Ignore:
Timestamp:
Oct 12, 2007 6:40:28 AM (17 years ago)
Author:
quinn
Message:

Removed escapeString from the printing of the sort order string. This string should contain raw-sql and quoting it can break things.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/lib/SortOrder.inc.php

    r247 r281  
    143143
    144144        if (!empty($this->_columns[mb_strtolower($this->sort_by)][mb_strtolower($this->order)])) {
    145             return sprintf(' ORDER BY %s ', $db->escapeString($this->_columns[mb_strtolower($this->sort_by)][mb_strtolower($this->order)]));
     145            return sprintf(' ORDER BY %s ', $this->_columns[mb_strtolower($this->sort_by)][mb_strtolower($this->order)]);
    146146        } else {
    147147            $app->logMsg(sprintf('Could not find SQL to sort by %s %s.', $this->sort_by, $this->order), LOG_WARNING, __FILE__, __LINE__);
Note: See TracChangeset for help on using the changeset viewer.