From 9ad2e7c3d4511c25a061e2b2459008b7b9cfd8aa Mon Sep 17 00:00:00 2001
From: brettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544>
Date: Mon, 11 Jan 2010 23:18:13 +0000
Subject: Sanitising relationship in elgg_get_entities_from_relationship();

git-svn-id: http://code.elgg.org/elgg/trunk@3797 36083f99-b078-4883-b0ff-0f9b5a30f544
---
 engine/lib/relationships.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/engine/lib/relationships.php b/engine/lib/relationships.php
index bdd5aadde..d84e70bfb 100644
--- a/engine/lib/relationships.php
+++ b/engine/lib/relationships.php
@@ -558,7 +558,7 @@ function elgg_get_entity_relationship_where_sql($table, $relationship = NULL, $r
 	}
 
 	if ($relationship) {
-		$wheres[] = "r.relationship = '$relationship'";
+		$wheres[] = "r.relationship = '" . sanitise_string($relationship) . "'";
 	}
 
 	if ($relationship_guid) {
-- 
cgit v1.2.3