Fix missing quote bug in addrecipe.

author: cos <cos> 2011-08-08 22:25:24 +0200
committer: cos <cos> 2011-08-08 22:25:24 +0200
commit: a1c8f5df883936f64b0ed213ac536f734481b14f (patch)
tree: 4ba9dcfcf0ce37711f7cbbdccbe90fa998260415
parent: f0783ca2f72ff9f178c59d85aa33f17cecd13158 (diff)
download: mat-a1c8f5df883936f64b0ed213ac536f734481b14f.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/mat b/mat
index 22b7cf5..7a8aa79 100755
--- a/mat
+++ b/mat
@@ -304,7 +304,8 @@ sub cmd_addrecipe {
     $db->do($sql);
   }
 
-  $sql = "SELECT id FROM recipes WHERE name='$recipe_name' AND uri='$uri';";
+  $sql = "SELECT id FROM recipes WHERE name=".$db->quote($recipe_name).
+      " AND uri=".$db->quote($uri).";";
   my @recipe_id = $db->selectrow_array($sql);
   return interactive_edit_recipe_ingredients($recipe_id[0]);
 }
author	cos <cos>	2011-08-08 22:25:24 +0200
committer	cos <cos>	2011-08-08 22:25:24 +0200
commit	a1c8f5df883936f64b0ed213ac536f734481b14f (patch)
tree	4ba9dcfcf0ce37711f7cbbdccbe90fa998260415
parent	f0783ca2f72ff9f178c59d85aa33f17cecd13158 (diff)
download	mat-a1c8f5df883936f64b0ed213ac536f734481b14f.zip