Changeset 2097
- Timestamp:
- Sep 19, 2007, 8:47:41 AM (17 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/branch-1_7/admin/tags.php
r2092 r2097 62 62 foreach (explode(',', $_POST['edit_list']) as $tag_id) 63 63 { 64 if (function_exists('mysql_real_escape_string')) 65 { 66 $tag_name = mysql_real_escape_string(stripslashes($_POST['tag_name-'.$tag_id])); 67 } 68 else 69 { 70 $tag_name = mysql_escape_string(stripslashes($_POST['tag_name-'.$tag_id])); 71 } 64 $tag_name = stripslashes($_POST['tag_name-'.$tag_id]); 72 65 73 66 if ($tag_name != $current_name_of[$tag_id]) … … 89 82 array( 90 83 'id' => $tag_id, 91 'name' => $tag_name,84 'name' => addslashes($tag_name), 92 85 'url_name' => str2url($tag_name), 93 86 ) … … 149 142 if (isset($_POST['add']) and !empty($_POST['add_tag']) and !is_adviser()) 150 143 { 151 if (function_exists('mysql_real_escape_string')) 152 { 153 $tag_name = mysql_real_escape_string(stripslashes($_POST['add_tag'])); 154 } 155 else 156 { 157 $tag_name = mysql_escape_string(stripslashes($_POST['add_tag'])); 158 } 144 $tag_name = $_POST['add_tag']; 159 145 160 146 // does the tag already exists?
Note: See TracChangeset
for help on using the changeset viewer.