[pLog-svn] r4948 - plugins/branches/lifetype-1.2/unported/blogstatistics
jondaley at devel.lifetype.net
jondaley at devel.lifetype.net
Sat Mar 3 08:29:26 EST 2007
Author: jondaley
Date: 2007-03-03 08:29:26 -0500 (Sat, 03 Mar 2007)
New Revision: 4948
Modified:
plugins/branches/lifetype-1.2/unported/blogstatistics/pluginblogstatistics.class.php
Log:
escape stuff going into the database to be more careful
Modified: plugins/branches/lifetype-1.2/unported/blogstatistics/pluginblogstatistics.class.php
===================================================================
--- plugins/branches/lifetype-1.2/unported/blogstatistics/pluginblogstatistics.class.php 2007-03-03 13:25:38 UTC (rev 4947)
+++ plugins/branches/lifetype-1.2/unported/blogstatistics/pluginblogstatistics.class.php 2007-03-03 13:29:26 UTC (rev 4948)
@@ -20,7 +20,6 @@
lt_include( PLOG_CLASS_PATH."class/plugin/pluginbase.class.php" );
lt_include( PLOG_CLASS_PATH."class/data/Date.class.php" );
-// lt_include( PLOG_CLASS_PATH."class/data/timestamp.class.php" );
class PluginBlogStatistics extends PluginBase
{
@@ -118,6 +117,7 @@
function logStatistics(){
lt_include( PLOG_CLASS_PATH."class/net/url.class.php" );
lt_include( PLOG_CLASS_PATH."class/data/validator/rules/urlformatrule.class.php" );
+ lt_include( PLOG_CLASS_PATH."class/database/db.class.php" );
lt_include( PLOG_CLASS_PATH."class/net/client.class.php" );
$blog = $this->blogInfo->getId();
@@ -145,7 +145,9 @@
if(preg_match("/[^0-9]/", $articleId) || $articleId == "")
$articleId = 0;
- $this->injectSql("(`blog_id`, `article_id`, `time`, `ip`, `refer`, `agent`) VALUES ('$blog', '$articleId', '$timestamp', '$clientip', '$refer', '$agent');");
+ $this->injectSql("(`blog_id`, `article_id`, `time`, `ip`, `refer`, `agent`) ".
+ "VALUES ('$blog', '$articleId', '$timestamp', '$clientip', '".
+ Db::qstr($refer)."', '".Db::qstr($agent)."')");
}
function injectSql($dbqry)
More information about the pLog-svn
mailing list