diff --git a/src/Parser.php b/src/Parser.php index 4413015..5095fd3 100644 --- a/src/Parser.php +++ b/src/Parser.php @@ -435,7 +435,7 @@ public function parse() $qC=$this->dbdat->query("SELECT marketname,brand_code,brand,brand_url,icon,icon_big FROM udger_devicename_list JOIN udger_devicename_brand ON udger_devicename_brand.id=udger_devicename_list.brand_id - WHERE regex_id=".$r["id"]." and code = '".trim($result[1])."' COLLATE NOCASE "); + WHERE regex_id=".$r["id"]." and code = '".\SQLite3::escapeString(trim($result[1]))."' COLLATE NOCASE "); if($rC = $qC->fetchArray(SQLITE3_ASSOC)) { $this->logger->debug("parse useragent string: device marketname found");