pegasus/anope
1
0
Fork 0
mirror of https://github.com/anope/anope.git synced 2026-06-25 07:36:38 +02:00
Code Activity

Escape all column names when building sql queries

Browse Source
This commit is contained in:
Adam
2012-03-02 17:05:59 -05:00
parent 020467d472
commit 4ed844ffd5
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
modules/database/db_sql_live_write.cpp
+1 -1
View File
@@ -73,7 +73,7 @@ class DBMySQL : public Module
query_text.erase(query_text.end() - 1);
query_text += ") ON DUPLICATE KEY UPDATE ";
for (Serializable::serialized_data::const_iterator it = data.begin(), it_end = data.end(); it != it_end; ++it)
query_text += it->first + "=VALUES(" + it->first + "),";
query_text += "`" + it->first + "`=VALUES(`" + it->first + "`),";
query_text.erase(query_text.end() - 1);
SQLQuery query(query_text);