aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/admin
diff options
context:
space:
mode:
authorJames Atkinson <thefinn@users.sourceforge.net>2001-10-30 23:44:39 +0000
committerJames Atkinson <thefinn@users.sourceforge.net>2001-10-30 23:44:39 +0000
commit5cce2b35f7dcb8517935507b5e6b6ee4fa9239b7 (patch)
tree7a147156748756e8f9f155781eafdf4d23f96de0 /phpBB/admin
parente12e73d0b74cfe09366ab8e9b27e8c08c671ddcf (diff)
downloadforums-5cce2b35f7dcb8517935507b5e6b6ee4fa9239b7.tar
forums-5cce2b35f7dcb8517935507b5e6b6ee4fa9239b7.tar.gz
forums-5cce2b35f7dcb8517935507b5e6b6ee4fa9239b7.tar.bz2
forums-5cce2b35f7dcb8517935507b5e6b6ee4fa9239b7.tar.xz
forums-5cce2b35f7dcb8517935507b5e6b6ee4fa9239b7.zip
Fixed bug #474123
git-svn-id: file:///svn/phpbb/trunk@1251 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/admin')
-rw-r--r--phpBB/admin/admin_forums.php5
-rw-r--r--phpBB/admin/admin_groups.php6
2 files changed, 7 insertions, 4 deletions
diff --git a/phpBB/admin/admin_forums.php b/phpBB/admin/admin_forums.php
index f206fd7f59..6c5184094d 100644
--- a/phpBB/admin/admin_forums.php
+++ b/phpBB/admin/admin_forums.php
@@ -213,7 +213,10 @@ if( isset($HTTP_POST_VARS['addforum']) || isset($HTTP_POST_VARS['addcategory'])
if( $mode == "addforum" )
{
list($cat_id) = each($HTTP_POST_VARS['addforum']);
- $forumname = $HTTP_POST_VARS['forumname'][$cat_id];
+ //
+ // stripslashes needs to be run on this because slashes are added when the forum name is posted
+ //
+ $forumname = stripslashes($HTTP_POST_VARS['forumname'][$cat_id]);
}
}
diff --git a/phpBB/admin/admin_groups.php b/phpBB/admin/admin_groups.php
index 89304ba890..727f18346e 100644
--- a/phpBB/admin/admin_groups.php
+++ b/phpBB/admin/admin_groups.php
@@ -164,9 +164,9 @@ else if( isset($HTTP_POST_VARS['group_update']) )
}
else
{
- $group_type = isset($HTTP_POST_VARS['group_type']) ? trim(addslashes($HTTP_POST_VARS['group_type'])) : "";
- $group_name = isset($HTTP_POST_VARS['group_name']) ? trim(addslashes($HTTP_POST_VARS['group_name'])) : "";
- $group_description = isset($HTTP_POST_VARS['group_description']) ? trim(addslashes($HTTP_POST_VARS['group_description'])) : "";
+ $group_type = isset($HTTP_POST_VARS['group_type']) ? trim($HTTP_POST_VARS['group_type']) : "";
+ $group_name = isset($HTTP_POST_VARS['group_name']) ? trim($HTTP_POST_VARS['group_name']) : "";
+ $group_description = isset($HTTP_POST_VARS['group_description']) ? trim($HTTP_POST_VARS['group_description']) : "";
$group_moderator = isset($HTTP_POST_VARS['group_moderator']) ? intval($HTTP_POST_VARS['group_moderator']) : "";
$delete_old_moderator = isset($HTTP_POST_VARS['delete_old_moderator']) ? intval($HTTP_POST_VARS['delete_old_moderator']) : "";