summaryrefslogtreecommitdiff
path: root/www-ssl
diff options
context:
space:
mode:
authorcookie <cookie@29ba0400-6e00-0410-a75a-ca02368028f8>2005-11-20 23:57:20 +0000
committercookie <cookie@29ba0400-6e00-0410-a75a-ca02368028f8>2005-11-20 23:57:20 +0000
commitb1a0c48fa5bc50558c2772d0136342227fbe5091 (patch)
tree8bb2f8c69a092e33af186582c6f487461e1ce182 /www-ssl
parent7f3fda342aa74aef312e8ea2703a1cf3bcb48aa8 (diff)
probleme mit umlauten beseitigt
git-svn-id: svn://svn.cccv.de/engel-system@72 29ba0400-6e00-0410-a75a-ca02368028f8
Diffstat (limited to 'www-ssl')
-rwxr-xr-xwww-ssl/admin/sprache.php2
-rwxr-xr-xwww-ssl/inc/secure.php12
2 files changed, 8 insertions, 6 deletions
diff --git a/www-ssl/admin/sprache.php b/www-ssl/admin/sprache.php
index af5db2ba..404a3961 100755
--- a/www-ssl/admin/sprache.php
+++ b/www-ssl/admin/sprache.php
@@ -46,6 +46,7 @@ if( !isset( $_GET["TextID"] ) )
foreach( $Sprachen as $Name => $Value )
{
+ $Value = html_entity_decode( $Value, ENT_QUOTES);
echo "\t\t<td><textarea name=\"$Name\" cols=\"22\" rows=\"8\">$Value</textarea></td>\n";
$Sprachen[ $Name ] = "";
}
@@ -87,6 +88,7 @@ else
{
$sql_save = "INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) ".
"VALUES ('". $_GET["TextID"]. "', '$k', '$v')";
+ echo $sql_save."<br>";
$Erg = mysql_query($sql_save, $con);
if ($Erg == 1)
echo "\t $k Save: OK<br>\n";
diff --git a/www-ssl/inc/secure.php b/www-ssl/inc/secure.php
index 687289fc..d6b5c512 100755
--- a/www-ssl/inc/secure.php
+++ b/www-ssl/inc/secure.php
@@ -7,9 +7,9 @@ if( $DEBUG)
foreach ($_GET as $k => $v)
{
- $v = htmlspecialchars($v);
- $v = mysql_escape_string($v);
-// $v = htmlentities($v);
+// $v = htmlspecialchars($v, ENT_QUOTES);
+// $v = mysql_escape_string($v);
+ $v = htmlentities($v, ENT_QUOTES);
if (preg_match('/([\'"`\'])/', $v, $match))
{
print "sorry get has illegal char '$match[1]'";
@@ -23,9 +23,9 @@ foreach ($_GET as $k => $v)
foreach ($_POST as $k => $v)
{
- $v = htmlspecialchars($v);
- $v = mysql_escape_string($v);
-// $v = htmlentities($v);
+// $v = htmlspecialchars($v, ENT_QUOTES);
+// $v = mysql_escape_string($v);
+ $v = htmlentities($v, ENT_QUOTES);
if (preg_match('/([\'"`\'])/', $v, $match)) {
print "sorry post has illegal char '$match[1]'";
exit;