Patch for /trunk/php-calendar/includes/util.php

ratikanta / php-calendar

Automatically exported from code.google.com/p/php-calendar

0 stars 0 forks source link

Patch for /trunk/php-calendar/includes/util.php #96

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago

holy crap.

Original issue reported on code.google.com by brandonk...@gmail.com on 14 Jul 2012 at 5:02

Attachments:

util.php.patch

GoogleCodeExporter commented 9 years ago

Holy crap, someone is melodramatic. Did you even try this patch? It throws up a 
bunch of warnings. We're not even using the mysql extension. Also, that would 
give inconsistent behavior depending on whether magic quotes is on or not. I 
committed a different change. The DB character set is utf8 anyway, which 
addslashes is not vulnerable with. I guess it's worth changing anyway, in case 
that changes in the future.

Original comment by sproctor@gmail.com on 14 Jul 2012 at 4:33

GoogleCodeExporter commented 9 years ago

Original comment by sproctor@gmail.com on 16 Jul 2012 at 12:38

Changed state: Fixed