summary refs log tree commit diff stats
path: root/includes
diff options
context:
space:
mode:
Diffstat (limited to 'includes')
-rwxr-xr-xincludes/functions.php4
1 files changed, 2 insertions, 2 deletions
diff --git a/includes/functions.php b/includes/functions.php index 881bfd1..7c06077 100755 --- a/includes/functions.php +++ b/includes/functions.php
@@ -115,7 +115,7 @@ function postBlogPost($title,$author,$tags,$content)
115{ 115{
116 $slug = generateSlug($title,'updates'); 116 $slug = generateSlug($title,'updates');
117 117
118 $inspost = "INSERT INTO updates (title,slug,author,text) VALUES (\"" . $title . "\",\"" . $slug . "\",\"" . $author . "\",\"" . addslashes($content) . "\")"; 118 $inspost = "INSERT INTO updates (title,slug,author,text) VALUES (\"" . $title . "\",\"" . $slug . "\",\"" . $author . "\",\"" . mysql_real_escape_string($content) . "\")";
119 $inspost2 = mysql_query($inspost); 119 $inspost2 = mysql_query($inspost);
120 120
121 $id = mysql_insert_id(); 121 $id = mysql_insert_id();
@@ -284,7 +284,7 @@ if (!function_exists('unique_id'))
284 284
285function displayRelated($title, $avoid = 0) 285function displayRelated($title, $avoid = 0)
286{ 286{
287 $getrelated = "SELECT *, MATCH (title, text) AGAINST (\"" . addslashes($title) . "\") AS score FROM updates WHERE MATCH (title, text) AGAINST (\"" . addslashes($title) . "\") AND id <> " . $avoid . " LIMIT 0,5"; 287 $getrelated = "SELECT *, MATCH (title, text) AGAINST (\"" . mysql_real_escape_string($title) . "\") AS score FROM updates WHERE MATCH (title, text) AGAINST (\"" . mysql_real_escape_string($title) . "\") AND id <> " . $avoid . " LIMIT 0,5";
288 $getrelated2 = mysql_query($getrelated); 288 $getrelated2 = mysql_query($getrelated);
289 $i=0; 289 $i=0;
290 while ($getrelated3[$i] = mysql_fetch_array($getrelated2)) 290 while ($getrelated3[$i] = mysql_fetch_array($getrelated2))