EuskadiTech/Axia4
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Change Sf to Ssql for name input sanitization

Browse Source
This commit is contained in:
Naiel
2026-03-07 21:49:25 +01:00
committed by GitHub
parent e22a96ed8b
commit 556ec6b838
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
public_html/sysadmin/aularios.php
View File

@@ -69,7 +69,7 @@ switch ($form_action) {
"INSERT OR IGNORE INTO aularios (org_id, aulario_id, name, icon) VALUES (?, ?, ?, ?)"
)->execute([
$centro_id, $aulario_id,
Sf($_POST["name"] ?? ""),
Ssql($_POST["name"] ?? ""),
Sf($_POST["icon"] ?? "/static/logo-entreaulas.png"),
]);
// Create Proyectos directory for project file storage
@@ -124,7 +124,7 @@ switch ($form_action) {
db()->prepare(
"UPDATE aularios SET name = ?, icon = ?, extra = ? WHERE org_id = ? AND aulario_id = ?"
)->execute([
Sf($_POST["name"] ?? ""),
Ssql($_POST["name"] ?? ""),
$icon,
json_encode($extra),
$centro_id,