From d2a9dd41c3550d42c27db0dd1b4c9daf122f018a Mon Sep 17 00:00:00 2001
From: Klaus-Uwe Mitterer <git@klaus-uwe.me>
Date: Fri, 5 Aug 2016 20:26:10 +0200
Subject: [PATCH] Add missing quotes...

---
 endpoint.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/endpoint.php b/endpoint.php
index db0d7e5..b91222a 100644
--- a/endpoint.php
+++ b/endpoint.php
@@ -10,7 +10,7 @@ if (isset($_GET["lat"]) && preg_match("/^-?\d+\.\d+$/", $_GET["lat"]) && isset($
         die("Connection failed: " . $conn->connect_error);
     }
 
-    $sql = "INSERT INTO tracker (device, lat, lon) VALUES (" . mysqli_real_escape_string($conn, $_GET['device']) . ", " . mysqli_real_escape_string($conn, $_GET['lat']) . ", " . mysqli_real_escape_string($conn, $_GET['lon']) . ");";
+    $sql = "INSERT INTO tracker (device, lat, lon) VALUES ('" . mysqli_real_escape_string($conn, $_GET['device']) . "', " . mysqli_real_escape_string($conn, $_GET['lat']) . ", " . mysqli_real_escape_string($conn, $_GET['lon']) . ");";
 
     if (!mysqli_query($conn, $sql)) {
         die('Error: ' . mysqli_error($conn));