Permalink
Browse files

made $lat $lon SQL safe

  • Loading branch information...
1 parent e80fdcc commit c2bffb4e5bd634d501ab4dcd47828b5790c7072d @milovanderlinden milovanderlinden committed Apr 5, 2011
Showing with 7 additions and 2 deletions.
  1. +7 −2 osb.inc.php
View
@@ -24,8 +24,13 @@ function OpenStreetBlock($lat, $lon, $db, $max_nodes_expand = OSB_MAX_NODES_EXPA
$res = array();
# this is not really SQL safe is it?
- $wkt_point = sprintf("Point(%s %s)", $lon, $lat);
-
+try {
+ $lat = floatval($lat);
+ $lon = floatval($lon);
+ $wkt_point = sprintf("Point(%f %f)", $lon, $lat);
+} catch (Exception $e) {
+ return 'Caught exception: ', $e->getMessage(), "\n";
+}
# Find the way that is closes to the point in question

0 comments on commit c2bffb4

Please sign in to comment.