summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/PhpBB3.php6
1 files changed, 3 insertions, 3 deletions
diff --git a/src/PhpBB3.php b/src/PhpBB3.php
index 6fd785f..72700ce 100644
--- a/src/PhpBB3.php
+++ b/src/PhpBB3.php
@@ -265,9 +265,9 @@ class PhpBB3 {
') VALUES (' .
$userId . ', ' .
'1, ' .
- $realFilename . ', ' .
- $comment . ', ' .
- $mimetype . ', ' .
+ $db->sql_escape($realFilename) . ', ' .
+ $db->sql_escape($comment) . ', ' .
+ $db->sql_escape($mimetype) . ', ' .
strlen($data) . ', ' .
time() .
')';