firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

post 등에 mysql_real_escape_string 적용하는 코드 수정

Browse Source
This commit is contained in:
chicpro
2014-02-20 11:29:19 +09:00
parent 7bd383b7cf
commit bc1cfad1c2
20 changed files with 76 additions and 76 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
bbs/ajax.autosave.php
View File

@ -3,9 +3,9 @@ include_once('./_common.php');
if (!$is_member) die('0');
$uid = escape_trim($_REQUEST['uid']);
$subject = escape_trim(stripslashes($_REQUEST['subject']));
$content = escape_trim(stripslashes($_REQUEST['content']));
$uid = trim($_REQUEST['uid']);
$subject = trim(stripslashes($_REQUEST['subject']));
$content = trim(stripslashes($_REQUEST['content']));
if ($subject && $content) {
$sql = " select count(*) as cnt from {$g5['autosave_table']} where mb_id = '{$member['mb_id']}' and as_subject = '$subject' and as_content = '$content' ";