Removed redundant mysqli_real_escape_string #290
This commit is contained in:
parent
2024ccaf39
commit
5d5f86307e
@ -54,8 +54,8 @@ if (!empty($_POST['function'])||!empty($_GET['function'])) {
|
|||||||
$plugins = new Plugins($plugins, $database, $settings);
|
$plugins = new Plugins($plugins, $database, $settings);
|
||||||
|
|
||||||
# Escape
|
# Escape
|
||||||
foreach(array_keys($_POST) as $key) $_POST[$key] = mysqli_real_escape_string($database, urldecode($_POST[$key]));
|
foreach(array_keys($_POST) as $key) $_POST[$key] = urldecode($_POST[$key]);
|
||||||
foreach(array_keys($_GET) as $key) $_GET[$key] = mysqli_real_escape_string($database, urldecode($_GET[$key]));
|
foreach(array_keys($_GET) as $key) $_GET[$key] = urldecode($_GET[$key]);
|
||||||
|
|
||||||
# Validate parameters
|
# Validate parameters
|
||||||
if (isset($_POST['albumIDs'])&&preg_match('/^[0-9\,]{1,}$/', $_POST['albumIDs'])!==1) exit('Error: Wrong parameter type for albumIDs!');
|
if (isset($_POST['albumIDs'])&&preg_match('/^[0-9\,]{1,}$/', $_POST['albumIDs'])!==1) exit('Error: Wrong parameter type for albumIDs!');
|
||||||
|
Loading…
Reference in New Issue
Block a user