@@ 450-454 (lines=5) @@ | ||
447 | case 'sectionmake': |
|
448 | $myts = MyTextSanitizer::getInstance(); |
|
449 | $secname = !empty($_POST['secname']) ? $myts->stripSlashesGPC($_POST['secname']) : ''; |
|
450 | if (empty($_POST['secname'])) { |
|
451 | redirect_header('main.php', 2, _MD_ERRORSECNAME); |
|
452 | } else { |
|
453 | $secname = $myts->stripSlashesGPC($_POST['secname']); |
|
454 | } |
|
455 | $secdesc = !empty($_POST['secdesc']) ? $myts->stripSlashesGPC($_POST['secdesc']) : ''; |
|
456 | $display = (int)(empty($_POST['display']) ? 0 : 1); |
|
457 | $setexpire = (int)(empty($_POST['setexpire']) ? 0 : 1); |
|
@@ 511-515 (lines=5) @@ | ||
508 | redirect_header('main.php?op=sections', 2, _MD_DBNOTUPDATED); |
|
509 | } |
|
510 | $myts = MyTextSanitizer::getInstance(); |
|
511 | if (empty($_POST['secname'])) { |
|
512 | redirect_header('main.php', 2, _MD_ERRORSECNAME); |
|
513 | } else { |
|
514 | $secname = $myts->stripSlashesGPC($_POST['secname']); |
|
515 | } |
|
516 | $secdesc = !empty($_POST['secdesc']) ? $myts->stripSlashesGPC($_POST['secdesc']) : ''; |
|
517 | $secname = $xoopsDB->quoteString($secname); |
|
518 | $secdesc = $xoopsDB->quoteString($secdesc); |