mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Sanitize user input

This commit is contained in:
Lukas Reschke 2012-09-22 10:51:03 +02:00
parent 08132587d1
commit 80aa44565b
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/db.php
View File

@ -299,7 +299,7 @@ class OC_DB {
// Die if we have an error (error means: bad query, not 0 results!)
if( PEAR::isError($result)) {
$entry = 'DB Error: "'.$result->getMessage().'"<br />';
$entry .= 'Offending command was: '.$query.'<br />';
$entry .= 'Offending command was: '.htmlentities($query).'<br />';
OC_Log::write('core', $entry,OC_Log::FATAL);
error_log('DB error: '.$entry);
die( $entry );
@ -309,7 +309,7 @@ class OC_DB {
$result=self::$connection->prepare($query);
}catch(PDOException $e) {
$entry = 'DB Error: "'.$e->getMessage().'"<br />';
$entry .= 'Offending command was: '.$query.'<br />';
$entry .= 'Offending command was: '.htmlentities($query).'<br />';
OC_Log::write('core', $entry,OC_Log::FATAL);
error_log('DB error: '.$entry);
die( $entry );