Additional Information | Proposition for correction in version 1.0.7
core/database_api.php
line 148 : / insert function /
--------------------
# in Oracle... An empty string is NULL.
function db_test_string( $p_field, $value='', $test='='){
$t_db_type = config_get( 'db_type' );
switch( $t_db_type ) {
case 'mssql':
case 'odbc_mssql':
case 'mysql':
case 'mysqli':
case 'postgres':
case 'postgres64':
case 'postgres7':
case 'pgsql':
case 'mysql':
return " $p_field = '".$value."' ";
case 'oci8':
if ($value<>'')
return " $p_field ".$test." '".$value."'";
else
return " $p_field ".(($test!="<>")&&($test!="!=")?"IS":"IS NOT")." NULL ";
default:
error_parameters( 'db_type', $t_db_type );
trigger_error( ERROR_CONFIG_OPT_INVALID, ERROR );
}
}
# --------------------
# in Oracle... An empty string is NULL.
function empty_if_null( $p_row){
foreach ($p_row as $key => $val)
{
if ($val==null) { $p_row[$key]=''; }
}
return $p_row;
}
line 163 :
$test = empty_if_null($p_result->GetRowAssoc(false));
line 192 : / insert code /
if (isset($p_table) && (config_get( 'db_type' )=='oci8') ) {
$query = "SELECT max(ID) from ".$p_table;
$result = db_query( $query );
return db_result($result);
}
return $g_db->Insert_ID( );
line 196-200 :
function db_table_exists( $p_table_name ) {
global $g_db;
$table = $g_db->MetaTables( "TABLE" );
if (is_array($table))
{
foreach ($table as $key => $val)
$table[$key]=strtoupper($val);
}
return in_array ( strtoupper($p_table_name) , $table) ;
}
line 283 - 284 : / insert code /
function db_prepare_string( $p_string ) {
global $g_db;
$t_db_type = config_get( 'db_type' );
switch( $t_db_type ) {
case 'oci8' :
line 390 : / insert code /
case 'oci8':
return "(($p_date1 - $p_date2)" . $p_limitstring . ")";
core/authentication_api.php
line 349 :
WHERE ".db_test_string('cookie_string',$c_cookie_string);
line 441 :
WHERE ".db_test_string('cookie_string',$c_cookie_string);
line 472 :
WHERE ".db_test_string('cookie_string',$c_cookie_string);
core/custom_field_api.php
line 165 :
WHERE ".db_test_string("name",$c_name);
line 317 :
$query .= db_test_string("name",$c_name);
line 595 :
$query = "SELECT id FROM $t_custom_field_table WHERE ".db_test_string("name",$c_field_name);
line 646 : / delete string "as" /
FROM $t_custom_field_table cft, $t_user_table ut, $t_project_table pt, $t_custom_field_project_table cfpt
core/filter_api.php
line 2092 :
AND ".db_test_string("name",$c_name);
line 2104 :
AND ".db_test_string("name",$c_name);
line 2193 :
AND ".db_test_string("name","");
line 2280 :
AND ".db_test_string("name","");
line 2311 :
AND ".db_test_string("name", "", "!=")."
core/user_api.php
line 120:
WHERE ".db_test_string('username',$c_username);
line 159 :
WHERE ".db_test_string('realname',$c_realname);
admin/copy_filed.php
line 52 :
$query = 'SELECT * FROM ' . $t_string_table . ' WHERE field_id = ' . $f_source_field_id . ' and '.db_test_string('value','','<>');
admin/move_db2disk.php
line 69 :
$query = 'SELECT * FROM ' . $t_file_table . ' WHERE '.db_test_string('content','','<>');
admin/schema.php
line 227 :
if ($f_db_type!='oci8') { $upgrade[] = Array('CreateIndexSQL',Array('idx_project_id',config_get('mantis_project_table'),'id')); }
admin/install.php
line 183 :
<?php if ($f_db_type!='oci8') {
print_test( 'Setting Database Hostname', '' !== $f_hostname , true, 'host name is blank' );
}
?>
line 264 :
switch ($f_db_type) {
case 'oci8':
$t_result = @$g_db->Connect('', $f_admin_username, $f_admin_password, $f_database_name);
if ($t_result) {$f_hostname = '';}
break;
default:
$t_result = @$g_db->Connect($f_hostname, $f_admin_username, $f_admin_password);
}
line 303-304 : /insert code/
case 'oci8':
line 551-552 : /insert code/
if ($f_db_type=='oci8')
echo htmlentities( $sql ) . "\r\n/\r\n";
else
line 568 :
echo 'INSERT INTO '.$g_mantis_config_table.' ( value, type, access_reqd, config_id, project_id, user_id ) VALUES (\'' . $lastid . '\', 1, 90, \'database_version\', 20, 0 );' . "\r\n"; |
---|