| Package home | Report new bug | New search | Development Roadmap | Status: Open | Feedback | All | Closed Since Version 1.4.1 |
| Bug #561 | db fields in query-strings are not escaped | ||
|---|---|---|---|
| Submitted: | 2004-01-13 10:23 UTC | ||
| From: | c dot weyland at gmx dot de | Assigned: | datenpunk |
| Status: | Closed | Package: | DB_NestedSet |
| PHP Version: | Irrelevant | OS: | |
| Roadmaps: | (Not assigned) | ||
[2004-01-13 10:23 UTC] c dot weyland at gmx dot de
Description:
------------
fields in sql query strings are not escaped, so its not possible to use custom fields such as "key", which are 'reserved' i.e. by mysql.
fields probably should be enclosed in backticks.
Comments
[2004-03-31 08:31 UTC] datenpunk at php dot net
This bug has been fixed in CVS.
In case this was a documentation problem, the fix will show up at the
end of next Sunday (CET) on pear.php.net.
In case this was a pear.php.net website problem, the change will show
up on the website in short time.
Thank you for the report, and for helping us make PEAR better.