diff options
| author | Adam <Adam@anope.org> | 2012-03-02 17:05:59 -0500 |
|---|---|---|
| committer | Adam <Adam@anope.org> | 2012-03-02 17:05:59 -0500 |
| commit | 4ed844ffd5e19a7e95c47e34dbf7d3fd83039d3c (patch) | |
| tree | 3d2789e02a2b0cf25aa339ce3624b214d78f46d8 | |
| parent | 020467d472bc41831756e68ca341d2b166fadceb (diff) | |
Escape all column names when building sql queries
| -rw-r--r-- | modules/database/db_sql_live_write.cpp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/modules/database/db_sql_live_write.cpp b/modules/database/db_sql_live_write.cpp index 9ac2e17a1..0692f7f30 100644 --- a/modules/database/db_sql_live_write.cpp +++ b/modules/database/db_sql_live_write.cpp @@ -73,7 +73,7 @@ class DBMySQL : public Module query_text.erase(query_text.end() - 1); query_text += ") ON DUPLICATE KEY UPDATE "; for (Serializable::serialized_data::const_iterator it = data.begin(), it_end = data.end(); it != it_end; ++it) - query_text += it->first + "=VALUES(" + it->first + "),"; + query_text += "`" + it->first + "`=VALUES(`" + it->first + "`),"; query_text.erase(query_text.end() - 1); SQLQuery query(query_text); |