$db->groupBy delete all \" or \' makes it couldn't use CONCAT to connect string

ThingEngineer / PHP-MySQLi-Database-Class

Wrapper for a PHP MySQL class, which utilizes MySQLi and prepared statements.

Other

3.3k stars 1.34k forks source link

$db->groupBy delete all \" or \' makes it couldn't use CONCAT to connect string #981

Open forwhat461 opened 2 years ago

forwhat461 commented 2 years ago

.... and just replace line 1278 with $groupByField = preg_replace("/[^-a-z0-9\.,_\* <>=!\"']+/i", '', $groupByField); makes it don't just delete \" and \' ....