From 42d65801a8874bd5435acfc0b1c9b56393c7c32f Mon Sep 17 00:00:00 2001
From: plegall <plg@piwigo.org>
Date: Tue, 29 Oct 2013 22:38:54 +0000
Subject: merge r25223 from branch 2.5 to trunk

bug 2992 fixed: escape all file names before searching them as duplicates in batch manager.



git-svn-id: http://piwigo.org/svn/trunk@25224 68402e56-0260-453c-a942-63ccdbb3a9ee
---
 admin/batch_manager.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'admin/batch_manager.php')

diff --git a/admin/batch_manager.php b/admin/batch_manager.php
index 302f8802f..22d4ace09 100644
--- a/admin/batch_manager.php
+++ b/admin/batch_manager.php
@@ -277,7 +277,7 @@ SELECT file
     $query = '
 SELECT id
   FROM '.IMAGES_TABLE.'
-  WHERE file IN (\''.implode("','", $duplicate_files).'\')
+  WHERE file IN (\''.implode("','", array_map('pwg_db_real_escape_string', $duplicate_files)).'\')
 ;';
     $filter_sets[] = array_from_query($query, 'id');
     
-- 
cgit v1.2.3