Revision 656
Added by thorn almost 17 years ago
| save_group.php | ||
|---|---|---|
| 44 | 44 |
if($admin->get_post('title') == '') {
|
| 45 | 45 |
$admin->print_error($MESSAGE['GENERIC']['FILL_IN_ALL'], WB_URL.'/modules/news/modify_group.php?page_id='.$page_id.'§ion_id='.$section_id.'&group_id='.$group_id); |
| 46 | 46 |
} else {
|
| 47 |
$title = $admin->add_slashes($admin->get_post('title'));
|
|
| 48 |
$active = $admin->get_post('active');
|
|
| 47 |
$title = $admin->get_post_escaped('title');
|
|
| 48 |
$active = $admin->get_post_escaped('active');
|
|
| 49 | 49 |
} |
| 50 | 50 |
|
| 51 | 51 |
// Update row |
Also available in: Unified diff
Added some missing add_slashes(), get_post_escaped(), and strip_tags() for $_POST, $_GET and $_REQUEST-data. Also for $_SERVER['PHP_SELF'].