diff options
| author | Bharat Mediratta <bharat@menalto.com> | 2009-06-23 14:23:11 -0700 |
|---|---|---|
| committer | Bharat Mediratta <bharat@menalto.com> | 2009-06-23 14:23:11 -0700 |
| commit | 4e3b84eb391de177d94fd1c4189d456280fd7fdd (patch) | |
| tree | 5ec2b701e723ed112ada3c483913430967076251 /modules/gallery/models | |
| parent | d5ee5741f2afa0e4a2d6406828cdad01bc8c3f2e (diff) | |
Escape {$this->sort_column} in get_position()
Diffstat (limited to 'modules/gallery/models')
| -rw-r--r-- | modules/gallery/models/item.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/modules/gallery/models/item.php b/modules/gallery/models/item.php index 7dce9e51..07c305d8 100644 --- a/modules/gallery/models/item.php +++ b/modules/gallery/models/item.php @@ -381,9 +381,9 @@ class Item_Model extends ORM_MPTT { $result = Database::instance()->query(" SELECT COUNT(*) AS position FROM {items} WHERE parent_id = {$this->id} - AND {$this->sort_column} <= (SELECT {$this->sort_column} + AND `{$this->sort_column}` <= (SELECT `{$this->sort_column}` FROM {items} WHERE id = $child_id) - ORDER BY {$this->sort_column} {$this->sort_order}"); + ORDER BY `{$this->sort_column}` {$this->sort_order}"); return $result->current()->position; } |