mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-31 14:00:31 +02:00
Code Issues Releases Wiki Activity

[ticket/16870] Ensure to properly escape values when running db:migrate

Browse Source 
PHPBB3-16870
This commit is contained in:
Marc Alexander
2021-09-08 20:24:44 +02:00
parent 8c25f3a9f7
commit bbcac37e30
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
phpBB/phpbb/config/db.php
View File

@@ -170,8 +170,8 @@ class db extends config
if (!isset($this->config[$key]))
{
$sql = 'INSERT INTO ' . $this->table . ' ' . $this->db->sql_build_array('INSERT', array(
'config_name' => $key,
'config_value' => $new_value,
'config_name' => $this->db->sql_escape($key),
'config_value' => $this->db->sql_escape($new_value),
'is_dynamic' => ($use_cache) ? 0 : 1));
$this->db->sql_query($sql);
}