search

clonos / control-pane

ClonOS WEB control panel (CBSD WEB UI)
https://clonos.tekroutine.com
139 stars 35 forks source link

fix sql syntax for iso #71

Closed flobbfr closed 3 days ago

flobbfr commented 4 days ago

I got a problem with " in SQL syntax on an fresh install, so I had to replace " by ' It seems to be a more standard syntax, as " are interpreted only when the context makes the meaning unambiguous.

olevole commented 4 days ago

@flobbfr Thank you for contribution. This seems to be a continuation of a recent similar fix related to SQLite3 DQS ( Double-quoted String Literals ) https://github.com/clonos/control-pane/commit/9831b31169bb41794ed2586a9fd9f9d7814b197a#diff-94988fb8f8e374db417c559ede947e417034162597bc66131779d027a330bd9dR132

Can I ask you to check the version without shielding ( \' ), Unfortunately I can't check now.. E.g:

instead of:

$res=$db->selectOne('SELECT * FROM media WHERE jname=? AND type=\'iso\'',    ...

this:

$res=$db->selectOne("SELECT * FROM media WHERE jname=? AND type='iso'",  ..
flobbfr commented 4 days ago

Hello,

Yes it works this way too :

$res=$db->selectOne("SELECT * FROM media WHERE jname=? AND type='iso'",  ..

Do you want me to change my PR ? (I don't know how, I'll try tomorrow)

olevole commented 3 days ago

I'll take your patch as is as a base, but I'll remove the slash myself soon, if you don't mind. Thank you very much !