Wavyzz/dolibarr-fork
2
0
Fork 0
forked from Wavyzz/dolibarr
Code Pull Requests Activity

Security: A lot of security fixes

Browse Source
This commit is contained in:
Laurent Destailleur
2011-11-02 20:17:23 +01:00
parent 295745f62a
commit 63820ab375
10 changed files with 74 additions and 70 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
htdocs/lib/databases/pgsql.lib.php
View File

@@ -666,8 +666,8 @@ class DoliDb
if (! $return) $return.=' ORDER BY ';
else $return.=',';
$return.=$val;
if ($sortorder) $return.=' '.$sortorder;
$return.=preg_replace('/[^0-9a-z_\.]/i','',$val);
if ($sortorder) $return.=' '.preg_replace('/[^0-9a-z]/i','',$sortorder);
}
return $return;
}