[icinga-checkins] icinga.org: icingaweb2-module-director/fiddle/mfrosch: Db: quote data before passing to pgsql

git at icinga.org git at icinga.org
Tue May 24 16:46:45 CEST 2016


Module: icingaweb2-module-director
Branch: fiddle/mfrosch
Commit: d5b3f25de9b327a9b6fd002d05726e9680dd4c14
URL:    https://git.icinga.org/?p=icingaweb2-module-director.git;a=commit;h=d5b3f25de9b327a9b6fd002d05726e9680dd4c14

Author: Thomas Gelf <thomas at gelf.net>
Date:   Mon May 23 15:40:12 2016 +0200

Db: quote data before passing to pgsql

---

 library/Director/Db.php |    4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/library/Director/Db.php b/library/Director/Db.php
index 5217d46..9addeb3 100644
--- a/library/Director/Db.php
+++ b/library/Director/Db.php
@@ -273,7 +273,9 @@ class Db extends DbConnection
     public function fetchActivityLogIdByChecksum($checksum)
     {
         $sql = 'SELECT id FROM director_activity_log WHERE checksum = ?';
-        return $this->db()->fetchOne($sql, $this->quoteBinary($checksum));
+        return $this->db()->fetchOne(
+            $this->db()->quoteInto($sql,  $this->quoteBinary($checksum))
+        );
     }
 
     public function fetchActivityLogEntry($checksum)



More information about the icinga-checkins mailing list