Commit baf5dda4 authored by Sergio's avatar Sergio
Browse files

fix escaping in sql query

parent 9ec3045a
......@@ -156,7 +156,7 @@ class tools_sites {
$field = "domain";
$select = $field;
}
$sql .= " domain NOT IN (SELECT $select FROM $not_used_in_table WHERE $field != '$selected_domain') AND";
$sql .= " domain NOT IN (SELECT $select FROM ?? WHERE $field != ?) AND";
}
if ($_SESSION["s"]["user"]["typ"] == 'admin') {
$sql .= " 1";
......@@ -165,7 +165,7 @@ class tools_sites {
$sql .= " sys_groupid IN (".$groups.")";
}
$sql .= " ORDER BY domain";
return $app->db->queryAllRecords($sql);
return $app->db->queryAllRecords($sql, $not_used_in_table, $selected_domain);
}
function checkDomainModuleDomain($domain_id) {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment