From: Martin T. H. Sandsmark <sandsmark@samfundet.no>
Date: Sun, 25 Jul 2010 11:14:26 +0000 (+0200)
Subject: more addslashes magic sauce
X-Git-Tag: v3.0~335
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=3b065d4daec2b0ee6744a66e4eb9739d7d614903;p=nextcloud-server.git

more addslashes magic sauce
---

diff --git a/inc/lib_ocs.php b/inc/lib_ocs.php
index 16b0832fbea..055a8587a60 100644
--- a/inc/lib_ocs.php
+++ b/inc/lib_ocs.php
@@ -478,7 +478,7 @@ class OC_OCS {
     //TODO: prepared statements, locking tables, fancy stuff, error checking/handling
     $user=OC_OCS::checkpassword();
 
-    $result=OC_DB::select("select count(*) as co from {$CONFIG_DBTABLEPREFIX}privatedata where key = '".$key."'");
+    $result=OC_DB::select("select count(*) as co from {$CONFIG_DBTABLEPREFIX}privatedata where key = '".addslashes($key)."'");
     $totalcount=$result[0]['co'];
     OC_DB::free_result($result);