mirror/php-dibi
1
0
Fork 0
mirror of https://github.com/dg/dibi.git synced 2025-10-21 01:36:26 +02:00
Code Issues Releases Wiki Activity

quoted identifiers security fix

Browse Source
This commit is contained in:
David Grudl
2008-09-15 23:58:03 +00:00
parent 8c4211d5be
commit 9b84459f09
7 changed files with 13 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
dibi/drivers/mysql.php
View File

@@ -263,6 +263,8 @@ class DibiMySqlDriver extends DibiObject implements IDibiDriver
return "'" . mysql_real_escape_string($value, $this->connection) . "'";
case dibi::IDENTIFIER:
// @see http://dev.mysql.com/doc/refman/5.0/en/identifiers.html
$value = str_replace('`', '``', $value);
return '`' . str_replace('.', '`.`', $value) . '`';
case dibi::FIELD_BOOL: