Changeset 11028 for extensions/hr_os
- Timestamp:
- May 23, 2011, 10:41:45 PM (14 years ago)
- Location:
- extensions/hr_os/admin
- Files:
-
- 2 edited
-
admin.inc.php (modified) (1 diff)
-
maintain.inc.php (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
extensions/hr_os/admin/admin.inc.php
r10826 r11028 19 19 $query = ' 20 20 UPDATE '.CONFIG_TABLE.' 21 SET value = "'. addslashes(serialize($_POST['foo'])).'"21 SET value = "'.pwg_db_real_escape_string(serialize($_POST['foo'])).'" 22 22 WHERE param = "hr_os" 23 23 ;'; -
extensions/hr_os/admin/maintain.inc.php
r10826 r11028 16 16 $query = ' 17 17 INSERT INTO ' . CONFIG_TABLE . ' (param,value,comment) 18 VALUES ("hr_os" , "'. addslashes(serialize($config)).'" , "hr_os parameters");';18 VALUES ("hr_os" , "'.pwg_db_real_escape_string(serialize($config)).'" , "hr_os parameters");'; 19 19 20 20 pwg_query($query);
Note: See TracChangeset
for help on using the changeset viewer.
