lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix escape db

Browse Source
This commit is contained in:
Laurent Destailleur 2019-09-27 11:39:02 +02:00
parent 2b6b1a3e1c
commit 99ed34b6a4
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/resource/class/dolresource.class.php
View File

@ -849,7 +849,7 @@ class Dolresource extends CommonObject
$sql.= ' FROM '.MAIN_DB_PREFIX.'element_resources';
$sql.= " WHERE element_id=".$element_id." AND element_type='".$this->db->escape($element)."'";
if($resource_type)
$sql.=" AND resource_type LIKE '%".$resource_type."%'";
$sql.=" AND resource_type LIKE '%".$this->db->escape($resource_type)."%'";
$sql .= ' ORDER BY resource_type';
dol_syslog(get_class($this)."::getElementResources", LOG_DEBUG);