diff options
author | Andrew Dolgov <[email protected]> | 2007-05-19 14:47:51 +0100 |
---|---|---|
committer | Andrew Dolgov <[email protected]> | 2007-05-19 14:47:51 +0100 |
commit | 14b6c54b03f2164f568d25d6d54327117b149fa8 (patch) | |
tree | 429af5443d83aa3622db15a3de37c8e484908954 /modules | |
parent | ce885e215e8084bd3b9e94f6237d33e38078757b (diff) |
fix tag quote issues
Diffstat (limited to 'modules')
-rw-r--r-- | modules/backend-rpc.php | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/modules/backend-rpc.php b/modules/backend-rpc.php index 425a855fc..e70b75524 100644 --- a/modules/backend-rpc.php +++ b/modules/backend-rpc.php @@ -202,7 +202,9 @@ } if ($subop == "setArticleTags") { + $id = db_escape_string($_GET["id"]); + $tags_str = db_escape_string($_GET["tags_str"]); $tags = array_unique(trim_array(split(",", $tags_str))); @@ -220,7 +222,7 @@ post_int_id = $int_id AND owner_uid = '".$_SESSION["uid"]."'"); foreach ($tags as $tag) { - $tag = trim($tag); + $tag = sanitize_tag($tag); if (!tag_is_valid($tag)) { continue; @@ -229,6 +231,8 @@ if (preg_match("/^[0-9]*$/", $tag)) { continue; } + +// print "<!-- $tag -->"; if ($tag != '') { db_query($link, "INSERT INTO ttrss_tags |