aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--include/functions.inc.php8
1 files changed, 4 insertions, 4 deletions
diff --git a/include/functions.inc.php b/include/functions.inc.php
index edc9f2062..80399ce87 100644
--- a/include/functions.inc.php
+++ b/include/functions.inc.php
@@ -340,11 +340,11 @@ INSERT INTO '.HISTORY_TABLE.'
(date,login,IP,file,category,picture)
VALUES
(NOW(),
- \''.(($user['id'] == 2) ? 'guest' : $user['username']).'\',
+ \''.(($user['id'] == 2) ? 'guest' : addslashes($user['username'])).'\',
\''.$_SERVER['REMOTE_ADDR'].'\',
- \''.$file.'\',
- \''.$category.'\',
- \''.$picture.'\')
+ \''.addslashes($file).'\',
+ \''.addslashes($category).'\',
+ \''.addslashes($picture).'\')
;';
pwg_query($query);
}