Ticket #2462 (new patch)
Opened 2 months ago
Bad implementation of Convert::raw2sql
| Reported by: | isharp | Assigned to: | sminnee |
|---|---|---|---|
| Type: | patch | Priority: | medium |
| Milestone: | Component: | Sapphire Framework | |
| Version: | 2.2.2-rc2 | Severity: | medium effort / impact |
| Keywords: | raw2sql, addslashes, convert | Cc: | |
| Due date: | Harvest Task: | (Unknown) | |
| Invoice sent to client: | 0 | Hours: |
Description
It is considered best practice to use mysql_real_escape_string instead of addslashes to perform this kind of operation and why not use a function that is actually made for this purpose?
Attachments
Note: See
TracTickets for help on using
tickets.
