Changeset 10979


Ignore:
Timestamp:
05/21/11 17:00:14 (9 years ago)
Author:
Eric
Message:

using conf_update_param() and pwg_db_real_escape_string()

Location:
extensions/LCAS/trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • extensions/LCAS/trunk/admin/LCAS_admin.php

    r10549 r10979  
    4646    $_POST['LCAS_MailText']); 
    4747 
    48   $conf['LoginCaseAccentsSensitivity'] = serialize($newconf_LCAS); 
    49  
    50   $query = ' 
    51     UPDATE '.CONFIG_TABLE.' 
    52     SET value="'.addslashes($conf['LoginCaseAccentsSensitivity']).'" 
    53     WHERE param="LoginCaseAccentsSensitivity" 
    54     LIMIT 1 
    55     ;'; 
    56    
    57   pwg_query($query); 
     48  conf_update_param('LoginCaseAccentsSensitivity', pwg_db_real_escape_string(serialize($newconf_LCAS))); 
    5849 
    5950  array_push($page['infos'], l10n('LCAS_save_config')); 
     
    123114          $query = ' 
    124115            UPDATE '.USERS_TABLE.' 
    125             SET username="'.addslashes($_POST['user-'.$lcas_UserToUpdate]).'" 
     116            SET username="'.pwg_db_real_escape_string($_POST['user-'.$lcas_UserToUpdate]).'" 
    126117            WHERE id='.$lcas_UserToUpdate.' 
    127118            LIMIT 1 
  • extensions/LCAS/trunk/maintain.inc.php

    r9384 r10979  
    2222  $q = ' 
    2323INSERT INTO '.CONFIG_TABLE.' (param, value, comment) 
    24 VALUES ("LoginCaseAccentsSensitivity","'.addslashes(serialize($default)).'","LCAS parameters") 
     24VALUES ("LoginCaseAccentsSensitivity","'.pwg_db_real_escape_string(serialize($default)).'","LCAS parameters") 
    2525  ;'; 
    2626  pwg_query($q); 
Note: See TracChangeset for help on using the changeset viewer.