public/tt-rss
1
0
Fork 0
mirror of https://git.tt-rss.org/git/tt-rss.git synced 2025-12-13 15:45:56 +00:00
Code Issues Releases Wiki Activity

db_escape_string: specify link parameter for consistency; sessions: do not force-close db connection in _close()

Browse Source
This commit is contained in:
Andrew Dolgov
2013-03-22 09:14:55 +04:00
parent 9d9432dab8
commit 3972bf5981
40 changed files with 342 additions and 350 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
classes/pref/prefs.php
View File

@@ -50,8 +50,8 @@ class Pref_Prefs extends Handler_Protected {
foreach (array_keys($_POST) as $pref_name) {
$pref_name = db_escape_string($pref_name);
$value = db_escape_string($_POST[$pref_name]);
$pref_name = db_escape_string($this->link, $pref_name);
$value = db_escape_string($this->link, $_POST[$pref_name]);
if ($pref_name == 'DIGEST_PREFERRED_TIME') {
if (get_pref($this->link, 'DIGEST_PREFERRED_TIME') != $value) {
@@ -71,7 +71,7 @@ class Pref_Prefs extends Handler_Protected {
function getHelp() {
$pref_name = db_escape_string($_REQUEST["pn"]);
$pref_name = db_escape_string($this->link, $_REQUEST["pn"]);
$result = db_query($this->link, "SELECT help_text FROM ttrss_prefs
WHERE pref_name = '$pref_name'");
@@ -86,8 +86,8 @@ class Pref_Prefs extends Handler_Protected {
function changeemail() {
$email = db_escape_string($_POST["email"]);
$full_name = db_escape_string($_POST["full_name"]);
$email = db_escape_string($this->link, $_POST["email"]);
$full_name = db_escape_string($this->link, $_POST["full_name"]);
$active_uid = $_SESSION["uid"];
@@ -798,7 +798,7 @@ class Pref_Prefs extends Handler_Protected {
}
function otpenable() {
$password = db_escape_string($_REQUEST["password"]);
$password = db_escape_string($this->link, $_REQUEST["password"]);
$enable_otp = $_REQUEST["enable_otp"] == "on";
global $pluginhost;
@@ -819,7 +819,7 @@ class Pref_Prefs extends Handler_Protected {
}
function otpdisable() {
$password = db_escape_string($_REQUEST["password"]);
$password = db_escape_string($this->link, $_REQUEST["password"]);
global $pluginhost;
$authenticator = $pluginhost->get_plugin($_SESSION["auth_module"]);
@@ -846,7 +846,7 @@ class Pref_Prefs extends Handler_Protected {
}
function clearplugindata() {
$name = db_escape_string($_REQUEST["name"]);
$name = db_escape_string($this->link, $_REQUEST["name"]);
global $pluginhost;
$pluginhost->clear_data($pluginhost->get_plugin($name));