Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Register
Sign in
Toggle navigation
Menu
Open sidebar
Zvonimir
ISPConfig 3
Commits
0e41dea8
Commit
0e41dea8
authored
Aug 13, 2014
by
Marius Cramer
Browse files
- disallow ` in table names when using ?? placeholder in query
parent
587fe4ed
Changes
1
Hide whitespace changes
Inline
Side-by-side
interface/lib/classes/db_mysql.inc.php
View file @
0e41dea8
...
...
@@ -126,7 +126,8 @@ class db extends mysqli
if
(
$iPos2
!==
false
&&
(
$iPos
===
false
||
$iPos2
<=
$iPos
))
{
$sTxt
=
$this
->
escape
(
$sValue
);
$sTxt
=
str_replace
(
'`'
,
''
,
$sTxt
);
if
(
strpos
(
$sTxt
,
'.'
)
!==
false
)
$sTxt
=
preg_replace
(
'/^(.+)\.(.+)$/'
,
'`$1`.`$2`'
,
$sTxt
);
else
$sTxt
=
'`'
.
$sTxt
.
'`'
;
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment