]> git.wh0rd.org - tt-rss.git/blobdiff - functions.php
git.wh0rd.org / tt-rss.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
getFeedArticles: properly escape tags
[tt-rss.git] / functions.php
diff --git a/functions.php b/functions.php
index 0252c0cfcd28052dcd15fb4dde527bc1eca9c4be..05eb85909c9e6c54b3b8fbe64448e5a78419c5ca 100644 (file)
--- a/functions.php
+++ b/functions.php
@@ -2611,6 +2611,8 @@
                        return getCategoryUnread($link, $n_feed, $owner_uid);           
                } if ($feed != "0" && $n_feed == 0) {
 
+                       $feed = db_escape_string($feed);
+
                        $result = db_query($link, "SELECT SUM((SELECT COUNT(int_id)
                                FROM ttrss_user_entries,ttrss_entries WHERE int_id = post_int_id 
                                        AND ref_id = id AND $age_qpart
web-based news feed (RSS/Atom) reader and aggregator; see https://tt-rss.org/