Changeset 6703 for extensions/lmt/lmt_aip.class.inc.php
- Timestamp:
- Jul 24, 2010, 6:06:10 PM (14 years ago)
- File:
-
- 1 edited
-
extensions/lmt/lmt_aip.class.inc.php (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
extensions/lmt/lmt_aip.class.inc.php
r6701 r6703 564 564 if($_POST["text1"]!="") 565 565 { 566 $sql="INSERT INTO ".$this->tables["licence_author"]." VALUES('', '". addslashes($_POST["text1"])."', '".addslashes($_POST["text2"])."')";566 $sql="INSERT INTO ".$this->tables["licence_author"]." VALUES('', '". htmlspecialchars($_POST["text1"], ENT_QUOTES)."', '".htmlspecialchars($_POST["text2"], ENT_QUOTES)."')"; 567 567 $result=pwg_query($sql); 568 568 if($result) … … 590 590 { 591 591 $sql="UPDATE ".$this->tables["licence_author"]." 592 SET text1 = '". addslashes($_POST["text1"])."',593 text2 = '". addslashes($_POST["text2"])."'592 SET text1 = '". htmlspecialchars($_POST["text1"], ENT_QUOTES)."', 593 text2 = '".htmlspecialchars($_POST["text2"], ENT_QUOTES)."' 594 594 WHERE id = '".$_POST["id"]."'"; 595 595 $result=pwg_query($sql);
Note: See TracChangeset
for help on using the changeset viewer.
