arman/science-ation
1
1
Fork 0
forked from science-ation/science-ation
Code Pull Requests Activity

stripslashes

Browse Source
This commit is contained in:
james 2009-10-22 20:40:35 +00:00
parent 101c3c7723
commit cf6bea5727
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
admin/fundraising_campaigns.php
View File

@ -505,7 +505,7 @@ function save_campaign_info(){
if(!$_GET['id']) { if(!$_GET['id']) {
$query = "INSERT INTO fundraising_campaigns (name,fiscalyear) VALUES ( $query = "INSERT INTO fundraising_campaigns (name,fiscalyear) VALUES (
'".mysql_real_escape_string($_POST['name'])."','{$config['FISCALYEAR']}')"; '".mysql_real_escape_string(stripslashes($_POST['name']))."','{$config['FISCALYEAR']}')";
mysql_query($query); mysql_query($query);
$id = mysql_insert_id(); $id = mysql_insert_id();
happy_("Appeal Created"); happy_("Appeal Created");
@ -514,7 +514,7 @@ function save_campaign_info(){
happy_("Appeal Saved"); happy_("Appeal Saved");
} }
mysql_query("UPDATE fundraising_campaigns SET mysql_query("UPDATE fundraising_campaigns SET
name='".mysql_real_escape_string($_POST['name'])."', name='".mysql_real_escape_string(stripslashes($_POST['name']))."',
`type`='".mysql_real_escape_string($_POST['type'])."', `type`='".mysql_real_escape_string($_POST['type'])."',
startdate='".mysql_real_escape_string($startdate)."', startdate='".mysql_real_escape_string($startdate)."',
followupdate='".mysql_real_escape_string($_POST['followupdate'])."', followupdate='".mysql_real_escape_string($_POST['followupdate'])."',