- Sanatize title before doing LIKE matches.

18160f02 · Kjartan Mannes · 2d7d796d · 18160f02
Commit 18160f02 authored Feb 21, 2004 by Kjartan Mannes
--- a/modules/title.module
+++ b/modules/title.module
@@ -26,6 +26,7 @@ function title_page() {
  $title = urldecode(arg(1));
  $result = db_query("SELECT n.*, u.name, u.uid FROM {node} n INNER JOIN {users} u ON n.uid = u.uid WHERE n.title = '%s' AND n.status = 1 ORDER BY n.created DESC", $title);
+  $title = trim(str_replace(array('_', '%', '*'), ' ', $title));
  if (db_num_rows($result) == 0) {
    // No node with exact title found, try substring.
    $result = db_query("SELECT n.*, u.name, u.uid FROM {node} n INNER JOIN {users} u ON n.uid = u.uid WHERE n.title LIKE '%%%s%%' AND n.status = 1 ORDER BY n.created DESC", $title);