[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Koha-cvs] CVS: koha/C4 SearchMarc.pm,1.11,1.12
|
From: |
Paul POULAIN |
|
Subject: |
[Koha-cvs] CVS: koha/C4 SearchMarc.pm,1.11,1.12 |
|
Date: |
Wed, 14 Apr 2004 12:45:50 -0700 |
Update of /cvsroot/koha/koha/C4
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv18305/C4
Modified Files:
SearchMarc.pm
Log Message:
bugfix => escaping correctly values in SQL
Index: SearchMarc.pm
===================================================================
RCS file: /cvsroot/koha/koha/C4/SearchMarc.pm,v
retrieving revision 1.11
retrieving revision 1.12
diff -C2 -r1.11 -r1.12
*** SearchMarc.pm 15 Mar 2004 14:34:18 -0000 1.11
--- SearchMarc.pm 14 Apr 2004 19:45:48 -0000 1.12
***************
*** 142,146 ****
# Finds the basic results without the NOT requests
! my ($sql_tables, $sql_where1, $sql_where2) =
create_request(address@hidden, address@hidden, address@hidden, address@hidden);
my $sth;
--- 142,146 ----
# Finds the basic results without the NOT requests
! my ($sql_tables, $sql_where1, $sql_where2) =
create_request($dbh,address@hidden, address@hidden, address@hidden,
address@hidden);
my $sth;
***************
*** 160,164 ****
if( ($sth->rows) && $any_not ) # some results to tune up and some NOT
statements
{
! ($not_sql_tables, $not_sql_where1, $not_sql_where2) =
create_request(address@hidden, address@hidden, address@hidden, address@hidden);
my @tmpresult;
--- 160,164 ----
if( ($sth->rows) && $any_not ) # some results to tune up and some NOT
statements
{
! ($not_sql_tables, $not_sql_where1, $not_sql_where2) =
create_request($dbh,address@hidden, address@hidden, address@hidden,
address@hidden);
my @tmpresult;
***************
*** 222,226 ****
sub create_request {
! my ($tags, $and_or, $operator, $value) = @_;
my $sql_tables; # will contain marc_subfield_table as m1,...
--- 222,226 ----
sub create_request {
! my ($dbh,$tags, $and_or, $operator, $value) = @_;
my $sql_tables; # will contain marc_subfield_table as m1,...
***************
*** 236,240 ****
if (@$operator[$i] eq "start") {
$sql_tables .= "marc_subfield_table as
m$nb_table,";
! $sql_where1 .= "(m1.subfieldvalue like
'@$value[$i]%'";
if (@$tags[$i]) {
$sql_where1 .=" and
m1.tag+m1.subfieldcode in (@$tags[$i])";
--- 236,240 ----
if (@$operator[$i] eq "start") {
$sql_tables .= "marc_subfield_table as
m$nb_table,";
! $sql_where1 .= "(m1.subfieldvalue like
".$dbh->quote("@$value[$i]%");
if (@$tags[$i]) {
$sql_where1 .=" and
m1.tag+m1.subfieldcode in (@$tags[$i])";
***************
*** 243,247 ****
} elsif (@$operator[$i] eq "contains") {
$sql_tables .= "marc_word as
m$nb_table,";
! $sql_where1 .= "(m1.word like
'@$value[$i]%'";
if (@$tags[$i]) {
$sql_where1 .=" and
m1.tag+m1.subfieldid in (@$tags[$i])";
--- 243,247 ----
} elsif (@$operator[$i] eq "contains") {
$sql_tables .= "marc_word as
m$nb_table,";
! $sql_where1 .= "(m1.word like
".$dbh->quote("@$value[$i]%");
if (@$tags[$i]) {
$sql_where1 .=" and
m1.tag+m1.subfieldid in (@$tags[$i])";
***************
*** 250,254 ****
} else {
$sql_tables .= "marc_subfield_table as
m$nb_table,";
! $sql_where1 .= "(m1.subfieldvalue
