DataObjects/Core_enum.php

diff --git a/DataObjects/Core_enum.php b/DataObjects/Core_enum.php
index cb16941..311bea4 100644 (file)
--- a/DataObjects/Core_enum.php
+++ b/DataObjects/Core_enum.php
@@ -140,7 +140,7 @@ class Pman_Core_DataObjects_Core_enum extends DB_DataObject
                 $roo->jerr('name is exsiting');
             }
         }else{
-            $x->whereAdd("etype = '{$req['etype']}' AND name = '{$req['name']}'");
+            $x->whereAdd("etype = '{$this->escape($req['etype'])}' AND name = '{$this->escape($req['name'])}'");
             $x->find(true);
             if($x->count() > 0){
                 $roo->jerr('is exsiting');