fix label cache being double escaped on save

remove some old-style escaping
This commit is contained in:
Andrew Dolgov 2017-12-02 15:47:28 +03:00
parent 7a1872c1e0
commit e4befe6bf4
3 changed files with 8 additions and 10 deletions

View file

@ -976,12 +976,12 @@ class Article extends Handler_Protected {
$label_cache = $row["label_cache"]; $label_cache = $row["label_cache"];
if ($label_cache) { if ($label_cache) {
$label_cache = json_decode($label_cache, true); $tmp = json_decode($label_cache, true);
if ($label_cache["no-labels"] == 1) if (!$tmp || $tmp["no-labels"] == 1)
return $rv; return $rv;
else else
return $label_cache; return $tmp;
} }
} }

View file

@ -62,7 +62,7 @@ class Labels
if (!$labels) if (!$labels)
$labels = Article::get_article_labels($id); $labels = Article::get_article_labels($id);
$labels = db_escape_string(json_encode($labels)); $labels = json_encode($labels);
$sth = $pdo->prepare("UPDATE ttrss_user_entries SET $sth = $pdo->prepare("UPDATE ttrss_user_entries SET
label_cache = ? WHERE ref_id = ? AND owner_uid = ?"); label_cache = ? WHERE ref_id = ? AND owner_uid = ?");

View file

@ -977,10 +977,6 @@
$error_code = 5; $error_code = 5;
} }
if (db_escape_string("testTEST") != "testTEST") {
$error_code = 12;
}
return array("code" => $error_code, "message" => $ERRORS[$error_code]); return array("code" => $error_code, "message" => $ERRORS[$error_code]);
} }
@ -2218,6 +2214,8 @@
function filter_to_sql($filter, $owner_uid) { function filter_to_sql($filter, $owner_uid) {
$query = array(); $query = array();
$pdo = Db::pdo();
if (DB_TYPE == "pgsql") if (DB_TYPE == "pgsql")
$reg_qpart = "~"; $reg_qpart = "~";
else else
@ -2230,7 +2228,7 @@
if ($regexp_valid) { if ($regexp_valid) {
$rule['reg_exp'] = db_escape_string($rule['reg_exp']); $rule['reg_exp'] = $pdo->quote($rule['reg_exp']);
switch ($rule["type"]) { switch ($rule["type"]) {
case "title": case "title":
@ -2263,7 +2261,7 @@
if (isset($rule['inverse'])) $qpart = "NOT ($qpart)"; if (isset($rule['inverse'])) $qpart = "NOT ($qpart)";
if (isset($rule["feed_id"]) && $rule["feed_id"] > 0) { if (isset($rule["feed_id"]) && $rule["feed_id"] > 0) {
$qpart .= " AND feed_id = " . db_escape_string($rule["feed_id"]); $qpart .= " AND feed_id = " . $pdo->quote($rule["feed_id"]);
} }
if (isset($rule["cat_id"])) { if (isset($rule["cat_id"])) {