\r
//todo: display header\r
\r
-\r
+if (!preg_match('/^([a-z0-9_]+|`[^`]+`)$/i',$NPG_CONF['temp_table'])) exit;\r
$type = requestvar('type');\r
switch($type) {\r
case 'firststage':\r
function add_temp($albumid = 0, $filename, $filetype, $filesize, $filetempname, $description = '') {\r
global $NPG_CONF, $gmember, $NP_BASE_DIR,$manager;\r
$memberid = $gmember->getID();\r
+ if (!preg_match('/^([a-z0-9_]+|`[^`]+`)$/i',$NPG_CONF['temp_table'])) exit;\r
$temp_table = $NPG_CONF['temp_table'];\r
$int_filename = '';\r
$thumb_filename = '';\r
\r
function addpictureformjupload($albumid = 0, $num_files = 0) {\r
global $NPG_CONF,$CONF;\r
+ if (!preg_match('/^([a-z0-9_]+|`[^`]+`)$/i',$NPG_CONF['temp_table'])) exit;\r
$exist_temp_table = mysql_query('SELECT 1 FROM '.$NPG_CONF['temp_table'].' LIMIT 0');\r
if ($exist_temp_table) sql_query('drop table '. $NPG_CONF['temp_table']);\r
\r
global $NPG_CONF, $gmember,$manager,$CONF,$NP_BASE_DIR;\r
\r
$NPG_CONF = getNPGConfig();\r
+ if (!preg_match('/^([a-z0-9_]+|`[^`]+`)$/i',$NPG_CONF['temp_table'])) exit;\r
$table_name = $NPG_CONF['temp_table'];\r
\r
$promo_allowed = false;\r
$result2 = mysql_query("select numberofimages from ".sql_table('plug_gallery_album')." where albumid = ".intval($row['albumid']));\r
$row2 = mysql_fetch_assoc($result2);\r
if($row2['numberofimages'] <> $row['noi']) {\r
- sql_query("update ".sql_table('plug_gallery_album')." set numberofimages={$row['noi']} where albumid = ".intval($row['albumid']));\r
+ sql_query("update ".sql_table('plug_gallery_album')." set numberofimages=".intval($row['noi'])." where albumid = ".intval($row['albumid']));\r
}\r
}\r
}\r
$this->description = stripslashes($this->description);\r
$this->description = addslashes($this->description);\r
sql_query("update ".sql_table('plug_gallery_picture')\r
- ." set title='".addslashes($this->title)."', "\r
- ."description='".addslashes($this->description)."', " \r
+ ." set title='".$this->title."', "\r
+ ."description='".$this->description."', " \r
."keywords='".addslashes($this->keywords)."',"\r
."albumid=".intval($this->albumid)." "\r
."where pictureid=".intval($this->id) );\r
if(!$NPG_CONF['viewtime']) $NPG_CONF['viewtime'] = 30 ;\r
$cuttime = $NPG_CONF['viewtime'];\r
//first test for duplicates\r
- $query = 'select * from '.sql_table('plug_gallery_views')." where vpictureid = ".($pictureid);\r
+ $query = 'select * from '.sql_table('plug_gallery_views')." where vpictureid = ".intval($pictureid);\r
//$result = mysql_query($query);\r
//print_r($result);\r
//$numrows= mysql_num_rows($result);\r
' add column tdesc int unsigned first ';\r
sql_query($query);\r
if(!$new_id) $new_id = 1;\r
- $query = 'UPDATE '.sql_table('plug_gallery_template').' set tdesc = '.$new_id;\r
+ $query = 'UPDATE '.sql_table('plug_gallery_template').' set tdesc = '.intval($new_id);\r
sql_query($query);\r
}\r
\r