*
* @license http://nucleuscms.org/license.txt GNU General Public License
* @copyright Copyright (C) 2002-2007 The Nucleus Group
- * @version $Id: PLUGIN.php,v 1.7 2007-04-06 19:37:07 kmorimatsu Exp $
- * $NucleusJP: PLUGIN.php,v 1.6 2007/03/30 22:18:54 kmorimatsu Exp $
+ * @version $Id: PLUGIN.php,v 1.8 2007-04-20 08:45:28 kimitake Exp $
+ * $NucleusJP: PLUGIN.php,v 1.7 2007/04/06 19:37:07 kmorimatsu Exp $
*/
class NucleusPlugin {
} else {
$orderby = 'ovalue';
}
- $q = 'SELECT ovalue value, ocontextid id FROM '.sql_table('plugin_option').' WHERE oid = '.$oid.' ORDER BY '.$orderby.' '.$sort.' LIMIT 0,'.$amount;
+ $q = 'SELECT ovalue value, ocontextid id FROM '.sql_table('plugin_option').' WHERE oid = '.$oid.' ORDER BY '.$orderby.' '.$sort.' LIMIT 0,'.intval($amount);
$query = mysql_query($q);
// create the array
}
}
-?>
\ No newline at end of file
+?>
*
* @license http://nucleuscms.org/license.txt GNU General Public License
* @copyright Copyright (C) 2002-2007 The Nucleus Group
- * @version $Id: skinie.php,v 1.4 2007-03-22 09:23:58 kimitake Exp $
- * @version $NucleusJP: skinie.php,v 1.8 2007/03/22 03:30:14 kmorimatsu Exp $
+ * @version $Id: skinie.php,v 1.5 2007-04-20 08:45:28 kimitake Exp $
+ * @version $NucleusJP: skinie.php,v 1.4 2007/03/22 09:23:58 kimitake Exp $
*/
class SKINIMPORT {
* Called by XML parser for each new start element encountered
*/
function startElement($parser, $name, $attrs) {
+ foreach($attrs as $key=>$value) $attrs[$key]=htmlspecialchars($value,ENT_QUOTES);
+
if ($this->debug) echo 'START: ', htmlspecialchars($name), '<br />';
switch ($name) {
*
* @license http://nucleuscms.org/license.txt GNU General Public License
* @copyright Copyright (C) 2002-2007 The Nucleus Group
- * @version $Id: PLUGIN.php,v 1.11 2007-04-06 19:36:29 kmorimatsu Exp $
- * $NucleusJP: PLUGIN.php,v 1.10 2007/03/30 22:18:28 kmorimatsu Exp $
+ * @version $Id: PLUGIN.php,v 1.12 2007-04-20 08:43:25 kimitake Exp $
+ * $NucleusJP: PLUGIN.php,v 1.11 2007/04/06 19:36:29 kmorimatsu Exp $
*/
class NucleusPlugin {
} else {
$orderby = 'ovalue';
}
- $q = 'SELECT ovalue value, ocontextid id FROM '.sql_table('plugin_option').' WHERE oid = '.$oid.' ORDER BY '.$orderby.' '.$sort.' LIMIT 0,'.$amount;
+ $q = 'SELECT ovalue value, ocontextid id FROM '.sql_table('plugin_option').' WHERE oid = '.$oid.' ORDER BY '.$orderby.' '.$sort.' LIMIT 0,'.intval($amount);
$query = mysql_query($q);
// create the array
}
}
-?>
\ No newline at end of file
+?>
*
* @license http://nucleuscms.org/license.txt GNU General Public License
* @copyright Copyright (C) 2002-2007 The Nucleus Group
- * @version $Id: skinie.php,v 1.8 2007-03-22 03:30:14 kmorimatsu Exp $
- * @version $NucleusJP: skinie.php,v 1.7 2007/02/04 06:28:46 kimitake Exp $
+ * @version $Id: skinie.php,v 1.9 2007-04-20 08:43:25 kimitake Exp $
+ * @version $NucleusJP: skinie.php,v 1.8 2007/03/22 03:30:14 kmorimatsu Exp $
*/
class SKINIMPORT {
* Called by XML parser for each new start element encountered
*/
function startElement($parser, $name, $attrs) {
+ foreach($attrs as $key=>$value) $attrs[$key]=htmlspecialchars($value,ENT_QUOTES);
+
if ($this->debug) echo 'START: ', htmlspecialchars($name), '<br />';
switch ($name) {