Another wretched adslashes problem. Roll on placeholder. Thanks to Howard Miller...
[moodle.git] / auth / db / auth.php
CommitLineData
b9ddb2d5 1<?php
2
3/**
4 * @author Martin Dougiamas
5 * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
6 * @package moodle multiauth
7 *
8 * Authentication Plugin: External Database Authentication
9 *
10 * Checks against an external database.
11 *
12 * 2006-08-28 File created.
13 */
14
8ae42b8d 15if (!defined('MOODLE_INTERNAL')) {
16 die('Direct access to this script is forbidden.'); /// It must be included from a Moodle page
17}
b9ddb2d5 18
19/**
20 * External database authentication plugin.
21 */
22class auth_plugin_db {
23
24 /**
25 * The configuration details for the plugin.
26 */
27 var $config;
28
29 /**
30 * Constructor.
31 */
32 function auth_plugin_db() {
33 $this->config = get_config('auth/db');
8ae42b8d 34 if (empty($this->config->extencoding)) {
35 $this->config->extencoding = 'utf-8';
36 }
b9ddb2d5 37 }
38
39 /**
40 * Returns true if the username and password work and false if they are
41 * wrong or don't exist.
42 *
8ae42b8d 43 * @param string $username The username (with system magic quotes)
44 * @param string $password The password (with system magic quotes)
45 *
46 * @return bool Authentication success or failure.
b9ddb2d5 47 */
48 function user_login ($username, $password) {
49
50 global $CFG;
51
8ae42b8d 52 $textlib = textlib_get_instance();
53 $extusername = $textlib->convert(stripslashes($username), 'utf-8', $this->config->extencoding);
54 $extpassword = $textlib->convert(stripslashes($password), 'utf-8', $this->config->extencoding);
55
93901eb4 56 // Connect to the external database (forcing new connection)
8ae42b8d 57 $authdb = &ADONewConnection($this->config->type);
58 if (!empty($this->config->debugauthdb)) {
59 $authdb->debug = true;
60 ob_start();//start output buffer to allow later use of the page headers
61 }
62 $authdb->Connect($this->config->host, $this->config->user, $this->config->pass, $this->config->name, true);
b9ddb2d5 63 $authdb->SetFetchMode(ADODB_FETCH_ASSOC);
8ae42b8d 64 if (!empty($this->config->setupsql)) {
65 $authdb->Execute($this->config->setupsql);
66 }
b9ddb2d5 67
8ae42b8d 68 if ($this->config->passtype === 'internal') {
b9ddb2d5 69 // lookup username externally, but resolve
70 // password locally -- to support backend that
71 // don't track passwords
8ae42b8d 72 $rs = $authdb->Execute("SELECT * FROM {$this->config->table}
73 WHERE {$this->config->fielduser} = '".$this->ext_addslashes($extusername)."' ");
b9ddb2d5 74 $authdb->Close();
75
76 if (!$rs) {
a9ad3633 77 print_error('auth_dbcantconnect','auth');
b9ddb2d5 78 return false;
79 }
8ae42b8d 80
b9ddb2d5 81 if ( $rs->RecordCount() ) {
82 // user exists exterally
83 // check username/password internally
b7b50143 84 if ($user = get_record('user', 'username', $username, 'mnethostid', $CFG->mnet_localhost_id)) {
b9ddb2d5 85 return validate_internal_user_password($user, $password);
86 }
87 } else {
88 // user does not exist externally
89 return false;
8ae42b8d 90 }
b9ddb2d5 91
8ae42b8d 92 } else {
b9ddb2d5 93 // normal case: use external db for passwords
94
95 if ($this->config->passtype === 'md5') { // Re-format password accordingly
8ae42b8d 96 $extpassword = md5($extpassword);
97 } else if ($this->config->passtype === 'sha1') {
98 $extpassword = sha1($extpassword);
