diff options
author | icewing <icewing@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2008-03-05 10:31:56 +0000 |
---|---|---|
committer | icewing <icewing@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2008-03-05 10:31:56 +0000 |
commit | 4ab59312bd8b01ae94a7ca925eb299df66ea60d8 (patch) | |
tree | 1bf3e5dfbfce8d963c982c2c11156634256122e0 | |
parent | 888dd84a0e92e184dd96d02d7677f4e699b1d287 (diff) | |
download | elgg-4ab59312bd8b01ae94a7ca925eb299df66ea60d8.tar.gz elgg-4ab59312bd8b01ae94a7ca925eb299df66ea60d8.tar.bz2 |
Changed mysql_real_escape_string to sanitise_string
git-svn-id: https://code.elgg.org/elgg/trunk@74 36083f99-b078-4883-b0ff-0f9b5a30f544
-rw-r--r-- | engine/lib/annotations.php | 20 | ||||
-rw-r--r-- | engine/lib/sites.php | 2 |
2 files changed, 11 insertions, 11 deletions
diff --git a/engine/lib/annotations.php b/engine/lib/annotations.php index 703538273..1a559b872 100644 --- a/engine/lib/annotations.php +++ b/engine/lib/annotations.php @@ -108,9 +108,9 @@ global $CONFIG; $object_id = (int)$object_id; - $object_type = mysql_real_escape_string(trim($object_type)); - $name = mysql_real_escape_string(trim($name)); - $value = mysql_real_escape_string(trim($value)); + $object_type = sanitise_string(trim($object_type)); + $name = sanitise_string(trim($name)); + $value = sanitise_string(trim($value)); $owner_id = (int)$owner_id; $limit = (int)$limit; $offset = (int)$offset; @@ -159,10 +159,10 @@ global $CONFIG; $object_id = (int)$object_id; - $object_type = mysql_real_escape_string(trim($object_type)); - $name = mysql_real_escape_string(trim($name)); - $value = mysql_real_escape_string(trim($value)); - $value_type = mysql_real_escape_string(trim($value_type)); + $object_type = sanitise_string(trim($object_type)); + $name = sanitise_string(trim($name)); + $value = sanitise_string(trim($value)); + $value_type = sanitise_string(trim($value_type)); $owner_id = (int)$owner_id; $access_id = (int)$access_id; @@ -184,9 +184,9 @@ global $CONFIG; $annotation_id = (int)$annotation_id; - $name = mysql_real_escape_string(trim($name)); - $value = mysql_real_escape_string(trim($value)); - $value_type = mysql_real_escape_string(trim($value_type)); + $name = sanitise_string(trim($name)); + $value = sanitise_string(trim($value)); + $value_type = sanitise_string(trim($value_type)); $owner_id = (int)$owner_id; $access_id = (int)$access_id; diff --git a/engine/lib/sites.php b/engine/lib/sites.php index 420616ca3..b5a06f45c 100644 --- a/engine/lib/sites.php +++ b/engine/lib/sites.php @@ -265,7 +265,7 @@ { global $CONFIG; - $url = mysql_real_escape_string(trim($url)); + $url = sanitise_string(trim($url)); $access = get_access_list(); return get_data_row("select o.* from {$CONFIG->dbprefix}sites where url='$url' and (o.access_id in {$access} or (o.access_id = 0 and o.owner_id = {$_SESSION['id']}))"); |