Quote:
Originally Posted by amykhar
my code is so totally different that I can't begin to tell you what line or even what function to look for. But, to fix your apostrophe problems, all you have to do is use trim and addslashes on any text input that's going to be put in the database. Find where the quiz name or title variable is. Before it goes into the database, do something like this (appropriate variables of course)
Code:
$title = $trim(addslashesa($title));
Do the same thing for the questions, descriptions and the options - ANY text that's going to be inserted in the database.
|
Code:
$to = $DB->query_first("select username, userid from ".TABLE_PREFIX."user where userid='{$to}'");
$DataManager_PM =& datamanager_init('PM', $vbulletin, ERRTYPE_ARRAY);
$DataManager_PM->set('fromuserid', $to['userid']);
$DataManager_PM->set('fromusername', $to['username']);
$DataManager_PM->set('title', $title = trim(addslashes($title));
$DataManager_PM->set('message', $message = trim(addslashes($message));
$DataManager_PM->set_recipients($to['username'],$to['permissions']);
$DataManager_PM->set('dateline', TIMENOW);
$DataManager_PM->save();
}
Thanks for the assist, Amy. I did as you have said but I get a syntax error. Is this right?