Changeset 9db57c5 in github
- Timestamp:
- Oct 31, 2005 6:47:03 PM (8 years ago)
- Branches:
- master, HEAD, courier-fix, dev-browser-capabilities, pdo, release-0.6, release-0.7, release-0.8
- Children:
- dba5f7c
- Parents:
- 7cc38e0
- File:
-
- 1 edited
-
program/steps/addressbook/save.inc (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
program/steps/addressbook/save.inc
rd7cb774 r9db57c5 35 35 continue; 36 36 37 $a_write_sql[] = sprintf("%s='%s'", $col, addslashes( $_POST[$fname]));37 $a_write_sql[] = sprintf("%s='%s'", $col, addslashes(strip_tags($_POST[$fname]))); 38 38 } 39 39 … … 104 104 105 105 $a_insert_cols[] = $col; 106 $a_insert_values[] = sprintf("'%s'", addslashes( $_POST[$fname]));106 $a_insert_values[] = sprintf("'%s'", addslashes(strip_tags($_POST[$fname]))); 107 107 } 108 108
Note: See TracChangeset
for help on using the changeset viewer.
