public/tt-rss
1
0
Fork 0
mirror of https://git.tt-rss.org/git/tt-rss.git synced 2025-12-15 22:05:56 +00:00
Code Issues Releases Wiki Activity

initialize_user_prefs: escape data on import

Browse Source
This commit is contained in:
Andrew Dolgov
2013-03-29 08:51:05 +04:00
parent 35581abf13
commit d296ba50d4
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
include/functions.php
View File

@@ -548,6 +548,9 @@
if (array_search($line["pref_name"], $active_prefs) === FALSE) { if (array_search($line["pref_name"], $active_prefs) === FALSE) {
// print "adding " . $line["pref_name"] . "<br>"; // print "adding " . $line["pref_name"] . "<br>";
$line["def_value"] = db_escape_string($link, $line["def_value"]);
$line["pref_name"] = db_escape_string($link, $line["pref_name"]);
if (get_schema_version($link) < 63) { if (get_schema_version($link) < 63) {
db_query($link, "INSERT INTO ttrss_user_prefs db_query($link, "INSERT INTO ttrss_user_prefs
(owner_uid,pref_name,value) VALUES (owner_uid,pref_name,value) VALUES