X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Frequest-functions.php;h=2903a4418cb18058398be0b80c6d069682403296;hb=1e5953f6bfcadb2cbdaead2e516c4401078e620d;hp=6e20af72b077ec8e71b94d0f928838dc0c74c68d;hpb=cd7d344ea7007cfa20413acd3e03e50f0ab86d86;p=mailer.git diff --git a/inc/request-functions.php b/inc/request-functions.php index 6e20af72b0..2903a4418c 100644 --- a/inc/request-functions.php +++ b/inc/request-functions.php @@ -57,7 +57,7 @@ function getRequestElement ($element) { $value = $GLOBALS['cache_request']['get'][$element]; } elseif (isGetRequestElementSet($element)) { // Then get it directly - $value = SQL_ESCAPE($GLOBALS['raw_request']['get'][$element]); + $value = sqlEscapeString($GLOBALS['raw_request']['get'][$element]); // Store it in cache $GLOBALS['cache_request']['get'][$element] = $value; @@ -107,8 +107,8 @@ function countRequestGet () { // Setter for element in $_GET function setGetRequestElement ($element, $value) { // Escape both - $element = SQL_ESCAPE($element); - $value = SQL_ESCAPE($value); + $element = sqlEscapeString($element); + $value = sqlEscapeString($value); // Set in $_GET $GLOBALS['raw_request']['get'][$element] = $value; @@ -135,11 +135,11 @@ function postRequestElement ($element, $subElement = NULL) { // Is $subElement set? if ((!is_null($subElement)) && (isPostRequestElementSet($element, $subElement))) { // Then use this - $value = SQL_ESCAPE($value[$subElement]); + $value = sqlEscapeString($value[$subElement]); //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'element=' . $element . ',subElement=' . $subElement . ' - SUB!'); - } elseif (!is_array($value)) { + } elseif ((!is_array($value)) && (function_exists('sqlEscapeString'))) { // Escape it here - $value = SQL_ESCAPE($value); + $value = sqlEscapeString($value); //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'element=' . $element . ' - REGULAR!'); } @@ -218,13 +218,13 @@ function setPostRequestElement ($element, $value) { $eval .= implode("']['", $element); // Finish eval() command - $eval .= sprintf("'] = \"%s\";", SQL_ESCAPE($value)); + $eval .= sprintf("'] = \"%s\";", sqlEscapeString($value)); // And run it eval($eval); } elseif (is_array($value)) { // Escape element - $element = SQL_ESCAPE($element); + $element = sqlEscapeString($element); // Value is an array so set it directly $GLOBALS['raw_request']['post'][$element] = $value; @@ -233,8 +233,8 @@ function setPostRequestElement ($element, $value) { //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'element=' . $element . ',value=' . $value . ' - BEFORE!'); // Escape both - $element = SQL_ESCAPE($element); - $value = SQL_ESCAPE($value); + $element = sqlEscapeString($element); + $value = sqlEscapeString($value); // Debug message //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'element=' . $element . ',value=' . $value . ' - AFTER!'); @@ -273,7 +273,7 @@ function addAllGetRequestParameters () { // Now add all parameters foreach (getRequestArray() as $key => $value) { // Add it secured - $return .= SQL_ESCAPE($key) . '=' . SQL_ESCAPE($value) . '&'; + $return .= sqlEscapeString($key) . '=' . sqlEscapeString($value) . '&'; } // END - foreach // Remove trailing &