Unnessarry addslashes() and SQL_ESCAPE() removed, some added, some bigintval() added

[mailer.git] / inc / modules / admin / what-config_cats.php

diff --git a/inc/modules/admin/what-config_cats.php b/inc/modules/admin/what-config_cats.php
index 38e40127d28d0ca42d9c7ffd1b1b4ffc4f179a12..fd795ff259337216bd159d5e487a3f98cf31aecf 100644 (file)
--- a/inc/modules/admin/what-config_cats.php
+++ b/inc/modules/admin/what-config_cats.php
@@ -47,11 +47,11 @@ $CATS = "";
 if (isset($_POST['add'])) {
        // Add a new category
        $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_cats WHERE cat='%s' LIMIT 1",
-        array(addslashes($_POST['catname'])), __FILE__, __LINE__);
+               array($_POST['catname']), __FILE__, __LINE__);
        if (SQL_NUMROWS($result) == 0) {
                // Category does not exists, we simply add it...
                $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_cats (cat, visible, sort) VALUES ('%s','%s','%s')",
-                array(addslashes($_POST['catname']), $_POST['visible'], bigintval($_POST['parent'] + 1)), __FILE__, __LINE__);
+                       array($_POST['catname'], $_POST['visible'], bigintval($_POST['parent'] + 1)), __FILE__, __LINE__);
                $content = "<SPAN class=\"admin_done\">".CATEGORY_ADDED."</SPAN>";
        } else {
                // Category does already exists