diff options
author | patdenice <patdenice@piwigo.org> | 2007-09-18 16:41:36 +0000 |
---|---|---|
committer | patdenice <patdenice@piwigo.org> | 2007-09-18 16:41:36 +0000 |
commit | b34b7c6b28a7d34488f4ca5947a618be10028b3d (patch) | |
tree | 53e4e14777f8c945f88327b4e525336550c7d58b /admin | |
parent | 0a8cfa318a853943bc315d17c36cc4d7d6680f8b (diff) |
0000734: bug on tags edition
git-svn-id: http://piwigo.org/svn/branches/branch-1_7@2092 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to 'admin')
-rw-r--r-- | admin/tags.php | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/admin/tags.php b/admin/tags.php index 777281761..b3ef994b4 100644 --- a/admin/tags.php +++ b/admin/tags.php @@ -63,11 +63,11 @@ SELECT id, name { if (function_exists('mysql_real_escape_string')) { - $tag_name = mysql_real_escape_string($_POST['tag_name-'.$tag_id]); + $tag_name = mysql_real_escape_string(stripslashes($_POST['tag_name-'.$tag_id])); } else { - $tag_name = mysql_escape_string($_POST['tag_name-'.$tag_id]); + $tag_name = mysql_escape_string(stripslashes($_POST['tag_name-'.$tag_id])); } if ($tag_name != $current_name_of[$tag_id]) @@ -148,7 +148,14 @@ DELETE if (isset($_POST['add']) and !empty($_POST['add_tag']) and !is_adviser()) { - $tag_name = $_POST['add_tag']; + if (function_exists('mysql_real_escape_string')) + { + $tag_name = mysql_real_escape_string(stripslashes($_POST['add_tag'])); + } + else + { + $tag_name = mysql_escape_string(stripslashes($_POST['add_tag'])); + } // does the tag already exists? $query = ' |