From f60739b033efb6fc47e07bd7732fecf8222793c0 Mon Sep 17 00:00:00 2001
From: Dries Buytaert <dries@buytaert.net>
Date: Wed, 13 Jan 2010 23:19:54 +0000
Subject: [PATCH] - Patch #683736 by c960657: use db_like() where appropriate.
---
includes/cache.inc | 2 +-
includes/locale.inc | 8 ++++----
.../modules/field_sql_storage/field_sql_storage.module | 6 +++---
modules/profile/profile.pages.inc | 2 +-
modules/search/search.extender.inc | 2 +-
modules/taxonomy/taxonomy.module | 1 +
modules/taxonomy/taxonomy.pages.inc | 6 ++----
7 files changed, 13 insertions(+), 14 deletions(-)
diff --git a/includes/cache.inc b/includes/cache.inc
index cbefdd2a38aa..b45d26b279aa 100644
--- a/includes/cache.inc
+++ b/includes/cache.inc
@@ -462,7 +462,7 @@ function clear($cid = NULL, $wildcard = FALSE) {
}
else {
db_delete($this->bin)
- ->condition('cid', $cid . '%', 'LIKE')
+ ->condition('cid', db_like($cid) . '%', 'LIKE')
->execute();
}
}
diff --git a/includes/locale.inc b/includes/locale.inc
index e9197f46e3af..a40a7d125071 100644
--- a/includes/locale.inc
+++ b/includes/locale.inc
@@ -1480,12 +1480,12 @@ function _locale_translate_seek() {
// Compute LIKE section.
switch ($query['translation']) {
case 'translated':
- $sql_query->condition('t.translation', '%' . $query['string'] . '%', 'LIKE');
+ $sql_query->condition('t.translation', '%' . db_like($query['string']) . '%', 'LIKE');
$sql_query->orderBy('t.translation', 'DESC');
break;
case 'untranslated':
$sql_query->condition(db_and()
- ->condition('s.source', '%' . $query['string'] . '%', 'LIKE')
+ ->condition('s.source', '%' . db_like($query['string']) . '%', 'LIKE')
->isNull('t.translation')
);
$sql_query->orderBy('s.source');
@@ -1493,10 +1493,10 @@ function _locale_translate_seek() {
case 'all' :
default:
$condition = db_or()
- ->condition('s.source', '%' . $query['string'] . '%', 'LIKE');
+ ->condition('s.source', '%' . db_like($query['string']) . '%', 'LIKE');
if ($query['language'] != 'en') {
// Only search in translations if the language is not forced to English.
- $condition->condition('t.translation', '%' . $query['string'] . '%', 'LIKE');
+ $condition->condition('t.translation', '%' . db_like($query['string']) . '%', 'LIKE');
}
$sql_query->condition($condition);
break;
diff --git a/modules/field/modules/field_sql_storage/field_sql_storage.module b/modules/field/modules/field_sql_storage/field_sql_storage.module
index bc0d379d88a2..65ceb5228448 100644
--- a/modules/field/modules/field_sql_storage/field_sql_storage.module
+++ b/modules/field/modules/field_sql_storage/field_sql_storage.module
@@ -494,17 +494,17 @@ function field_sql_storage_field_storage_query($field_id, $conditions, $options)
switch ($operator) {
case 'STARTS_WITH':
$operator = 'LIKE';
- $value .= '%';
+ $value = db_like($value) . '%';
break;
case 'ENDS_WITH':
$operator = 'LIKE';
- $value = "$value%";
+ $value = '%' . db_like($value);
break;
case 'CONTAINS':
$operator = 'LIKE';
- $value = "%$value%";
+ $value = '%' . db_like($value) . '%';
break;
}
// Translate field columns into prefixed db columns.
diff --git a/modules/profile/profile.pages.inc b/modules/profile/profile.pages.inc
index bfc23e221c54..3462232859ed 100644
--- a/modules/profile/profile.pages.inc
+++ b/modules/profile/profile.pages.inc
@@ -53,7 +53,7 @@ function profile_browse() {
$query->condition('v.value', $value);
break;
case 'list':
- $query->condition('v.value', '%' . $value . '%', 'LIKE');
+ $query->condition('v.value', '%' . db_like($value) . '%', 'LIKE');
break;
default:
drupal_not_found();
diff --git a/modules/search/search.extender.inc b/modules/search/search.extender.inc
index 99a96057e3ec..05daa78503b4 100644
--- a/modules/search/search.extender.inc
+++ b/modules/search/search.extender.inc
@@ -442,4 +442,4 @@ public function execute()
return $this->query->execute();
}
-}
\ No newline at end of file
+}
diff --git a/modules/taxonomy/taxonomy.module b/modules/taxonomy/taxonomy.module
index d7ee54ba623d..a6ea124d0a68 100644
--- a/modules/taxonomy/taxonomy.module
+++ b/modules/taxonomy/taxonomy.module
@@ -813,6 +813,7 @@ protected function buildQuery() {
foreach ($conditions as $key => $condition) {
if ($condition['field'] == 'base.name') {
$conditions[$key]['operator'] = 'LIKE';
+ $conditions[$key]['value'] = db_like($conditions[$key]['value']);
}
}
}
diff --git a/modules/taxonomy/taxonomy.pages.inc b/modules/taxonomy/taxonomy.pages.inc
index 712e8bc75932..4b65472ef9ef 100644
--- a/modules/taxonomy/taxonomy.pages.inc
+++ b/modules/taxonomy/taxonomy.pages.inc
@@ -102,13 +102,11 @@ function taxonomy_autocomplete($field_name, $tags_typed = '') {
if (!empty($tags_typed)) {
$query->condition('t.name', $tags_typed, 'NOT IN');
}
+ // Select rows that match by term name.
$tags_return = $query
->fields('t', array('tid', 'name'))
->condition('t.vid', $vids)
- // Select rows that match by term name.
- ->condition(db_or()
- ->where("t.name LIKE :last_string", array(':last_string' => '%' . $tag_last . '%'))
- )
+ ->condition('t.name', '%' . db_like($tag_last) . '%', 'LIKE')
->range(0, 10)
->execute()
->fetchAllKeyed();
--
GitLab