Changeset 4632 for branches


Ignore:
Timestamp:
06/26/11 12:42:43 (13 years ago)
Author:
brunocosta
Message:

Ticket #2033 - Incluído "escape" para evitar sql injection, em class.categories.inc.php .

File:
1 edited

Legend:

Unmodified
Added
Removed
  • branches/2.2.0.1/phpgwapi/inc/class.categories.inc.php

    r577 r4632  
    253253                        } 
    254254 
    255  
     255                        $this->app_name = pg_escape_string($this->app_name); 
    256256                        $sql = "SELECT".$table_column."FROM phpgw_categories WHERE (cat_appname='" . $this->app_name. "' ". 
    257257                                        ($grant_cats ? " AND".$grant_cats : "") .($global_cats ? " OR".$global_cats: ""). 
Note: See TracChangeset for help on using the changeset viewer.