[Openupload-svn-update] SF.net SVN: openupload:[53] trunk/lib/modules/db/mysql.inc.php

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Revision: 53
          http://openupload.svn.sourceforge.net/openupload/?rev=53&view=rev
Author:   tsdogs
Date:     2008-10-22 18:38:06 +0000 (Wed, 22 Oct 2008)

Log Message:
-----------
add field name boundings

Modified Paths:
--------------
    trunk/lib/modules/db/mysql.inc.php

Modified: trunk/lib/modules/db/mysql.inc.php
===================================================================

--- trunk/lib/modules/db/mysql.inc.php	2008-10-22 18:34:43 UTC (rev 52)
+++ trunk/lib/modules/db/mysql.inc.php	2008-10-22 18:38:06 UTC (rev 53)
@@ -19,12 +19,12 @@
 
 
   function newId($tbl,$field = 'id',$keys = array ()) {
-    $sql = 'SELECT max('.$field.') as newid FROM '.$this->prefix.$tbl;
+    $sql = 'SELECT max(`'.$field.'`) as newid FROM `'.$this->prefix.$tbl.'`';
     if (count($keys)>0) {
       $where = '';
       foreach ($keys as $k => $v) {
         if ($where != '') $where .= ' AND ';
-        $where .= $k.'="'.(mysql_real_escape_string($v)).'"';
+        $where .= '`'.$k.'`="'.(mysql_real_escape_string($v)).'"';
       }
       $sql .= ' WHERE '.$where;
     }
@@ -38,7 +38,7 @@
     $found = true;
     while ($found) {
       $id = randomName(30,30);
-      $sql = 'SELECT '.$field.' FROM '.$this->prefix.$tbl.' WHERE '.$field.'="'.$id.'"';
+      $sql = 'SELECT '.$field.' FROM `'.$this->prefix.$tbl.'` WHERE `'.$field.'`="'.$id.'"';
       $res = mysql_query($sql);
       $found = mysql_num_rows($res)>0;
       mysql_free_result($res);
@@ -47,12 +47,12 @@
   }
 
   function count($tbl,$keys = array()) {
-    $sql = 'SELECT count(*) AS num FROM '.$this->prefix.$tbl;
+    $sql = 'SELECT count(*) AS num FROM `'.$this->prefix.$tbl.'`';
     if (count($keys)>0) {
       $where = '';
       foreach ($keys as $k => $v) {
         if ($where != '') $where .= ' AND ';
-        $where .= $k.'="'.(mysql_real_escape_string($v)).'"';
+        $where .= '`'.$k.'`="'.(mysql_real_escape_string($v)).'"';
       }
       $sql .= ' WHERE '.$where;
     }
@@ -63,12 +63,12 @@
   }
 
   function read($tbl,$keys = array(), $sort = array(), $limit = '', $assoc = array()) {
-    $sql = 'SELECT * FROM '.$this->prefix.$tbl;
+    $sql = 'SELECT * FROM `'.$this->prefix.$tbl.'`';
     if (count($keys)>0) {
       $where = '';
       foreach ($keys as $k => $v) {
         if ($where != '') $where .= ' AND ';
-        $where .= $k.'="'.(mysql_real_escape_string($v)).'"';
+        $where .= '`'.$k.'`="'.(mysql_real_escape_string($v)).'"';
       }
       $sql .= ' WHERE '.$where;
     }
@@ -76,7 +76,7 @@
       $sorting = '';
       foreach ($sort as $s) {
         if ($sorting!='') $sorting.=',';
-        $sorting .= $s;
+        $sorting .= '`'.$s.'`';
       }
       $sql .= ' ORDER BY '.$sorting;
     }
@@ -84,6 +84,7 @@
       $sql .= ' LIMIT '.$limit;
     }
     $res = mysql_query($sql);
+if (!$res) { die('query failed: '.$sql); }
     $result = array();
     while ($row = mysql_fetch_assoc($res)) {
       if (count($assoc)) { /* maybe there is a better way to do this? */
@@ -102,21 +103,21 @@
   }
 
   function insert($tbl,$values,$fields = array()) {
-    $sql = 'INSERT INTO '.$this->prefix.$tbl;
+    $sql = 'INSERT INTO `'.$this->prefix.$tbl.'`';
     $flist = '';
     $vlist = '';
     if (count($fields)>0) {
       foreach ($fields as $f) {
         if ($flist!='') $flist .= ',';
         if ($vlist!='') $vlist .= ',';
-        $flist .= $f;
+        $flist .= '`'.$f.'`';
         $vlist .= '"'.mysql_real_escape_string($values[$f]).'"';
       }    
     } else {
       foreach ($values as $k => $v) {
         if ($flist!='') $flist .= ',';
         if ($vlist!='') $vlist .= ',';
-        $flist .= $k;
+        $flist .= '`'.$k.'`';
         $vlist .= '"'.mysql_real_escape_string($v).'"';
       }
     }
@@ -125,17 +126,17 @@
   }
 
   function update($tbl,$values,$keys = array(),$fields = array()) {
-    $sql = 'UPDATE '.$this->prefix.$tbl;
+    $sql = 'UPDATE `'.$this->prefix.$tbl.'`';
     $set = '';
     if (count($fields)>0) {
       foreach ($fields as $f) {
         if ($set!='') $set .= ',';
-        $set .= $f.'="'.mysql_real_escape_string($values[$f]).'"';
+        $set .= '`'.$f.'`="'.mysql_real_escape_string($values[$f]).'"';
       }    
     } else {
       foreach ($values as $k => $v) {
         if ($set!='') $set .= ',';
-        $set .= $k.'="'.mysql_real_escape_string($v).'"';
+        $set .= '`'.$k.'`="'.mysql_real_escape_string($v).'"';
       }
     }
     $sql .= ' SET '.$set;
@@ -143,7 +144,7 @@
       $where = '';
       foreach ($keys as $k => $v) {
         if ($where != '') $where .= ' AND ';
-        $where .= $k.'="'.mysql_real_escape_string($v).'"';
+        $where .= '`'.$k.'`="'.mysql_real_escape_string($v).'"';
       }
       $sql .= ' WHERE '.$where;
     }
@@ -151,17 +152,16 @@
   }
 
   function delete($tbl,$keys = array()) {
-    $sql = 'DELETE FROM '.$this->prefix.$tbl;
+    $sql = 'DELETE FROM `'.$this->prefix.$tbl.'`';
     if (count($keys)>0) {
       $where = '';
       foreach ($keys as $k => $v) {
         if ($where != '') $where .= ' AND ';
-        $where .= $k.'="'.mysql_real_escape_string($v).'"';
+        $where .= '`'.$k.'`="'.mysql_real_escape_string($v).'"';
       }
       $sql .= ' WHERE '.$where;
     }
-    $res = mysql_query($sql);
-    mysql_free_result($res);
+    mysql_query($sql);
   }
 }
 


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.


