Revision 656
Added by thorn almost 17 years ago
| sections.php | ||
|---|---|---|
| 70 | 70 |
} |
| 71 | 71 |
} elseif(isset($_POST['module']) AND $_POST['module'] != '') {
|
| 72 | 72 |
// Get section info |
| 73 |
$module = $_POST['module'];
|
|
| 73 |
$module = $admin->add_slashes($_POST['module']);
|
|
| 74 | 74 |
// Include the ordering class |
| 75 | 75 |
require(WB_PATH.'/framework/class.order.php'); |
| 76 | 76 |
// Get new order |
Also available in: Unified diff
Added some missing add_slashes(), get_post_escaped(), and strip_tags() for $_POST, $_GET and $_REQUEST-data. Also for $_SERVER['PHP_SELF'].