[Koha-cvs] CVS: koha/C4 SearchMarc.pm,1.11,1.12
Paul POULAIN
tipaul at users.sourceforge.net
Wed Apr 14 21:45:50 CEST 2004
- Previous message: [Koha-cvs] CVS: koha/admin systempreferences.pl,1.17,1.18
- Next message: [Koha-cvs] CVS: koha/koha-tmpl/intranet-tmpl/default/en/acqui.simple addbiblio.tmpl,1.26,1.27 addbooks.tmpl,1.14,1.15 additem.tmpl,1.16,1.17 isbnsearch.tmpl,1.12,1.13
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Update of /cvsroot/koha/koha/C4
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv18305/C4
Modified Files:
SearchMarc.pm
Log Message:
bugfix => escaping correctly values in SQL
Index: SearchMarc.pm
===================================================================
RCS file: /cvsroot/koha/koha/C4/SearchMarc.pm,v
retrieving revision 1.11
retrieving revision 1.12
diff -C2 -r1.11 -r1.12
*** SearchMarc.pm 15 Mar 2004 14:34:18 -0000 1.11
--- SearchMarc.pm 14 Apr 2004 19:45:48 -0000 1.12
***************
*** 142,146 ****
# Finds the basic results without the NOT requests
! my ($sql_tables, $sql_where1, $sql_where2) = create_request(\@normal_tags, \@normal_and_or, \@normal_operator, \@normal_value);
my $sth;
--- 142,146 ----
# Finds the basic results without the NOT requests
! my ($sql_tables, $sql_where1, $sql_where2) = create_request($dbh,\@normal_tags, \@normal_and_or, \@normal_operator, \@normal_value);
my $sth;
***************
*** 160,164 ****
if( ($sth->rows) && $any_not ) # some results to tune up and some NOT statements
{
! ($not_sql_tables, $not_sql_where1, $not_sql_where2) = create_request(\@not_tags, \@not_and_or, \@not_operator, \@not_value);
my @tmpresult;
--- 160,164 ----
if( ($sth->rows) && $any_not ) # some results to tune up and some NOT statements
{
! ($not_sql_tables, $not_sql_where1, $not_sql_where2) = create_request($dbh,\@not_tags, \@not_and_or, \@not_operator, \@not_value);
my @tmpresult;
***************
*** 222,226 ****
sub create_request {
! my ($tags, $and_or, $operator, $value) = @_;
my $sql_tables; # will contain marc_subfield_table as m1,...
--- 222,226 ----
sub create_request {
! my ($dbh,$tags, $and_or, $operator, $value) = @_;
my $sql_tables; # will contain marc_subfield_table as m1,...
***************
*** 236,240 ****
if (@$operator[$i] eq "start") {
$sql_tables .= "marc_subfield_table as m$nb_table,";
! $sql_where1 .= "(m1.subfieldvalue like '@$value[$i]%'";
if (@$tags[$i]) {
$sql_where1 .=" and m1.tag+m1.subfieldcode in (@$tags[$i])";
--- 236,240 ----
if (@$operator[$i] eq "start") {
$sql_tables .= "marc_subfield_table as m$nb_table,";
! $sql_where1 .= "(m1.subfieldvalue like ".$dbh->quote("@$value[$i]%");
if (@$tags[$i]) {
$sql_where1 .=" and m1.tag+m1.subfieldcode in (@$tags[$i])";
***************
*** 243,247 ****
} elsif (@$operator[$i] eq "contains") {
$sql_tables .= "marc_word as m$nb_table,";
! $sql_where1 .= "(m1.word like '@$value[$i]%'";
if (@$tags[$i]) {
$sql_where1 .=" and m1.tag+m1.subfieldid in (@$tags[$i])";
--- 243,247 ----
} elsif (@$operator[$i] eq "contains") {
$sql_tables .= "marc_word as m$nb_table,";
