Revision 53
Added by stefan about 20 years ago
| trunk/wb/modules/form/save_field.php | ||
|---|---|---|
| 46 | 46 |
if($admin->get_post('title') == '' OR $admin->get_post('type') == '') {
|
| 47 | 47 |
$admin->print_error($MESSAGE['GENERIC']['FILL_IN_ALL'], WB_URL.'/modules/form/modify_field.php?page_id='.$page_id.'§ion_id='.$section_id.'&field_id='.$field_id); |
| 48 | 48 |
} else {
|
| 49 |
$title = $admin($admin->get_post('title'));
|
|
| 49 |
$title = $admin->add_slashes($admin->get_post('title'));
|
|
| 50 | 50 |
$type = $admin->get_post('type');
|
| 51 | 51 |
$required = $admin->get_post('required');
|
| 52 | 52 |
} |
| ... | ... | |
| 77 | 77 |
} elseif($admin->get_post('type') == 'heading') {
|
| 78 | 78 |
$extra = $admin->get_post('template');
|
| 79 | 79 |
if(trim($extra) == '') $extra = '<tr><td class="field_heading" colspan="2">{TITLE}{FIELD}</td></tr>';
|
| 80 |
$extra = $admin($extra); |
|
| 80 |
$extra = $admin->add_slashes($extra);
|
|
| 81 | 81 |
$database->query("UPDATE ".TABLE_PREFIX."mod_form_fields SET value = '', extra = '$extra' WHERE field_id = '$field_id'");
|
| 82 | 82 |
} elseif($admin->get_post('type') == 'select') {
|
| 83 | 83 |
$extra = $admin->get_post('size').','.$admin->get_post('multiselect');
|
Also available in: Unified diff
Fixed addslashes issue in form/save_field.php