Revision 40
Added by stefan about 19 years ago
| sections_save.php | ||
|---|---|---|
| 1 | 1 |
<?php |
| 2 | 2 |
|
| 3 |
// $Id: sections_save.php,v 1.6 2005/04/08 07:36:58 rdjurovich Exp $ +// $Id$ |
|
| 4 | 3 |
/* |
| 5 | 4 |
|
| ... | ... | |
| 84 | 84 |
$section_id = $section['section_id']; |
| 85 | 85 |
$sql = ''; |
| 86 | 86 |
if(isset($_POST['block'.$section_id]) AND $_POST['block'.$section_id] != '') {
|
| 87 |
$sql = "block = '".addslashes($_POST['block'.$section_id])."'";
|
|
| 87 |
$sql = "block = '".$admin->add_slashes($_POST['block'.$section_id])."'";
|
|
| 88 | 88 |
$query = "UPDATE ".TABLE_PREFIX."sections SET $sql WHERE section_id = '$section_id' LIMIT 1"; |
| 89 | 89 |
if($sql != '') {
|
| 90 | 90 |
$database->query($query); |
Also available in: Unified diff
Change addslashes,stripslashes to (wb class) method calls add_slashes,strip_slashes