aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorcash <cash@36083f99-b078-4883-b0ff-0f9b5a30f544>2011-03-27 02:23:12 +0000
committercash <cash@36083f99-b078-4883-b0ff-0f9b5a30f544>2011-03-27 02:23:12 +0000
commit7baa422117398b0fbf5e69393d96a734d182a94a (patch)
treec5a051290b56c48168ad16828811fa29fab09878
parent39893d41dffe2099518c220d62b806b52a483e49 (diff)
downloadelgg-7baa422117398b0fbf5e69393d96a734d182a94a.tar.gz
elgg-7baa422117398b0fbf5e69393d96a734d182a94a.tar.bz2
Fixes #2591 removing newlines in queries - thanks to Tachyon
git-svn-id: http://code.elgg.org/elgg/trunk@8869 36083f99-b078-4883-b0ff-0f9b5a30f544
-rw-r--r--engine/lib/database.php6
-rw-r--r--languages/en.php1
2 files changed, 7 insertions, 0 deletions
diff --git a/engine/lib/database.php b/engine/lib/database.php
index fa5b4a894..a9c4017a0 100644
--- a/engine/lib/database.php
+++ b/engine/lib/database.php
@@ -250,6 +250,12 @@ function explain_query($query, $link) {
function execute_query($query, $dblink) {
global $CONFIG, $dbcalls;
+ // remove newlines so logs are easier to read
+ $query = preg_replace("/[\r\n]/", "", $query);
+ if ($query == NULL) {
+ throw new DatabaseException(elgg_echo('DatabaseException:InvalidQuery'));
+ }
+
$dbcalls++;
$result = mysql_query($query, $dblink);
diff --git a/languages/en.php b/languages/en.php
index 12e9782a5..f5b7f2287 100644
--- a/languages/en.php
+++ b/languages/en.php
@@ -54,6 +54,7 @@ $english = array(
'SecurityException:FunctionDenied' => "Access to privileged function '%s' is denied.",
'DatabaseException:DBSetupIssues' => "There were a number of issues: ",
'DatabaseException:ScriptNotFound' => "Elgg couldn't find the requested database script at %s.",
+ 'DatabaseException:InvalidQuery' => "Invalid query",
'IOException:FailedToLoadGUID' => "Failed to load new %s from GUID:%d",
'InvalidParameterException:NonElggObject' => "Passing a non-ElggObject to an ElggObject constructor!",