Changeset 9323 for extensions/AdditionalPages/admin/upgrade.inc.php

Timestamp:

Feb 20, 2011, 1:14:40 PM (13 years ago)

Author:

patdenice

Message:

Use another $conf parameter to avoid conflicts.
Add htmlspecialchars in admin page.

File:

• extensions/AdditionalPages/admin/upgrade.inc.php (modified) (5 diffs)

extensions/AdditionalPages/admin/upgrade.inc.php

@@ -18 +18 @@
 }
 
-if ($conf['additional_pages'] === false)
+if ($conf['AP'] === false)
 {
   load_conf_from_db('param = "additional_pages"');
@@ -62 +62 @@
     $position = $row['pos'];
     if ($row['pos'] === '0')
-      $position = '-100';
+      $position = '-1000';
     elseif (empty($row['pos']))
       $position = '0';
@@ -70 +70 @@
     $query = '
 UPDATE '.$prefixeTable.'additionalpages
-SET title = "'.addslashes($title).'",
+SET title = "'.pwg_db_real_escape_string($title).'",
     pos = '.$position.',
     lang = '.$language.',
@@ -108 +108 @@
   }
 
-  $conf['additional_pages'] = $new_conf;
+  $conf['AP'] = $new_conf;
 
   conf_update_param('additional_pages', pwg_db_real_escape_string(serialize($new_conf)));
 }
 
-if (!isset($conf['additional_pages']['level_perm']))
+if (!isset($conf['AP']['level_perm']))
 {
   $query = '
@@ -128 +128 @@
   pwg_query($query);
 
-  $conf['additional_pages']['level_perm'] = false;
+  $conf['AP']['level_perm'] = false;
 
-  conf_update_param('additional_pages', pwg_db_real_escape_string(serialize($conf['additional_pages'])));
+  conf_update_param('additional_pages', pwg_db_real_escape_string(serialize($conf['AP'])));
 }