BeBot - An Anarchy Online and Age Of Conan chat automaton

General => Feedback and Suggestions => Topic started by: axl on April 21, 2006, 01:56:10 pm

Title: News module fix
Post by: axl on April 21, 2006, 01:56:10 pm
News is added into db without being slashed which can lead to either not actually inserting the news, or worse outcomes. Simple fix to addslashes(), stripslashes() when entering and quering db.

Code: [Select]
--- News.php    2006-04-21 14:55:28.519140000 +0300
+++ oldNews.php 2006-04-21 14:54:30.591519750 +0300
@@ -98,7 +98,7 @@
                foreach ($result as $val)
                {
                        $inside .= "<font color=CCInfoHeader>" . gmdate("dS M, H:i", $val[0]) . " GMT <font color=CCCCTextColor>" . $val[1] . "</font> wrote:\n";
-                       $inside .= "<font color=CCInfoText>" . stripslashes($val[2]) . "\n\n";
+                       $inside .= "<font color=CCInfoText>" . $val[2] . "\n\n";
                }
 
                return "News :: " . $this -> bot -> make_blob("click to view", $inside);
@@ -114,7 +114,7 @@
                if ($this -> bot -> guildbot || $this -> bot -> admin -> in_group($name, "raidleader"))
                {
                        $this -> bot -> db -> query("INSERT INTO news (id, name, news) VALUES (" . time() .
-                       ", '" . $name . "', '" . addslashes($msg) . "')");
+                       ", '" . $name . "', '" . $msg . "')");
                        return "News has been added.";
                }
                else
SimplePortal 2.3.7 © 2008-2024, SimplePortal