Details
-
Improvement
-
Resolution: Unresolved
-
High
-
4.6.0
-
None
Description
$db->escapeString() does not escape underscores (which are considered as wildcards in MySQL), but it should at least on demand.
Consider adding a flag parameter to this method.