Bug #16118 :: MSSQL escape doesn't take into account trailing backslashes

Package home | Report new bug | New search | Development Roadmap

Status: Open | Feedback | All | Closed Since Version 2.5.0b5

Bug #16118	MSSQL escape doesn't take into account trailing backslashes
Submitted:	2009-04-17 20:07 UTC	Modified:	2009-10-03 10:45 UTC
From:	urkle	Assigned:	quipo
Status:	Closed	Package:	MDB2 (version 2.4.1)
PHP Version:	5.2.9	OS:	CentOS 5
Roadmaps:	(Not assigned)
Subscription	Your email:

Comments Patches (1) Add Comment Add patch Patch details

Patch	MDB2-escape.patch	Revisions	2009-05-23 19:56 UTC Upload new revision
Revision	2009-05-23 19:56 UTC
Developer	urkle

	Download patch

--- MDB2/Driver/mssql.php.orig	2009-05-23 14:51:09.000000000 -0400
+++ MDB2/Driver/mssql.php	2009-05-23 14:54:55.000000000 -0400
@@ -654,6 +654,27 @@
         return $this->queryOne($query, 'integer');
     }
     // }}}
+    // {{{ function escape($text)
+
+    /**
+     * Quotes a string so it can be safely used in a query. It will quote
+     * the text so it can safely be used within a query.
+     * This overridden subclass also escapes line-folding sequences
+     *
+     * @param   string  the input string to quote
+     * @param   bool    escape wildcards
+     *
+     * @return  string  quoted string
+     *
+     * @access  public
+     */
+    function escape($text, $escape_wildcards = false)
+    {
+	$text = parent::escape($text, $escape_wildcards);
+	$text = preg_replace('/\\(\r\n|\r|\n)/','\\\\$1',$text);
+        return $text;
+    }
+    // }}}
 }
 // }}}
 // {{{ Class MDB2_Result_mssql