Commit 68b1465c authored by Till Brehm's avatar Till Brehm

Changes in SQL injection check of database library.

parent 5049080b
......@@ -135,7 +135,7 @@ class db extends mysqli
$string_orig = $string;
//echo $string;
$chars = array(';', '#', '/*', '*/', '--', ' UNION ', '\\\'', '\\"');
$chars = array(';', '#', '/*', '*/', '--', '\\\'', '\\"');
$string = str_replace('\\\\', '', $string);
$string = preg_replace('/(^|[^\\\])([\'"])\\2/is', '$1', $string);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment