From 4ab59312bd8b01ae94a7ca925eb299df66ea60d8 Mon Sep 17 00:00:00 2001 From: icewing Date: Wed, 5 Mar 2008 10:31:56 +0000 Subject: Changed mysql_real_escape_string to sanitise_string git-svn-id: https://code.elgg.org/elgg/trunk@74 36083f99-b078-4883-b0ff-0f9b5a30f544 --- engine/lib/annotations.php | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) (limited to 'engine/lib/annotations.php') diff --git a/engine/lib/annotations.php b/engine/lib/annotations.php index 703538273..1a559b872 100644 --- a/engine/lib/annotations.php +++ b/engine/lib/annotations.php @@ -108,9 +108,9 @@ global $CONFIG; $object_id = (int)$object_id; - $object_type = mysql_real_escape_string(trim($object_type)); - $name = mysql_real_escape_string(trim($name)); - $value = mysql_real_escape_string(trim($value)); + $object_type = sanitise_string(trim($object_type)); + $name = sanitise_string(trim($name)); + $value = sanitise_string(trim($value)); $owner_id = (int)$owner_id; $limit = (int)$limit; $offset = (int)$offset; @@ -159,10 +159,10 @@ global $CONFIG; $object_id = (int)$object_id; - $object_type = mysql_real_escape_string(trim($object_type)); - $name = mysql_real_escape_string(trim($name)); - $value = mysql_real_escape_string(trim($value)); - $value_type = mysql_real_escape_string(trim($value_type)); + $object_type = sanitise_string(trim($object_type)); + $name = sanitise_string(trim($name)); + $value = sanitise_string(trim($value)); + $value_type = sanitise_string(trim($value_type)); $owner_id = (int)$owner_id; $access_id = (int)$access_id; @@ -184,9 +184,9 @@ global $CONFIG; $annotation_id = (int)$annotation_id; - $name = mysql_real_escape_string(trim($name)); - $value = mysql_real_escape_string(trim($value)); - $value_type = mysql_real_escape_string(trim($value_type)); + $name = sanitise_string(trim($name)); + $value = sanitise_string(trim($value)); + $value_type = sanitise_string(trim($value_type)); $owner_id = (int)$owner_id; $access_id = (int)$access_id; -- cgit v1.2.3