From 8500be3f1ba7bcab6b8523507e74a132df58d925 Mon Sep 17 00:00:00 2001 From: tbrehm <t.brehm@ispconfig.org> Date: Thu, 18 Sep 2008 06:25:41 -0400 Subject: [PATCH] - Changed addslashes to mysql_real_escape_string in several files. - Updated Debian installation instructions. --- interface/lib/classes/remoting_lib.inc.php | 6 +++--- 1 files changed, 3 insertions(+), 3 deletions(-) diff --git a/interface/lib/classes/remoting_lib.inc.php b/interface/lib/classes/remoting_lib.inc.php index 0ba0414..eca27ad 100644 --- a/interface/lib/classes/remoting_lib.inc.php +++ b/interface/lib/classes/remoting_lib.inc.php @@ -291,14 +291,14 @@ switch ($field['datatype']) { case 'VARCHAR': if(!@is_array($record[$key])) { - $new_record[$key] = (isset($record[$key]))?addslashes($record[$key]):''; + $new_record[$key] = (isset($record[$key]))?mysql_real_escape_string($record[$key]):''; } else { $new_record[$key] = implode($field['separator'],$record[$key]); } break; case 'TEXT': if(!is_array($record[$key])) { - $new_record[$key] = addslashes($record[$key]); + $new_record[$key] = mysql_real_escape_string($record[$key]); } else { $new_record[$key] = implode($field['separator'],$record[$key]); } @@ -317,7 +317,7 @@ //if($key == 'refresh') die($record[$key]); break; case 'DOUBLE': - $new_record[$key] = addslashes($record[$key]); + $new_record[$key] = mysql_real_escape_string($record[$key]); break; case 'CURRENCY': $new_record[$key] = str_replace(",",".",$record[$key]); -- Gitblit v1.9.1