b9ddb2d5 99 }
100
8ae42b8d 101 $rs = $authdb->Execute("SELECT * FROM {$this->config->table}
102 WHERE {$this->config->fielduser} = '".$this->ext_addslashes($extusername)."'
103 AND {$this->config->fieldpass} = '".$this->ext_addslashes($extpassword)."' ");
b9ddb2d5 104 $authdb->Close();
8ae42b8d 105
b9ddb2d5 106 if (!$rs) {
a9ad3633 107 print_error('auth_dbcantconnect','auth');
b9ddb2d5 108 return false;
109 }
8ae42b8d 110
b9ddb2d5 111 if ( $rs->RecordCount() ) {
112 return true;
113 } else {
114 return false;
8ae42b8d 115 }
116
b9ddb2d5 117 }
118 }
119
120
121 /**
122 * Reads any other information for a user from external database,
123 * then returns it in an array
8ae42b8d 124 *
125 * @param string $username (with system magic quotes)
b9ddb2d5 126 */
127 function get_userinfo($username) {
128
129 global $CFG;
130
8ae42b8d 131 $textlib = textlib_get_instance();
132 $extusername = $textlib->convert(stripslashes($username), 'utf-8', $this->config->extencoding);
133
93901eb4 134 // Connect to the external database (forcing new connection)
135 $authdb = &ADONewConnection($this->config->type);
8ae42b8d 136 if (!empty($this->config->debugauthdb)) {
137 $authdb->debug = true;
138 ob_start();//start output buffer to allow later use of the page headers
139 }
140 $authdb->Connect($this->config->host, $this->config->user, $this->config->pass, $this->config->name, true);
b9ddb2d5 141 $authdb->SetFetchMode(ADODB_FETCH_ASSOC);
8ae42b8d 142 if (!empty($this->config->setupsql)) {
143 $authdb->Execute($this->config->setupsql);
144 }
b9ddb2d5 145
8ae42b8d 146 $fields = array("firstname", "lastname", "email", "phone1", "phone2",
147 "department", "address", "city", "country", "description",
b9ddb2d5 148 "idnumber", "lang");
149
b9ddb2d5 150
0f02788f 151 //Array to map local fieldnames we want, to external fieldnames
152 $selectfields = array();
b9ddb2d5 153 foreach ($fields as $field) {
0f02788f 154 if (!empty($this->config->{'field_map_' . $field})) {
155 $selectfields[$field] = $this->config->{'field_map_' . $field};
156 }
157 }
158 $result = array();
159 //If at least one field is mapped from external db, get that mapped data:
160 if ($selectfields) {
161 $select = '';
162 foreach ($selectfields as $localname=>$externalname) {
163 $select .= ", $externalname AS $localname";
164 }
165 $select = 'SELECT ' . substr($select,1);
166 $sql = $select .
167 " FROM {$this->config->table}" .
8ae42b8d 168 " WHERE {$this->config->fielduser} = '".$this->ext_addslashes($extusername)."'";
0f02788f 169 if ($rs = $authdb->Execute($sql)) {
170 if ( $rs->RecordCount() == 1 ) {
931b5085 171 $fields_obj = rs_fetch_record($rs);
0f02788f 172 foreach ($selectfields as $localname=>$externalname) {
8ae42b8d 173 $result[$localname] = $textlib->convert($fields_obj->{$localname}, $this->config->extencoding, 'utf-8');
0f02788f 174 }
175 }
931b5085 176 rs_close($rs);
b9ddb2d5 177 }
178 }
179 $authdb->Close();
b9ddb2d5 180 return $result;
181 }
182
183
fb5c7739 184 /**
185 * Change a user's password
186 *
187 * @param object $user The user to update
188 * @param string $newpassword The new password
8ae42b8d 189 *
fb5c7739 190 * @return bool True on success
191 */
da249a30 192 function user_update_password($user, $newpassword) {
b9ddb2d5 193
b7b50143 194 global $CFG;
b9ddb2d5 195 if ($this->config->passtype === 'internal') {
8ae42b8d 196 update_internal_user_password($user, $newpassword, true);
b9ddb2d5 197 } else {
198 // we should have never been called!
199 return false;
200 }
201 }
202
203 /**
204 * syncronizes user fron external db to moodle user table
205 *
206 * Sync shouid be done by using idnumber attribute, not username.
207 * You need to pass firstsync parameter to function to fill in
208 * idnumbers if they dont exists in moodle user table.
8ae42b8d 209 *
b9ddb2d5 210 * Syncing users removes (disables) users that dont exists anymore in external db.
8ae42b8d 211 * Creates new users and updates coursecreator status of users.
212 *
b9ddb2d5 213 * @param bool $do_updates Optional: set to true to force an update of existing accounts
214 *
215 * This implementation is simpler but less scalable than the one found in the LDAP module.
