chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

[svn r15157] escaping the title of each slides when inserting into the database: using Database::

Browse Source
skala
Arnaud Ligot 17 years ago
parent 941a296905
commit cd431ec2eb
1 changed files with 2 additions and 2 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 4
      main/inc/lib/fileUpload.lib.php

4
main/inc/lib/fileUpload.lib.php
Unescape View File

@ -1189,8 +1189,8 @@ function add_document($_course,$path,$filetype,$filesize,$title,$comment=NULL, $
$table_document = Database::get_course_table(TABLE_DOCUMENT,$_course['dbName']);
$sql="INSERT INTO $table_document
(`path`,`filetype`,`size`,`title`, `comment`, readonly)
VALUES ('$path','$filetype','$filesize','".mysql_escape_string($title)."
', '$comment',$readonly)";
VALUES ('$path','$filetype','$filesize','".
Database::escape_string($title)."', '$comment',$readonly)";
if(api_sql_query($sql,__FILE__,__LINE__))
{
//display_message("Added to database (id ".mysql_insert_id().")!");

Write Preview
Loading…
Cancel
Save