diff options
| -rw-r--r-- | codebase/db_common.php | 19 |
1 files changed, 13 insertions, 6 deletions
diff --git a/codebase/db_common.php b/codebase/db_common.php index effc291..0b122bd 100644 --- a/codebase/db_common.php +++ b/codebase/db_common.php @@ -793,13 +793,20 @@ abstract class DBDataWrapper extends DataWrapper{ for ($i=0; $i < sizeof($rules); $i++) if (is_string($rules[$i])) array_push($sql,"(".$rules[$i].")"); - else - if ($rules[$i]["value"]!=""){ - if (!$rules[$i]["operation"]) - array_push($sql,$this->escape_name($rules[$i]["name"])." LIKE '%".$this->escape($rules[$i]["value"])."%'"); - else - array_push($sql,$this->escape_name($rules[$i]["name"])." ".$rules[$i]["operation"]." '".$this->escape($rules[$i]["value"])."'"); + else { + $filtervalue = $rules[$i]["value"]; + $filteroperation = $rules[$i]["operation"]; + if ($filtervalue!=""){ + if (!$filteroperation) + array_push($sql,$this->escape_name($rules[$i]["name"])." LIKE '%".$this->escape($filtervalue)."%'"); + else { + if ($filteroperation != "IN") + $filtervalue = "'".$this->escape($filtervalue)."'"; + + array_push($sql,$this->escape_name($rules[$i]["name"])." ".$filteroperation." ".$filtervalue); + } } + } if ($relation !== false && $relation !== ""){ $relsql = $this->escape_name($this->config->relation_id["db_name"])." = '".$this->escape($relation)."'"; |