[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Noalyss-commit] [noalyss] 01/04: Bug : description was forgotten when r
From: |
Dany De Bontridder |
Subject: |
[Noalyss-commit] [noalyss] 01/04: Bug : description was forgotten when restoring a template. Make the query safer |
Date: |
Tue, 08 Mar 2016 21:41:29 +0000 |
sparkyx pushed a commit to branch master
in repository noalyss.
commit 73dab8023decb13e24ddf3bc2608a5c2acb14eab
Author: Dany De Bontridder <address@hidden>
Date: Tue Mar 8 20:10:30 2016 +0100
Bug : description was forgotten when restoring a
template. Make the query safer
---
include/restore.inc.php | 10 +++++-----
1 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/include/restore.inc.php b/include/restore.inc.php
index 8619827..deb80e4 100644
--- a/include/restore.inc.php
+++ b/include/restore.inc.php
@@ -150,16 +150,16 @@ if ( isset ($_REQUEST['sa'] ))
$id=$cn->get_next_seq('s_modid');
if ( strlen(trim($_REQUEST['database'])) == 0 )
- $lname=$id." Restauration :".sql_string($_FILES['file']['name']);
+ $lname=$id." Restauration :".$_FILES['file']['name'];
else
$lname=$id." ".$_REQUEST['database'];
-
-
- $sql="insert into modeledef (mod_id,mod_name,mod_desc) values
(".$id.",'Restauration".$lname."','".$ldesc."') ";
+
+ $ldesc=HtmlInput::default_value_post("desc", "");
+ $sql="insert into modeledef (mod_id,mod_name,mod_desc) values
($1,$2,$3)";
$cn->start();
try
{
- $cn->get_value($sql);
+ $cn->exec_sql($sql,array($id,$lname,$ldesc));
}
catch ( Exception $e)