public/tt-rss
1
0
Fork 0
mirror of https://git.tt-rss.org/git/tt-rss.git synced 2025-12-13 07:25:54 +00:00
Code Issues Releases Wiki Activity

db_escape_string: specify link parameter for consistency; sessions: do not force-close db connection in _close()

Browse Source
This commit is contained in:
Andrew Dolgov
2013-03-22 09:14:55 +04:00
parent 9d9432dab8
commit 3972bf5981
40 changed files with 342 additions and 350 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
classes/article.php
View File

@@ -8,7 +8,7 @@ class Article extends Handler_Protected {
}
function redirect() {
$id = db_escape_string($_REQUEST['id']);
$id = db_escape_string($this->link, $_REQUEST['id']);
$result = db_query($this->link, "SELECT link FROM ttrss_entries, ttrss_user_entries
WHERE id = '$id' AND id = ref_id AND owner_uid = '".$_SESSION['uid']."'
@@ -27,10 +27,10 @@ class Article extends Handler_Protected {
}
function view() {
$id = db_escape_string($_REQUEST["id"]);
$cids = explode(",", db_escape_string($_REQUEST["cids"]));
$mode = db_escape_string($_REQUEST["mode"]);
$omode = db_escape_string($_REQUEST["omode"]);
$id = db_escape_string($this->link, $_REQUEST["id"]);
$cids = explode(",", db_escape_string($this->link, $_REQUEST["cids"]));
$mode = db_escape_string($this->link, $_REQUEST["mode"]);
$omode = db_escape_string($this->link, $_REQUEST["omode"]);
// in prefetch mode we only output requested cids, main article
// just gets marked as read (it already exists in client cache)