Changeset 10942
- Timestamp:
- May 19, 2011, 5:28:40 PM (13 years ago)
- Location:
- extensions/UserAdvManager/trunk
- Files:
-
- 5 edited
Legend:
- Unmodified
- Added
- Removed
-
extensions/UserAdvManager/trunk/admin/UAM_admin.php
r10391 r10942 186 186 $query = ' 187 187 UPDATE '.CONFIG_TABLE.' 188 SET value="'. addslashes($conf['UserAdvManager']).'"188 SET value="'.pwg_db_real_escape_string($conf['UserAdvManager']).'" 189 189 WHERE param="UserAdvManager" 190 190 LIMIT 1 … … 215 215 $query = ' 216 216 UPDATE '.CONFIG_TABLE.' 217 SET value="'. addslashes($conf['UserAdvManager_ConfirmMail']).'"217 SET value="'.pwg_db_real_escape_string($conf['UserAdvManager_ConfirmMail']).'" 218 218 WHERE param="UserAdvManager_ConfirmMail" 219 219 LIMIT 1 -
extensions/UserAdvManager/trunk/changelog.txt.php
r10706 r10942 248 248 -- 2.20.6 : Improve database update process 249 249 Bug 2289 fixed - "Password in clear text in the information email" was working in a reverse logic 250 251 -- 2.20.7 : Use pwg_db_real_escape_string() instead of addslashes() 250 252 */ 251 253 ?> -
extensions/UserAdvManager/trunk/include/upgradedb.inc.php
r10706 r10942 180 180 $query = ' 181 181 UPDATE '.CONFIG_TABLE.' 182 SET value = "'. addslashes(serialize($upgrade_UAM)).'"182 SET value = "'.pwg_db_real_escape_string(serialize($upgrade_UAM)).'" 183 183 WHERE param = "nbc_UserAdvManager" 184 184 ;'; … … 191 191 $query = ' 192 192 UPDATE '.CONFIG_TABLE.' 193 SET value = "'. addslashes(serialize($data)).'"193 SET value = "'.pwg_db_real_escape_string(serialize($data)).'" 194 194 WHERE param = "nbc_UserAdvManager_ConfirmMail" 195 195 ;'; … … 241 241 $query = ' 242 242 UPDATE '.CONFIG_TABLE.' 243 SET value="'. addslashes($update_conf).'"243 SET value="'.pwg_db_real_escape_string($update_conf).'" 244 244 WHERE param="UserAdvManager_ConfirmMail" 245 245 LIMIT 1 … … 297 297 $query = ' 298 298 UPDATE '.CONFIG_TABLE.' 299 SET value="'. addslashes($update_conf).'"299 SET value="'.pwg_db_real_escape_string($update_conf).'" 300 300 WHERE param="UserAdvManager" 301 301 LIMIT 1 … … 343 343 $query = ' 344 344 UPDATE '.CONFIG_TABLE.' 345 SET value="'. addslashes($update_conf).'"345 SET value="'.pwg_db_real_escape_string($update_conf).'" 346 346 WHERE param="UserAdvManager" 347 347 LIMIT 1 … … 389 389 $query = ' 390 390 UPDATE '.CONFIG_TABLE.' 391 SET value="'. addslashes($update_conf).'"391 SET value="'.pwg_db_real_escape_string($update_conf).'" 392 392 WHERE param="UserAdvManager" 393 393 LIMIT 1 … … 446 446 $query = ' 447 447 UPDATE '.CONFIG_TABLE.' 448 SET value="'. addslashes($update_conf).'"448 SET value="'.pwg_db_real_escape_string($update_conf).'" 449 449 WHERE param="UserAdvManager" 450 450 LIMIT 1 -
extensions/UserAdvManager/trunk/main.inc.php
r10706 r10942 2 2 /* 3 3 Plugin Name: UserAdvManager 4 Version: 2.20. 64 Version: 2.20.7 5 5 Description: Renforcer la gestion des utilisateurs - Enforce users management 6 6 Plugin URI: http://piwigo.org/ext/extension_view.php?eid=216 -
extensions/UserAdvManager/trunk/maintain.inc.php
r10706 r10942 35 35 $q = ' 36 36 INSERT INTO '.CONFIG_TABLE.' (param, value, comment) 37 VALUES ("UserAdvManager","'. addslashes(serialize($default1)).'","UAM parameters")37 VALUES ("UserAdvManager","'.pwg_db_real_escape_string(serialize($default1)).'","UAM parameters") 38 38 ;'; 39 39 pwg_query($q); … … 62 62 $q = ' 63 63 INSERT INTO '.CONFIG_TABLE.' (param, value, comment) 64 VALUES ("UserAdvManager_ConfirmMail","'. addslashes(serialize($default2)).'","UAM ConfirmMail parameters")64 VALUES ("UserAdvManager_ConfirmMail","'.pwg_db_real_escape_string(serialize($default2)).'","UAM ConfirmMail parameters") 65 65 ;'; 66 66 pwg_query($q);
Note: See TracChangeset
for help on using the changeset viewer.