GX-Bug #56036 » ProductContentFixMySQLiFix.patch
| src/gambio_updater/updates/v3.7.1.0/dependent.inc.php (date 1522751805000) | ||
|---|---|---|
| 254 | 254 |
{
|
| 255 | 255 |
foreach($results as $result) |
| 256 | 256 |
{
|
| 257 |
$productContentsQuery = 'INSERT INTO `product_contents` (`name`) VALUE ("' . $result['content_name'] . '")';
|
|
| 257 |
$productContentsQuery = 'INSERT INTO `product_contents` (`name`) VALUE ("' . $this->coo_mysqli->real_escape_string($result['content_name']) . '")';
|
|
| 258 | 258 | |
| 259 | 259 |
$this->query($productContentsQuery, true); |
| 260 | 260 |
// Abort import on error |
| ... | ... | |
| 278 | 278 | |
| 279 | 279 |
$productContentDescriptionQuery = 'INSERT INTO `product_content_descriptions` (`product_content_id`, `language_id`, `title`, `content`) VALUES ("'
|
| 280 | 280 |
. $productContentId . '", "' . $result['languages_id'] . '", "' |
| 281 |
. $result['content_name'] . '", "'
|
|
| 281 |
. $this->real_escape_string($result['content_name']) . '", "'
|
|
| 282 | 282 |
. $this->real_escape_string($result['file_comment']) . '");'; |
| 283 | 283 | |
| 284 | 284 |
$this->query($productContentDescriptionQuery, true); |