What does it say? Is it kicking out a bad SQL statement? Can you post it
here?
On 10/23/07, Paul Coghlan <pcoghlan(a)usa.net> wrote:
Marko
Sorry to say it but I changed the text as per your email but still get the
same database error??
Paul
On 10/23/07 6:52 PM, "Marko Milisavljevic" <marko(a)cognistudio.com>
wrote:
No kidding! I don't have time unfortunately
to play with it too much,
but I
ldRevisions#A_few_s
erious_errors_and_security_concerns
On 10/23/07, Platonides <Platonides(a)gmail.com> wrote:
Marko Milisavljevic wrote:
Try replacing:
$arc[] = "'" . $row->page_title . "'";
with:
$arc[] = $dbw->addQuotes($row->page_title);
Creating a two revision page about ';DROP TABLE user; --
http://xkcd.com/327/ ;)
_______________________________________________
MediaWiki-l mailing list
MediaWiki-l(a)lists.wikimedia.org
http://lists.wikimedia.org/mailman/listinfo/mediawiki-l
_______________________________________________
MediaWiki-l mailing list
MediaWiki-l(a)lists.wikimedia.org
http://lists.wikimedia.org/mailman/listinfo/mediawiki-l
_______________________________________________
MediaWiki-l mailing list
MediaWiki-l(a)lists.wikimedia.org
http://lists.wikimedia.org/mailman/listinfo/mediawiki-l