[Fusionforge-commits] r7240 - trunk/gforge/www/news

Alain Peyrat aljeux at libremir.placard.fr.eu.org
Tue Mar 24 21:53:01 CET 2009


Author: aljeux
Date: 2009-03-24 21:53:01 +0100 (Tue, 24 Mar 2009)
New Revision: 7240

Modified:
   trunk/gforge/www/news/submit.php
Log:
Fix a quote problem, changing call to db_query_params()

Modified: trunk/gforge/www/news/submit.php
===================================================================
--- trunk/gforge/www/news/submit.php	2009-03-24 20:52:42 UTC (rev 7239)
+++ trunk/gforge/www/news/submit.php	2009-03-24 20:53:01 UTC (rev 7240)
@@ -72,9 +72,10 @@
 	   			$new_id=$f->getID();
 				$sanitizer = new TextSanitizer();
 				$details = $sanitizer->SanitizeHtml($details);
-	   			$sql="INSERT INTO news_bytes (group_id,submitted_by,is_approved,post_date,forum_id,summary,details) ".
-	   				" VALUES ('$group_id','".user_getid()."','0','".time()."','$new_id','".htmlspecialchars($summary)."','".$details."')";
-	   			$result=db_query($sql);
+				$sql="INSERT INTO news_bytes (group_id,submitted_by,is_approved,post_date,forum_id,summary,details) ".
+					" VALUES ($1, $2, $3, $4, $5, $6, $7)";
+				$result=db_query_params($sql,
+					array($group_id, user_getid(), 0, time(), $new_id, htmlspecialchars($summary), $details));
 	   			if (!$result) {
 					db_rollback();
 					form_release_key(getStringFromRequest('form_key'));




More information about the Fusionforge-commits mailing list