forked from GNUsocial/gnu-social
Potential SQL injection in Local_group::setNickname()
This change escapes a parameter in Local_group::setNickname(). Review of the code paths that call this function sanitize the parameter higher up the stack, but it's escaped here to prevent mistakes later. Note that nickname parameters are normally alphanum strings, so there's not much danger in double-escaping them.
This commit is contained in:
parent
540b90dbd9
commit
783e400d94
@ -44,7 +44,7 @@ class Local_group extends Managed_DataObject
|
|||||||
function setNickname($nickname)
|
function setNickname($nickname)
|
||||||
{
|
{
|
||||||
$this->decache();
|
$this->decache();
|
||||||
$qry = 'UPDATE local_group set nickname = "'.$nickname.'" where group_id = ' . $this->group_id;
|
$qry = 'UPDATE local_group set nickname = "'.$this->escape($nickname).'" where group_id = ' . $this->group_id;
|
||||||
|
|
||||||
$result = $this->query($qry);
|
$result = $this->query($qry);
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user