program/steps/addressbook/save.inc | ●●●●● patch | view | raw | blame | history |
program/steps/addressbook/save.inc
@@ -34,7 +34,7 @@ if (!isset($_POST[$fname])) continue; $a_write_sql[] = sprintf("%s='%s'", $col, addslashes($_POST[$fname])); $a_write_sql[] = sprintf("%s='%s'", $col, addslashes(strip_tags($_POST[$fname]))); } if (sizeof($a_write_sql)) @@ -103,7 +103,7 @@ continue; $a_insert_cols[] = $col; $a_insert_values[] = sprintf("'%s'", addslashes($_POST[$fname])); $a_insert_values[] = sprintf("'%s'", addslashes(strip_tags($_POST[$fname]))); } if (sizeof($a_insert_cols))