From c5701e70a4950fcaa06e0e775102ccc5caff22f8 Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <fox@bah.org.ru>
Date: Tue, 31 Aug 2010 11:30:28 +0400
Subject: getFeedArticles: properly escape tags

---
 functions.php | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'functions.php')

diff --git a/functions.php b/functions.php
index 0252c0cfc..05eb85909 100644
--- a/functions.php
+++ b/functions.php
@@ -2611,6 +2611,8 @@
 			return getCategoryUnread($link, $n_feed, $owner_uid);		
 		} if ($feed != "0" && $n_feed == 0) {
 
+			$feed = db_escape_string($feed);
+
 			$result = db_query($link, "SELECT SUM((SELECT COUNT(int_id)
 				FROM ttrss_user_entries,ttrss_entries WHERE int_id = post_int_id 
 					AND ref_id = id AND $age_qpart
-- 
cgit v1.2.3