diff options
| author | Paul S. Owen <psotfx@users.sourceforge.net> | 2001-12-24 13:17:45 +0000 |
|---|---|---|
| committer | Paul S. Owen <psotfx@users.sourceforge.net> | 2001-12-24 13:17:45 +0000 |
| commit | 459c76308cfcaa641825264ca1e9ae2970de34d8 (patch) | |
| tree | 833fe0938b89c4d2467ed94a3ad0783670792b7a /phpBB/admin/admin_groups.php | |
| parent | 42aac3ed3a9b44d3d8e5273e4cec28bb7cba0e14 (diff) | |
| download | forums-459c76308cfcaa641825264ca1e9ae2970de34d8.tar forums-459c76308cfcaa641825264ca1e9ae2970de34d8.tar.gz forums-459c76308cfcaa641825264ca1e9ae2970de34d8.tar.bz2 forums-459c76308cfcaa641825264ca1e9ae2970de34d8.tar.xz forums-459c76308cfcaa641825264ca1e9ae2970de34d8.zip | |
More \' doings
git-svn-id: file:///svn/phpbb/trunk@1685 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/admin/admin_groups.php')
| -rw-r--r-- | phpBB/admin/admin_groups.php | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/phpBB/admin/admin_groups.php b/phpBB/admin/admin_groups.php index faad5502f4..9883ae4211 100644 --- a/phpBB/admin/admin_groups.php +++ b/phpBB/admin/admin_groups.php @@ -221,7 +221,8 @@ else if( isset($HTTP_POST_VARS['group_update']) ) if ( $delete_old_moderator != "" ) { $sql = "DELETE FROM " . USER_GROUP_TABLE . " - WHERE user_id = " . $group_info['group_moderator'] . " AND group_id = " . $group_id; + WHERE user_id = " . $group_info['group_moderator'] . " + AND group_id = " . $group_id; if ( !$result = $db->sql_query($sql) ) { message_die(GENERAL_ERROR, "Couldn't update group moderator", "", __LINE__, __FILE__, $sql); @@ -235,7 +236,7 @@ else if( isset($HTTP_POST_VARS['group_update']) ) } } $sql = "UPDATE " . GROUPS_TABLE . " - SET group_type = $group_type, group_name = '" . $group_name . "', group_description = '" . $group_description . "', group_moderator = $group_moderator + SET group_type = $group_type, group_name = '" . str_replace("\'", "''", $group_name) . "', group_description = '" . str_replace("\'", "''", $group_description) . "', group_moderator = $group_moderator WHERE group_id = $group_id"; if ( !$result = $db->sql_query($sql) ) { @@ -259,7 +260,7 @@ else if( isset($HTTP_POST_VARS['group_update']) ) $new_group_id = $row['new_group_id'] + 1; $sql = "INSERT INTO " . GROUPS_TABLE . " (group_id, group_type, group_name, group_description, group_moderator, group_single_user) - VALUES ($new_group_id, '" . $group_type . "', '" . $group_name . "', '" . $group_description . "', '" . $group_moderator . "', '0')"; + VALUES ($new_group_id, $group_type, '" . str_replace("\'", "''", $group_name) . "', '" . str_replace("\'", "''", $group_description) . "', $group_moderator, '0')"; if ( !$result = $db->sql_query($sql) ) { message_die(GENERAL_ERROR, "Couldn't insert new group", "", __LINE__, __FILE__, $sql); |