dendy
/
librecat
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix error on publishing single quotes

This commit is contained in:
posweg 2020-05-21 20:29:28 +00:00
parent 92c6bea0fb
commit 375fdf887c
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
action/publish-question.php
View File

@ -1,5 +1,6 @@
<?php <?php
session_start(); session_start();
include("../include/settings.php");
$db = new SQLite3('../ask.db'); $db = new SQLite3('../ask.db');
@ -16,12 +17,13 @@ if(isset($_POST["post-submit"])){
else{ else{
$u = $p_user["id"]; $u = $p_user["id"];
$by = 0; $by = 0;
$question = htmlspecialchars($_POST["post-text"]); $question = htmlspecialchars($_POST["post-text"], ENT_QUOTES);
// Insert user into DB // Insert user into DB
$db->exec("INSERT INTO questions(user,by,question,answered,date) VALUES ('$u','$by','$question',0,". strtotime('now') .");"); $db->exec("INSERT INTO questions(user,by,question,answered,date) VALUES ('$u','$by','$question',0,". strtotime('now') .");");
unset($_POST["post-text"]); unset($_POST["post-text"]);
header("Location: /user/" . $p_user["username"]); if($fancy_urls) header("Location: /user/" . $p_user["username"]);
else header("Location: /user.php?q=" . $p_user["username"]);
} }
} }
?> ?>