100644 --- a/lib/xmldb/classes/generators/mysql/mysql.class.php +++ b/lib/xmldb/classes/generators/mysql/mysql.class.php @@ -238,7 +238,7 @@ class XMLDBmysql extends XMLDBGenerator { if ($xmldb_table->getComment()) { $comment .= 'ALTER TABLE ' . $this->getTableName($xmldb_table); - $comment .= " COMMENT='" . substr($xmldb_table->getComment(), 0, 60) . "'"; + $comment .= " COMMENT='" . addslashes(substr($xmldb_table->getComment(), 0, 60)) . "'"; } return array($comment); } diff --git a/lib/xmldb/classes/generators/oci8po/oci8po.class.php b/lib/xmldb/classes/generators/oci8po/oci8po.class.php index 7f380b565f..9b872c4ba1 100644 --- a/lib/xmldb/classes/generators/oci8po/oci8po.class.php +++ b/lib/xmldb/classes/generators/oci8po/oci8po.class.php @@ -198,7 +198,7 @@ class XMLDBoci8po extends XMLDBgenerator { function getCommentSQL ($xmldb_table) { $comment = "COMMENT ON TABLE " . $this->getTableName($xmldb_table); - $comment.= " IS '" . substr($xmldb_table->getComment(), 0, 250) . "'"; + $comment.= " IS '" . addslashes(substr($xmldb_table->getComment(), 0, 250)) . "'"; return array($comment); } diff --git a/lib/xmldb/classes/generators/postgres7/postgres7.class.php b/lib/xmldb/classes/generators/postgres7/postgres7.class.php index 6f401fbdc2..4bb95921c5 100644 --- a/lib/xmldb/classes/generators/postgres7/postgres7.class.php +++ b/lib/xmldb/classes/generators/postgres7/postgres7.class.php @@ -135,7 +135,7 @@ class XMLDBpostgres7 extends XMLDBgenerator { function getCommentSQL ($xmldb_table) { $comment = "COMMENT ON TABLE " . $this->getTableName($xmldb_table); - $comment.= " IS '" . substr($xmldb_table->getComment(), 0, 250) . "'"; + $comment.= " IS '" . addslashes(substr($xmldb_table->getComment(), 0, 250)) . "'"; return array($comment); } -- 2.39.5