Skip to content

Commit

Permalink
#1206 Escape
Browse files Browse the repository at this point in the history
  • Loading branch information
Yannick committed Apr 6, 2015
1 parent 9546552 commit 30b62a1
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion backstage/menu.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@
$item_name = luna_trim($_POST['name']);
$item_url = luna_trim($_POST['url']);

$db->query('INSERT INTO '.$db->prefix.'menu (url, name, disp_position, visible, sys_entry) VALUES(\''.$item_url.'\', \''.$item_name.'\', 0, 1, 0)') or error('Unable to add new menu item', __FILE__, __LINE__, $db->error());
$db->query('INSERT INTO '.$db->prefix.'menu (url, name, disp_position, visible, sys_entry) VALUES(\''.$db->escape($item_url).'\', \''.$db->escape($item_name).'\', 0, 1, 0)') or error('Unable to add new menu item', __FILE__, __LINE__, $db->error());

redirect('backstage/menu.php');
} elseif (isset($_GET['del_item'])) {
Expand Down

0 comments on commit 30b62a1

Please sign in to comment.