From 89be29505b1ed6146aef314d5524f46cc289cee3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?G=C3=A1bor=20Hojtsy?= <gabor@hojtsy.hu>
Date: Fri, 4 Jan 2008 09:31:49 +0000
Subject: #198856 by hswong3i: Fix some incorrect use of %s for table name
 escaping, implement better security checks

---
 modules/statistics/statistics.module | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'modules/statistics/statistics.module')

diff --git a/modules/statistics/statistics.module b/modules/statistics/statistics.module
index 831a0d5c7..1242e973b 100644
--- a/modules/statistics/statistics.module
+++ b/modules/statistics/statistics.module
@@ -206,7 +206,10 @@ function statistics_cron() {
  *   or FALSE if the query could not be executed correctly.
  */
 function statistics_title_list($dbfield, $dbrows) {
-  return db_query_range(db_rewrite_sql("SELECT n.nid, n.title, u.uid, u.name FROM {node} n INNER JOIN {node_counter} s ON n.nid = s.nid INNER JOIN {users} u ON n.uid = u.uid WHERE %s <> '0' AND n.status = 1 ORDER BY %s DESC"), 's.'. $dbfield, 's.'. $dbfield, 0, $dbrows);
+  if (in_array($dbfield, array('totalcount', 'daycount', 'timestamp'))) {
+    return db_query_range(db_rewrite_sql("SELECT n.nid, n.title, u.uid, u.name FROM {node} n INNER JOIN {node_counter} s ON n.nid = s.nid INNER JOIN {users} u ON n.uid = u.uid WHERE s.". $dbfield ." != 0 AND n.status = 1 ORDER BY s.". $dbfield ." DESC"), 0, $dbrows);
+  }
+  return FALSE;
 }
 
 
-- 
cgit v1.2.3