mirror/php-dibi
1
0
Fork 0
mirror of https://github.com/dg/dibi.git synced 2025-02-24 02:43:09 +01:00
Code Issues Releases Wiki Activity

fixed sql injection vulnerability through conditions and comments [closes #30]

Browse Source
This commit is contained in:
Filip Procházka 2011-01-24 18:53:07 +08:00 committed by David Grudl
parent af6352d0af
commit af715a8044
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
dibi/libs/DibiTranslator.php
View File

@ -182,6 +182,10 @@ final class DibiTranslator extends DibiObject
*/
public function formatValue($value, $modifier)
{
if ($this->comment) {
return "...";
}
// array processing (with or without modifier)
if ($value instanceof Traversable) {
$value = iterator_to_array($value);