[pLog-svn] r6856 - plog/branches/lifetype-1.2/class/database
jondaley at devel.lifetype.net
jondaley at devel.lifetype.net
Sat Apr 11 15:12:25 EDT 2009
Author: jondaley
Date: 2009-04-11 15:12:25 -0400 (Sat, 11 Apr 2009)
New Revision: 6856
Modified:
plog/branches/lifetype-1.2/class/database/db.class.php
Log:
TODO comment about better database escaping
Modified: plog/branches/lifetype-1.2/class/database/db.class.php
===================================================================
--- plog/branches/lifetype-1.2/class/database/db.class.php 2009-04-11 18:38:02 UTC (rev 6855)
+++ plog/branches/lifetype-1.2/class/database/db.class.php 2009-04-11 19:12:25 UTC (rev 6856)
@@ -150,6 +150,10 @@
* The SQL parser makes sure that the escape token is not entered
* in the database so there is no need to modify the data when it
* is read from the database.
+ *
+ * TODO: use mysql_real_escape_string instead. Code should be refactored
+ * to account for different database engines. e.g. this function should
+ * be completely removed, and each db engine should quote its own stuff
*
* @param string $string
* @return string
More information about the pLog-svn
mailing list