Changeset 4290 for extensions/NBC_UserAdvManager/trunk/include/functions_UserAdvManager.inc.php

Timestamp:

Nov 17, 2009, 6:59:59 PM (14 years ago)

Author:

Eric

Message:

[NBC_UserAdvManager]

• Escaping all characters in login or username.
• Using mysql_fetch_assoc instead of mysql_fetch_array

File:

• extensions/NBC_UserAdvManager/trunk/include/functions_UserAdvManager.inc.php (modified) (8 diffs)

extensions/NBC_UserAdvManager/trunk/include/functions_UserAdvManager.inc.php

@@ -118 +118 @@
   {
     case 1:
-      $subject = '['.$conf['gallery_title'].'] '.l10n_args(get_l10n_args('Reminder_with_key_of_%s', stripslashes($username)));
+      $subject = '['.$conf['gallery_title'].'] '.l10n_args(get_l10n_args('Reminder_with_key_of_%s', $username));
       
       if (isset($conf_nbc_UserAdvManager_ConfirmMail[2]) and $conf_nbc_UserAdvManager_ConfirmMail[2] <> '' and isset($conf_nbc_UserAdvManager_ConfirmMail[3]) and $conf_nbc_UserAdvManager_ConfirmMail[3] == 'true' and $confirm)
@@ -138 +138 @@
       
     case 2:
-      $subject = '['.$conf['gallery_title'].'] '.l10n_args(get_l10n_args('Reminder_without_key_of_%s', stripslashes($username)));
+      $subject = '['.$conf['gallery_title'].'] '.l10n_args(get_l10n_args('Reminder_without_key_of_%s',$username));
       
       if (isset($conf_nbc_UserAdvManager_ConfirmMail[2]) and $conf_nbc_UserAdvManager_ConfirmMail[2] <> '' and isset($conf_nbc_UserAdvManager_ConfirmMail[3]) and $conf_nbc_UserAdvManager_ConfirmMail[3] == 'true' and !$confirm)
@@ -178 +178 @@
         $infos1_perso = "";
 
-  $subject = '['.$conf['gallery_title'].'] '.l10n_args(get_l10n_args('Ghost_remainder_of_%s', stripslashes($username)));
+  $subject = '['.$conf['gallery_title'].'] '.l10n_args(get_l10n_args('Ghost_remainder_of_%s', $username));
       
   if (isset($conf_nbc_UserAdvManager[19]) and $conf_nbc_UserAdvManager[19] <> '' and isset($conf_nbc_UserAdvManager[17]) and $conf_nbc_UserAdvManager[17] == 'true')
@@ -379 +379 @@
 WHERE id = '".$id."'
 ;";
-    $data = mysql_fetch_array(pwg_query($query));
+    $data = mysql_fetch_assoc(pwg_query($query));
         
     if (!empty($data) and isset($data['user_id']) and !isset($data['date_check']))
@@ -545 +545 @@
 WHERE user_id = '".$id."'
 ;";
-    $data = mysql_fetch_array(pwg_query($query));
+    $data = mysql_fetch_assoc(pwg_query($query));
 
     if (!empty($data) and isset($data['user_id']) and !isset($data['date_check']))
@@ -718 +718 @@
         $result = pwg_query($query);
       
-  while ($row = mysql_fetch_array($result))
+  while ($row = mysql_fetch_assoc($result))
   {
         $user = $row;
@@ -745 +745 @@
                 $result = pwg_query($query);
         
-    while ($row = mysql_fetch_array($result))
+    while ($row = mysql_fetch_assoc($result))
     {
         array_push(
@@ -783 +783 @@
         $result = pwg_query($query);
       
-  while ($row = mysql_fetch_array($result))
+  while ($row = mysql_fetch_assoc($result))
   {
         $user = $row;