Changeset 11027 for extensions/hr_os_xl


Ignore:
Timestamp:
05/23/11 22:41:40 (9 years ago)
Author:
flop25
Message:

pwg_db_real_escape_string

Location:
extensions/hr_os_xl/admin
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • extensions/hr_os_xl/admin/admin.inc.php

    r10825 r11027  
    1919  $query = ' 
    2020UPDATE '.CONFIG_TABLE.' 
    21 SET value = "'.addslashes(serialize($_POST['foo'])).'" 
     21SET value = "'.pwg_db_real_escape_string(serialize($_POST['foo'])).'" 
    2222WHERE param = "hr_os_xl" 
    2323;'; 
  • extensions/hr_os_xl/admin/maintain.inc.php

    r10825 r11027  
    1616    $query = ' 
    1717INSERT INTO ' . CONFIG_TABLE . ' (param,value,comment) 
    18 VALUES ("hr_os_xl" , "'.addslashes(serialize($config)).'" , "hr_os_xl parameters");'; 
     18VALUES ("hr_os_xl" , "'.pwg_db_real_escape_string(serialize($config)).'" , "hr_os_xl parameters");'; 
    1919 
    2020    pwg_query($query); 
Note: See TracChangeset for help on using the changeset viewer.