Changeset 21510


Ignore:
Timestamp:
Mar 12, 2013, 12:41:46 PM (7 years ago)
Author:
plg
Message:

fix bug on single quotes in AMM custom menus

File:
1 edited

Legend:

Unmodified
Added
Removed
  • extensions/AMenuManager/amm_root.class.inc.php

    r20213 r21510  
    443443      $sql="UPDATE ".$this->tables['personalised']."
    444444            SET visible='$visible',
    445                 nfo='".$nfo."'
     445                nfo='".pwg_db_real_escape_string(stripslashes($nfo))."'
    446446            WHERE id='$id';";
    447447      $result=pwg_query($sql);
     
    463463        $values[]="('$id',
    464464                    '".$lang['lang']."',
    465                     '".$lang['title']."',
    466                     '".$lang['content']."')";
     465                    '".pwg_db_real_escape_string(stripslashes($lang['title']))."',
     466                    '".pwg_db_real_escape_string(stripslashes($lang['content']))."')";
    467467      }
    468468      $sql="INSERT INTO ".$this->tables['personalised_langs']." VALUES ".implode(',', $values);
Note: See TracChangeset for help on using the changeset viewer.