From 39e65897dccd7a459ff2eda5c221ed0f48b7d3c9 Mon Sep 17 00:00:00 2001
From: plegall <plg@piwigo.org>
Date: Mon, 2 May 2005 20:44:27 +0000
Subject: - bug 107 fixed : "crash when virtual category name contains a
 quote". In   fact, the problem was in log line insertion. Category name must
 be   "addslashed".

git-svn-id: http://piwigo.org/svn/branches/branch-1_4@784 68402e56-0260-453c-a942-63ccdbb3a9ee
---
 include/functions.inc.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/include/functions.inc.php b/include/functions.inc.php
index edc9f2062..80399ce87 100644
--- a/include/functions.inc.php
+++ b/include/functions.inc.php
@@ -340,11 +340,11 @@ INSERT INTO '.HISTORY_TABLE.'
   (date,login,IP,file,category,picture)
   VALUES
   (NOW(),
-  \''.(($user['id'] == 2) ? 'guest' : $user['username']).'\',
+  \''.(($user['id'] == 2) ? 'guest' : addslashes($user['username'])).'\',
   \''.$_SERVER['REMOTE_ADDR'].'\',
-  \''.$file.'\',
-  \''.$category.'\',
-  \''.$picture.'\')
+  \''.addslashes($file).'\',
+  \''.addslashes($category).'\',
+  \''.addslashes($picture).'\')
 ;';
     pwg_query($query);
   }
-- 
cgit v1.2.3