github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-01-18 18:12:46 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

SECURITY: Possible SQL injection.

Browse Source
This commit is contained in:
Guo Xiang Tan 2016-07-18 15:35:12 +08:00
parent e99a73e16d
commit da21fad10b
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/models/screened_ip_address.rb
View File

@ -56,7 +56,7 @@ class ScreenedIpAddress < ActiveRecord::Base
#
# http://www.postgresql.org/docs/9.1/static/datatype-net-types.html
# http://www.postgresql.org/docs/9.1/static/functions-net.html
find_by("'#{ip_address.to_s}' <<= ip_address")
find_by("? <<= ip_address", ip_address.to_s)
end
def self.should_block?(ip_address)