Added quotes around all primary values put into SQL WHERE statements so as to allow non-numeric primary keys.

peejeh · peejeh · commit e813df017026 · 2008-07-20T12:28:18.000Z
diff --git a/phprestsql.php b/phprestsql.php
@@ -24,7 +24,7 @@
  * PHP REST SQL class
  * The base class for the Rest SQL system that opens up a REST interface to a MySQL database.
  */
-class PHPRestSQL {
+class PHPRestSQfL {
     
     /**
      * Parsed configuration file
@@ -292,7 +292,7 @@ function post() {
                     $values = substr($values, 0, -2);
                     $where = '';
                     foreach($primary as $key => $pri) {
-                        $where .= $pri.' = '.$this->uid[$key].' AND ';
+                        $where .= $pri.' = \''.$this->uid[$key].'\' AND ';
                     }
                     $where = substr($where, 0, -5);
                     $resource = $this->db->updateRow($this->table, $values, $where);
@@ -431,7 +431,7 @@ function delete() {
             if ($primary && count($primary) == count($this->uid)) { // delete a row
                 $where = '';
                 foreach($primary as $key => $pri) {
-                    $where .= $pri.' = '.$this->uid[$key].' AND ';
+                    $where .= $pri.' = \''.$this->uid[$key].'\' AND ';
                 }
                 $where = substr($where, 0, -5);
                 $resource = $this->db->deleteRow($this->table, $where);
