From 356a991a7bfac731dc63d3ce29ccd050143fbebf Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Mon, 24 Dec 2012 14:17:24 +0400 Subject: [PATCH] update_rss_feed: escape error string immediately --- include/rssfuncs.php | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/include/rssfuncs.php b/include/rssfuncs.php index 817490a8..fb2f3527 100644 --- a/include/rssfuncs.php +++ b/include/rssfuncs.php @@ -1017,14 +1017,12 @@ } else { - $error_msg = mb_substr($rss->error(), 0, 250); + $error_msg = db_escape_string(mb_substr($rss->error(), 0, 250)); if ($debug_enabled) { _debug("update_rss_feed: error fetching feed: $error_msg"); } - $error_msg = db_escape_string($error_msg); - db_query($link, "UPDATE ttrss_feeds SET last_error = '$error_msg', last_updated = NOW() WHERE id = '$feed'"); -- 2.39.5