aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorredmatrix <redmatrix@redmatrix.me>2015-09-02 15:52:54 -0700
committerredmatrix <redmatrix@redmatrix.me>2015-09-02 15:52:54 -0700
commit2a26c898cafb3523b2e6c8b8b499402befc0c442 (patch)
tree0eb7499ef4b241106b4b1ff20e82769aac355b38
parent3647b74d338ffb5c85c40cf01bcaa76593e4cb18 (diff)
downloadvolse-hubzilla-2a26c898cafb3523b2e6c8b8b499402befc0c442.tar.gz
volse-hubzilla-2a26c898cafb3523b2e6c8b8b499402befc0c442.tar.bz2
volse-hubzilla-2a26c898cafb3523b2e6c8b8b499402befc0c442.zip
protect from sql injection
-rw-r--r--include/zot.php2
-rw-r--r--version.inc2
2 files changed, 2 insertions, 2 deletions
diff --git a/include/zot.php b/include/zot.php
index 55870c2b9..0376dc7f5 100644
--- a/include/zot.php
+++ b/include/zot.php
@@ -1663,7 +1663,7 @@ function process_delivery($sender, $arr, $deliveries, $relay, $public = false, $
$ab = q("select * from abook where abook_channel = %d and abook_xchan = '%s'",
intval($channel['channel_id']),
- $arr['owner_xchan']
+ dbesc($arr['owner_xchan'])
);
$abook = (($ab) ? $ab[0] : null);
diff --git a/version.inc b/version.inc
index bfff44914..da2499cde 100644
--- a/version.inc
+++ b/version.inc
@@ -1 +1 @@
-2015-09-01.1142
+2015-09-02.1143