* Added action=emailuser to send an email to a user
* (bug 14471) Use HTMLTidy and generate limit report in action=parse
* (bug 14459) Added prependtext and appendtext parameters to action=edit
+* (bug 14526) Unescaped SQL in list=backlinks
=== Languages updated in 1.13 ===
$titleWhere = '';
foreach($this->redirTitles as $t)
$titleWhere .= ($titleWhere != '' ? " OR " : '') .
- "({$this->bl_title} = '{$t->getDBKey()}'" .
+ "({$this->bl_title} = ".$db->addQuotes($t->getDBKey()).
($this->hasNS ? " AND {$this->bl_ns} = '{$t->getNamespace()}'" : "") .
")";
$this->addWhere($titleWhere);