From fa97839088dd0de1df73a990255edce7eddf90d9 Mon Sep 17 00:00:00 2001
From: Dries Buytaert <dries@buytaert.net>
Date: Sun, 21 Nov 2004 08:25:17 +0000
Subject: - Patch 13180 by chx: renamed check_query() to db_escape_string() and
 implemtented it properly per database backend.

  Read the manual for pg_escape_string:  "Use of this function is recommended instead of addslashes()." Or read sqlite_escape_string: "addslashes() should NOT be used to quote your strings for SQLite queries; it will lead to strange results when retrieving your data."
---
 modules/watchdog/watchdog.module | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'modules/watchdog')

diff --git a/modules/watchdog/watchdog.module b/modules/watchdog/watchdog.module
index 6aebf299c..75ee5ef4c 100644
--- a/modules/watchdog/watchdog.module
+++ b/modules/watchdog/watchdog.module
@@ -83,7 +83,7 @@ function watchdog_cron() {
  */
 function watchdog_overview($type = '') {
   foreach (_watchdog_get_message_types() as $key) {
-    $query[$key] = "WHERE type = '". check_query($key) ."'";
+    $query[$key] = "WHERE type = '". db_escape_string($key) ."'";
   }
 
   $header = array(
-- 
cgit v1.2.3