Changeset 6714 for trunk/admin
- Timestamp:
- Jul 27, 2010, 2:37:38 PM (14 years ago)
- Location:
- trunk/admin
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/admin/element_set_unit.php
r6363 r6714 68 68 $data['level'] = $_POST['level-'.$row['id']]; 69 69 70 foreach (array('name', ' author', 'level') as $field)70 foreach (array('name', 'level') as $field) 71 71 { 72 72 if (!empty($_POST[$field.'-'.$row['id']])) … … 239 239 '&image_id='.$row['id'], 240 240 'NAME' => !empty($row['name'])?$row['name']:'', 241 'AUTHOR' => !empty($row['author'])? $row['author']:'',241 'AUTHOR' => !empty($row['author'])?htmlspecialchars($row['author']):'', 242 242 'LEVEL' => !empty($row['level'])?$row['level']:'0', 243 243 'DESCRIPTION' => !empty($row['comment'])?$row['comment']:'', -
trunk/admin/picture_modify.php
r6363 r6714 237 237 'REGISTRATION_DATE' => format_date($row['date_available']), 238 238 239 'AUTHOR' => isset($_POST['author']) ? $_POST['author'] : @$row['author'], 239 'AUTHOR' => htmlspecialchars( 240 isset($_POST['author']) 241 ? stripslashes($_POST['author']) 242 : @$row['author'] 243 ), 240 244 241 245 'DESCRIPTION' =>
Note: See TracChangeset
for help on using the changeset viewer.