mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-08-09 10:16:36 +02:00
Code Issues Releases Wiki Activity

[ticket/16924] Do not double escape values inserted into config table

Browse Source 
PHPBB3-16924
This commit is contained in:
Marc Alexander
2021-12-02 21:01:45 +01:00
parent 03b36d46c3
commit 8cc6075d92
2 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
phpBB/phpbb/config/db.php
View File

@@ -170,9 +170,9 @@ class db extends config
if (!isset($this->config[$key]))
{
$sql = 'INSERT INTO ' . $this->table . ' ' . $this->db->sql_build_array('INSERT', array(
'config_name' => $this->db->sql_escape($key),
'config_value' => $this->db->sql_escape($new_value),
'is_dynamic' => ($use_cache) ? 0 : 1));
'config_name' => $key,
'config_value' => $new_value,
'is_dynamic' => $use_cache ? 0 : 1));
$this->db->sql_query($sql);
}