修复一个sql 注入安全漏洞

Application/Home/Controller/ItemController.class.php

@@ -134,6 +134,7 @@ class ItemController extends BaseController {
         $current_page_id = I("page_id/d");
         //判断个性域名
         if ($item_domain) {
+            $item_domain = \SQLite3::escapeString($item_domain) ;
             $item = D("Item")->where("item_domain = '$item_domain' ")->find();
             if ($item['item_id']) {
                 $item_id = $item['item_id'] ;
@@ -170,6 +171,7 @@ class ItemController extends BaseController {
             
         //是否有搜索词
         if ($keyword) {
+            $keyword = \SQLite3::escapeString($keyword) ;
             $pages = D("Page")->where("item_id = '$item_id' and ( page_title like '%{$keyword}%' or page_content like '%{$keyword}%' ) ")->order(" `s_number` asc  ")->field("page_id,author_uid,cat_id,page_title,addtime")->select();
         
         }else{

composer.json

@@ -5,7 +5,7 @@
     "description": "ShowDoc is a tool greatly applicable for an IT team to share documents online",
     "keywords": ["showdoc","documents","Api"],
     "homepage": "https://github.com/star7th/showdoc",
-    "version":"v1.2.4",
+    "version":"v1.2.5",
     "license": "Apache-2.0",
     "authors": [
         {