From 6a1cc1464e9544c5f3b76b6602b9fb32beca5b09 Mon Sep 17 00:00:00 2001
From: wangyidong <yidong@cnezsoft.com>
Date: Fri, 22 Aug 2014 01:30:29 +0000
Subject: [PATCH]  * fix a bug for dao.

---
 lib/dao/dao.class.php | 19 +++++++++++++------
 1 file changed, 13 insertions(+), 6 deletions(-)

diff --git a/lib/dao/dao.class.php b/lib/dao/dao.class.php
index c41ea6fa78..452928f317 100755
--- a/lib/dao/dao.class.php
+++ b/lib/dao/dao.class.php
@@ -1197,13 +1197,20 @@ class sql
      */
     public function data($data)
     {
-        $this->data = $data;
+        $data = (object) $data;
+
         foreach($data as $field => $value)
-        {
-            $field = str_replace(array('`', ',', ' '), '', $field);
-            $this->sql .= "`$field` = " . $this->quote($value) . ',';
-        }
-        $this->sql = rtrim($this->sql, ',');    // Remove the last ','.
+        {    
+            if(!preg_match('|^\w+$|', $field)) 
+            {    
+                unset($data->$field);
+                continue;
+            }    
+            $this->sql .= "`$field` = " . $this->quote($value) . ','; 
+        }    
+
+        $this->data = $data;
+        $this->sql  = rtrim($this->sql, ',');    // Remove the last ','.
         return $this;
     }