Fix: compatibility with pgsql, replace all addslashes by $db->escape in other files

2026-01-07 01:23:00 +01:00 · 2011-02-24 18:22:24 +00:00
parent 3b4ea76538
commit aba9bb9acd
42 changed files with 109 additions and 109 deletions
--- a/htdocs/admin/external_rss.php
+++ b/htdocs/admin/external_rss.php
@@ -86,7 +86,7 @@ if ($_POST["action"] == 'add' || $_POST["modify"])
 		{
 			// Ajoute boite box_external_rss dans definition des boites
 	        $sql = "INSERT INTO ".MAIN_DB_PREFIX."boxes_def (file, note)";
-			$sql.= " VALUES ('box_external_rss.php','".addslashes($_POST["norss"].' ('.$_POST[$external_rss_title]).")')";
+			$sql.= " VALUES ('box_external_rss.php','".$db->escape($_POST["norss"].' ('.$_POST[$external_rss_title]).")')";
 	        if (! $db->query($sql))
 	        {
 	        	dol_print_error($db);