diff options
| author | jfd <jfd@underverse> | 2012-07-30 20:46:14 +0200 |
|---|---|---|
| committer | Jörn Friedrich Dreyer <jfd@butonic.de> | 2012-07-31 18:53:05 +0200 |
| commit | ede464f05872574a703c36d8d976b5c97e55c23f (patch) | |
| tree | c075f46d52b905a93cb5d3137af5198de83d34f2 /lib/user | |
| parent | 3c5670b662ea9e5ee36146f10f63faaadacb8187 (diff) | |
| download | nextcloud-server-ede464f05872574a703c36d8d976b5c97e55c23f.tar.gz nextcloud-server-ede464f05872574a703c36d8d976b5c97e55c23f.zip | |
escape all identifiers with backticks
Diffstat (limited to 'lib/user')
| -rw-r--r-- | lib/user/database.php | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/lib/user/database.php b/lib/user/database.php index a69fe49a0b9..5464a4abfac 100644 --- a/lib/user/database.php +++ b/lib/user/database.php @@ -86,7 +86,7 @@ class OC_User_Database extends OC_User_Backend { */ public function deleteUser( $uid ){ // Delete user-group-relation - $query = OC_DB::prepare( "DELETE FROM `*PREFIX*users` WHERE uid = ?" ); + $query = OC_DB::prepare( "DELETE FROM `*PREFIX*users` WHERE `uid` = ?" ); $result = $query->execute( array( $uid )); return true; } @@ -103,7 +103,7 @@ class OC_User_Database extends OC_User_Backend { if( $this->userExists($uid) ){ $hasher=$this->getHasher(); $hash = $hasher->HashPassword($password.OC_Config::getValue('passwordsalt', '')); - $query = OC_DB::prepare( "UPDATE *PREFIX*users SET password = ? WHERE uid = ?" ); + $query = OC_DB::prepare( "UPDATE `*PREFIX*users` SET `password` = ? WHERE `uid` = ?" ); $result = $query->execute( array( $hash, $uid )); return true; @@ -123,7 +123,7 @@ class OC_User_Database extends OC_User_Backend { * returns the user id or false */ public function checkPassword( $uid, $password ){ - $query = OC_DB::prepare( "SELECT uid, password FROM *PREFIX*users WHERE uid = ?" ); + $query = OC_DB::prepare( "SELECT `uid`, `password` FROM `*PREFIX*users` WHERE `uid` = ?" ); $result = $query->execute( array( $uid)); $row=$result->fetchRow(); @@ -157,7 +157,7 @@ class OC_User_Database extends OC_User_Backend { * Get a list of all users. */ public function getUsers(){ - $query = OC_DB::prepare( "SELECT uid FROM *PREFIX*users" ); + $query = OC_DB::prepare( "SELECT `uid` FROM `*PREFIX*users`" ); $result = $query->execute(); $users=array(); @@ -173,7 +173,7 @@ class OC_User_Database extends OC_User_Backend { * @return boolean */ public function userExists($uid){ - $query = OC_DB::prepare( "SELECT * FROM `*PREFIX*users` WHERE uid = ?" ); + $query = OC_DB::prepare( "SELECT * FROM `*PREFIX*users` WHERE `uid` = ?" ); $result = $query->execute( array( $uid )); return $result->numRows() > 0; |