Revision 41
Added by stefan about 19 years ago
| save.php | ||
|---|---|---|
| 221 | 221 |
if(!isset($_POST['website_title']) OR $_POST['website_title'] == '') {
|
| 222 | 222 |
set_error('Please enter a website title');
|
| 223 | 223 |
} else {
|
| 224 |
$website_title = wb::addslashes($_POST['website_title']); |
|
| 224 |
$website_title = wb::add_slashes($_POST['website_title']);
|
|
| 225 | 225 |
} |
| 226 | 226 |
// End website title code |
| 227 | 227 |
|
| ... | ... | |
| 500 | 500 |
$insert_website_footer = "INSERT INTO `".TABLE_PREFIX."settings` VALUES ('', 'footer', '')";
|
| 501 | 501 |
$database->query($insert_website_footer); |
| 502 | 502 |
// Search header |
| 503 |
$search_header = wb::addslashes('
|
|
| 503 |
$search_header = addslashes('
|
|
| 504 | 504 |
<h1>Search</h1> |
| 505 | 505 |
|
| 506 | 506 |
<form name="search" action="[WB_URL]/search/index[PAGE_EXTENSION]" method="post"> |
| ... | ... | |
| 532 | 532 |
$insert_search_header = "INSERT INTO `".TABLE_PREFIX."search` VALUES ('', 'header', '$search_header', '')";
|
| 533 | 533 |
$database->query($insert_search_header); |
| 534 | 534 |
// Search footer |
| 535 |
$search_footer = wb::addslashes('');
|
|
| 535 |
$search_footer = addslashes('');
|
|
| 536 | 536 |
$insert_search_footer = "INSERT INTO `".TABLE_PREFIX."search` VALUES ('', 'footer', '$search_footer', '')";
|
| 537 | 537 |
$database->query($insert_search_footer); |
| 538 | 538 |
// Search results header |
| 539 |
$search_results_header = wb::addslashes(''.
|
|
| 539 |
$search_results_header = addslashes(''.
|
|
| 540 | 540 |
'[TEXT_RESULTS_FOR] \'<b>[SEARCH_STRING]</b>\': |
| 541 | 541 |
<table cellpadding="2" cellspacing="0" border="0" width="100%" style="padding-top: 10px;">'); |
| 542 | 542 |
$insert_search_results_header = "INSERT INTO `".TABLE_PREFIX."search` VALUES ('', 'results_header', '$search_results_header', '')";
|
| 543 | 543 |
$database->query($insert_search_results_header); |
| 544 | 544 |
// Search results loop |
| 545 |
$search_results_loop = wb::addslashes(''.
|
|
| 545 |
$search_results_loop = addslashes(''.
|
|
| 546 | 546 |
'<tr style="background-color: #F0F0F0;"> |
| 547 | 547 |
<td><a href="[LINK]">[TITLE]</a></td> |
| 548 | 548 |
<td align="right">[TEXT_LAST_UPDATED_BY] [DISPLAY_NAME] ([USERNAME]) [TEXT_ON] [DATE]</td> |
| ... | ... | |
| 551 | 551 |
$insert_search_results_loop = "INSERT INTO `".TABLE_PREFIX."search` VALUES ('', 'results_loop', '$search_results_loop', '')";
|
| 552 | 552 |
$database->query($insert_search_results_loop); |
| 553 | 553 |
// Search results footer |
| 554 |
$search_results_footer = wb::addslashes("</table>");
|
|
| 554 |
$search_results_footer = addslashes("</table>");
|
|
| 555 | 555 |
$insert_search_results_footer = "INSERT INTO `".TABLE_PREFIX."search` VALUES ('', 'results_footer', '$search_results_footer', '')";
|
| 556 | 556 |
$database->query($insert_search_results_footer); |
| 557 | 557 |
// Search no results |
| 558 |
$search_no_results = wb::add_slashes('<br />No results found');
|
|
| 558 |
$search_no_results = addslashes('<br />No results found');
|
|
| 559 | 559 |
$insert_search_no_results = "INSERT INTO `".TABLE_PREFIX."search` VALUES ('', 'no_results', '$search_no_results', '')";
|
| 560 | 560 |
$database->query($insert_search_no_results); |
| 561 | 561 |
// Search template |
Also available in: Unified diff
Corrected use of addslashes in install/save.php