|
|
@@ -40,21 +40,23 @@ class SQLiteProfilerStorage implements ProfilerStorageInterface
|
|
|
*/
|
|
|
public function find($ip, $url, $limit)
|
|
|
{
|
|
|
- $db = $this->initDb();
|
|
|
-
|
|
|
$criteria = array();
|
|
|
+ $args = array();
|
|
|
|
|
|
if ($ip = preg_replace('/[^\d\.]/', '', $ip)) {
|
|
|
- $criteria[] = " ip LIKE '%".$ip."%'";
|
|
|
+ $criteria[] = 'ip LIKE :ip';
|
|
|
+ $args[':ip'] = '%'.$ip.'%';
|
|
|
}
|
|
|
|
|
|
if ($url) {
|
|
|
- $criteria[] = " url LIKE '%".$db->escapeString($url)."%'";
|
|
|
+ $criteria[] = 'url LIKE :url ESCAPE "\"';
|
|
|
+ $args[':url'] = '%'.addcslashes($url, '%_').'%';
|
|
|
}
|
|
|
|
|
|
$criteria = $criteria ? 'WHERE '.implode(' AND ', $criteria) : '';
|
|
|
|
|
|
- $tokens = $this->fetch($db, 'SELECT token, ip, url, time FROM data '.$criteria.' ORDER BY time DESC LIMIT '.((integer) $limit));
|
|
|
+ $db = $this->initDb();
|
|
|
+ $tokens = $this->fetch($db, 'SELECT token, ip, url, time FROM data '.$criteria.' ORDER BY time DESC LIMIT '.((integer) $limit), $args);
|
|
|
$this->close($db);
|
|
|
|
|
|
return $tokens;
|
Victor Berchet