From 7ce4084457ac30a8a7aa608c18626cc5746e2157 Mon Sep 17 00:00:00 2001
From: Remi Collet <fedora@famillecollet.com>
Date: Tue, 13 Sep 2016 09:39:22 +0200
Subject: missing escape

---
 class/TableIterator.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/class/TableIterator.php b/class/TableIterator.php
index 4a4c1b6..ee92ee9 100644
--- a/class/TableIterator.php
+++ b/class/TableIterator.php
@@ -219,10 +219,10 @@ class TableIterator  implements Iterator
 
             } else if (strpos($value,'%')===false){
                 // String
-                $ret .= "$name='$value'";
+                $ret .= "$name=" . $this->_conn->quote($value);
             } else {
                 // String with pattern
-                $ret .= "$name LIKE '$value'";
+                $ret .= "$name LIKE " . $this->_conn->quote($value);
             }
         }
         return $ret;
-- 
cgit