more addslashes magic sauce

author Martin T. H. Sandsmark <sandsmark@samfundet.no>

Sun, 25 Jul 2010 11:14:26 +0000 (13:14 +0200)

committer Martin T. H. Sandsmark <sandsmark@samfundet.no>

Sun, 25 Jul 2010 11:14:26 +0000 (13:14 +0200)
author Martin T. H. Sandsmark <sandsmark@samfundet.no>
Sun, 25 Jul 2010 11:14:26 +0000 (13:14 +0200)
committer Martin T. H. Sandsmark <sandsmark@samfundet.no>
Sun, 25 Jul 2010 11:14:26 +0000 (13:14 +0200)
diff --git a/inc/lib_ocs.php b/inc/lib_ocs.php

index 16b0832fbea2b577bdf101030a93fdab9ed7682c..055a8587a600596898527fd3c2e3e15c1296f46c 100644 (file)
--- a/inc/lib_ocs.php
+++ b/inc/lib_ocs.php
@@ -478,7 +478,7 @@ class OC_OCS {
      //TODO: prepared statements, locking tables, fancy stuff, error checking/handling
      $user=OC_OCS::checkpassword();
  
-    $result=OC_DB::select("select count(*) as co from {$CONFIG_DBTABLEPREFIX}privatedata where key = '".$key."'");
+    $result=OC_DB::select("select count(*) as co from {$CONFIG_DBTABLEPREFIX}privatedata where key = '".addslashes($key)."'");
      $totalcount=$result[0]['co'];
      OC_DB::free_result($result);
author	Martin T. H. Sandsmark <sandsmark@samfundet.no>
	Sun, 25 Jul 2010 11:14:26 +0000 (13:14 +0200)
committer	Martin T. H. Sandsmark <sandsmark@samfundet.no>
	Sun, 25 Jul 2010 11:14:26 +0000 (13:14 +0200)