Posted by Xano on March 24, 2008 at 8:15pm
Jump to:
| Project: | Drupal core |
| Version: | 6.x-dev |
| Component: | base system |
| Category: | bug report |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | active |
Issue Summary
<?php
function cache_clear_all($cid = NULL, $table = NULL, $wildcard = FALSE) {
?>and
<?php
db_query("DELETE FROM {". $table ."}");
?>When passing on the wrong value for $table the wrong table can be wiped out accidentally. This can easily occur when making a typo (like I just did) or when there's a bug in a third-party module that allows users to enter a value for $table indirectly (hardly plausible, but possible).
Comments
#1
Does this issue exist in current D6?
#2