From 495abe9702275d02f3d95db2cce5e903c2875c5b Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Fri, 7 Dec 2018 18:02:42 +0300 Subject: [PATCH] af_psql_trgm: fix parameter not being quoted properly in showrelated --- plugins/af_psql_trgm/init.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/plugins/af_psql_trgm/init.php b/plugins/af_psql_trgm/init.php index de0494dbf..cd12c6be0 100644 --- a/plugins/af_psql_trgm/init.php +++ b/plugins/af_psql_trgm/init.php @@ -63,7 +63,7 @@ class Af_Psql_Trgm extends Plugin { ttrss_entries.title AS title, updated, link, ttrss_feeds.title AS feed_title, - SIMILARITY(ttrss_entries.title, '$title') AS sm + SIMILARITY(ttrss_entries.title, ?) AS sm FROM ttrss_entries, ttrss_user_entries LEFT JOIN ttrss_feeds ON (ttrss_feeds.id = feed_id) WHERE @@ -75,7 +75,7 @@ class Af_Psql_Trgm extends Plugin { sm DESC, date_entered DESC LIMIT 10"); - $sth->execute([$owner_uid, $id]); + $sth->execute([$title, $owner_uid, $id]); print "