mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-08-01 22:40:39 +02:00
Code Issues Releases Wiki Activity

[ticket/16538] Add identifiers quoting

Browse Source 
If reserved word is used as identifier, it must be quoted.
If alias is used elsewhere in SQL statement, it must be quoted.

PHPBB3-16535
PHPBB3-16538
This commit is contained in:
rxu
2020-06-27 12:11:48 +07:00
parent 3bbe0f1d4e
commit 0bc9d87891
10 changed files with 62 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
phpBB/includes/functions_posting.php
View File

@@ -118,7 +118,7 @@ function generate_smilies($mode, $forum_id)
SMILIES_TABLE => 's',
],
'GROUP_BY' => 's.smiley_url, s.smiley_width, s.smiley_height',
'ORDER_BY' => 'min_smiley_order',
'ORDER_BY' => $db->sql_quote('min_smiley_order'),
];
}
else