Avoid sql injection on edge cases

10 years ago · dd0171c726
parent d5ec17aa70
commit dd0171c726
1 changed files with 3 additions and 0 deletions
--- a/php/modules/db.php
+++ b/php/modules/db.php
@ -25,6 +25,9 @@ function dbConnect() {
    if (!$database->query("SELECT * FROM lychee_photos, lychee_albums, lychee_settings;"))
    	if (!createTables($database)) exit('Error: Could not create tables!');

+    // Avoid sql injection
+    $database->set_charset('GBK');
+
    return $database;

 }