Menu
▾
▴
[mxbb-commits] mx_smartor/includes album_edit.php, 1.7, 1.8 album_upload.php, 1.9, 1.10
|
From: OryNider <ory...@us...> - 2007-07-17 05:38:34
|
Update of /cvsroot/mxbb/mx_smartor/includes In directory sc8-pr-cvs16.sourceforge.net:/tmp/cvs-serv2816 Modified Files: album_edit.php album_upload.php Log Message: Fixed a bug how title and description are posted and not to curup the java slideshow script :) Index: album_edit.php =================================================================== RCS file: /cvsroot/mxbb/mx_smartor/includes/album_edit.php,v retrieving revision 1.7 retrieving revision 1.8 diff -C2 -d -r1.7 -r1.8 *** album_edit.php 7 Jun 2007 20:13:29 -0000 1.7 --- album_edit.php 17 Jul 2007 05:38:27 -0000 1.8 *************** *** 179,192 **** // -------------------------------- ! $pic_title = str_replace("\'", "''", htmlspecialchars(trim($HTTP_POST_VARS['pic_title']))); //Added by GH ! $pic_title = addslashes($pic_title); ! $pic_desc = str_replace("\'", "''", htmlspecialchars(substr(trim($HTTP_POST_VARS['pic_desc']), 0, $album_config['desc_length']))); //Added by GH $pic_desc = addslashes($pic_desc); if( empty($pic_title) ) { --- 179,196 ---- // -------------------------------- ! $pic_title = str_replace("\'", "`", htmlspecialchars(trim($HTTP_POST_VARS['pic_title']))); //Added by GH ! $pic_title = addslashes($pic_title); ! $pic_title = str_replace("'", "`", $pic_title); ! ! $pic_desc = str_replace("\'", "`", htmlspecialchars(substr(trim($HTTP_POST_VARS['pic_desc']), 0, $album_config['desc_length']))); //Added by GH $pic_desc = addslashes($pic_desc); + $pic_desc = str_replace("'", "`", $pic_desc); + if( empty($pic_title) ) { Index: album_upload.php =================================================================== RCS file: /cvsroot/mxbb/mx_smartor/includes/album_upload.php,v retrieving revision 1.9 retrieving revision 1.10 diff -C2 -d -r1.9 -r1.10 *** album_upload.php 7 Jun 2007 20:13:31 -0000 1.9 --- album_upload.php 17 Jul 2007 05:38:27 -0000 1.10 *************** *** 521,535 **** // -------------------------------- ! $pic_title = str_replace("\'", "''", htmlspecialchars(trim($_POST['pic_title']))); //Added by GH ! $pic_title = addslashes($pic_title); ! $pic_desc = str_replace("\'", "''", htmlspecialchars(substr(trim($_POST['pic_desc']), 0, $album_config['desc_length']))); //Added by GH $pic_desc = addslashes($pic_desc); ! $pic_username = (!$userdata['session_logged_in']) ? substr(str_replace("\'", "''", htmlspecialchars(trim($_POST['pic_username']))), 0, 32) : str_replace("'", "''", $userdata['username']); if( !isset($HTTP_POST_FILES['pic_file']) ) --- 521,539 ---- // -------------------------------- ! $pic_title = str_replace("\'", "`", htmlspecialchars(trim($_POST['pic_title']))); //Added by GH ! $pic_title = addslashes($pic_title); ! $pic_title = str_replace("'", "`", $pic_title); ! ! $pic_desc = str_replace("\'", "`", htmlspecialchars(substr(trim($_POST['pic_desc']), 0, $album_config['desc_length']))); //Added by GH $pic_desc = addslashes($pic_desc); ! $pic_desc = str_replace("'", "`", $pic_desc); ! ! $pic_username = (!$userdata['session_logged_in']) ? substr(str_replace("\'", "`", htmlspecialchars(trim($_POST['pic_username']))), 0, 32) : str_replace("'", "`", $userdata['username']); if( !isset($HTTP_POST_FILES['pic_file']) ) |
