oqapi/webgui
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

SQL quoting for GUID

Browse source
This commit is contained in:
Colin Kuskie 2004-10-14 05:13:36 +00:00
parent 1bce4167eb
commit 9f938f0adb
1 changed files with 4 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

8
lib/WebGUI/Operation/Trash.pm
View file

@ -37,7 +37,7 @@ sub _purgeUserTrash {
#WebGUI::ErrorHandler::audit("emptying user trash"); #WebGUI::ErrorHandler::audit("emptying user trash");
# Delete wobjects # Delete wobjects
$b = WebGUI::SQL->read("select * from wobject where pageId=3 and bufferUserId=" . quote($userId)); $b = WebGUI::SQL->read("select * from wobject where pageId='3' and bufferUserId=" . quote($userId));
while ($base = $b->hashRef) { while ($base = $b->hashRef) {
$extended = WebGUI::SQL->quickHashRef("select * from ".$base->{namespace}." $extended = WebGUI::SQL->quickHashRef("select * from ".$base->{namespace}."
where wobjectId=".quote($base->{wobjectId})); where wobjectId=".quote($base->{wobjectId}));
@ -141,7 +141,7 @@ sub www_cutTrashItem {
."where wobjectId=" .quote($session{form}{wid})); ."where wobjectId=" .quote($session{form}{wid}));
return WebGUI::Privilege::insufficient() unless ($bufferUserId eq $session{user}{userId}); return WebGUI::Privilege::insufficient() unless ($bufferUserId eq $session{user}{userId});
} }
WebGUI::SQL->write("update wobject set pageId=2, " WebGUI::SQL->write("update wobject set pageId='2', "
."bufferUserId=". quote($session{user}{userId}) .", " ."bufferUserId=". quote($session{user}{userId}) .", "
."bufferDate=". time() .", " ."bufferDate=". time() .", "
."bufferPrevId=3 " ."bufferPrevId=3 "
@ -346,10 +346,10 @@ sub www_manageTrash {
# Generate list of wobjects in clipboard # Generate list of wobjects in clipboard
if ($allUsers) { if ($allUsers) {
$sth = WebGUI::SQL->read("select wobjectId,namespace,title,bufferUserId,bufferDate,bufferPrevId " $sth = WebGUI::SQL->read("select wobjectId,namespace,title,bufferUserId,bufferDate,bufferPrevId "
. "from wobject where pageId=3 order by bufferDate"); . "from wobject where pageId='3' order by bufferDate");
} else { } else {
$sth = WebGUI::SQL->read("select wobjectId,namespace,title,bufferUserId,bufferDate,bufferPrevId " $sth = WebGUI::SQL->read("select wobjectId,namespace,title,bufferUserId,bufferDate,bufferPrevId "
. "from wobject where pageId=3 and bufferUserId=" . "from wobject where pageId='3' and bufferUserId="
. quote($session{user}{userId}) ." order by bufferDate"); . quote($session{user}{userId}) ." order by bufferDate");
} }
while (@data = $sth->array) { while (@data = $sth->array) {