\r
function addpictureformjupload($albumid = 0, $num_files = 0) {\r
global $NPG_CONF,$CONF;\r
+ if (!preg_match('/^([a-z0-9_]+|`[^`]+`)$/i',$NPG_CONF['temp_table'])) exit;\r
$exist_temp_table = mysql_query('SELECT 1 FROM '.$NPG_CONF['temp_table'].' LIMIT 0');\r
if ($exist_temp_table) sql_query('drop table '. $NPG_CONF['temp_table']);\r
\r
global $NPG_CONF, $gmember,$manager,$CONF,$NP_BASE_DIR;\r
\r
$NPG_CONF = getNPGConfig();\r
+ if (!preg_match('/^([a-z0-9_]+|`[^`]+`)$/i',$NPG_CONF['temp_table'])) exit;\r
$table_name = $NPG_CONF['temp_table'];\r
\r
$promo_allowed = false;\r