From: Jens Frank <jeluf@users.mediawiki.org>
Date: Wed, 13 Oct 2004 21:30:18 +0000 (+0000)
Subject: Fix SQL injection bug
X-Git-Tag: 1.5.0alpha1~1564
X-Git-Url: http://git.cyclocoop.org/%22%20.%20generer_url_ecrire%28%22auteur_infos%22%2C%20%22id_auteur=%24id%22%29%20.%20%22?a=commitdiff_plain;h=e75fda92b6f948161168dbd55911007391fc90c8;p=lhc%2Fweb%2Fwiklou.git

Fix SQL injection bug
---

diff --git a/includes/SpecialMaintenance.php b/includes/SpecialMaintenance.php
index 6f74bd5427..3166c5a4fe 100644
--- a/includes/SpecialMaintenance.php
+++ b/includes/SpecialMaintenance.php
@@ -269,7 +269,7 @@ function wfSpecialMissingLanguageLinks() {
 
 	$sql = "SELECT cur_title FROM $cur " .
 	  "WHERE cur_namespace=0 AND cur_is_redirect=0 " .
-	  "AND cur_title NOT LIKE '%/%' AND cur_text NOT LIKE '%[[{$thelang}:%' " .
+	  "AND cur_title NOT LIKE '%/%' AND cur_text NOT LIKE '%[[" . wfStrencode( $thelang ) . ":%' " .
 	  "LIMIT {$offset}, {$limit}";
 
 	$res = $dbr->query( $sql, $fname );