Skip to content

Commit

Permalink
Escape ' and unsecape in description when saving in database.
Browse files Browse the repository at this point in the history
  • Loading branch information
@TobiasKrais
TobiasKrais committed Apr 3, 2018
1 parent ecf9562 commit 87c927b
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 6 deletions.
8 changes: 4 additions & 4 deletions lib/category.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -87,8 +87,8 @@ public function __construct($category_id, $clang_id) {
if($result->getValue("parent_category_id") > 0) {
$this->parent_category = new Category($result->getValue("parent_category_id"), $clang_id);
}
$this->name = $result->getValue("name");
$this->teaser = $result->getValue("teaser");
$this->name = stripslashes($result->getValue("name"));
$this->teaser = stripslashes($result->getValue("teaser"));
$this->picture = $result->getValue("picture");
$this->priority = $result->getValue("priority");
if($result->getValue("translation_needs_update") != "") {
Expand Down Expand Up @@ -363,8 +363,8 @@ public function save() {
$query = "REPLACE INTO ". \rex::getTablePrefix() ."d2u_immo_categories_lang SET "
."category_id = '". $this->category_id ."', "
."clang_id = '". $this->clang_id ."', "
."name = '". $this->name ."', "
."teaser = '". $this->teaser ."', "
."name = '". addslashes($this->name) ."', "
."teaser = '". addslashes($this->teaser) ."', "
."translation_needs_update = '". $this->translation_needs_update ."', "
."updatedate = ". time() .", "
."updateuser = '". \rex::getUser()->getLogin() ."' ";
Expand Down
4 changes: 2 additions & 2 deletions lib/property.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -465,7 +465,7 @@ public function __construct($property_id, $clang_id) {
$this->living_area = $result->getValue("living_area");
$this->location_plans = preg_grep('/^\s*$/s', explode(",", $result->getValue("location_plans")), PREG_GREP_INVERT);
$this->longitude = $result->getValue("longitude") == "" ? 0 : $result->getValue("longitude");
$this->market_type = $result->getValue("market_type");
$this->market_type = stripslashes($result->getValue("market_type"));
$this->name = $result->getValue("name");
$this->object_reserved = $result->getValue("object_reserved") == "1" ? TRUE : FALSE;
$this->object_sold = $result->getValue("object_sold") == "1" ? TRUE : FALSE;
Expand Down Expand Up @@ -945,7 +945,7 @@ public function save() {
."description_others = '". addslashes(htmlspecialchars($this->description_others)) ."', "
."documents = '". implode(",", $this->documents) ."', "
."teaser = '". $this->teaser ."', "
."name = '". $this->name ."', "
."name = '". addslashes($this->name) ."', "
."translation_needs_update = '". $this->translation_needs_update ."', "
."updatedate = ". time() .", "
."updateuser = '". \rex::getUser()->getLogin() ."' ";
Expand Down

0 comments on commit 87c927b

Please sign in to comment.