Italienische-Mafia/DirektiveDesDons
4
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: select values with single quotes

Browse Source
This commit is contained in:
Johannes Kantz 2023-01-12 14:36:37 +01:00
parent 23cf1b54e4
commit e1a0f112a2
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
BancaDati/BancaDati.php
View File

@ -51,7 +51,6 @@ class BancaDati {
$column = trim($column, ","); $column = trim($column, ",");
$sql = "INSERT INTO $table ($column) VALUES ($value);"; $sql = "INSERT INTO $table ($column) VALUES ($value);";
var_dump($sql);
try { try {
$sth = $this->pdo->prepare($sql); $sth = $this->pdo->prepare($sql);
$sth->execute(); $sth->execute();
@ -109,9 +108,10 @@ class BancaDati {
if($where != ""){ if($where != ""){
$where .= " AND "; $where .= " AND ";
} }
$where .= $col . "=" . $v; $where .= $col . "=" . "'" . $v . "'";
} }
$sql = "SELECT * FROM ".$table." WHERE ".$where; $sql = "SELECT * FROM ".$table." WHERE ".$where;
var_dump($sql);
if(isset($order["by"])){ if(isset($order["by"])){
$sql .= " ORDER BY ".$order["by"]; $sql .= " ORDER BY ".$order["by"];
} }
@ -121,6 +121,7 @@ class BancaDati {
try { try {
return $this->pdo->query($sql); return $this->pdo->query($sql);
}catch (PDOException $e){ }catch (PDOException $e){
var_dump($e);
die; die;
} }
} }