mirror of
https://we.phorge.it/source/phorge.git
synced 2024-12-23 05:50:55 +01:00
Fix MySQL column escaping
Summary: MySQL doesn't treat `\` as escaping character in ##``##. This isn't probably SQL injection hole because I've found no calls of this method with user input. But better safe than sorry. See also [[http://dev.mysql.com/doc/refman/5.1/en/server-sql-mode.html#sqlmode_no_backslash_escapes | NO_BACKSLASH_ESCAPES]]. Test Plan: lang=sql SELECT `a\`b`; -- Throws: Syntax error near '`'. -- Should throw: Unknown column 'a`b'. Reviewers: epriestley Reviewed By: epriestley CC: aran Differential Revision: https://secure.phabricator.com/D2109
This commit is contained in:
parent
23d5d7a1a6
commit
ff2b58dab7
1 changed files with 1 additions and 1 deletions
|
@ -38,7 +38,7 @@ final class AphrontMySQLDatabaseConnection extends AphrontDatabaseConnection {
|
|||
}
|
||||
|
||||
public function escapeColumnName($name) {
|
||||
return '`'.str_replace('`', '\\`', $name).'`';
|
||||
return '`'.str_replace('`', '``', $name).'`';
|
||||
}
|
||||
|
||||
public function escapeMultilineComment($comment) {
|
||||
|
|
Loading…
Reference in a new issue