Changeset 10943


Ignore:
Timestamp:
05/19/11 17:31:34 (9 years ago)
Author:
Eric
Message:

r10942 merged from trunk to branch 2.20

Location:
extensions/UserAdvManager/branches/2.20
Files:
5 edited

Legend:

Unmodified
Added
Removed
  • extensions/UserAdvManager/branches/2.20/admin/UAM_admin.php

    r10392 r10943  
    186186                $query = ' 
    187187                UPDATE '.CONFIG_TABLE.' 
    188                 SET value="'.addslashes($conf['UserAdvManager']).'" 
     188                SET value="'.pwg_db_real_escape_string($conf['UserAdvManager']).'" 
    189189                WHERE param="UserAdvManager" 
    190190                LIMIT 1 
     
    215215          $query = ' 
    216216      UPDATE '.CONFIG_TABLE.' 
    217                         SET value="'.addslashes($conf['UserAdvManager_ConfirmMail']).'" 
     217                        SET value="'.pwg_db_real_escape_string($conf['UserAdvManager_ConfirmMail']).'" 
    218218                        WHERE param="UserAdvManager_ConfirmMail" 
    219219                        LIMIT 1 
  • extensions/UserAdvManager/branches/2.20/changelog.txt.php

    r10707 r10943  
    248248-- 2.20.6 : Improve database update process 
    249249            Bug 2289 fixed - "Password in clear text in the information email" was working in a reverse logic 
     250 
     251-- 2.20.7 : Use pwg_db_real_escape_string() instead of addslashes() 
    250252*/ 
    251253?> 
  • extensions/UserAdvManager/branches/2.20/include/upgradedb.inc.php

    r10707 r10943  
    180180  $query = ' 
    181181UPDATE '.CONFIG_TABLE.' 
    182   SET value = "'.addslashes(serialize($upgrade_UAM)).'" 
     182  SET value = "'.pwg_db_real_escape_string(serialize($upgrade_UAM)).'" 
    183183  WHERE param = "nbc_UserAdvManager" 
    184184;'; 
     
    191191    $query = ' 
    192192UPDATE '.CONFIG_TABLE.' 
    193   SET value = "'.addslashes(serialize($data)).'" 
     193  SET value = "'.pwg_db_real_escape_string(serialize($data)).'" 
    194194  WHERE param = "nbc_UserAdvManager_ConfirmMail" 
    195195;'; 
     
    241241  $query = ' 
    242242      UPDATE '.CONFIG_TABLE.' 
    243                         SET value="'.addslashes($update_conf).'" 
     243                        SET value="'.pwg_db_real_escape_string($update_conf).'" 
    244244                        WHERE param="UserAdvManager_ConfirmMail" 
    245245                        LIMIT 1 
     
    297297  $query = ' 
    298298      UPDATE '.CONFIG_TABLE.' 
    299                         SET value="'.addslashes($update_conf).'" 
     299                        SET value="'.pwg_db_real_escape_string($update_conf).'" 
    300300                        WHERE param="UserAdvManager" 
    301301                        LIMIT 1 
     
    343343  $query = ' 
    344344      UPDATE '.CONFIG_TABLE.' 
    345                         SET value="'.addslashes($update_conf).'" 
     345                        SET value="'.pwg_db_real_escape_string($update_conf).'" 
    346346                        WHERE param="UserAdvManager" 
    347347                        LIMIT 1 
     
    389389  $query = ' 
    390390UPDATE '.CONFIG_TABLE.' 
    391 SET value="'.addslashes($update_conf).'" 
     391SET value="'.pwg_db_real_escape_string($update_conf).'" 
    392392WHERE param="UserAdvManager" 
    393393LIMIT 1 
     
    446446  $query = ' 
    447447UPDATE '.CONFIG_TABLE.' 
    448 SET value="'.addslashes($update_conf).'" 
     448SET value="'.pwg_db_real_escape_string($update_conf).'" 
    449449WHERE param="UserAdvManager" 
    450450LIMIT 1 
  • extensions/UserAdvManager/branches/2.20/main.inc.php

    r10707 r10943  
    22/* 
    33Plugin Name: UserAdvManager 
    4 Version: 2.20.6 
     4Version: 2.20.7 
    55Description: Renforcer la gestion des utilisateurs - Enforce users management 
    66Plugin URI: http://piwigo.org/ext/extension_view.php?eid=216 
  • extensions/UserAdvManager/branches/2.20/maintain.inc.php

    r10707 r10943  
    3535    $q = ' 
    3636INSERT INTO '.CONFIG_TABLE.' (param, value, comment) 
    37 VALUES ("UserAdvManager","'.addslashes(serialize($default1)).'","UAM parameters") 
     37VALUES ("UserAdvManager","'.pwg_db_real_escape_string(serialize($default1)).'","UAM parameters") 
    3838  ;'; 
    3939    pwg_query($q); 
     
    6262    $q = ' 
    6363INSERT INTO '.CONFIG_TABLE.' (param, value, comment) 
    64 VALUES ("UserAdvManager_ConfirmMail","'.addslashes(serialize($default2)).'","UAM ConfirmMail parameters") 
     64VALUES ("UserAdvManager_ConfirmMail","'.pwg_db_real_escape_string(serialize($default2)).'","UAM ConfirmMail parameters") 
    6565  ;'; 
    6666    pwg_query($q); 
Note: See TracChangeset for help on using the changeset viewer.