Revision 62
Added by ryan over 19 years ago
| save.php | ||
|---|---|---|
| 31 | 31 |
|
| 32 | 32 |
// Update the mod_wysiwygs table with the contents |
| 33 | 33 |
if(isset($_POST['content'])) {
|
| 34 |
$tags = array('<?php', '?>', '<?');
|
|
| 35 |
$blanks = array('','','');
|
|
| 36 |
$content = $admin->add_slashes(str_replace($tags, $blanks, $_POST['content'])); |
|
| 34 |
$tags = array('<?php', '?>', '<?'.'DB_URL');
|
|
| 35 |
$content = $admin->add_slashes(str_replace($tags, '', $_POST['content'])); |
|
| 37 | 36 |
$database = new database(); |
| 38 | 37 |
$query = "UPDATE ".TABLE_PREFIX."mod_code SET content = '$content' WHERE section_id = '$section_id'"; |
| 39 | 38 |
$database->query($query); |
Also available in: Unified diff
Added code to remove occurances DB_URL in Code module to prevent exposure of database info