Fix ' not being escaped properly when saving a DB table.

2025-09-22 20:16:36 -04:00 · 2016-09-05 14:25:52 +10:00 · 2016-09-05 14:25:52 +10:00 · 35230bac70
commit 35230bac70
parent 4be7974142
1 changed files with 2 additions and 2 deletions
--- a/Server/BackupDB.cs
+++ b/Server/BackupDB.cs
@ -90,9 +90,9 @@ namespace MCGalaxy {
                        	sql.Write("'{0:yyyy-MM-dd HH:mm:ss.ffff}'", (DateTime)row[col]);
                        } else if (type == typeof(bool)) {
                        	sql.Write((bool)row[col] ? "1" : "0");
-                        } else if (type == typeof(string)) { // Requires ''
+                        } else if (type == typeof(string)) {
                        	string value = row[col].ToString();
-                        	if (value.IndexOf(' ') >= 0)
+                        	if (value.IndexOf('\'') >= 0) // escape '
                        	    value = value.Replace("'", "''");
                        	sql.Write("'{0}'", value);
                        } else {