@$operator[$i] '@$value[$i]' ";
if (@$tags[$i]) {
$sql_where1 .=" and
m1.tag+m1.subfieldcode in (@$tags[$i])";
--- 250,254 ----
} else {
$sql_tables .= "marc_subfield_table as
m$nb_table,";
! $sql_where1 .= "(m1.subfieldvalue
@$operator[$i] ".$dbh->quote("@$value[$i]");
if (@$tags[$i]) {
$sql_where1 .=" and
m1.tag+m1.subfieldcode in (@$tags[$i])";
***************
*** 260,264 ****
$nb_table++;
$sql_tables .= "marc_subfield_table as
m$nb_table,";
! $sql_where1 .= "@$and_or[$i]
(m$nb_table.subfieldvalue like '@$value[$i]%'";
if (@$tags[$i]) {
$sql_where1 .=" and
m$nb_table.tag+m$nb_table.subfieldcode in (@$tags[$i])";
--- 260,264 ----
$nb_table++;
$sql_tables .= "marc_subfield_table as
m$nb_table,";
! $sql_where1 .= "@$and_or[$i]
(m$nb_table.subfieldvalue like ".$dbh->quote("@$value[$i]%");
if (@$tags[$i]) {
$sql_where1 .=" and
m$nb_table.tag+m$nb_table.subfieldcode in (@$tags[$i])";
***************
*** 270,274 ****
$nb_table++;
$sql_tables .= "marc_word as
m$nb_table,";
! $sql_where1 .= "@$and_or[$i]
(m$nb_table.word like '@$value[$i]%'";
if (@$tags[$i]) {
$sql_where1 .=" and
m$nb_table.tag+m$nb_table.subfieldid in(@$tags[$i])";
--- 270,274 ----
$nb_table++;
$sql_tables .= "marc_word as
m$nb_table,";
! $sql_where1 .= "@$and_or[$i]
(m$nb_table.word like ".$dbh->quote("@$value[$i]%");
if (@$tags[$i]) {
$sql_where1 .=" and
m$nb_table.tag+m$nb_table.subfieldid in(@$tags[$i])";
***************
*** 277,281 ****
$sql_where2 .=
"m1.bibid=m$nb_table.bibid and ";
} else {
! $sql_where1 .= "@$and_or[$i]
(m$nb_table.word like '@$value[$i]%'";
if (@$tags[$i]) {
$sql_where1 .=" and
m$nb_table.tag+m$nb_table.subfieldid in (@$tags[$i])";
--- 277,281 ----
$sql_where2 .=
"m1.bibid=m$nb_table.bibid and ";
} else {
! $sql_where1 .= "@$and_or[$i]
(m$nb_table.word like ".$dbh->quote("@$value[$i]%");
if (@$tags[$i]) {
$sql_where1 .=" and
m$nb_table.tag+m$nb_table.subfieldid in (@$tags[$i])";
***************
*** 287,291 ****
$nb_table++;
$sql_tables .= "marc_subfield_table as
m$nb_table,";
! $sql_where1 .= "@$and_or[$i]
(m$nb_table.subfieldvalue @$operator[$i] '@$value[$i]'";
if (@$tags[$i]) {
$sql_where1 .=" and
m$nb_table.tag+m$nb_table.subfieldcode in (@$tags[$i])";
--- 287,291 ----
$nb_table++;
$sql_tables .= "marc_subfield_table as
m$nb_table,";
! $sql_where1 .= "@$and_or[$i]
(m$nb_table.subfieldvalue @$operator[$i] ".$dbh->quote(@$value[$i]);
if (@$tags[$i]) {
$sql_where1 .=" and
m$nb_table.tag+m$nb_table.subfieldcode in (@$tags[$i])";
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Koha-cvs] CVS: koha/C4 SearchMarc.pm,1.11,1.12,
Paul POULAIN <=
- Prev by Date:
[Koha-cvs] CVS: koha/admin systempreferences.pl,1.17,1.18
- Next by Date:
[Koha-cvs] CVS: koha/koha-tmpl/intranet-tmpl/default/en/acqui.simple addbiblio.tmpl,1.26,1.27 addbooks.tmpl,1.14,1.15 additem.tmpl,1.16,1.17 isbnsearch.tmpl,1.12,1.13
- Previous by thread:
[Koha-cvs] CVS: koha/admin systempreferences.pl,1.17,1.18
- Next by thread:
[Koha-cvs] CVS: koha/koha-tmpl/intranet-tmpl/default/en/acqui.simple addbiblio.tmpl,1.26,1.27 addbooks.tmpl,1.14,1.15 additem.tmpl,1.16,1.17 isbnsearch.tmpl,1.12,1.13
- Index(es):