diff options
| author | Cassio de Campos <cassiopc@gmail.com> | 2017-07-31 19:29:41 +0000 |
|---|---|---|
| committer | Cassio de Campos <cassiopc@gmail.com> | 2017-07-31 19:29:41 +0000 |
| commit | 00de0ce0817f36b5acba70362a4c30c8fa7aaf11 (patch) | |
| tree | a1212e95b472d75687741132d9055e416a558830 /src/fclar.php | |
| parent | e90144b4cc0feba26ee2f972b032c44d187b6bff (diff) | |
| download | boca-00de0ce0817f36b5acba70362a4c30c8fa7aaf11.tar.gz boca-00de0ce0817f36b5acba70362a4c30c8fa7aaf11.zip | |
sanitising
Diffstat (limited to 'src/fclar.php')
| -rw-r--r-- | src/fclar.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/fclar.php b/src/fclar.php index 39084bc..fd99c53 100644 --- a/src/fclar.php +++ b/src/fclar.php @@ -255,7 +255,7 @@ function DBNewClar($param,$c=null) { MSGError("DBNewClar param error: $key is not numeric"); return false; } - $$key = sanitizeText($param[$key]); + $$key = myhtmlspecialchars($param[$key]); } $t = time(); $clarnumber=-1; @@ -269,7 +269,7 @@ function DBNewClar($param,$c=null) { $clarstatus='openclar'; foreach($ac1 as $key) { if(isset($param[$key])) { - $$key = sanitizeText($param[$key]); + $$key = myhtmlspecialchars($param[$key]); if(isset($type[$key]) && !is_numeric($param[$key])) { MSGError("DBNewClar param error: $key is not numeric"); return false; |