iarv/Piwigo
1
0
Fork 0
mirror of https://github.com/Piwigo/Piwigo.git synced 2026-03-28 17:42:57 +01:00
Code Issues Packages Projects Releases Wiki Activity

issue #1150 also protect groupe name on API methods

Browse Source
This commit is contained in:
plegall
2020-02-07 17:17:17 +01:00
parent 619849ff8b
commit 6ac6db0d2d
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
include/ws_functions/pwg.groups.php
View File

@@ -61,7 +61,7 @@ SELECT
*/
function ws_groups_add($params, &$service)
{
$params['name'] = pwg_db_real_escape_string($params['name']);
$params['name'] = pwg_db_real_escape_string(strip_tags(stripslashes($params['name'])));
// is the name not already used ?
$query = '
@@ -180,7 +180,7 @@ SELECT COUNT(*)
if (!empty($params['name']))
{
$params['name'] = pwg_db_real_escape_string($params['name']);
$params['name'] = pwg_db_real_escape_string(strip_tags(stripslashes($params['name'])));
// is the name not already used ?
$query = '