[geeklog-cvs] geeklog: Fixed SQL error when poll questions contained single qu...
geeklog-cvs at lists.geeklog.net
geeklog-cvs at lists.geeklog.net
Sun Oct 5 14:33:45 EDT 2008
details: http://project.geeklog.net/cgi-bin/hgweb.cgi/rev/c2aa8411a3f6
changeset: 6430:c2aa8411a3f6
user: Dirk Haun <dirk at haun-online.de>
date: Sun Oct 05 20:33:33 2008 +0200
description:
Fixed SQL error when poll questions contained single quotes (bug #0000756)
diffstat:
2 files changed, 15 insertions(+), 8 deletions(-)
public_html/admin/plugins/polls/index.php | 21 +++++++++++++--------
public_html/docs/history | 2 ++
diffs (43 lines):
diff -r f41761b1c244 -r c2aa8411a3f6 public_html/admin/plugins/polls/index.php
--- a/public_html/admin/plugins/polls/index.php Sun Oct 05 18:24:06 2008 +0200
+++ b/public_html/admin/plugins/polls/index.php Sun Oct 05 20:33:33 2008 +0200
@@ -250,14 +250,19 @@
$k = 0; // set up a counter to make sure we do assign a straight line of question id's
$v = 0; // re-count votes sine they might have been changed
// first dimension of array are the questions
- for ($i=0; $i<sizeof($Q); $i++) {
- $Q[$i] = COM_stripslashes ($Q[$i]);
- if (strlen ($Q[$i]) > 0) { // only insert questions that exist
- DB_save ($_TABLES['pollquestions'], 'qid, pid, question', "'$k', '$pid', '$Q[$i]'");
- // within the questions, we have another dimensions with answers, votes and remarks
- for ($j=0; $j<sizeof($A[$i]); $j++) {
- $A[$i][$j] = COM_stripslashes ($A[$i][$j]);
- if (strlen ($A[$i][$j]) > 0) { // only insert answers etc that exist
+ $num_questions = sizeof($Q);
+ for ($i = 0; $i < $num_questions; $i++) {
+ $Q[$i] = COM_stripslashes($Q[$i]);
+ if (strlen($Q[$i]) > 0) { // only insert questions that exist
+ $Q[$i] = addslashes($Q[$i]);
+ DB_save($_TABLES['pollquestions'], 'qid, pid, question',
+ "'$k', '$pid', '$Q[$i]'");
+ // within the questions, we have another dimensions with answers,
+ // votes and remarks
+ $num_answers = sizeof($A[$i]);
+ for ($j = 0; $j < $num_answers; $j++) {
+ $A[$i][$j] = COM_stripslashes($A[$i][$j]);
+ if (strlen($A[$i][$j]) > 0) { // only insert answers etc that exist
if (!is_numeric($V[$i][$j])) {
$V[$i][$j] = "0";
}
diff -r f41761b1c244 -r c2aa8411a3f6 public_html/docs/history
--- a/public_html/docs/history Sun Oct 05 18:24:06 2008 +0200
+++ b/public_html/docs/history Sun Oct 05 20:33:33 2008 +0200
@@ -39,6 +39,8 @@
Polls plugin
------------
+- Fixed SQL error when poll questions contained single quotes (bug #0000756)
+ [Dirk]
- Fixed handling of poll IDs in Polls editor (bug #0000753) [Dirk]
Static Pages plugin
More information about the geeklog-cvs
mailing list