From 970d946e5b28b7030f497a04f900a3e5ee3ae17c Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Sun, 22 Jul 2012 16:53:32 +0200
Subject: [PATCH] Fix: sql injection for create database

---
 htdocs/core/db/mysql.class.php  | 4 ++--
 htdocs/core/db/mysqli.class.php | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/htdocs/core/db/mysql.class.php b/htdocs/core/db/mysql.class.php
index 89c8885d74a..fd83f876f64 100644
--- a/htdocs/core/db/mysql.class.php
+++ b/htdocs/core/db/mysql.class.php
@@ -800,8 +800,8 @@ class DoliDBMysql
 		if (empty($collation)) $collation=$this->forcecollate;
 
 		// ALTER DATABASE dolibarr_db DEFAULT CHARACTER SET latin DEFAULT COLLATE latin1_swedish_ci
-		$sql = 'CREATE DATABASE '.$database;
-		$sql.= ' DEFAULT CHARACTER SET '.$charset.' DEFAULT COLLATE '.$collation;
+        $sql = "CREATE DATABASE '".$this->escape($database)."'";
+        $sql.= " DEFAULT CHARACTER SET '".$this->escape($charset)."' DEFAULT COLLATE '".$this->escape($collation)."'";
 
 		dol_syslog($sql,LOG_DEBUG);
 		$ret=$this->query($sql);
diff --git a/htdocs/core/db/mysqli.class.php b/htdocs/core/db/mysqli.class.php
index 82496a9e3cd..8d19617555f 100644
--- a/htdocs/core/db/mysqli.class.php
+++ b/htdocs/core/db/mysqli.class.php
@@ -794,8 +794,8 @@ class DoliDBMysqli
         if (empty($collation)) $collation=$this->forcecollate;
 
         // ALTER DATABASE dolibarr_db DEFAULT CHARACTER SET latin DEFAULT COLLATE latin1_swedish_ci
-        $sql = 'CREATE DATABASE '.$database;
-        $sql.= ' DEFAULT CHARACTER SET '.$charset.' DEFAULT COLLATE '.$collation;
+        $sql = "CREATE DATABASE '".$this->escape($database)."'";
+        $sql.= " DEFAULT CHARACTER SET '".$this->escape($charset)."' DEFAULT COLLATE '".$this->escape($collation)."'";
 
         dol_syslog($sql,LOG_DEBUG);
         $ret=$this->query($sql);