if (empty($_POST['receiver'])) $_POST['receiver'] = "";
if (IS_ADMIN()) $whereStatement = "";
-// Add slashes to every value
-foreach($_POST as $key => $value)
-{
- // Skip submit buttons
- if (($key != "data") && ($key != "frametester")) $_POST[$key] = addslashes($value);
-}
-
// Minimum mails / order
define('__MIN_VALUE', $_CONFIG['order_min']);
// URL found!
$URL = URL."/modules.php?module=login&what=order&msg=".CODE_URL_FOUND;
}
- $TEST = str_replace("\n", "", str_replace("\r", "", addslashes($_POST['text'])));
+ $TEST = str_replace("\n", "", str_replace("\r", "", $_POST['text']));
if (strlen($TEST) > $_CONFIG['max_tlength'])
{
// Text is too long!
VALUES ('%s','%s','%s','%s','%s','TEMP','%s','%s','%s','%s','%s','%s')",
array(
$GLOBALS['userid'],
- addslashes($_POST['subject']),
- addslashes($_POST['text']),
+ $_POST['subject'],
+ $_POST['text'],
$RECEIVER,
bigintval($_POST['type']),
$TIME,
VALUES ('%s','%s','%s','%s','%s','TEMP','%s','%s','%s','%s','%s')",
array(
$GLOBALS['userid'],
- addslashes($_POST['subject']),
- addslashes($_POST['text']),
+ $_POST['subject'],
+ $_POST['text'],
$RECEIVER,
bigintval($_POST['type']),
$TIME,