|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2003-04-26 17:59 UTC] philip@php.net
[2003-05-21 20:12 UTC] sniper@php.net
|
|||||||||||||||||||||||||||
Copyright © 2001-2024 The PHP GroupAll rights reserved. |
Last updated: Sat Apr 20 08:01:30 2024 UTC |
OK... A WHERE-statement is sent to this method. Look how it's set in $where but when it's used the variable $sql is used instead!! The query becomes "UPDATE $table SET $set WHERE UPDATE $table SET $set" The error is marked with >>>> function buildManipSQL($table, $table_fields, $mode, $where = false) { if (count($table_fields)==0) { $this->raiseError(DB_ERROR_NEED_MORE_DATA); } $first = true; switch($mode) { case DB_AUTOQUERY_INSERT: $values = ''; $names = ''; while (list(, $value) = each($table_fields)) { if ($first) { $first = false; } else { $names .= ','; $values .= ','; } $names .= $value; $values .= '?'; } return "INSERT INTO $table ($names) VALUES ($values)"; break; case DB_AUTOQUERY_UPDATE: $set = ''; while (list(, $value) = each($table_fields)) { if ($first) { $first = false; } else { $set .= ','; } $set .= "$value = ?"; } $sql = "UPDATE $table SET $set"; if ($where) { >>>> $sql .= " WHERE $sql"; } return $sql; break; default: $this->raiseError(DB_ERROR_SYNTAX); } }