216 *
217 */
8ae42b8d 218 function sync_users ($do_updates=false) {
219
b9ddb2d5 220 global $CFG;
221 $pcfg = get_config('auth/db');
222
223 ///
224 /// list external users
225 ///
226 $userlist = $this->get_userlist();
8ae42b8d 227 $quoteduserlist = implode("', '", addslashes_recursive($userlist));
b9ddb2d5 228 $quoteduserlist = "'$quoteduserlist'";
229
230 ///
231 /// delete obsolete internal users
232 ///
8ae42b8d 233
b9ddb2d5 234 // find obsolete users
235 if (count($userlist)) {
8ae42b8d 236 $sql = 'SELECT u.id, u.username
237 FROM ' . $CFG->prefix .'user u
b9ddb2d5 238 WHERE u.auth=\'db\' AND u.deleted=\'0\' AND u.username NOT IN (' . $quoteduserlist . ')';
239 } else {
8ae42b8d 240 $sql = 'SELECT u.id, u.username
241 FROM ' . $CFG->prefix .'user u
b9ddb2d5 242 WHERE u.auth=\'db\' AND u.deleted=\'0\' ';
243 }
8ae42b8d 244 $remove_users = get_records_sql($sql);
b9ddb2d5 245
246 if (!empty($remove_users)) {
a9ad3633 247 print_string('auth_dbuserstoremove','auth', count($remove_users));
248 echo "\n";
b9ddb2d5 249
250 begin_sql();
251 foreach ($remove_users as $user) {
252 //following is copy pasted from admin/user.php
253 //maybe this should moved to function in lib/datalib.php
8ae42b8d 254 $updateuser = new object();
b9ddb2d5 255 $updateuser->id = $user->id;
8ae42b8d 256 $updateuser->deleted = 1;
b9ddb2d5 257 $updateuser->timemodified = time();
8ae42b8d 258 if (update_record('user', $updateuser)) {
259 echo "\t";
260 print_string('auth_dbdeleteuser', 'auth', array($user->username, $user->id));
261 echo "\n";
b9ddb2d5 262 } else {
8ae42b8d 263 echo "\t";
264 print_string('auth_dbdeleteusererror', 'auth', $user->username);
265 echo "\n";
b9ddb2d5 266 }
267 //copy pasted part ends
8ae42b8d 268 }
b9ddb2d5 269 commit_sql();
8ae42b8d 270 }
271 unset($remove_users); // free mem!
b9ddb2d5 272
273 if (!count($userlist)) {
274 // exit right here
275 // nothing else to do
276 return true;
277 }
278
279 ///
280 /// update existing accounts
281 ///
282 if ($do_updates) {
283 // narrow down what fields we need to update
284 $all_keys = array_keys(get_object_vars($this->config));
285 $updatekeys = array();
286 foreach ($all_keys as $key) {
287 if (preg_match('/^field_updatelocal_(.+)$/',$key, $match)) {
288 if ($this->config->{$key} === 'onlogin') {
289 array_push($updatekeys, $match[1]); // the actual key name
290 }
291 }
292 }
293 // print_r($all_keys); print_r($updatekeys);
294 unset($all_keys); unset($key);
295
296 // only go ahead if we actually
297 // have fields to update locally
298 if (!empty($updatekeys)) {
8ae42b8d 299 $sql = 'SELECT u.id, u.username
300 FROM ' . $CFG->prefix .'user u
b9ddb2d5 301 WHERE u.auth=\'db\' AND u.deleted=\'0\' AND u.username IN (' . $quoteduserlist . ')';
8ae42b8d 302 if ($update_users = get_records_sql($sql)) {
303
304 foreach ($update_users as $user) {
305 $this->db_update_user_record(addslashes($user->username), $updatekeys);
306 }
307 unset($update_users); // free memory
b9ddb2d5 308 }
b9ddb2d5 309 }
310 }
311
312
313 ///
314 /// create missing accounts
315 ///
316 // NOTE: this is very memory intensive
317 // and generally inefficient
8ae42b8d 318 $sql = 'SELECT u.id, u.username
319 FROM ' . $CFG->prefix .'user u
b9ddb2d5 320 WHERE u.auth=\'db\' AND u.deleted=\'0\'';
321
322 $users = get_records_sql($sql);
8ae42b8d 323
b9ddb2d5 324 // simplify down to usernames
325 $usernames = array();
326 foreach ($users as $user) {
327 array_push($usernames, $user->username);
328 }
329 unset($users);
330
331 $add_users = array_diff($userlist, $usernames);
