summaryrefslogtreecommitdiff
path: root/services
diff options
context:
space:
mode:
Diffstat (limited to 'services')
-rw-r--r--services/bookmark2tagservice.php4
-rw-r--r--services/tag2tagservice.php11
-rw-r--r--services/tagservice.php9
3 files changed, 20 insertions, 4 deletions
diff --git a/services/bookmark2tagservice.php b/services/bookmark2tagservice.php
index 347df9c..7085d5f 100644
--- a/services/bookmark2tagservice.php
+++ b/services/bookmark2tagservice.php
@@ -41,8 +41,8 @@ class Bookmark2TagService {
}
}
- //clean tags from strange characters
- $tags = str_replace(array('"', '\'', '/'), "_", $tags);
+ $tagservice =& ServiceFactory::getServiceInstance('TagService');
+ $tags = $tagservice->normalize($tags);
$tags_count = is_array($tags)?count($tags):0;
diff --git a/services/tag2tagservice.php b/services/tag2tagservice.php
index 8c97606..4cce66d 100644
--- a/services/tag2tagservice.php
+++ b/services/tag2tagservice.php
@@ -16,11 +16,16 @@ class Tag2TagService {
}
function addLinkedTags($tag1, $tag2, $relationType, $uId) {
+ $tagservice =& ServiceFactory::getServiceInstance('TagService');
+ $tag1 = $tagservice->normalize($tag1);
+ $tag2 = $tagservice->normalize($tag2);
+
if($tag1 == $tag2 || strlen($tag1) == 0 || strlen($tag2) == 0
|| ($relationType != ">" && $relationType != "=")
|| ($this->existsLinkedTags($tag1, $tag2, $relationType, $uId))) {
return false;
}
+
$values = array('tag1' => $tag1, 'tag2' => $tag2, 'relationType'=> $relationType, 'uId'=> $uId);
$query = 'INSERT INTO '. $this->getTableName() .' '. $this->db->sql_build_array('INSERT', $values);
//die($query);
@@ -214,11 +219,17 @@ class Tag2TagService {
function existsLinkedTags($tag1, $tag2, $relationType, $uId) {
+
+ //$tag1 = mysql_real_escape_string($tag1);
+ //$tag2 = mysql_real_escape_string($tag2);
+
$query = "SELECT tag1, tag2, relationType, uId FROM `". $this->getTableName() ."`";
$query.= " WHERE tag1 = '" .$tag1 ."'";
$query.= " AND tag2 = '".$tag2."'";
$query.= " AND relationType = '". $relationType ."'";
$query.= " AND uId = '".$uId."'";
+
+ //echo($query."<br>\n");
return $this->db->sql_numrows($this->db->sql_query($query)) > 0;
}
diff --git a/services/tagservice.php b/services/tagservice.php
index 83349c6..504d13f 100644
--- a/services/tagservice.php
+++ b/services/tagservice.php
@@ -75,8 +75,13 @@ class TagService {
$this->db->sql_query($query);
return true;
}
-
-
+
+ /* normalize the input tags which could be a string or an array*/
+ function normalize($tags) {
+ //clean tags from strange characters
+ $tags = str_replace(array('"', '\'', '/'), "_", $tags);
+ return $tags;
+ }
function deleteAll() {
$query = 'TRUNCATE TABLE `'. $this->getTableName() .'`';