diff options
| author | plegall <plg@piwigo.org> | 2005-05-02 20:44:27 +0000 |
|---|---|---|
| committer | plegall <plg@piwigo.org> | 2005-05-02 20:44:27 +0000 |
| commit | 39e65897dccd7a459ff2eda5c221ed0f48b7d3c9 (patch) | |
| tree | 0567db84b9c6400649620bc00590cebec2416359 | |
| parent | 600c108a1fa5c0e9eaec8c58f599c6f3735bfffa (diff) | |
- bug 107 fixed : "crash when virtual category name contains a quote". In
fact, the problem was in log line insertion. Category name must be
"addslashed".
git-svn-id: http://piwigo.org/svn/branches/branch-1_4@784 68402e56-0260-453c-a942-63ccdbb3a9ee
| -rw-r--r-- | include/functions.inc.php | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/include/functions.inc.php b/include/functions.inc.php index edc9f2062..80399ce87 100644 --- a/include/functions.inc.php +++ b/include/functions.inc.php @@ -340,11 +340,11 @@ INSERT INTO '.HISTORY_TABLE.' (date,login,IP,file,category,picture) VALUES (NOW(), - \''.(($user['id'] == 2) ? 'guest' : $user['username']).'\', + \''.(($user['id'] == 2) ? 'guest' : addslashes($user['username'])).'\', \''.$_SERVER['REMOTE_ADDR'].'\', - \''.$file.'\', - \''.$category.'\', - \''.$picture.'\') + \''.addslashes($file).'\', + \''.addslashes($category).'\', + \''.addslashes($picture).'\') ;'; pwg_query($query); } |