mirror of
				https://github.com/NodeBB/NodeBB.git
				synced 2025-10-26 08:36:12 +01:00 
			
		
		
		
	fix: use parameterized query for key lookup
This commit is contained in:
		| @@ -85,7 +85,8 @@ module.exports = function (module) { | |||||||
| 			text: ` | 			text: ` | ||||||
| 		SELECT o."_key" | 		SELECT o."_key" | ||||||
| 		FROM "legacy_object_live" o | 		FROM "legacy_object_live" o | ||||||
| 		WHERE o."_key" LIKE '${match}'`, | 		WHERE o."_key" LIKE $1`, | ||||||
|  | 			values: [match], | ||||||
| 		}); | 		}); | ||||||
|  |  | ||||||
| 		return res.rows.map(r => r._key); | 		return res.rows.map(r => r._key); | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user