More relaxed filtering for rawQuery()

a0ff4263 · Alexander Butenko · 4188a491 · a0ff4263
Commit a0ff4263 authored May 11, 2014 by Alexander Butenko
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 1 deletion

MysqliDb.php MysqliDb.php +2 -1

No files found.
--- a/MysqliDb.php
+++ b/MysqliDb.php
@@ -160,7 +160,8 @@ class MysqliDb
     */
    public function rawQuery($query, $bindParams = null)
    {
-        $this->_query = filter_var($query, FILTER_SANITIZE_STRING);
+        $this->_query = filter_var ($query, FILTER_SANITIZE_MAGIC_QUOTES,
+                                    FILTER_FLAG_NO_ENCODE_QUOTES);
        $stmt = $this->_prepareQuery();

        if (is_array($bindParams) === true) {