Fix selecting single ad word bug, a=chris
Fix selecting single ad word bug, a=chris
diff --git a/src/models/AdvertisementModel.php b/src/models/AdvertisementModel.php
index ad8129c13..84d2e6ec6 100644
--- a/src/models/AdvertisementModel.php
+++ b/src/models/AdvertisementModel.php
@@ -195,7 +195,8 @@ class AdvertisementModel extends Model
PhraseParser::canonicalizePunctuatedTerms($query);
$query = trim(preg_replace('/( |'.C\PUNCT.')+/u', ' ',
mb_strtoupper($query)));
- $keywords = preg_replace('/ /u', ',', $query);;
+ $query = $db->escapeString($query);
+ $keywords = "('". preg_replace('/ /u', "', '", $query)."')";
$today_date = date(C\AD_DATE_FORMAT);
$total_sql = "
SELECT B.KEYWORD AS KEYWORD, SUM(B.BID_AMOUNT) AS TOTAL_AMOUNT
@@ -215,13 +216,13 @@ class AdvertisementModel extends Model
$total_sql = "
SELECT B.KEYWORD AS KEYWORD, SUM(B.BID_AMOUNT) AS TOTAL_AMOUNT
FROM ADVERTISEMENT A, ACCEPTED_AD_BIDS B
- WHERE A.ID = B.AD_ID AND B.KEYWORD IN (?)
+ WHERE A.ID = B.AD_ID AND B.KEYWORD IN $keywords
AND BID_DATE = ?
AND A.STATUS=".C\ADVERTISEMENT_ACTIVE_STATUS. "
GROUP BY B.KEYWORD
ORDER BY TOTAL_AMOUNT DESC ".
$db->limitOffset(1);
- $result = $db->execute($total_sql, [$query, $today_date]);
+ $result = $db->execute($total_sql, [$today_date]);
$total_row = false;
if ($result) {
$total_row = $db->fetchArray($result);