summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTyler Bello <tylerbello@users.sourceforge.net>2009-06-25 18:09:15 +0000
committerTyler Bello <tylerbello@users.sourceforge.net>2009-06-25 18:09:15 +0000
commitc97a3372f56e2a6a1d7409454a7efa44cc12ac0a (patch)
treebb7f856aa191178b1e6d43b6abda1410c6f7eb52
parent10fde0c85509e566e901a7ec13366c7644155190 (diff)
downloadboards-c97a3372f56e2a6a1d7409454a7efa44cc12ac0a.tar.gz
boards-c97a3372f56e2a6a1d7409454a7efa44cc12ac0a.tar.bz2
boards-c97a3372f56e2a6a1d7409454a7efa44cc12ac0a.zip
safe search of strings
-rw-r--r--BitBoardTopic.php9
1 files changed, 5 insertions, 4 deletions
diff --git a/BitBoardTopic.php b/BitBoardTopic.php
index ef188eb..260ae68 100644
--- a/BitBoardTopic.php
+++ b/BitBoardTopic.php
@@ -1,13 +1,13 @@
<?php
/**
- * $Header: /cvsroot/bitweaver/_bit_boards/BitBoardTopic.php,v 1.65 2009/05/29 21:10:22 tekimaki_admin Exp $
- * $Id: BitBoardTopic.php,v 1.65 2009/05/29 21:10:22 tekimaki_admin Exp $
+ * $Header: /cvsroot/bitweaver/_bit_boards/BitBoardTopic.php,v 1.66 2009/06/25 18:09:15 tylerbello Exp $
+ * $Id: BitBoardTopic.php,v 1.66 2009/06/25 18:09:15 tylerbello Exp $
*
* Messageboards class to illustrate best practices when creating a new bitweaver package that
* builds on core bitweaver functionality, such as the Liberty CMS engine
*
* @author spider <spider@steelsun.com>
- * @version $Revision: 1.65 $ $Date: 2009/05/29 21:10:22 $ $Author: tekimaki_admin $
+ * @version $Revision: 1.66 $ $Date: 2009/06/25 18:09:15 $ $Author: tylerbello $
* @package boards
*/
@@ -330,7 +330,8 @@ class BitBoardTopic extends LibertyMime {
$bindVars = array_merge ( $bindVars, $find );
} elseif( is_string( $find ) ) {
// or a string
- $whereSql .= " AND UPPER( lc.`title` ) LIKE '%". strtoupper( $find ). "%'";
+ $bindVars[] = '%'. strtoupper( $find ).'%';
+ $whereSql .= " AND UPPER( lc.`title` ) LIKE ?";
}
// if we have the board's board_id (b) we use that, or if we have its content_id we can use that