Changeset 11028 for extensions/hr_os


Ignore:
Timestamp:
May 23, 2011, 10:41:45 PM (9 years ago)
Author:
flop25
Message:

pwg_db_real_escape_string

Location:
extensions/hr_os/admin
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • extensions/hr_os/admin/admin.inc.php

    r10826 r11028  
    1919  $query = '
    2020UPDATE '.CONFIG_TABLE.'
    21 SET value = "'.addslashes(serialize($_POST['foo'])).'"
     21SET value = "'.pwg_db_real_escape_string(serialize($_POST['foo'])).'"
    2222WHERE param = "hr_os"
    2323;';
  • extensions/hr_os/admin/maintain.inc.php

    r10826 r11028  
    1616    $query = '
    1717INSERT INTO ' . CONFIG_TABLE . ' (param,value,comment)
    18 VALUES ("hr_os" , "'.addslashes(serialize($config)).'" , "hr_os parameters");';
     18VALUES ("hr_os" , "'.pwg_db_real_escape_string(serialize($config)).'" , "hr_os parameters");';
    1919
    2020    pwg_query($query);
Note: See TracChangeset for help on using the changeset viewer.