Changeset 2753
- Timestamp:
- Oct 15, 2008, 10:58:36 PM (16 years ago)
- Location:
- branches/2.0
- Files:
-
- 7 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/2.0/admin/group_list.php
r2530 r2753 108 108 (name) 109 109 VALUES 110 (\''.mysql_ escape_string($_POST['groupname']).'\')110 (\''.mysql_real_escape_string($_POST['groupname']).'\') 111 111 ;'; 112 112 pwg_query($query); -
branches/2.0/admin/history.php
r2543 r2753 111 111 '*', 112 112 '%', 113 mysql_ escape_string($_POST['filename'])113 mysql_real_escape_string($_POST['filename']) 114 114 ); 115 115 } -
branches/2.0/admin/template/goto/install.tpl
r2748 r2753 30 30 } 31 31 32 .sql_content {32 .sql_content, .infos a { 33 33 color: #ff3363; 34 34 } -
branches/2.0/admin/user_list.php
r2530 r2753 50 50 { 51 51 $username = str_replace('*', '%', $_GET['username']); 52 if (function_exists('mysql_real_escape_string')) 53 { 54 $filter['username'] = mysql_real_escape_string($username); 55 } 56 else 57 { 58 $filter['username'] = mysql_escape_string($username); 59 } 52 $filter['username'] = mysql_real_escape_string($username); 60 53 } 61 54 -
branches/2.0/include/functions_user.inc.php
r2572 r2753 116 116 array( 117 117 $conf['user_fields']['id'] => $next_id, 118 $conf['user_fields']['username'] => mysql_ escape_string($login),118 $conf['user_fields']['username'] => mysql_real_escape_string($login), 119 119 $conf['user_fields']['password'] => $conf['pass_convert']($password), 120 120 $conf['user_fields']['email'] => $mail_address … … 717 717 global $conf; 718 718 719 $username = mysql_ escape_string($username);719 $username = mysql_real_escape_string($username); 720 720 721 721 $query = ' -
branches/2.0/language/fr_FR/install.lang.php
r2748 r2753 60 60 Par mesure de sécurité, merci de supprimer le fichier "install.php"<br /> 61 61 Un fois ce fichier supprimé, veuillez suivre ces indications :<br /> 62 * allez sur la page d\'identification : [ <a href="./identification.php">identification</a> ] et connectez-vous avec le pseudo donné pour le webmaster br<br />62 * allez sur la page d\'identification : [ <a href="./identification.php">identification</a> ] et connectez-vous avec le pseudo donné pour le webmaster<br /> 63 63 * celui-ci vous permet d\'accéder à la partie administration et aux instructions pour placer les images dans les répertoires.'; 64 64 $lang['conf_mail_webmaster'] = 'Adresse e-mail de l\'Administrateur'; -
branches/2.0/password.php
r2325 r2753 57 57 else if (isset($_POST['mail_address']) and !empty($_POST['mail_address'])) 58 58 { 59 $mail_address = mysql_ escape_string($_POST['mail_address']);59 $mail_address = mysql_real_escape_string($_POST['mail_address']); 60 60 61 61 $query = '
Note: See TracChangeset
for help on using the changeset viewer.