From d0e32547db5d5e019c0d3bf9f1767d160af4efe0 Mon Sep 17 00:00:00 2001 From: Matthieu Leproux Date: Mon, 26 Sep 2022 14:47:42 +0200 Subject: [PATCH] fixed #1701 escaped " ' " for album creation and edit --- admin/cat_modify.php | 5 +++-- include/ws_functions/pwg.categories.php | 3 ++- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/admin/cat_modify.php b/admin/cat_modify.php index 261f1c0c6..6eb1fbc5d 100644 --- a/admin/cat_modify.php +++ b/admin/cat_modify.php @@ -106,7 +106,8 @@ if (isset($_POST['submit'])) $conf['allow_html_descriptions'] ? @$_POST['comment'] : strip_tags(@$_POST['comment']), ); - + + $data['name'] = pwg_db_real_escape_string($data['name']); if ($conf['activate_comments']) { $data['commentable'] = isset($_POST['commentable'])? 'true':'false'; @@ -211,7 +212,7 @@ if (!empty($category['id_uppercat'])) $template->assign( array( - 'CATEGORIES_NAV' => preg_replace("# {2,}#"," ",preg_replace("#(\r\n|\n\r|\n|\r)#"," ",$navigation)), + 'CATEGORIES_NAV' => preg_replace("# {2,}#"," ",preg_replace("#(\r\n|\n\r|\n|\r)#"," ",pwg_db_real_escape_string($navigation))), 'CAT_ID' => $category['id'], 'CAT_NAME' => @htmlspecialchars($category['name']), 'CAT_COMMENT' => @htmlspecialchars($category['comment']), diff --git a/include/ws_functions/pwg.categories.php b/include/ws_functions/pwg.categories.php index abce8aaa7..c41ce24d9 100644 --- a/include/ws_functions/pwg.categories.php +++ b/include/ws_functions/pwg.categories.php @@ -647,7 +647,8 @@ function ws_categories_add($params, &$service) // TODO do not strip tags if pwg_token is provided (and valid) $options['comment'] = strip_tags($params['comment']); } - + + $params['name'] = pwg_db_real_escape_string($params['name']); $creation_output = create_virtual_category( strip_tags($params['name']), // TODO do not strip tags if pwg_token is provided (and valid) $params['parent'],