X-Git-Url: https://jasonwoof.com/gitweb/?a=blobdiff_plain;f=db.php;h=ddecff3752d724b828260e3f078976150b11aa0b;hb=66b97fc1bbcae31d1f503d491cb23d01659b7b4b;hp=8ce6527fb3abf1365672a5a108f5d405fa440bfd;hpb=e8eec562c1b6d3420c3d035c9abdd1303cfbba23;p=wfpl.git

diff --git a/db.php b/db.php
index 8ce6527..ddecff3 100644
--- a/db.php
+++ b/db.php
@@ -95,8 +95,10 @@ function db_send_query($sql) {
 #
 # %%  put a % in the output
 # %i  put an integer in the output (strips non-numeric digits, and puts in 0 if blank)
+# %f  put a floating point value in the output (strips non-numeric digits, puts in 0.0 if not valid)
 # %"  output double quotes, surrounding the variable which is encoded to be in there.
 # %s  output encoded to be in double quotes, but don't output the quotes
+# %$  output argument as-is, no encoding. Make sure you quote everything from the user!
 #
 # complex example: db_get_rows('mytable', 'id', 'where name=%" or company like "%%%s%%"', $name, $company_partial);
 
@@ -132,6 +134,18 @@ function _db_printf($str, $args) {
 			$int = format_int(array_shift($args));
 			if($int == '') $int = '0';
 			$out .= $int;
+		} elseif($chr == 'f') {
+			$arg = array_shift($args);
+			if(is_numeric($arg)) {
+				$arg = sprintf("%f", $arg);
+			}
+			$arg = format_decimal($arg);
+			if(strlen($arg) < 1) {
+				$arg = '0.0';
+			}
+			$out .= $arg;
+		} elseif($chr == '$') {
+			$out .= array_shift($args);
 		} else {
 			$out .= $chr;
 		}