diff options
author | Andrew Dolgov <[email protected]> | 2013-03-29 08:51:05 +0400 |
---|---|---|
committer | Andrew Dolgov <[email protected]> | 2013-03-29 08:51:05 +0400 |
commit | d296ba50d4e7219bb153634e656cd9c841ba42cd (patch) | |
tree | 31800749b04d739bc1b602f05798950c903f54a1 | |
parent | 35581abf13777c1b863f36e150f11d60c9342178 (diff) |
initialize_user_prefs: escape data on import
-rw-r--r-- | include/functions.php | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/include/functions.php b/include/functions.php index f611ec4fe..951bf230f 100644 --- a/include/functions.php +++ b/include/functions.php @@ -548,6 +548,9 @@ if (array_search($line["pref_name"], $active_prefs) === FALSE) { // print "adding " . $line["pref_name"] . "<br>"; + $line["def_value"] = db_escape_string($link, $line["def_value"]); + $line["pref_name"] = db_escape_string($link, $line["pref_name"]); + if (get_schema_version($link) < 63) { db_query($link, "INSERT INTO ttrss_user_prefs (owner_uid,pref_name,value) VALUES |