332 unset($usernames);
333
334 if (!empty($add_users)) {
a9ad3633 335 print_string('auth_dbuserstoadd','auth',count($add_users));
336 echo "\n";
b9ddb2d5 337 begin_sql();
338 foreach($add_users as $user) {
339 $username = $user;
340 $user = $this->get_userinfo_asobj($user);
8ae42b8d 341
b9ddb2d5 342 // prep a few params
b7b50143 343 $user->username = $username;
344 $user->modified = time();
345 $user->confirmed = 1;
346 $user->auth = 'db';
347 $user->mnethostid = $CFG->mnet_localhost_id;
8ae42b8d 348 if (empty($user->lang)) {
349 $user->lang = $CFG->lang;
350 }
351
352 $user = addslashes_object($user);
b9ddb2d5 353 // maybe the user has been deleted before
b7b50143 354 if ($old_user = get_record('user', 'username', $user->username, 'deleted', 1, 'mnethostid', $user->mnethostid)) {
b9ddb2d5 355 $user->id = $old_user->id;
356 set_field('user', 'deleted', 0, 'username', $user->username);
8ae42b8d 357 echo "\t";
358 print_string('auth_dbrevive','auth',array(stripslashes($user->username), $user->id));
a9ad3633 359 echo "\n";
8ae42b8d 360 } elseif ($id = insert_record ('user',$user)) { // it is truly a new user
361 echo "\t";
362 print_string('auth_dbinsertuser','auth',array(stripslashes($user->username), $id));
a9ad3633 363 echo "\n";
b9ddb2d5 364 $user->id = $id;
365 // if relevant, tag for password generation
366 if ($this->config->passtype === 'internal') {
367 set_user_preference('auth_forcepasswordchange', 1, $id);
368 set_user_preference('create_password', 1, $id);
369 }
370 } else {
8ae42b8d 371 echo "\t";
a9ad3633 372 print_string('auth_dbinsertusererror', 'auth', $user->username);
373 echo "\n";
b9ddb2d5 374 }
b9ddb2d5 375 }
376 commit_sql();
377 unset($add_users); // free mem
378 }
379 return true;
380 }
381
382 function user_exists ($username) {
93901eb4 383
8ae42b8d 384 $textlib = textlib_get_instance();
385 $extusername = $textlib->convert(stripslashes($username), 'utf-8', $this->config->extencoding);
386
93901eb4 387 // Connect to the external database (forcing new connection)
388 $authdb = &ADONewConnection($this->config->type);
8ae42b8d 389 if (!empty($this->config->debugauthdb)) {
390 $authdb->debug = true;
391 ob_start();//start output buffer to allow later use of the page headers
392 }
393 $authdb->Connect($this->config->host, $this->config->user, $this->config->pass, $this->config->name, true);
b9ddb2d5 394 $authdb->SetFetchMode(ADODB_FETCH_ASSOC);
8ae42b8d 395 if (!empty($this->config->setupsql)) {
396 $authdb->Execute($this->config->setupsql);
397 }
b9ddb2d5 398
8ae42b8d 399 $rs = $authdb->Execute("SELECT * FROM {$this->config->table}
400 WHERE {$this->config->fielduser} = '".$this->ext_addslashes($extusername)."' ");
b9ddb2d5 401 $authdb->Close();
402
403 if (!$rs) {
a9ad3633 404 print_error('auth_dbcantconnect','auth');
b9ddb2d5 405 return false;
406 }
8ae42b8d 407
b9ddb2d5 408 if ( $rs->RecordCount() ) {
409 // user exists exterally
b9ddb2d5 410 return $rs->RecordCount();
411 } else {
412 // user does not exist externally
413 return false;
8ae42b8d 414 }
b9ddb2d5 415 }
416
417
418 function get_userlist() {
93901eb4 419
420 // Connect to the external database (forcing new connection)
421 $authdb = &ADONewConnection($this->config->type);
8ae42b8d 422 if (!empty($this->config->debugauthdb)) {
423 $authdb->debug = true;
424 ob_start();//start output buffer to allow later use of the page headers
425 }
426 $authdb->Connect($this->config->host, $this->config->user, $this->config->pass, $this->config->name, true);
b9ddb2d5 427 $authdb->SetFetchMode(ADODB_FETCH_ASSOC);
