Browse Source

Fix false positives when checking for an existing keyword

Resolves #234.
sqlitefix
Trevor Slocum 4 months ago
parent
commit
884c1aa262
  1. 4
      inc/database/mysql.php
  2. 4
      inc/database/mysqli.php
  3. 9
      inc/database/pdo.php
  4. 4
      inc/database/sqlite.php
  5. 4
      inc/database/sqlite3.php

4
inc/database/mysql.php

@ -107,7 +107,9 @@ function keywordByText($text) {
$result = mysql_query("SELECT * FROM `" . TINYIB_DBKEYWORDS . "` WHERE `text` = '" . mysql_real_escape_string($text) . "'");
if ($result) {
while ($keyword = mysql_fetch_assoc($result)) {
return $keyword;
if ($keyword['text'] === $text) {
return $keyword;
}
}
}
return array();

4
inc/database/mysqli.php

@ -124,7 +124,9 @@ function keywordByText($text) {
$result = mysqli_query($link, "SELECT * FROM `" . TINYIB_DBKEYWORDS . "` WHERE `text` = '" . mysqli_real_escape_string($link, $text) . "'");
if ($result) {
while ($keyword = mysqli_fetch_assoc($result)) {
return $keyword;
if ($keyword['text'] === $text) {
return $keyword;
}
}
}
return array();

9
inc/database/pdo.php

@ -85,12 +85,13 @@ function keywordByID($id) {
function keywordByText($text) {
$text = strtolower($text);
$keywords = array();
$results = pdoQuery("SELECT * FROM " . TINYIB_DBKEYWORDS . " WHERE text = ?", array($text));
while ($row = $results->fetch(PDO::FETCH_ASSOC)) {
$keywords[] = $row;
while ($keyword = $results->fetch(PDO::FETCH_ASSOC)) {
if ($keyword['text'] === $text) {
return $keyword;
}
}
return $keywords;
return array();
}
function allKeywords() {

4
inc/database/sqlite.php

@ -93,7 +93,9 @@ function keywordByText($text) {
$text = strtolower($text);
$result = sqlite_fetch_all(sqlite_query($GLOBALS["db"], "SELECT * FROM " . TINYIB_DBKEYWORDS . " WHERE text = '" . sqlite_escape_string($text) . "'"), SQLITE_ASSOC);
foreach ($result as $keyword) {
return $keyword;
if ($keyword['text'] === $text) {
return $keyword;
}
}
return array();
}

4
inc/database/sqlite3.php

@ -108,7 +108,9 @@ function keywordByText($text) {
$text = strtolower($text);
$result = $db->query("SELECT * FROM " . TINYIB_DBKEYWORDS . " WHERE text = '" . $db->escapeString($text) . "'");
while ($keyword = $result->fetchArray()) {
return $keyword;
if ($keyword['text'] === $text) {
return $keyword;
}
}
return array();
}

Loading…
Cancel
Save