friendica
/
friendica
mirror of https://github.com/friendica/friendica
6
0
Fork 1
Code Issues Packages Projects Releases 1 Wiki Activity

Use DBA::quoteIdentifier in Database::escapeFields

This commit is contained in:
Hypolite Petovan 2022-07-27 19:54:02 -04:00
parent 95b67f5e46
commit e445975c20
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/Database/DBA.php
View File

@ -531,9 +531,9 @@ class DBA
}
/**
* Escape an identifier (table or field name) optional with a schema like (schema.)table
* Escape an identifier (table or field name) optional with a schema like ((schema.)table.)field
*
* @param $identifier Table, field name
* @param string $identifier Table, field name
* @return string Quotes table or field name
*/
public static function quoteIdentifier(string $identifier): string

2
src/Database/Database.php
View File

@ -1438,7 +1438,7 @@ class Database
array_walk($fields, function(&$value, $key) use ($options)
{
$field = $value;
$value = '`' . str_replace('`', '``', $value) . '`';
$value = DBA::quoteIdentifier($field);
if (!empty($options['group_by']) && !in_array($field, $options['group_by'])) {
$value = 'ANY_VALUE(' . $value . ') AS ' . $value;