From: Bryan Tong Minh <btongminh@users.mediawiki.org>
Date: Fri, 13 Jun 2008 13:22:50 +0000 (+0000)
Subject: (bug 14526) Unescaped SQL in list=backlinks
X-Git-Tag: 1.31.0-rc.0~47017
X-Git-Url: http://git.cyclocoop.org/%28?a=commitdiff_plain;h=a250de25670fd7359380d3bfc672c6dd069cb281;p=lhc%2Fweb%2Fwiklou.git

(bug 14526) Unescaped SQL in list=backlinks
---

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index d621d0d2cc..ae413a562c 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -444,6 +444,7 @@ it from source control: http://www.mediawiki.org/wiki/Download_from_SVN
 * Added action=emailuser to send an email to a user
 * (bug 14471) Use HTMLTidy and generate limit report in action=parse
 * (bug 14459) Added prependtext and appendtext parameters to action=edit
+* (bug 14526) Unescaped SQL in list=backlinks
 
 === Languages updated in 1.13 ===
 
diff --git a/includes/api/ApiQueryBacklinks.php b/includes/api/ApiQueryBacklinks.php
index 0ae3681565..6289ce628d 100644
--- a/includes/api/ApiQueryBacklinks.php
+++ b/includes/api/ApiQueryBacklinks.php
@@ -141,7 +141,7 @@ class ApiQueryBacklinks extends ApiQueryGeneratorBase {
 		$titleWhere = '';
 		foreach($this->redirTitles as $t)
 			$titleWhere .= ($titleWhere != '' ? " OR " : '') .
-					"({$this->bl_title} = '{$t->getDBKey()}'" .
+					"({$this->bl_title} = ".$db->addQuotes($t->getDBKey()).
 					($this->hasNS ? " AND {$this->bl_ns} = '{$t->getNamespace()}'" : "") .
 					")";
 		$this->addWhere($titleWhere);