diff options
-rw-r--r-- | include/functions.inc.php | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/include/functions.inc.php b/include/functions.inc.php index edc9f2062..80399ce87 100644 --- a/include/functions.inc.php +++ b/include/functions.inc.php @@ -340,11 +340,11 @@ INSERT INTO '.HISTORY_TABLE.' (date,login,IP,file,category,picture) VALUES (NOW(), - \''.(($user['id'] == 2) ? 'guest' : $user['username']).'\', + \''.(($user['id'] == 2) ? 'guest' : addslashes($user['username'])).'\', \''.$_SERVER['REMOTE_ADDR'].'\', - \''.$file.'\', - \''.$category.'\', - \''.$picture.'\') + \''.addslashes($file).'\', + \''.addslashes($category).'\', + \''.addslashes($picture).'\') ;'; pwg_query($query); } |