From cb7123c901bfc9cdd584d4ffc269b721923de9f7 Mon Sep 17 00:00:00 2001
From: mdtrooper <tres.14159@gmail.com>
Date: Thu, 12 May 2011 14:22:48 +0000
Subject: [PATCH] 2011-05-12 Miguel de Dios  <miguel.dedios@artica.es>

	* include/db/postgresql.php, include/db/mysql.php: fixed the scape of name
	of fields in where.



git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@4346 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
---
 pandora_console/ChangeLog                 | 5 +++++
 pandora_console/include/db/mysql.php      | 6 ++++--
 pandora_console/include/db/postgresql.php | 4 +++-
 3 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/pandora_console/ChangeLog b/pandora_console/ChangeLog
index 76c69b32e9..8581590d91 100644
--- a/pandora_console/ChangeLog
+++ b/pandora_console/ChangeLog
@@ -1,3 +1,8 @@
+2011-05-12 Miguel de Dios  <miguel.dedios@artica.es>
+
+	* include/db/postgresql.php, include/db/mysql.php: fixed the scape of name
+	of fields in where.
+
 2011-05-12 Miguel de Dios  <miguel.dedios@artica.es>
 
 	* include/functions_graph.php: fixed the image parameters for the progress
diff --git a/pandora_console/include/db/mysql.php b/pandora_console/include/db/mysql.php
index 5b67d014bd..38f87efa52 100644
--- a/pandora_console/include/db/mysql.php
+++ b/pandora_console/include/db/mysql.php
@@ -503,7 +503,9 @@ function mysql_db_format_array_where_clause_sql ($values, $join = 'AND', $prefix
 		}
 
 		if ($field[0] != "`") {
-			$field = "`".$field."`";
+			//If the field is as <table>.<field>, don't scape.
+			if (strstr($field, '.') === false)
+				$field = "`".$field."`";
 		}
 
 		if (is_null ($value)) {
@@ -668,7 +670,7 @@ function mysql_db_get_all_rows_filter ($table, $filter = array(), $fields = fals
 	elseif (! is_string ($fields)) {
 		return false;
 	}
-
+	
 	//TODO: Validate and clean filter options
 	if (is_array ($filter)) {
 		$filter = db_format_array_where_clause_sql ($filter, $where_join, ' WHERE ');
diff --git a/pandora_console/include/db/postgresql.php b/pandora_console/include/db/postgresql.php
index 7b71e0b277..33a6f7bc6f 100644
--- a/pandora_console/include/db/postgresql.php
+++ b/pandora_console/include/db/postgresql.php
@@ -540,7 +540,9 @@ function postgresql_db_format_array_where_clause_sql ($values, $join = 'AND', $p
 		}
 
 		if ($field[0] != "\"") {
-			$field = "\"".$field."\"";
+			//If the field is as <table>.<field>, don't scape.
+			if (strstr($field, '.') === false)
+				$field = "\"".$field."\"";
 		}
 
 		if (is_null ($value)) {