diff options
| author | Steven Wittens <steven@10.no-reply.drupal.org> | 2002-10-15 23:15:55 +0000 |
|---|---|---|
| committer | Steven Wittens <steven@10.no-reply.drupal.org> | 2002-10-15 23:15:55 +0000 |
| commit | c5da43fa402f06c95c8a2d294c11bc2d0c401718 (patch) | |
| tree | c3dbbe64b958943d7ad0041380fe4f474dec06ea /modules | |
| parent | 1ff4da96e369de52aa1f318998b1a02a699e281d (diff) | |
| download | brdo-c5da43fa402f06c95c8a2d294c11bc2d0c401718.tar.gz brdo-c5da43fa402f06c95c8a2d294c11bc2d0c401718.tar.bz2 | |
- Fixed missing filtering
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/poll.module | 6 | ||||
| -rw-r--r-- | modules/poll/poll.module | 6 |
2 files changed, 6 insertions, 6 deletions
diff --git a/modules/poll.module b/modules/poll.module index 5869a0e4d..0073e281c 100644 --- a/modules/poll.module +++ b/modules/poll.module @@ -136,7 +136,7 @@ function poll_insert($node) { $node->active = 1; } - db_query("INSERT INTO poll (nid, runtime, voters, active) VALUES ('$node->nid', '$node->runtime', '', '$node->active')"); + db_query("INSERT INTO poll (nid, runtime, voters, active) VALUES ('". check_input($node->nid) ."', '". check_input($node->runtime) ."', '', '". check_input($node->active) ."')"); for ($i = 0; $i < $node->choices; $i++) { $choice->chtext = filter($node->choice[$i]); @@ -144,7 +144,7 @@ function poll_insert($node) { $choice->chorder = $i; if ($choice->chtext != "") { - db_query("INSERT INTO poll_choices (nid, chtext, chvotes, chorder) VALUES ('$node->nid', '$choice->chtext', '$choice->chvotes', '$choice->chorder')"); + db_query("INSERT INTO poll_choices (nid, chtext, chvotes, chorder) VALUES ('". check_input($node->nid) ."', '". check_input($choice->chtext) ."', '". check_input($choice->chvotes) ."', '". check_input($choice->chorder) ."')"); } } } @@ -404,7 +404,7 @@ function poll_update($node) { $choice->chorder = $i; if ($choice->chtext != "") { - db_query("INSERT INTO poll_choices (nid, chtext, chvotes, chorder) VALUES ('$node->nid', '$choice->chtext', '$choice->chvotes', '$choice->chorder')"); + db_query("INSERT INTO poll_choices (nid, chtext, chvotes, chorder) VALUES ('". check_input($node->nid) ."', '". check_input($choice->chtext) ."', '". check_input($choice->chvotes) ."', '". check_input($choice->chorder) ."')"); } } } diff --git a/modules/poll/poll.module b/modules/poll/poll.module index 5869a0e4d..0073e281c 100644 --- a/modules/poll/poll.module +++ b/modules/poll/poll.module @@ -136,7 +136,7 @@ function poll_insert($node) { $node->active = 1; } - db_query("INSERT INTO poll (nid, runtime, voters, active) VALUES ('$node->nid', '$node->runtime', '', '$node->active')"); + db_query("INSERT INTO poll (nid, runtime, voters, active) VALUES ('". check_input($node->nid) ."', '". check_input($node->runtime) ."', '', '". check_input($node->active) ."')"); for ($i = 0; $i < $node->choices; $i++) { $choice->chtext = filter($node->choice[$i]); @@ -144,7 +144,7 @@ function poll_insert($node) { $choice->chorder = $i; if ($choice->chtext != "") { - db_query("INSERT INTO poll_choices (nid, chtext, chvotes, chorder) VALUES ('$node->nid', '$choice->chtext', '$choice->chvotes', '$choice->chorder')"); + db_query("INSERT INTO poll_choices (nid, chtext, chvotes, chorder) VALUES ('". check_input($node->nid) ."', '". check_input($choice->chtext) ."', '". check_input($choice->chvotes) ."', '". check_input($choice->chorder) ."')"); } } } @@ -404,7 +404,7 @@ function poll_update($node) { $choice->chorder = $i; if ($choice->chtext != "") { - db_query("INSERT INTO poll_choices (nid, chtext, chvotes, chorder) VALUES ('$node->nid', '$choice->chtext', '$choice->chvotes', '$choice->chorder')"); + db_query("INSERT INTO poll_choices (nid, chtext, chvotes, chorder) VALUES ('". check_input($node->nid) ."', '". check_input($choice->chtext) ."', '". check_input($choice->chvotes) ."', '". check_input($choice->chorder) ."')"); } } } |