8ae42b8d 428 if (!empty($this->config->setupsql)) {
429 $authdb->Execute($this->config->setupsql);
430 }
b9ddb2d5 431
432 // fetch userlist
433 $rs = $authdb->Execute("SELECT {$this->config->fielduser} AS username
434 FROM {$this->config->table} ");
435 $authdb->Close();
436
437 if (!$rs) {
a9ad3633 438 print_error('auth_dbcantconnect','auth');
b9ddb2d5 439 return false;
440 }
8ae42b8d 441
b9ddb2d5 442 if ( $rs->RecordCount() ) {
443 $userlist = array();
c024b94b 444 while ($rec = rs_fetch_next_record($rs)) {
445 array_push($userlist, $rec->username);
b9ddb2d5 446 }
447 return $userlist;
448 } else {
449 return array();
8ae42b8d 450 }
b9ddb2d5 451 }
452
453 /**
454 * reads userinformation from DB and return it in an object
455 *
8ae42b8d 456 * @param string $username username (with system magic quotes)
b9ddb2d5 457 * @return array
458 */
459 function get_userinfo_asobj($username) {
460 $user_array = truncate_userinfo($this->get_userinfo($username));
8ae42b8d 461 $user = new object();
b9ddb2d5 462 foreach($user_array as $key=>$value) {
463 $user->{$key} = $value;
464 }
465 return $user;
466 }
467
8ae42b8d 468 /**
469 * will update a local user record from an external source.
470 * is a lighter version of the one in moodlelib -- won't do
b9ddb2d5 471 * expensive ops such as enrolment
472 *
8ae42b8d 473 * If you don't pass $updatekeys, there is a performance hit and
b9ddb2d5 474 * values removed from DB won't be removed from moodle.
8ae42b8d 475 *
476 * @param string $username username (with system magic quotes)
b9ddb2d5 477 */
478 function db_update_user_record($username, $updatekeys=false) {
b7b50143 479 global $CFG;
b9ddb2d5 480
481 $pcfg = get_config('auth/db');
482
483 //just in case check text case
484 $username = trim(moodle_strtolower($username));
8ae42b8d 485
b9ddb2d5 486 // get the current user record
b7b50143 487 $user = get_record('user', 'username', $username, 'mnethostid', $CFG->mnet_localhost_id);
b9ddb2d5 488 if (empty($user)) { // trouble
489 error_log("Cannot update non-existent user: $username");
a9ad3633 490 print_error('auth_dbusernotexist','auth',$username);
b9ddb2d5 491 die;
492 }
493
b7b50143 494 // Ensure userid is not overwritten
495 $userid = $user->id;
496
8ae42b8d 497 // TODO: this had a function_exists() - now we have a $this
b9ddb2d5 498 if ($newinfo = $this->get_userinfo($username)) {
499 $newinfo = truncate_userinfo($newinfo);
8ae42b8d 500
b9ddb2d5 501 if (empty($updatekeys)) { // all keys? this does not support removing values
502 $updatekeys = array_keys($newinfo);
503 }
8ae42b8d 504
b9ddb2d5 505 foreach ($updatekeys as $key) {
b9ddb2d5 506 if (isset($newinfo[$key])) {
507 $value = $newinfo[$key];
b9ddb2d5 508 } else {
509 $value = '';
510 }
8ae42b8d 511
512 if (!empty($this->config->{'field_updatelocal_' . $key})) {
b9ddb2d5 513 if ($user->{$key} != $value) { // only update if it's changed
8ae42b8d 514 set_field('user', $key, addslashes($value), 'id', $userid);
b9ddb2d5 515 }
516 }
517 }
518 }
b7b50143 519 return get_record_select("user", "id = '$userid' AND deleted <> '1'");
b9ddb2d5 520 }
521
8ae42b8d 522 /**
523 * A chance to validate form data, and last chance to
524 * do stuff before it is inserted in config_plugin
525 */
526 function validate_form(&$form, &$err) {
150b5fb0 527 if ($form->passtype === 'internal') {
b9ddb2d5 528 $this->config->changepasswordurl = '';
529 set_config('changepasswordurl', '', 'auth/db');
530 }
531 return true;
532 }
533
534 /**
535 * Returns true if this authentication plugin is 'internal'.
