From: Andrew Dolgov <fox@madoka.volgo-balt.ru>
Date: Mon, 11 Mar 2013 10:14:28 +0000 (+0400)
Subject: escape fetch error message before saving in the db (closes #550)
X-Git-Tag: 1.7.2~1
X-Git-Url: https://git.wh0rd.org/?a=commitdiff_plain;h=96f98cb09137cc4a2a074c2c9cac3fd6eed50677;p=tt-rss.git

escape fetch error message before saving in the db (closes #550)
---

diff --git a/include/rssfuncs.php b/include/rssfuncs.php
index 2b13f945..0b1d0656 100644
--- a/include/rssfuncs.php
+++ b/include/rssfuncs.php
@@ -238,8 +238,10 @@
 				_debug("update_rss_feed: unable to fetch: $fetch_last_error");
 			}
 
+			$error_escaped = db_escape_string($fetch_last_error);
+
 			db_query($link,
-				"UPDATE ttrss_feeds SET last_error = '$fetch_last_error',
+				"UPDATE ttrss_feeds SET last_error = '$error_escaped',
 					last_updated = NOW() WHERE id = '$feed'");
 
 			return;