codeninjasllc/discourse
1
0
Fork 0
mirror of https://github.com/codeninjasllc/discourse.git synced 2025-02-17 04:01:29 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

SECURITY: Possible SQL injection.

Browse source
This commit is contained in:
Guo Xiang Tan 2016-07-18 15:35:12 +08:00
parent e99a73e16d
commit da21fad10b
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
app/models/screened_ip_address.rb
View file

@ -56,7 +56,7 @@ class ScreenedIpAddress < ActiveRecord::Base
#
# http://www.postgresql.org/docs/9.1/static/datatype-net-types.html
# http://www.postgresql.org/docs/9.1/static/functions-net.html
find_by("'#{ip_address.to_s}' <<= ip_address")
find_by("? <<= ip_address", ip_address.to_s)
end
def self.should_block?(ip_address)