Merge branch 'platal-0.10.0'

[platal.git] / include / geoloc.inc.php

diff --git a/include/geoloc.inc.php b/include/geoloc.inc.php
index 758c0e8..00e8fa9 100644 (file)
--- a/include/geoloc.inc.php
+++ b/include/geoloc.inc.php
@@ -1,6 +1,6 @@
 <?php
 /***************************************************************************
- *  Copyright (C) 2003-2008 Polytechnique.org                              *
+ *  Copyright (C) 2003-2009 Polytechnique.org                              *
  *  http://opensource.polytechnique.org/                                   *
  *                                                                         *
  *  This program is free software; you can redistribute it and/or modify   *
@@ -116,9 +116,21 @@ function get_address_infos($txt)
     if (empty($infos['country'])) {
         $infos['country'] = '00';
     }
-    if (isset($infos['sql']) && $infos['sql'])
-       XDB::execute("REPLACE INTO  geoloc_city
-                           VALUES  ".$infos['sql']);
+    if (isset($infos['sql']) && $infos['sql']) {
+        $sql = explode(', ', trim($infos['sql'], '()'));
+        if (count($sql) == 16) {
+            for ($i = 0 ; $i < 16 ; ++$i) {
+                $sql[$i] = stripslashes(trim($sql[$i], ' \''));
+            }
+            XDB::execute("REPLACE INTO  geoloc_city
+                                VALUES  ({?}, {?}, {?}, {?}, {?}, {?},
+                                         {?}, {?}, {?}, {?}, {?}, {?},
+                                         {?}, {?}, {?}, {?})",
+                         $sql[0], $sql[1], $sql[2], $sql[3], $sql[4], $sql[5],
+                         $sql[6], $sql[7], $sql[8], $sql[9], $sql[10], $sql[11],
+                         $sql[12], $sql[13], $sql[14], $sql[15]);
+        }
+    }
     if (isset($infos['display']) && $infos['display'])
         XDB::execute("UPDATE  geoloc_pays
                          SET  display = {?}