fix: select values with single quotes

2023-01-12 14:36:37 +01:00 · 2023-01-12 14:36:37 +01:00 · e1a0f112a2
commit e1a0f112a2
parent 23cf1b54e4
1 changed files with 3 additions and 2 deletions
--- a/BancaDati/BancaDati.php
+++ b/BancaDati/BancaDati.php
@ -51,7 +51,6 @@ class BancaDati {
        $column = trim($column, ",");

        $sql = "INSERT INTO $table ($column) VALUES ($value);";
-        var_dump($sql);
        try {
            $sth = $this->pdo->prepare($sql);
            $sth->execute();
@ -109,9 +108,10 @@ class BancaDati {
            if($where != ""){
                $where .= " AND ";
            }
-            $where .= $col . "=" . $v;
+            $where .= $col . "=" . "'" . $v . "'";
        }
        $sql = "SELECT * FROM ".$table." WHERE ".$where;
+        var_dump($sql);
        if(isset($order["by"])){
            $sql .= " ORDER BY ".$order["by"];
        }
@ -121,6 +121,7 @@ class BancaDati {
        try {
            return $this->pdo->query($sql);
        }catch (PDOException $e){
+            var_dump($e);
            die;
        }
    }