diff options
-rw-r--r-- | engine/lib/database.php | 6 | ||||
-rw-r--r-- | languages/en.php | 1 |
2 files changed, 7 insertions, 0 deletions
diff --git a/engine/lib/database.php b/engine/lib/database.php index fa5b4a894..a9c4017a0 100644 --- a/engine/lib/database.php +++ b/engine/lib/database.php @@ -250,6 +250,12 @@ function explain_query($query, $link) { function execute_query($query, $dblink) { global $CONFIG, $dbcalls; + // remove newlines so logs are easier to read + $query = preg_replace("/[\r\n]/", "", $query); + if ($query == NULL) { + throw new DatabaseException(elgg_echo('DatabaseException:InvalidQuery')); + } + $dbcalls++; $result = mysql_query($query, $dblink); diff --git a/languages/en.php b/languages/en.php index 12e9782a5..f5b7f2287 100644 --- a/languages/en.php +++ b/languages/en.php @@ -54,6 +54,7 @@ $english = array( 'SecurityException:FunctionDenied' => "Access to privileged function '%s' is denied.", 'DatabaseException:DBSetupIssues' => "There were a number of issues: ", 'DatabaseException:ScriptNotFound' => "Elgg couldn't find the requested database script at %s.", + 'DatabaseException:InvalidQuery' => "Invalid query", 'IOException:FailedToLoadGUID' => "Failed to load new %s from GUID:%d", 'InvalidParameterException:NonElggObject' => "Passing a non-ElggObject to an ElggObject constructor!", |