? .cache
? .git
? .project
? .settings
? empty
? grant-op-278675-1.patch
? logs
? node_access_11.patch
? modules/file
? sites/all/modules
? sites/default/files
? sites/default/settings.php
? sites/default/test
Index: modules/node/node.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/node/node.module,v
retrieving revision 1.998
diff -u -p -r1.998 node.module
--- modules/node/node.module	22 Nov 2008 14:09:41 -0000	1.998
+++ modules/node/node.module	24 Nov 2008 09:40:51 -0000
@@ -2136,9 +2136,9 @@ function node_access($op, $node, $accoun
       $grants_sql = 'AND (' . implode(' OR ', $grants) . ')';
     }
 
-    $sql = "SELECT COUNT(*) FROM {node_access} WHERE (nid = 0 OR nid = %d) $grants_sql AND grant_$op >= 1";
-    $result = db_query($sql, $node->nid);
-    return (db_result($result));
+    $grant_op = db_escape_table('grant_' . $op);
+    $sql = "SELECT COUNT(*) FROM {node_access} WHERE (nid = 0 OR nid = :nid) $grants_sql AND $grant_op >= 1";
+    return db_query($sql, array(':nid' => $node->nid))->fetchField();
   }
 
   // Let authors view their own nodes.