SF.net SVN: postfixadmin:[1326] trunk/backup.php
Brought to you by:
christian_boltz,
gingerdog
Menu
▾
▴
SF.net SVN: postfixadmin:[1326] trunk/backup.php
|
From: <Gin...@us...> - 2012-01-10 22:55:15
|
Revision: 1326
http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=1326&view=rev
Author: GingerDog
Date: 2012-01-10 22:55:09 +0000 (Tue, 10 Jan 2012)
Log Message:
-----------
sql injection fix - ported back to trunk from branches/2.3 ...
Modified Paths:
--------------
trunk/backup.php
Modified: trunk/backup.php
===================================================================
--- trunk/backup.php 2012-01-10 20:30:15 UTC (rev 1325)
+++ trunk/backup.php 2012-01-10 22:55:09 UTC (rev 1326)
@@ -123,11 +123,9 @@
{
while ($row = db_assoc ($result['result']))
{
- foreach ($row as $key=>$val)
- {
- $fields[] = $key;
- $values[] = $val;
- }
+ $fields = array_keys($row);
+ $values = array_values($row);
+ $values = array_map('escape_string', $values);
fwrite ($fh, "INSERT INTO ". $tables[$i] . " (". implode (',',$fields) . ") VALUES ('" . implode ('\',\'',$values) . "');\n");
$fields = "";
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
