Fix SQL escape method

modifié: core/lib/Thelia/ImportExport/Export/Type/ProductPricesExport.php
2014-07-22 16:43:36 +02:00
parent f4891745a3
commit 496d0bb851
1 changed files with 10 additions and 0 deletions
--- a/core/lib/Thelia/ImportExport/Export/Type/ProductPricesExport.php
+++ b/core/lib/Thelia/ImportExport/Export/Type/ProductPricesExport.php
@@ -141,15 +141,25 @@ class ProductPricesExport extends ExportHandler
        return $data->loadModelCriteria($query);
    }

+    /**
+     * @param $str
+     * @return string
+     *
+     * Really escapes a string for SQL request.
+     */
    protected function real_escape($str)
    {
        $return = "CONCAT(";
        $len = strlen($str);
+
        for($i = 0; $i < $len; ++$i) {
            $return .= "CHAR(".ord($str[$i])."),";
        }
+
        if ($i > 0) {
            $return = substr($return, 0, -1);
+        } else {
+            $return = "\"\"";
        }
        $return .= ")";