From b1c5e25b5e4eed872230ebffe72cc7ece4533ee2 Mon Sep 17 00:00:00 2001 From: plegall Date: Sun, 18 Sep 2005 21:56:56 +0000 Subject: - bug 107 fixed: crash when logging visit on a category containing "'" character. Correction reported from branch 1.4 - bug fixed: in admin/stats, incorrect SQL queries gave no result. git-svn-id: http://piwigo.org/svn/trunk@868 68402e56-0260-453c-a942-63ccdbb3a9ee --- include/functions.inc.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'include/functions.inc.php') diff --git a/include/functions.inc.php b/include/functions.inc.php index 5fb2fc263..ae5f46415 100644 --- a/include/functions.inc.php +++ b/include/functions.inc.php @@ -359,11 +359,11 @@ INSERT INTO '.HISTORY_TABLE.' (date,login,IP,file,category,picture) VALUES (NOW(), - \''.(($user['id'] == 2) ? 'guest' : $user['username']).'\', + \''.(($user['id'] == 2) ? 'guest' : addslashes($user['username'])).'\', \''.$_SERVER['REMOTE_ADDR'].'\', - \''.$file.'\', - \''.$category.'\', - \''.$picture.'\') + \''.addslashes($file).'\', + \''.addslashes($category).'\', + \''.addslashes($picture).'\') ;'; pwg_query($query); } -- cgit v1.2.3