From 0e41dea8cc54d691ffc805b996606d701d66785e Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Wed, 13 Aug 2014 10:42:46 -0400
Subject: [PATCH] - disallow ` in table names when using ?? placeholder in query

---
 interface/lib/classes/db_mysql.inc.php |    3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/interface/lib/classes/db_mysql.inc.php b/interface/lib/classes/db_mysql.inc.php
index c5f5e9f..ee159fa 100644
--- a/interface/lib/classes/db_mysql.inc.php
+++ b/interface/lib/classes/db_mysql.inc.php
@@ -126,7 +126,8 @@
 
 				if($iPos2 !== false && ($iPos === false || $iPos2 <= $iPos)) {
 					$sTxt = $this->escape($sValue);
-
+					
+					$sTxt = str_replace('`', '', $sTxt);
 					if(strpos($sTxt, '.') !== false) $sTxt = preg_replace('/^(.+)\.(.+)$/', '`$1`.`$2`', $sTxt);
 					else $sTxt = '`' . $sTxt . '`';
 

--
Gitblit v1.9.1