diff options
author | icewing <icewing@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2008-03-05 10:31:56 +0000 |
---|---|---|
committer | icewing <icewing@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2008-03-05 10:31:56 +0000 |
commit | 4ab59312bd8b01ae94a7ca925eb299df66ea60d8 (patch) | |
tree | 1bf3e5dfbfce8d963c982c2c11156634256122e0 /engine/lib/annotations.php | |
parent | 888dd84a0e92e184dd96d02d7677f4e699b1d287 (diff) | |
download | elgg-4ab59312bd8b01ae94a7ca925eb299df66ea60d8.tar.gz elgg-4ab59312bd8b01ae94a7ca925eb299df66ea60d8.tar.bz2 |
Changed mysql_real_escape_string to sanitise_string
git-svn-id: https://code.elgg.org/elgg/trunk@74 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'engine/lib/annotations.php')
-rw-r--r-- | engine/lib/annotations.php | 20 |
1 files changed, 10 insertions, 10 deletions
diff --git a/engine/lib/annotations.php b/engine/lib/annotations.php index 703538273..1a559b872 100644 --- a/engine/lib/annotations.php +++ b/engine/lib/annotations.php @@ -108,9 +108,9 @@ global $CONFIG; $object_id = (int)$object_id; - $object_type = mysql_real_escape_string(trim($object_type)); - $name = mysql_real_escape_string(trim($name)); - $value = mysql_real_escape_string(trim($value)); + $object_type = sanitise_string(trim($object_type)); + $name = sanitise_string(trim($name)); + $value = sanitise_string(trim($value)); $owner_id = (int)$owner_id; $limit = (int)$limit; $offset = (int)$offset; @@ -159,10 +159,10 @@ global $CONFIG; $object_id = (int)$object_id; - $object_type = mysql_real_escape_string(trim($object_type)); - $name = mysql_real_escape_string(trim($name)); - $value = mysql_real_escape_string(trim($value)); - $value_type = mysql_real_escape_string(trim($value_type)); + $object_type = sanitise_string(trim($object_type)); + $name = sanitise_string(trim($name)); + $value = sanitise_string(trim($value)); + $value_type = sanitise_string(trim($value_type)); $owner_id = (int)$owner_id; $access_id = (int)$access_id; @@ -184,9 +184,9 @@ global $CONFIG; $annotation_id = (int)$annotation_id; - $name = mysql_real_escape_string(trim($name)); - $value = mysql_real_escape_string(trim($value)); - $value_type = mysql_real_escape_string(trim($value_type)); + $name = sanitise_string(trim($name)); + $value = sanitise_string(trim($value)); + $value_type = sanitise_string(trim($value_type)); $owner_id = (int)$owner_id; $access_id = (int)$access_id; |