#12 Logfile::addLogFile() does not escape the given parameters

This commit is contained in:
Roland Rusch 2023-07-19 15:14:18 +02:00
parent 2eabd85b91
commit 9994f8c18d

View File

@ -256,6 +256,10 @@ class Logfile {
if(is_array($meldung)) {
$meldung = $this->app->DB->real_escape_string(print_r($meldung, true));
}
// Quick fix
$dump = $this->app->DB->real_escape_string(print_r($dump, true));
$this->app->DB->Insert(
sprintf(
"INSERT INTO logfile (module,action,meldung,dump,datum,bearbeiter,funktionsname)