From 634c38e9483508593a071e861a7d9f172f5a6b41 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 19 Apr 2021 15:28:49 +0200 Subject: [PATCH] Fix escape --- htdocs/website/class/website.class.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/website/class/website.class.php b/htdocs/website/class/website.class.php index 6e3f0113432..ef50a1701d7 100644 --- a/htdocs/website/class/website.class.php +++ b/htdocs/website/class/website.class.php @@ -1092,8 +1092,8 @@ class Website extends CommonObject } $line .= "\n-- For Dolibarr v14+ --\n"; - $line .= "UPDATE llx_website SET fk_default_lang = '".$this->fk_default_lang."' WHERE rowid = __WEBSITE_ID__;\n"; - $line .= "UPDATE llx_website SET otherlang = '".$this->otherlang."' WHERE rowid = __WEBSITE_ID__;\n"; + $line .= "UPDATE llx_website SET fk_default_lang = '".$this->db->escape($this->fk_default_lang)."' WHERE rowid = __WEBSITE_ID__;\n"; + $line .= "UPDATE llx_website SET otherlang = '".$this->db->escape($this->otherlang)."' WHERE rowid = __WEBSITE_ID__;\n"; $line .= "\n"; fputs($fp, $line);