diff options
Diffstat (limited to 'lib/mysql.php')
| -rw-r--r-- | lib/mysql.php | 20 |
1 files changed, 13 insertions, 7 deletions
diff --git a/lib/mysql.php b/lib/mysql.php index b169f1a..9b82a93 100644 --- a/lib/mysql.php +++ b/lib/mysql.php @@ -124,7 +124,7 @@ namespace { return mysqli_query( $link, - "USE " . mysqli_real_escape_string($link, $databaseName) + "USE `" . mysqli_real_escape_string($link, $databaseName) . "`" ) !== false; } @@ -159,19 +159,25 @@ namespace { function mysql_list_tables($databaseName, \mysqli $link = null) { $link = \Dshafik\MySQL::getConnection($link); - return mysql_query("SHOW TABLES FROM " . mysql_real_escape_string($databaseName, $link), $link); + $query = sprintf( + "SHOW TABLES FROM `%s`", + mysql_real_escape_string($databaseName, $link) + ); + return mysql_query($query, $link); } function mysql_list_fields($databaseName, $tableName, \mysqli $link = null) { $link = \Dshafik\MySQL::getConnection($link); - $result = mysql_query( - "SHOW COLUMNS FROM " . - mysqli_real_escape_string($link, $databaseName) . "." . - mysqli_real_escape_string($link, $tableName), - $link + + $query = sprintf( + "SHOW COLUMNS FROM `%s`.`%s`", + mysqli_real_escape_string($link, $databaseName), + mysqli_real_escape_string($link, $tableName) ); + $result = mysql_query($query, $link); + if ($result instanceof \mysqli_result) { $result->table = $tableName; return $result; |