Apparently sql_quote() doesn't wrap value in quotes.

git-svn-id: https://vassalengine.svn.sourceforge.net/svnroot/vassalengine/site-src/trunk@6842 67b53d14-2c14-4ace-a08f-0dab2b34000c
author: uckelman <uckelman@nomic.net> 2010-05-09 22:02:26 +0000
committer: uckelman <uckelman@nomic.net> 2010-05-09 22:02:26 +0000
commit: 71446caebefe08d4615c5ae89f622230b323b5ac (patch)
tree: 47816a100f943559cb19af5496ac9d52bc6ce133
parent: 51dd620bf958dc79dd5947f7cd642f3693799f4b (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/src/PhpBB3.php b/src/PhpBB3.php
index 72700ce..24fe25c 100644
--- a/src/PhpBB3.php
+++ b/src/PhpBB3.php
@@ -265,9 +265,9 @@ class PhpBB3 {
            ') VALUES (' .
              $userId . ', ' .
              '1, ' .
-             $db->sql_escape($realFilename) . ', ' .
-             $db->sql_escape($comment) . ', ' .
-             $db->sql_escape($mimetype) . ', ' .
+             '"' . $db->sql_escape($realFilename) . '", ' .
+             '"' . $db->sql_escape($comment) . '", ' .
+             '"' . $db->sql_escape($mimetype) . '", ' .
              strlen($data) . ', ' .
              time() .
            ')';
author	uckelman <uckelman@nomic.net>	2010-05-09 22:02:26 +0000
committer	uckelman <uckelman@nomic.net>	2010-05-09 22:02:26 +0000
commit	71446caebefe08d4615c5ae89f622230b323b5ac (patch)
tree	47816a100f943559cb19af5496ac9d52bc6ce133
parent	51dd620bf958dc79dd5947f7cd642f3693799f4b (diff)