aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorpatdenice <patdenice@piwigo.org>2007-09-18 17:53:05 +0000
committerpatdenice <patdenice@piwigo.org>2007-09-18 17:53:05 +0000
commitb2c5c04c6a7778a11b285592fad04fe1574eef28 (patch)
treeb3b9a00f394ad42a4b2547fca0a888d10ffbd972
parent08aa93a93b8fdb94c767bdd118f260f826ad9326 (diff)
0000734: bug on tags edition
git-svn-id: http://piwigo.org/svn/trunk@2093 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to '')
-rw-r--r--admin/tags.php13
1 files changed, 10 insertions, 3 deletions
diff --git a/admin/tags.php b/admin/tags.php
index 777281761..b3ef994b4 100644
--- a/admin/tags.php
+++ b/admin/tags.php
@@ -63,11 +63,11 @@ SELECT id, name
{
if (function_exists('mysql_real_escape_string'))
{
- $tag_name = mysql_real_escape_string($_POST['tag_name-'.$tag_id]);
+ $tag_name = mysql_real_escape_string(stripslashes($_POST['tag_name-'.$tag_id]));
}
else
{
- $tag_name = mysql_escape_string($_POST['tag_name-'.$tag_id]);
+ $tag_name = mysql_escape_string(stripslashes($_POST['tag_name-'.$tag_id]));
}
if ($tag_name != $current_name_of[$tag_id])
@@ -148,7 +148,14 @@ DELETE
if (isset($_POST['add']) and !empty($_POST['add_tag']) and !is_adviser())
{
- $tag_name = $_POST['add_tag'];
+ if (function_exists('mysql_real_escape_string'))
+ {
+ $tag_name = mysql_real_escape_string(stripslashes($_POST['add_tag']));
+ }
+ else
+ {
+ $tag_name = mysql_escape_string(stripslashes($_POST['add_tag']));
+ }
// does the tag already exists?
$query = '