Quoting Funktion für Datumsangaben in sql queries.

Beherrscht:
- NULL fuer nicht definierte Werte
- current_date als Schlüsselwort
- Standardquoting fuer tainted strings (übernommen aus DBI.pm)

diff --git a/SL/Form.pm b/SL/Form.pm
index 0e59786d9a981d461560d873472b3e06e5cfec12..6a73aa415837c6eab10294426ab31e93564026a6 100644 (file)
--- a/SL/Form.pm
+++ b/SL/Form.pm
@@ -239,6 +239,15 @@ sub quote_html {
   return $str;
 }
 
+sub quote_db_date {
+  $main::lxdebug->enter_sub(2) and my ($self, $str) = @_;
+  $main::lxdebug->leave_sub(2) and return "NULL" unless defined $str;
+  $main::lxdebug->leave_sub(2) and return "current_date" if $str =~ /current_date/;
+  $str =~ s/'/''/g;
+  $main::lxdebug->leave_sub(2) and return "'$str'";
+}
+
+
 sub hide_form {
   my $self = shift;