Addslashes is sufficient

diff --git a/src/Infodrom/patches/update.wml b/src/Infodrom/patches/update.wml
index 261211b..11132e3 100644 (file)
--- a/src/Infodrom/patches/update.wml
+++ b/src/Infodrom/patches/update.wml
@@ -3,19 +3,10 @@
 
 <page func="Infodrom Oldenburg" title="Patches">
 
-<sql_prepare>
-
 <?
   $dbh = pg_pconnect ("<dbhost>", "<dbport>", "<dbname>")
         or die("Unable to connect to SQL server");
 
-<:
-    for $i (('subject','package','version','description','download')) {
-      printf "  \$o_%s = \$_POST[%s];\n", $i, $i;
-      printf "  \$%s = sql_prepare (\$_POST[%s]);\n", $i, $i;
-    }
-:>
-
   if ($_POST[id] > 0) {
     if ($_POST[delete] > 0) {
       $query = "DELETE FROM patches WHERE oid = $_POST[id]";
@@ -49,11 +40,11 @@
 
 ?>
 
-<h3><? echo $o_subject; ?></h3>
+<h3><? echo $subject; ?></h3>
 
-<h5><? echo $o_package . " " . $o_version; ?></h5>
+<h5><? echo $package . " " . $version; ?></h5>
 
-<b><? echo $o_description; ?></b><p>
+<b><? echo $description; ?></b><p>
 
 <b>Download:</b> <? echo $download; ?><p>