From a12bf10ece0d698b2b6bd32b2e6d28b6ea368e72 Mon Sep 17 00:00:00 2001 From: Remi Collet Date: Wed, 29 Nov 2017 07:04:57 +0100 Subject: missing quote --- all.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/all.php b/all.php index 44bc6f4..ac0fa16 100644 --- a/all.php +++ b/all.php @@ -66,17 +66,17 @@ function report ($db) $sql = sprintf( "SELECT DISTINCT name FROM rpm - WHERE SUBSTRING(name,1,1)='%s' + WHERE SUBSTRING(name,1,1) = %s ORDER BY name", - substr($what, 1, 1) + $db->quote(substr($what, 1, 1)) ); } else { $sql = sprintf( "SELECT DISTINCT name FROM acls - WHERE owner='%s' + WHERE owner = %s ORDER BY name", - $what + $db->quote($what) ); } //echo "

SQL=$sql

"; -- cgit