diff options
| author | Steven Wittens <steven@10.no-reply.drupal.org> | 2006-02-09 08:28:53 +0000 |
|---|---|---|
| committer | Steven Wittens <steven@10.no-reply.drupal.org> | 2006-02-09 08:28:53 +0000 |
| commit | 0d89f29a3fd72e328346eb3e06dbb4b4b99bc403 (patch) | |
| tree | 4914bf12ece216376ce9b662b0fb8e761a5babc4 /modules/statistics | |
| parent | 9004bed664506f80e5b5b29382aa6709a8fc5def (diff) | |
| download | brdo-0d89f29a3fd72e328346eb3e06dbb4b4b99bc403.tar.gz brdo-0d89f29a3fd72e328346eb3e06dbb4b4b99bc403.tar.bz2 | |
- #48616: check_plain() incorrectly applies to page titles in statistics
Diffstat (limited to 'modules/statistics')
| -rw-r--r-- | modules/statistics/statistics.module | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/modules/statistics/statistics.module b/modules/statistics/statistics.module index 13342f6a3..18df4d783 100644 --- a/modules/statistics/statistics.module +++ b/modules/statistics/statistics.module @@ -78,7 +78,7 @@ function statistics_exit() { } if ((variable_get('statistics_enable_access_log', 0)) && (module_invoke('throttle', 'status') == 0)) { // Log this page access. - db_query("INSERT INTO {accesslog} (title, path, url, hostname, uid, sid, timer, timestamp) values('%s', '%s', '%s', '%s', %d, '%s', %d, %d)", drupal_get_title(), $_GET['q'], referer_uri(), $_SERVER['REMOTE_ADDR'], $user->uid, session_id(), timer_read('page'), time()); + db_query("INSERT INTO {accesslog} (title, path, url, hostname, uid, sid, timer, timestamp) values('%s', '%s', '%s', '%s', %d, '%s', %d, %d)", decode_entities(strip_tags(drupal_get_title())), $_GET['q'], referer_uri(), $_SERVER['REMOTE_ADDR'], $user->uid, session_id(), timer_read('page'), time()); } } |