mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-01-17 14:18:24 +01:00
Code Issues Releases Wiki Activity

[ticket/16924] Do not double escape values inserted into config table

Browse Source 
PHPBB3-16924
This commit is contained in:
Marc Alexander 2021-12-02 21:01:45 +01:00
parent 03b36d46c3
commit 8cc6075d92
No known key found for this signature in database
GPG Key ID: 50E0D2423696F995
2 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
phpBB/phpbb/config/db.php
View File

@ -170,9 +170,9 @@ class db extends config
if (!isset($this->config[$key]))
{
$sql = 'INSERT INTO ' . $this->table . ' ' . $this->db->sql_build_array('INSERT', array(
'config_name' => $this->db->sql_escape($key),
'config_value' => $this->db->sql_escape($new_value),
'is_dynamic' => ($use_cache) ? 0 : 1));
'config_name' => $key,
'config_value' => $new_value,
'is_dynamic' => $use_cache ? 0 : 1));
$this->db->sql_query($sql);
}

2
tests/config/db_test.php
View File

@ -94,7 +94,7 @@ class phpbb_config_db_test extends phpbb_database_test_case
// re-read config and populate cache
$config2 = new \phpbb\config\db($this->db, $this->cache, 'phpbb_config');
$this->cache->checkVar($this, 'config', array('foo' => '23', 'foobar' => '5', 'foobar_json' => $json_value));
$this->cache->checkVar($this, 'config', ['foo' => '23', 'foobar_json' => $json_value]);
}
public function test_set_new_uncached()