diff options
| author | Dries Buytaert <dries@buytaert.net> | 2001-06-29 22:08:57 +0000 |
|---|---|---|
| committer | Dries Buytaert <dries@buytaert.net> | 2001-06-29 22:08:57 +0000 |
| commit | 9c43e8fc7a192dfe768c76a539373915bddaa0aa (patch) | |
| tree | 32dfe7f04171c2600be4164ca529d7f42766ec32 /account.php | |
| parent | 124694ee4dbcc1df5dfc2d419ed2393619883071 (diff) | |
| download | brdo-9c43e8fc7a192dfe768c76a539373915bddaa0aa.tar.gz brdo-9c43e8fc7a192dfe768c76a539373915bddaa0aa.tar.bz2 | |
Extremely large commit:
- Fixed tiny quote problem in account.php.
- Fixed tiny bug in comment.inc.
- Fixed tiny bug in comment.module.
- Fixed tiny bug in meta.module.
- Simplified user_access() API.
- Rewrote link system: still needs fine-tuning and testing so don't
upgrade if you are running a production site. ;)
Updated all modules and themes to reflect this change. All other
themes and modules need updating too!
Diffstat (limited to 'account.php')
| -rw-r--r-- | account.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/account.php b/account.php index ff9bf3dd3..a3b0d0899 100644 --- a/account.php +++ b/account.php @@ -152,7 +152,7 @@ function account_content_edit() { // construct form: $result = db_query("SELECT * FROM blocks WHERE status = 1 ORDER BY module"); while ($block = db_fetch_object($result)) { - $entry = db_fetch_object(db_query("SELECT * FROM layout WHERE block = '$block->name' AND user = '$user->id'")); + $entry = db_fetch_object(db_query("SELECT * FROM layout WHERE block = '". check_input($block->name) ."' AND user = '$user->id'")); $options .= "<INPUT TYPE=\"checkbox\" NAME=\"edit[$block->name]\"". ($entry->user ? " CHECKED" : "") ."> ". t($block->name) ."<BR>\n"; } |