• Joshua Wise's avatar
    Escape SQL parameter in Profile_tag::moveTag() · 5b118b37
    Joshua Wise authored
    This change adds additional escapes for arguments to
    Profile_tag::moveTag(). The arguments are canonicalized in the API and
    Web UI paths higher up the stack, but this change makes sure that no
    other paths can introduce SQL injection errors.
    5b118b37
Name
Last commit
Last update
actions Loading commit data...
avatar Loading commit data...
background Loading commit data...
classes Loading commit data...
db Loading commit data...
doc-src Loading commit data...
extlib Loading commit data...
file Loading commit data...
js Loading commit data...
lib Loading commit data...
local Loading commit data...
locale Loading commit data...
mail-src Loading commit data...
plugins Loading commit data...
scripts Loading commit data...
tests Loading commit data...
theme Loading commit data...
.gitignore Loading commit data...
CONFIGURE Loading commit data...
COPYING Loading commit data...
EVENTS.txt Loading commit data...
INSTALL Loading commit data...
Makefile Loading commit data...
PLUGINS.txt Loading commit data...
README Loading commit data...
UPGRADE Loading commit data...
apple-touch-icon.png Loading commit data...
favicon.ico Loading commit data...
htaccess.sample Loading commit data...
index.php Loading commit data...
install.php Loading commit data...
lighttpd.conf.example Loading commit data...