From 7cf3e98090a3e9f0a9cc960d07c5f259adab6a19 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Thu, 14 Nov 2013 08:39:08 -0500
Subject: [PATCH] Merge remote-tracking branch 'origin/stable-3.0.5'

---
 server/lib/classes/db_mysql.inc.php |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/server/lib/classes/db_mysql.inc.php b/server/lib/classes/db_mysql.inc.php
index acd86aa..af09fbf 100644
--- a/server/lib/classes/db_mysql.inc.php
+++ b/server/lib/classes/db_mysql.inc.php
@@ -280,7 +280,7 @@
                         return;
                 }
                 /* Get database-size from information_schema */
-                $result=mysql_query("SELECT SUM(data_length+index_length) FROM information_schema.TABLES WHERE table_schema='".$database_name."';",$link);
+		$result=mysql_query("SELECT SUM(data_length+index_length) FROM information_schema.TABLES WHERE table_schema='".mysql_real_escape_string($database_name)."';",$link);
                 $this->close;
                 if (!$result) {
                         $app->log('Unable to get the database-size'.mysql_error($link),LOGLEVEL_DEBUG);

--
Gitblit v1.9.1