1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-23 05:50:55 +01:00

Fix MySQL column escaping

Summary:
MySQL doesn't treat `\` as escaping character in ##``##.
This isn't probably SQL injection hole because I've found no calls of this method with user input.
But better safe than sorry.

See also [[http://dev.mysql.com/doc/refman/5.1/en/server-sql-mode.html#sqlmode_no_backslash_escapes | NO_BACKSLASH_ESCAPES]].

Test Plan:
  lang=sql
  SELECT `a\`b`; -- Throws: Syntax error near '`'.
  -- Should throw: Unknown column 'a`b'.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2109
This commit is contained in:
vrana 2012-04-05 13:39:43 -07:00
parent 23d5d7a1a6
commit ff2b58dab7

View file

@ -38,7 +38,7 @@ final class AphrontMySQLDatabaseConnection extends AphrontDatabaseConnection {
} }
public function escapeColumnName($name) { public function escapeColumnName($name) {
return '`'.str_replace('`', '\\`', $name).'`'; return '`'.str_replace('`', '``', $name).'`';
} }
public function escapeMultilineComment($comment) { public function escapeMultilineComment($comment) {