Changeset 10979


Ignore:
Timestamp:
May 21, 2011, 5:00:14 PM (13 years ago)
Author:
Eric
Message:

using conf_update_param() and pwg_db_real_escape_string()

Location:
extensions/LCAS/trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • extensions/LCAS/trunk/admin/LCAS_admin.php

    r10549 r10979  
    4646    $_POST['LCAS_MailText']);
    4747
    48   $conf['LoginCaseAccentsSensitivity'] = serialize($newconf_LCAS);
    49 
    50   $query = '
    51     UPDATE '.CONFIG_TABLE.'
    52     SET value="'.addslashes($conf['LoginCaseAccentsSensitivity']).'"
    53     WHERE param="LoginCaseAccentsSensitivity"
    54     LIMIT 1
    55     ;';
    56  
    57   pwg_query($query);
     48  conf_update_param('LoginCaseAccentsSensitivity', pwg_db_real_escape_string(serialize($newconf_LCAS)));
    5849
    5950  array_push($page['infos'], l10n('LCAS_save_config'));
     
    123114          $query = '
    124115            UPDATE '.USERS_TABLE.'
    125             SET username="'.addslashes($_POST['user-'.$lcas_UserToUpdate]).'"
     116            SET username="'.pwg_db_real_escape_string($_POST['user-'.$lcas_UserToUpdate]).'"
    126117            WHERE id='.$lcas_UserToUpdate.'
    127118            LIMIT 1
  • extensions/LCAS/trunk/maintain.inc.php

    r9384 r10979  
    2222  $q = '
    2323INSERT INTO '.CONFIG_TABLE.' (param, value, comment)
    24 VALUES ("LoginCaseAccentsSensitivity","'.addslashes(serialize($default)).'","LCAS parameters")
     24VALUES ("LoginCaseAccentsSensitivity","'.pwg_db_real_escape_string(serialize($default)).'","LCAS parameters")
    2525  ;';
    2626  pwg_query($q);
Note: See TracChangeset for help on using the changeset viewer.