xle/tt-rss
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

db_escape_string: specify link parameter for consistency; sessions: do not force-close db connection in _close()

Browse Source
This commit is contained in:
Andrew Dolgov
2013-03-22 09:14:55 +04:00
parent 9d9432dab8
commit 3972bf5981
40 changed files with 342 additions and 350 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
register.php
View File

@@ -74,7 +74,7 @@
if ($action == "check") {
header("Content-Type: application/xml");
$login = trim(db_escape_string($_REQUEST['login']));
$login = trim(db_escape_string($link, $_REQUEST['login']));
$result = db_query($link, "SELECT id FROM ttrss_users WHERE
LOWER(login) = LOWER('$login')");
@@ -242,9 +242,9 @@
<?php } else if ($action == "do_register") { ?>
<?php
$login = mb_strtolower(trim(db_escape_string($_REQUEST["login"])));
$email = trim(db_escape_string($_REQUEST["email"]));
$test = trim(db_escape_string($_REQUEST["turing_test"]));
$login = mb_strtolower(trim(db_escape_string($link, $_REQUEST["login"])));
$email = trim(db_escape_string($link, $_REQUEST["email"]));
$test = trim(db_escape_string($link, $_REQUEST["turing_test"]));
if (!$login || !$email || !$test) {
print_error(__("Your registration information is incomplete."));