From: Jens Frank Date: Wed, 13 Oct 2004 21:30:18 +0000 (+0000) Subject: Fix SQL injection bug X-Git-Tag: 1.5.0alpha1~1564 X-Git-Url: http://git.cyclocoop.org/%7B%24www_url%7Dadmin/compta/pie.php?a=commitdiff_plain;h=e75fda92b6f948161168dbd55911007391fc90c8;p=lhc%2Fweb%2Fwiklou.git Fix SQL injection bug --- diff --git a/includes/SpecialMaintenance.php b/includes/SpecialMaintenance.php index 6f74bd5427..3166c5a4fe 100644 --- a/includes/SpecialMaintenance.php +++ b/includes/SpecialMaintenance.php @@ -269,7 +269,7 @@ function wfSpecialMissingLanguageLinks() { $sql = "SELECT cur_title FROM $cur " . "WHERE cur_namespace=0 AND cur_is_redirect=0 " . - "AND cur_title NOT LIKE '%/%' AND cur_text NOT LIKE '%[[{$thelang}:%' " . + "AND cur_title NOT LIKE '%/%' AND cur_text NOT LIKE '%[[" . wfStrencode( $thelang ) . ":%' " . "LIMIT {$offset}, {$limit}"; $res = $dbr->query( $sql, $fname );