Menu

#3 quotes are breaking inserts

v1.0_(example)
open
nobody
Interface (example) (3)
5
2012-09-15
2004-10-26
Marius Scurtescu
No

When adding a message with single quotes in it to the
guestbook the insert will fail. There are two problems
here:

  1. Even though it fails the message sais that it was
    accepted and the admin gets an email.
  2. It fails because speciall characters are not
    escaped. addSlashes should be used and NOT stripSlashes
    when getting the post variables.

Discussion

  • Marius Scurtescu

    Marius Scurtescu - 2004-10-26

    addSlashes fix

     
    sign.php

  • Đình Quân

    Đình Quân - 2005-01-19

    Logged In: YES
    user_id=710364

    thanks for your information, it will help me correct it

     

Log in to post a comment.

MongoDB Logo MongoDB