From 50c0b50abffa5c718ff493352dbc63a4539c5d99 Mon Sep 17 00:00:00 2001 From: "Fedor A. Fetisov" Date: Tue, 10 Sep 2013 19:10:26 +0400 Subject: [PATCH] Sanitize database tables prefix --- src/messenger/webim/libs/common.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/messenger/webim/libs/common.php b/src/messenger/webim/libs/common.php index e23021eb..5966a346 100644 --- a/src/messenger/webim/libs/common.php +++ b/src/messenger/webim/libs/common.php @@ -23,6 +23,8 @@ require_once(dirname(__FILE__) . '/config.php'); // Sanitize path to application and remove extra slashes $webimroot = join("/", array_map("urlencode", preg_split('/\//', preg_replace('/\/+$/', '', preg_replace('/\/{2,}/', '/', '/' . $webimroot))))); +// Sanitize database tables prefix +$mysqlprefix = preg_replace('/[^A-Za-z0-9_$]/', '', $mysqlprefix); $version = '1.6.5'; $jsver = "165";