}
}
- static public function createTable($name,$definition){
- self::connect();
- self::$DBConnection->createTable($name,$definition);
- }
-
- static public function createConstraint($table,$name,$definition){
- self::connect();
- self::$DBConnection->createConstraint($table,$name,$definition);
+ /**
+ * escape strings so they can be used in queries
+ *
+ * @param string string
+ * @return string
+ */
+ static function escape($string){
+ OC_DB::connect();
+ return self::$DBConnection->escape($string);
}
}
}else{
$password=sha1($password);
$usernameclean=strtolower($username);
- $username=mysql_escape_string($username);
- $usernameclean=mysql_escape_string($usernameclean);
+ $username=OC_DB::escape($username);
+ $usernameclean=OC_DB::escape($usernameclean);
$query="INSERT INTO `users` (`user_id` ,`user_name` ,`user_name_clean` ,`user_password`) VALUES (NULL , '$username', '$usernameclean', '$password')";
$result=OC_DB::query($query);
return ($result)?true:false;
public static function login($username,$password){
$password=sha1($password);
$usernameclean=strtolower($username);
- $username=mysql_escape_string($username);
- $usernameclean=mysql_escape_string($usernameclean);
+ $username=OC_DB::escape($username);
+ $usernameclean=OC_DB::escape($usernameclean);
$query="SELECT user_id FROM users WHERE user_name_clean = '$usernameclean' AND user_password = '$password' LIMIT 1";
$result=OC_DB::select($query);
if(isset($result[0]) && isset($result[0]['user_id'])){
*/
public static function creategroup($groupname){
if(OC_USER::getgroupid($groupname)==0){
- $groupname=mysql_escape_string($groupname);
+ $groupname=OC_DB::escape($groupname);
$query="INSERT INTO `groups` (`group_id` ,`group_name`) VALUES (NULL , '$groupname')";
$result=OC_DB::query($query);
return ($result)?true:false;
*/
public static function getuserid($username){
$usernameclean=strtolower($username);
- $username=mysql_escape_string($username);
- $usernameclean=mysql_escape_string($usernameclean);
+ $username=OC_DB::escape($username);
+ $usernameclean=OC_DB::escape($usernameclean);
$query="SELECT user_id FROM users WHERE user_name_clean = '$usernameclean'";
$result=OC_DB::select($query);
if(!is_array($result)){
*
*/
public static function getgroupid($groupname){
- $groupname=mysql_escape_string($groupname);
+ $groupname=OC_DB::escape($groupname);
$query="SELECT group_id FROM groups WHERE group_name = '$groupname'";
$result=OC_DB::select($query);
if(!is_array($result)){
public static function checkpassword($username,$password){
$password=sha1($password);
$usernameclean=strtolower($username);
- $username=mysql_escape_string($username);
- $usernameclean=mysql_escape_string($usernameclean);
+ $username=OC_DB::escape($username);
+ $usernameclean=OC_DB::escape($usernameclean);
$query="SELECT user_id FROM 'users' WHERE user_name_clean = '$usernameclean' AND user_password = '$password' LIMIT 1";
$result=OC_DB::select($query);
if(isset($result[0]) && isset($result[0]['user_id']) && $result[0]['user_id']>0){