* (bug 3227) Fix SQL injection introduced in experimental code

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 988bf24..1a2d7ef 100644 (file)
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -44,6 +44,7 @@ Misc work going on.....
 * (bug 3216) Don't show empty warning page when no warnings.
 * (bug 3218) Use proper quoting on history Compare Revisions button
 * (bug 3220) Fix escaping of block URLs in Recentchanges
+* (bug 3227) Fix SQL injection introduced in experimental code
 
 
 === Caveats ===

diff --git a/includes/EditPage.php b/includes/EditPage.php
index 827740b..df6d3a2 100644 (file)
--- a/includes/EditPage.php
+++ b/includes/EditPage.php
@@ -949,10 +949,10 @@ END
                               'log_comment',
                               'log_params',
                               'user_name', ),
-                       array( 'log_namespace="' . $this->mTitle->getNamespace() . '"',
-                              'log_title="' . $this->mTitle->getDBkey() . '"',
-                              'log_type="delete"',
-                              'log_action="delete"',
+                       array( 'log_namespace' => $this->mTitle->getNamespace(),
+                              'log_title' => $this->mTitle->getDBkey(),
+                              'log_type' => 'delete',
+                              'log_action' => 'delete',
                               'user_id=log_user' ),
                        $fname,
                        array( 'LIMIT' => 1, 'ORDER BY' => 'log_timestamp DESC' ) );