summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--lib/api/kolab_api_service_type.php8
1 files changed, 4 insertions, 4 deletions
diff --git a/lib/api/kolab_api_service_type.php b/lib/api/kolab_api_service_type.php
index 11d9387..794de16 100644
--- a/lib/api/kolab_api_service_type.php
+++ b/lib/api/kolab_api_service_type.php
@@ -92,11 +92,11 @@ class kolab_api_service_type extends kolab_api_service
$query['used_for'] = $postdata['used_for'] == 'hosted' ? 'hosted' : null;
}
- $query = array_map(array($this->db, 'escape'), $query);
+ $query = array_map(array($this->db, 'escape'), $query);
+ $columns = array_map(array($this->db, 'escape_identifier'), array_keys($query));
$this->db->query("INSERT INTO {$type}_types"
- . " (" . implode(',', array_keys($query)) . ")"
- . " VALUES (" . implode(',', $query) . ")");
+ . " (" . implode(', ', $columns) . ") VALUES (" . implode(', ', $query) . ")");
if (!($id = $this->db->last_insert_id())) {
return false;
@@ -175,7 +175,7 @@ class kolab_api_service_type extends kolab_api_service
}
foreach ($query as $idx => $value) {
- $query[$idx] = $idx . " = " . $this->db->escape($value);
+ $query[$idx] = $this->db->escape_identifier($idx) . " = " . $this->db->escape($value);
}
$result = $this->db->query("UPDATE {$type}_types SET "