diff options
Diffstat (limited to 'engine/lib/metadata.php')
-rw-r--r-- | engine/lib/metadata.php | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/engine/lib/metadata.php b/engine/lib/metadata.php index d0ab818b9..d2851275d 100644 --- a/engine/lib/metadata.php +++ b/engine/lib/metadata.php @@ -647,7 +647,7 @@ function elgg_get_entity_metadata_where_sql($table, $names = NULL, $values = NUL if (!$name) { $name = '0'; } - $sanitised_names[] = "'$name'"; + $sanitised_names[] = '\'' . sanitise_string($name) . '\''; } if ($names_str = implode(',', $sanitised_names)) { @@ -671,7 +671,7 @@ function elgg_get_entity_metadata_where_sql($table, $names = NULL, $values = NUL if (!$value) { $value = 0; } - $sanitised_values[] = "'$value'"; + $sanitised_values[] = '\'' . sanitise_string($value) . '\''; } if ($values_str = implode(',', $sanitised_values)) { @@ -740,13 +740,15 @@ function elgg_get_entity_metadata_where_sql($table, $names = NULL, $values = NUL // if the operand is IN don't quote it because quoting should be done already. //$value = trim(strtolower($operand)) == 'in' ? $pair['value'] : "'{$pair['value']}'"; if (trim(strtolower($operand)) == 'in' || sanitise_int($pair['value'])) { - $value = $pair['value']; + $value = sanitise_string($pair['value']); } else { - $value = "'{$pair['value']}'"; + $value = '\'' . sanitise_string($pair['value']) . '\''; } + $name = sanitise_string($pair['name']); + $access = get_access_sql_suffix("md{$i}"); - $pair_wheres[] = "(msn{$i}.string = '{$pair['name']}' AND {$pair_binary}msv{$i}.string $operand $value AND $access)"; + $pair_wheres[] = "(msn{$i}.string = '$name' AND {$pair_binary}msv{$i}.string $operand $value AND $access)"; $i++; } |