From 282dff4f18672c22f171768a983a740d1a8e0096 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Wed, 17 Apr 2013 13:33:42 -0400
Subject: [PATCH] Add rcube_db::escape() method, fix escapeSimple() to use escape instead of quote()

---
 program/lib/Roundcube/rcube_db.php |   28 ++++++++++++++++++++++------
 1 files changed, 22 insertions(+), 6 deletions(-)

diff --git a/program/lib/Roundcube/rcube_db.php b/program/lib/Roundcube/rcube_db.php
index a9163cb..9cda023 100644
--- a/program/lib/Roundcube/rcube_db.php
+++ b/program/lib/Roundcube/rcube_db.php
@@ -634,6 +634,22 @@
     }
 
     /**
+     * Escapes a string so it can be safely used in a query
+     *
+     * @param string $str A string to escape
+     *
+     * @return string Escaped string for use in a query
+     */
+    public function escape($str)
+    {
+        if (is_null($str)) {
+            return 'NULL';
+        }
+
+        return substr($this->quote($str), 1, -1);
+    }
+
+    /**
      * Quotes a string so it can be safely used as a table or column name
      *
      * @param string $str Value to quote
@@ -648,17 +664,17 @@
     }
 
     /**
-     * Quotes a string so it can be safely used as a table or column name
+     * Escapes a string so it can be safely used in a query
      *
-     * @param string $str Value to quote
+     * @param string $str A string to escape
      *
-     * @return string Quoted string for use in query
-     * @deprecated    Replaced by rcube_db::quote
-     * @see           rcube_db::quote
+     * @return string Escaped string for use in a query
+     * @deprecated    Replaced by rcube_db::escape
+     * @see           rcube_db::escape
      */
     public function escapeSimple($str)
     {
-        return $this->quote($str);
+        return $this->escape($str);
     }
 
     /**

--
Gitblit v1.9.1