From f05dc3d53d97f84d4c8ec879a56be72d8eb6444a Mon Sep 17 00:00:00 2001 From: Ralf Becker Date: Wed, 18 Jul 2001 23:54:43 +0000 Subject: [PATCH] missing stripslashed added to read, common array $maybe_slashes with fields that may contain slashes for read+write --- infolog/inc/class.soinfolog.inc.php | 30 ++++++++++++++++++----------- 1 file changed, 19 insertions(+), 11 deletions(-) diff --git a/infolog/inc/class.soinfolog.inc.php b/infolog/inc/class.soinfolog.inc.php index f1742f050a..221df5cc91 100644 --- a/infolog/inc/class.soinfolog.inc.php +++ b/infolog/inc/class.soinfolog.inc.php @@ -19,7 +19,9 @@ var $grants; var $data = array( ); var $filters = array( ); - + var $maybe_slashes = array ( + 'info_des'=>1,'info_subject'=>1,'info_from'=>1,'info_addr'=>1 + ); function soinfolog( $info_id = 0) { global $phpgw; @@ -197,7 +199,12 @@ if ($info_id != $this->data['info_id']) // data yet read in { $this->data = $this->db->Record; - } + reset($this->maybe_slashes); + while (list($key) = each($this->maybe_slashes)) + { + $this->data[$key] = stripslashes($this->data[$key]); + } + } return $this->data; } @@ -220,17 +227,18 @@ { while (list($key,$val) = each($values)) { - $this->data['info_'.$key] = $val; // update internal data - - switch ($key) + if ($key != 'info_id') { - case 'info_id': - break; - case 'des': case 'subject': case 'from': case 'addr': + $key = 'info_'.$key; + + $this->data[$key] = $val; // update internal data + + if ($this->maybe_slashes[$key]) + { $val = addslashes($val); - default: - if ($query) $query .= ','; - $query .= "info_$key='$val'"; + } + if ($query) $query .= ','; + $query .= "$key='$val'"; } } if ($values['info_id'])