diff options
author | Friendika <info@friendika.com> | 2010-11-09 15:11:47 -0800 |
---|---|---|
committer | Friendika <info@friendika.com> | 2010-11-09 15:11:47 -0800 |
commit | f7c0480f1b69c44d5daf47d343aaba44ebd26ec2 (patch) | |
tree | 20765a582cf3e781cf670103686f31e68686081d /mod | |
parent | c50f491c3dd6df917c86d8074ebfdba22f96558d (diff) | |
download | volse-hubzilla-f7c0480f1b69c44d5daf47d343aaba44ebd26ec2.tar.gz volse-hubzilla-f7c0480f1b69c44d5daf47d343aaba44ebd26ec2.tar.bz2 volse-hubzilla-f7c0480f1b69c44d5daf47d343aaba44ebd26ec2.zip |
use raw db queries wherever query items could contain '%'
Diffstat (limited to 'mod')
-rw-r--r-- | mod/dfrn_notify.php | 2 | ||||
-rw-r--r-- | mod/profiles.php | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/mod/dfrn_notify.php b/mod/dfrn_notify.php index 745223dd7..e7dbf74a1 100644 --- a/mod/dfrn_notify.php +++ b/mod/dfrn_notify.php @@ -106,7 +106,7 @@ function dfrn_notify_post(&$a) { dbesc_array($msg); - $r = q("INSERT INTO `mail` (`" . implode("`, `", array_keys($msg)) + $r = dbq("INSERT INTO `mail` (`" . implode("`, `", array_keys($msg)) . "`) VALUES ('" . implode("', '", array_values($msg)) . "')" ); // send email notification if requested. diff --git a/mod/profiles.php b/mod/profiles.php index b8151eadd..26e8d4ec5 100644 --- a/mod/profiles.php +++ b/mod/profiles.php @@ -249,7 +249,7 @@ function profiles_content(&$a) { dbesc_array($r1[0]); - $r2 = q("INSERT INTO `profile` (`" + $r2 = dbq("INSERT INTO `profile` (`" . implode("`, `", array_keys($r1[0])) . "`) VALUES ('" . implode("', '", array_values($r1[0])) |