diff options
author | plegall <plg@piwigo.org> | 2013-10-29 22:37:45 +0000 |
---|---|---|
committer | plegall <plg@piwigo.org> | 2013-10-29 22:37:45 +0000 |
commit | df56834db44c617a8cfedbc56d0fb7b6be1f8c44 (patch) | |
tree | dc58df3fd3f8f18b43670dd2a80bdc2c0dd79b9f /admin/batch_manager.php | |
parent | 4f7546267badd08677faba3a5c1cd639e08a4729 (diff) |
bug 2992 fixed: escape all file names before searching them as duplicates in batch manager.
git-svn-id: http://piwigo.org/svn/branches/2.5@25223 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to '')
-rw-r--r-- | admin/batch_manager.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/admin/batch_manager.php b/admin/batch_manager.php index b9dbe4de6..c0ecc05c8 100644 --- a/admin/batch_manager.php +++ b/admin/batch_manager.php @@ -268,7 +268,7 @@ SELECT file $query = ' SELECT id FROM '.IMAGES_TABLE.' - WHERE file IN (\''.implode("','", $duplicate_files).'\') + WHERE file IN (\''.implode("','", array_map('pwg_db_real_escape_string', $duplicate_files)).'\') ;'; array_push( |