val unescaped with dibi::unescape is unusuable, use db decoding instead

pydio · Nov 18, 2014 · d49c936 · d49c936
1 parent 18b881f
commit d49c936
Showing 1 changed file with 3 additions and 7 deletions.
diff --git a/core/src/plugins/conf.sql/class.AJXP_SqlUser.php b/core/src/plugins/conf.sql/class.AJXP_SqlUser.php
@@ -361,15 +361,11 @@ public function load()
             $this->setHidden(true);
         }
 
-        $result_prefs = dibi::query('SELECT [name], [val] FROM [ajxp_user_prefs] WHERE [login] = %s', $this->getId());
-        $this->prefs = $result_prefs->fetchPairs('name', 'val');
         if ("postgre" == $this->storage->sqlDriver["driver"]) {
-            $unescaped = array();
-            foreach($this->prefs as $name => $val) {
-                $unescaped[$name] = unserialize($val);
-            }
-            $this->prefs = $unescaped;
+            dibi::nativeQuery('SET bytea_output = escape');
         }
+        $result_prefs = dibi::query('SELECT [name], [val] FROM [ajxp_user_prefs] WHERE [login] = %s', $this->getId());
+        $this->prefs = $result_prefs->fetchPairs('name', 'val');
 
         $result_bookmarks = dibi::query('SELECT [repo_uuid], [path], [title] FROM [ajxp_user_bookmarks] WHERE [login] = %s', $this->getId());
         $all_bookmarks = $result_bookmarks->fetchAll();