Fix a possible SQL injection

lairdshaw · lairdshaw · commit e8daa4f3ef7b · 2021-02-17T05:52:40.000+10:00
diff --git a/upload/inc/plugins/isango.php b/upload/inc/plugins/isango.php
@@ -277,7 +277,7 @@ function isango_bridge()
 
 			if ($mybb->user['uid'] && $mybb->settings['isango_single_connection']) { // UCP Connection add request. Validate
 				global $db, $lang;
-				if ($db->fetch_field($db->simple_select("isango", "COUNT(cid) AS conn", "gateway='" . $gateway . "' AND uid='" . $mybb->user['uid'] . "'"), "conn")) {
+				if ($db->fetch_field($db->simple_select("isango", "COUNT(cid) AS conn", "gateway='" . $db->escape_string($gateway) . "' AND uid='" . $mybb->user['uid'] . "'"), "conn")) {
 					error($lang->sprintf($lang->isango_single_connection_error, ucwords($gateway)));
 				}
 			}

Original file line number	Diff line number	Diff line change
`@@ -277,7 +277,7 @@ function isango_bridge()`
`277`	`277`
`278`	`278`	`if ($mybb->user['uid'] && $mybb->settings['isango_single_connection']) { // UCP Connection add request. Validate`
`279`	`279`	`global $db, $lang;`
`280`		`- if ($db->fetch_field($db->simple_select("isango", "COUNT(cid) AS conn", "gateway='" . $gateway . "' AND uid='" . $mybb->user['uid'] . "'"), "conn")) {`
	`280`	`+ if ($db->fetch_field($db->simple_select("isango", "COUNT(cid) AS conn", "gateway='" . $db->escape_string($gateway) . "' AND uid='" . $mybb->user['uid'] . "'"), "conn")) {`
`281`	`281`	`error($lang->sprintf($lang->isango_single_connection_error, ucwords($gateway)));`
`282`	`282`	`}`
`283`	`283`	`}`