escape 패턴이 정의되어 있을 경우에만 적용되도록 코드 수정

2014-07-09 10:12:06 +09:00
parent 967cfae906
commit 9823909cfd
1 changed files with 7 additions and 3 deletions
--- a/common.php
+++ b/common.php
@ -68,10 +68,14 @@ function array_map_deep($fn, $array)
 // SQL Injection 대응 문자열 필터링
 function sql_escape_string($str)
 {
-    $pattern = G5_ESCAPE_PATTERN;
+    if(defined('G5_ESCAPE_PATTERN') && defined('G5_ESCAPE_REPLACE')) {
-    $replace = G5_ESCAPE_REPLACE;
+        $pattern = G5_ESCAPE_PATTERN;
        $replace = G5_ESCAPE_REPLACE;
        if($pattern)
            $str = preg_replace($pattern, $replace, $str);
    }
    $str = preg_replace($pattern, $replace, $str);
    $str = call_user_func('addslashes', $str);
    return $str;