Revision 656
Added by thorn over 17 years ago
| save_settings.php | ||
|---|---|---|
| 41 | 41 |
$comments_loop = $admin->add_slashes(str_replace($friendly, $raw, $_POST['comments_loop'])); |
| 42 | 42 |
$comments_footer = $admin->add_slashes(str_replace($friendly, $raw, $_POST['comments_footer'])); |
| 43 | 43 |
$comments_page = $admin->add_slashes(str_replace($friendly, $raw, $_POST['comments_page'])); |
| 44 |
$commenting = $_POST['commenting'];
|
|
| 45 |
$posts_per_page = $_POST['posts_per_page'];
|
|
| 46 |
$use_captcha = $_POST['use_captcha'];
|
|
| 44 |
$commenting = $admin->add_slashes($_POST['commenting']);
|
|
| 45 |
$posts_per_page = $admin->add_slashes($_POST['posts_per_page']);
|
|
| 46 |
$use_captcha = $admin->add_slashes($_POST['use_captcha']);
|
|
| 47 | 47 |
if(extension_loaded('gd') AND function_exists('imageCreateFromJpeg')) {
|
| 48 | 48 |
$resize = $_POST['resize']; |
| 49 | 49 |
} else {
|
Also available in: Unified diff
Added some missing add_slashes(), get_post_escaped(), and strip_tags() for $_POST, $_GET and $_REQUEST-data. Also for $_SERVER['PHP_SELF'].