Project

General

Profile

« Previous | Next » 

Revision 1868

Added by Dietmar almost 12 years ago

! change mysql_esc_string to WbDatabase::getInstance()->escapeStrinng()

View differences:

CopyTheme.php
97 97
	private function _SanitizeNewName($sName)
98 98
	{
99 99
		$sName = (trim($sName) == '' ? 'MyNewTheme' : $sName);
100
		$sName = mysql_real_escape_string($sName);
100
		$sName = $this->_oDb->escapeString($sName);
101 101
		$iCount = '';
102 102
		do {
103 103
			$sSearch = $sName.($iCount ? ' '.$iCount : '');
......
260 260
		     .     '`function`=\'theme\', '
261 261
		     .     '`directory`=\''.$aVariables['directory'].'\', '
262 262
		     .     '`name`=\''.$aVariables['name'].'\', '
263
		     .     '`description`=\''.mysql_real_escape_string($aVariables['description']).'\', '
263
		     .     '`description`=\''.$this->_oDb->escapeString($aVariables['description']).'\', '
264 264
		     .     '`version`=\''.$aVariables['version'].'\', '
265 265
		     .     '`platform`=\''.$aVariables['platform'].'\', '
266
		     .     '`author`=\''.mysql_real_escape_string($aVariables['author']).'\', '
267
		     .     '`license`=\''.mysql_real_escape_string($aVariables['license']).'\'';
266
		     .     '`author`=\''.$this->_oDb->escapeString($aVariables['author']).'\', '
267
		     .     '`license`=\''.$this->_oDb->escapeString($aVariables['license']).'\'';
268 268
		if(!$this->_oDb->query($sql)) {
269 269

  
270 270
			$sMsg = $this->_aLang['GENERIC_NOT_UPGRADED'].' ['.$this->_sNewThemeDir.'/info.php]';

Also available in: Unified diff