536 *
537 * @returns bool
538 */
539 function is_internal() {
540 return false;
541 }
542
543 /**
544 * Returns true if this authentication plugin can change the user's
545 * password.
546 *
547 * @returns bool
548 */
549 function can_change_password() {
550 return ($this->config->passtype === 'internal');
551 }
552
553 /**
554 * Returns the URL for changing the user's pw, or false if the default can
555 * be used.
556 *
557 * @returns bool
558 */
559 function change_password_url() {
560 return $this->config->changepasswordurl;
561 }
562
563 /**
564 * Prints a form for configuring this authentication plugin.
565 *
566 * This function is called from admin/auth.php, and outputs a full page with
567 * a form for configuring this plugin.
568 *
569 * @param array $page An object containing all the data for this page.
570 */
571 function config_form($config, $err) {
8ae42b8d 572 include 'config.html';
b9ddb2d5 573 }
574
575 /**
576 * Processes and stores configuration data for this authentication plugin.
577 */
578 function process_config($config) {
579 // set to defaults if undefined
580 if (!isset($config->host)) {
8ae42b8d 581 $config->host = 'localhost';
b9ddb2d5 582 }
583 if (!isset($config->type)) {
8ae42b8d 584 $config->type = 'mysql';
585 }
586 if (!isset($config->sybasequoting)) {
587 $config->sybasequoting = 0;
b9ddb2d5 588 }
589 if (!isset($config->name)) {
8ae42b8d 590 $config->name = '';
b9ddb2d5 591 }
592 if (!isset($config->user)) {
8ae42b8d 593 $config->user = '';
b9ddb2d5 594 }
595 if (!isset($config->pass)) {
8ae42b8d 596 $config->pass = '';
b9ddb2d5 597 }
598 if (!isset($config->table)) {
8ae42b8d 599 $config->table = '';
b9ddb2d5 600 }
601 if (!isset($config->fielduser)) {
8ae42b8d 602 $config->fielduser = '';
b9ddb2d5 603 }
604 if (!isset($config->fieldpass)) {
8ae42b8d 605 $config->fieldpass = '';
b9ddb2d5 606 }
607 if (!isset($config->passtype)) {
8ae42b8d 608 $config->passtype = 'plaintext';
609 }
610 if (!isset($config->extencoding)) {
611 $config->extencoding = 'utf-8';
612 }
613 if (!isset($config->setupsql)) {
614 $config->setupsql = '';
615 }
616 if (!isset($config->debugauthdb)) {
617 $config->debugauthdb = 0;
b9ddb2d5 618 }
619 if (!isset($config->changepasswordurl)) {
620 $config->changepasswordurl = '';
621 }
622
8ae42b8d 623 $config = stripslashes_recursive($config);
b9ddb2d5 624 // save settings
8ae42b8d 625 set_config('host', $config->host, 'auth/db');
626 set_config('type', $config->type, 'auth/db');
627 set_config('sybasequoting', $config->sybasequoting, 'auth/db');
628 set_config('name', $config->name, 'auth/db');
629 set_config('user', $config->user, 'auth/db');
630 set_config('pass', $config->pass, 'auth/db');
631 set_config('table', $config->table, 'auth/db');
632 set_config('fielduser', $config->fielduser, 'auth/db');
633 set_config('fieldpass', $config->fieldpass, 'auth/db');
634 set_config('passtype', $config->passtype, 'auth/db');
635 set_config('extencoding', trim($config->extencoding), 'auth/db');
636 set_config('setupsql', trim($config->setupsql), 'auth/db');
637 set_config('debugauthdb', $config->debugauthdb, 'auth/db');
638 set_config('changepasswordurl', trim($config->changepasswordurl), 'auth/db');
639
b9ddb2d5 640 return true;
641 }
642
8ae42b8d 643 function ext_addslashes($text) {
644 // using custom made function for now
645 if (empty($this->config->sybasequoting)) {
646 $text = str_replace('\\', '\\\\', $text);
647 $text = str_replace(array('\'', '"', "\0"), array('\\\'', '\\"', '\\0'), $text);
648 } else {
649 $text = str_replace("'", "''", $text);
650 }
651 return $text;
652 }
b9ddb2d5 653}
654
655?>