Several fixes for template engine, JavaScripts, etc.

[mailer.git] / inc / libs / sponsor_functions.php

diff --git a/inc/libs/sponsor_functions.php b/inc/libs/sponsor_functions.php
index 51d3510e97c238cb4cb390f9a323226289d4f159..e1ee608916770ba0303e98025d3b187d3829016b 100644 (file)
--- a/inc/libs/sponsor_functions.php
+++ b/inc/libs/sponsor_functions.php
@@ -175,10 +175,12 @@ function handlSponsorRequest (&$postData, $update=false, $messageArray=array(),
                                $OUT = '';
                                foreach ($postData as $k => $v) {
                                        // Do not add 'force' !
-                                       if ($k != "force") {
-                                               $OUT .= "<input type=\"hidden\" name=\"".$k."\" value=\"".stripslashes($v)."\" />\n";
-                                       }
-                               }
+                                       if ($k != 'force') {
+                                               $OUT .= "<input type=\"hidden\" name=\"" . SQL_ESCAPE($k) . "\" value=\"" . SQL_ESCAPE($v) . "\" />\n";
+                                       } // END - if
+                               } // END - foreach
+
+                               // Remember data
                                $content['hidden'] = $OUT;
                                $content['email']  = $postData['email'];