diff options
author | Eric <eric@piwigo.org> | 2009-11-18 20:07:20 +0000 |
---|---|---|
committer | Eric <eric@piwigo.org> | 2009-11-18 20:07:20 +0000 |
commit | 1235bab5276f8c56ed6ba9cff46563c143c3e240 (patch) | |
tree | 653723f35e14bcee66eeb6bad049c3b106444040 /admin/notification_by_mail.php | |
parent | 8a299654501db00316a56efda76448a6bb3975e1 (diff) |
Escape all login and username characters in database
Display correctly usernames
(I hope not to have made mistakes)
git-svn-id: http://piwigo.org/svn/trunk@4304 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to 'admin/notification_by_mail.php')
-rw-r--r-- | admin/notification_by_mail.php | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/admin/notification_by_mail.php b/admin/notification_by_mail.php index 11863b7f5..95aea99ae 100644 --- a/admin/notification_by_mail.php +++ b/admin/notification_by_mail.php @@ -175,7 +175,7 @@ order by $page['infos'], sprintf( l10n('nbm_user_x_added'), - $nbm_user['username'], + stripslashes($nbm_user['username']), get_email_address_as_display_text($nbm_user['mail_address']) ) ); @@ -388,7 +388,7 @@ function do_action_send_mail_notification($action = 'list_to_send', $check_key_l if (pwg_mail ( - format_email($nbm_user['username'], $nbm_user['mail_address']), + format_email(stripslashes($nbm_user['username']), $nbm_user['mail_address']), array ( 'from' => $env_nbm['send_as_mail_formated'], @@ -665,7 +665,7 @@ switch ($page['mode']) { if (get_boolean($nbm_user['enabled'])) { - $opt_true[ $nbm_user['check_key'] ] = $nbm_user['username'].'['.get_email_address_as_display_text($nbm_user['mail_address']).']'; + $opt_true[ $nbm_user['check_key'] ] = stripslashes($nbm_user['username']).'['.get_email_address_as_display_text($nbm_user['mail_address']).']'; if ((isset($_POST['falsify']) and isset($_POST['cat_true']) and in_array($nbm_user['check_key'], $_POST['cat_true']))) { $opt_true_selected[] = $nbm_user['check_key']; @@ -673,7 +673,7 @@ switch ($page['mode']) } else { - $opt_false[ $nbm_user['check_key'] ] = $nbm_user['username'].'['.get_email_address_as_display_text($nbm_user['mail_address']).']'; + $opt_false[ $nbm_user['check_key'] ] = stripslashes($nbm_user['username']).'['.get_email_address_as_display_text($nbm_user['mail_address']).']'; if (isset($_POST['trueify']) and isset($_POST['cat_false']) and in_array($nbm_user['check_key'], $_POST['cat_false'])) { $opt_false_selected[] = $nbm_user['check_key']; @@ -718,7 +718,7 @@ switch ($page['mode']) isset($_POST['send_selection']) and // not init !in_array($nbm_user['check_key'], $_POST['send_selection']) // not selected ) ? '' : 'checked="checked"', - 'USERNAME'=> $nbm_user['username'], + 'USERNAME'=> stripslashes($nbm_user['username']), 'EMAIL' => get_email_address_as_display_text($nbm_user['mail_address']), 'LAST_SEND'=> $nbm_user['last_send'] ); |