! $sql_where1 .= "(m1.word like ".$dbh->quote("@$value[$i]%");
if (@$tags[$i]) {
$sql_where1 .=" and m1.tag+m1.subfieldid in (@$tags[$i])";
***************
*** 250,254 ****
} else {
$sql_tables .= "marc_subfield_table as m$nb_table,";
! $sql_where1 .= "(m1.subfieldvalue @$operator[$i] '@$value[$i]' ";
if (@$tags[$i]) {
$sql_where1 .=" and m1.tag+m1.subfieldcode in (@$tags[$i])";
--- 250,254 ----
} else {
$sql_tables .= "marc_subfield_table as m$nb_table,";
! $sql_where1 .= "(m1.subfieldvalue @$operator[$i] ".$dbh->quote("@$value[$i]");
if (@$tags[$i]) {
$sql_where1 .=" and m1.tag+m1.subfieldcode in (@$tags[$i])";
***************
*** 260,264 ****
$nb_table++;
$sql_tables .= "marc_subfield_table as m$nb_table,";
! $sql_where1 .= "@$and_or[$i] (m$nb_table.subfieldvalue like '@$value[$i]%'";
if (@$tags[$i]) {
$sql_where1 .=" and m$nb_table.tag+m$nb_table.subfieldcode in (@$tags[$i])";
--- 260,264 ----
$nb_table++;
$sql_tables .= "marc_subfield_table as m$nb_table,";
! $sql_where1 .= "@$and_or[$i] (m$nb_table.subfieldvalue like ".$dbh->quote("@$value[$i]%");
if (@$tags[$i]) {
$sql_where1 .=" and m$nb_table.tag+m$nb_table.subfieldcode in (@$tags[$i])";
***************
*** 270,274 ****
$nb_table++;
$sql_tables .= "marc_word as m$nb_table,";
! $sql_where1 .= "@$and_or[$i] (m$nb_table.word like '@$value[$i]%'";
if (@$tags[$i]) {
$sql_where1 .=" and m$nb_table.tag+m$nb_table.subfieldid in(@$tags[$i])";
--- 270,274 ----
$nb_table++;
$sql_tables .= "marc_word as m$nb_table,";
! $sql_where1 .= "@$and_or[$i] (m$nb_table.word like ".$dbh->quote("@$value[$i]%");
if (@$tags[$i]) {
$sql_where1 .=" and m$nb_table.tag+m$nb_table.subfieldid in(@$tags[$i])";
***************
*** 277,281 ****
$sql_where2 .= "m1.bibid=m$nb_table.bibid and ";
} else {
! $sql_where1 .= "@$and_or[$i] (m$nb_table.word like '@$value[$i]%'";
if (@$tags[$i]) {
$sql_where1 .=" and m$nb_table.tag+m$nb_table.subfieldid in (@$tags[$i])";
--- 277,281 ----
$sql_where2 .= "m1.bibid=m$nb_table.bibid and ";
} else {
! $sql_where1 .= "@$and_or[$i] (m$nb_table.word like ".$dbh->quote("@$value[$i]%");
if (@$tags[$i]) {
$sql_where1 .=" and m$nb_table.tag+m$nb_table.subfieldid in (@$tags[$i])";
***************
*** 287,291 ****
$nb_table++;
$sql_tables .= "marc_subfield_table as m$nb_table,";
! $sql_where1 .= "@$and_or[$i] (m$nb_table.subfieldvalue @$operator[$i] '@$value[$i]'";
if (@$tags[$i]) {
$sql_where1 .=" and m$nb_table.tag+m$nb_table.subfieldcode in (@$tags[$i])";
--- 287,291 ----
$nb_table++;
$sql_tables .= "marc_subfield_table as m$nb_table,";
! $sql_where1 .= "@$and_or[$i] (m$nb_table.subfieldvalue @$operator[$i] ".$dbh->quote(@$value[$i]);
if (@$tags[$i]) {
$sql_where1 .=" and m$nb_table.tag+m$nb_table.subfieldcode in (@$tags[$i])";
- Previous message: [Koha-cvs] CVS: koha/admin systempreferences.pl,1.17,1.18
- Next message: [Koha-cvs] CVS: koha/koha-tmpl/intranet-tmpl/default/en/acqui.simple addbiblio.tmpl,1.26,1.27 addbooks.tmpl,1.14,1.15 additem.tmpl,1.16,1.17 isbnsearch.tmpl,1.12,1.13
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the Koha-cvs
mailing list