diff options
author | Alexey Shchepin <alexey@process-one.net> | 2016-07-05 17:45:37 +0300 |
---|---|---|
committer | Alexey Shchepin <alexey@process-one.net> | 2016-07-05 17:45:37 +0300 |
commit | be3a4acb5547be957f910bd03c5683eccf797390 (patch) | |
tree | 814f8b7e015db5b5014e5c292d262f191265799a /src/node_flat_sql.erl | |
parent | Quote reserver 'type' keyword for pgsql to fix e300f80 (diff) |
Fix missed escaping in node_flat_sql.erl
Diffstat (limited to 'src/node_flat_sql.erl')
-rw-r--r-- | src/node_flat_sql.erl | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/src/node_flat_sql.erl b/src/node_flat_sql.erl index 37615ca1..8cd8e4cc 100644 --- a/src/node_flat_sql.erl +++ b/src/node_flat_sql.erl @@ -914,12 +914,13 @@ first_in_list(Pred, [H | T]) -> end. itemids(Nidx, {_U, _S, _R} = JID) -> - SJID = <<(ejabberd_sql:escape(encode_jid_like(JID)))/binary, "/%">>, + SJID = encode_jid(JID), + SJIDLike = <<(ejabberd_sql:escape(encode_jid_like(JID)))/binary, "/%">>, case catch ejabberd_sql:sql_query_t( ?SQL("select @(itemid)s from pubsub_item where " - "nodeid=%(Nidx)d and (publisher=%(JID)s" - " or publisher like %(SJID)s escape '^') " + "nodeid=%(Nidx)d and (publisher=%(SJID)s" + " or publisher like %(SJIDLike)s escape '^') " "order by modification desc")) of {selected, RItems} -> |