fix item_id not being properly escaped in pref_feeds::process_category_order() (possi...

diff --git a/classes/pref/feeds.php b/classes/pref/feeds.php
index 595d29577ddb29162f0077e39927da74f7bcb3bd..167ddabf416d6cbec001e8377fff774b7fe2e620 100755 (executable)
--- a/classes/pref/feeds.php
+++ b/classes/pref/feeds.php
@@ -324,7 +324,7 @@ class Pref_Feeds extends Handler_Protected {
 
                if ($debug) _debug("$prefix C: $item_id P: $parent_id");
 
-               $bare_item_id = substr($item_id, strpos($item_id, ':')+1);
+               $bare_item_id = $this->dbh->escape_string(substr($item_id, strpos($item_id, ':')+1));
 
                if ($item_id != 'root') {
                        if ($parent_id && $parent_id != 'root') {
@@ -346,7 +346,7 @@ class Pref_Feeds extends Handler_Protected {
                if ($cat && is_array($cat)) {
                        foreach ($cat as $item) {
                                $id = $item['_reference'];
-                               $bare_id = substr($id, strpos($id, ':')+1);
+                               $bare_id = $this->dbh->escape_string(substr($id, strpos($id, ':')+1));
 
                                if ($debug) _debug("$prefix [$order_id] $id/$bare_id");