2009-03-29
MattJ
(posted on behalf of k8b in #dokuwiki)
Bug location: inc/auth/pgsql.class.php , line 199 , release dokuwiki-2009-02-14.tgz
<!-- old -->
$sql = $this->cnf['addUserGroup'];
if(strpos($sql,'%{uid}') !== false){
$uid = $this->_getUserID($user);
$sql = str_replace('%{uid}', $sql);
}
<!-- new -->
$sql = $this->cnf['addUserGroup'];
if(strpos($sql,'%{uid}') !== false){
$uid = $this->_getUserID($user);
$sql = str_replace('%{uid}', addslashes($uid), $sql);
}