diff options
| author | Dries Buytaert <dries@buytaert.net> | 2004-11-21 08:25:17 +0000 |
|---|---|---|
| committer | Dries Buytaert <dries@buytaert.net> | 2004-11-21 08:25:17 +0000 |
| commit | fa97839088dd0de1df73a990255edce7eddf90d9 (patch) | |
| tree | ddea053e39d55040400026ce1886464403b6f491 /modules/watchdog/watchdog.module | |
| parent | dc32e54f31e2b1308d5a6813dd644477076ec48d (diff) | |
| download | brdo-fa97839088dd0de1df73a990255edce7eddf90d9.tar.gz brdo-fa97839088dd0de1df73a990255edce7eddf90d9.tar.bz2 | |
- Patch 13180 by chx: renamed check_query() to db_escape_string() and implemtented it properly per database backend.
Read the manual for pg_escape_string: "Use of this function is recommended instead of addslashes()." Or read sqlite_escape_string: "addslashes() should NOT be used to quote your strings for SQLite queries; it will lead to strange results when retrieving your data."
Diffstat (limited to 'modules/watchdog/watchdog.module')
| -rw-r--r-- | modules/watchdog/watchdog.module | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/modules/watchdog/watchdog.module b/modules/watchdog/watchdog.module index 6aebf299c..75ee5ef4c 100644 --- a/modules/watchdog/watchdog.module +++ b/modules/watchdog/watchdog.module @@ -83,7 +83,7 @@ function watchdog_cron() { */ function watchdog_overview($type = '') { foreach (_watchdog_get_message_types() as $key) { - $query[$key] = "WHERE type = '". check_query($key) ."'"; + $query[$key] = "WHERE type = '". db_escape_string($key) ."'"; } $header = array( |