mirror of
https://we.phorge.it/source/phorge.git
synced 2025-01-11 07:11:04 +01:00
Support NO_BACKSLASH_ESCAPES in escapeStringForLikeClause()
Summary: Also simplify this clunky code. Test Plan: /owners/view/search/?name=%25 Reviewers: epriestley Reviewed By: epriestley CC: aran Differential Revision: https://secure.phabricator.com/D2114
This commit is contained in:
parent
a662b09e73
commit
7451c1f6c9
1 changed files with 1 additions and 12 deletions
|
@ -71,19 +71,8 @@ abstract class AphrontMySQLDatabaseConnectionBase
|
||||||
}
|
}
|
||||||
|
|
||||||
public function escapeStringForLikeClause($value) {
|
public function escapeStringForLikeClause($value) {
|
||||||
|
$value = addcslashes($value, '\%_');
|
||||||
$value = $this->escapeString($value);
|
$value = $this->escapeString($value);
|
||||||
// Ideally the query shouldn't be modified after safely escaping it,
|
|
||||||
// but we need to escape _ and % within LIKE terms.
|
|
||||||
$value = str_replace(
|
|
||||||
// Even though we've already escaped, we need to replace \ with \\
|
|
||||||
// because MYSQL unescapes twice inside a LIKE clause. See note
|
|
||||||
// at mysql.com. However, if the \ is being used to escape a single
|
|
||||||
// quote ('), then the \ should not be escaped. Thus, after all \
|
|
||||||
// are replaced with \\, we need to revert instances of \\' back to
|
|
||||||
// \'.
|
|
||||||
array('\\', '\\\\\'', '_', '%'),
|
|
||||||
array('\\\\', '\\\'', '\_', '\%'),
|
|
||||||
$value);
|
|
||||||
return $value;
|
return $value;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue