hans/Nominatim
1
0
Fork 1
mirror of https://github.com/osm-search/Nominatim.git synced 2026-03-11 13:24:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

sanitize special search term before normalizing

Browse Source
This commit is contained in:
Sarah Hoffmann
2017-10-06 00:22:27 +02:00
parent 00a3a8834b
commit f8d55b5448
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/Geocode.php
View File

@@ -1061,7 +1061,7 @@ class Geocode
continue; continue;
} }
$sToken = chksql($this->oDB->getOne("SELECT make_standard_name('".$aSpecialTerm[1]."') AS string")); $sToken = chksql($this->oDB->getOne("SELECT make_standard_name('".pg_escape_string($aSpecialTerm[1])."') AS string"));
$sSQL = 'SELECT * '; $sSQL = 'SELECT * ';
$sSQL .= 'FROM ( '; $sSQL .= 'FROM ( ';
$sSQL .= ' SELECT word_id, word_token, word, class, type, country_code, operator'; $sSQL .= ' SELECT word_id, word_token, word, class, type, country_code, operator';