valvin
/
ttrss
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

escape html characters in db_query() error output

This commit is contained in:
Andrew Dolgov 2005-10-16 09:52:44 +01:00
parent 571c7f235d
commit 8823cd590f
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
db.php
View File

@ -55,12 +55,14 @@ function db_query($link, $query) {
if (DB_TYPE == "pgsql") { if (DB_TYPE == "pgsql") {
$result = pg_query($link, $query); $result = pg_query($link, $query);
if (!$result) { if (!$result) {
$query = htmlspecialchars($query); // just in case
die("Query <i>$query</i> failed: " . pg_last_error($link)); die("Query <i>$query</i> failed: " . pg_last_error($link));
} }
return $result; return $result;
} else if (DB_TYPE == "mysql") { } else if (DB_TYPE == "mysql") {
$result = mysql_query($query, $link); $result = mysql_query($query, $link);
if (!$result) { if (!$result) {
$query = htmlspecialchars($query);
die("Query <i>$query</i> failed: " . mysql_error($link)); die("Query <i>$query</i> failed: " . mysql_error($link));
} }
return $result; return $result;