Hmm, apparently, we didn't quote enough.

author Joey Schulze <joey@infodrom.org>

Thu, 26 Jun 2003 19:29:42 +0000 (19:29 +0000)

committer Joey Schulze <joey@infodrom.org>

Thu, 26 Jun 2003 19:29:42 +0000 (19:29 +0000)
author Joey Schulze <joey@infodrom.org>
Thu, 26 Jun 2003 19:29:42 +0000 (19:29 +0000)
committer Joey Schulze <joey@infodrom.org>
Thu, 26 Jun 2003 19:29:42 +0000 (19:29 +0000)
diff --git a/src/LinuxTag/2003/supporter/update.wml b/src/LinuxTag/2003/supporter/update.wml

index ed398eb..4edc2bb 100644 (file)
--- a/src/LinuxTag/2003/supporter/update.wml
+++ b/src/LinuxTag/2003/supporter/update.wml
@@ -105,7 +105,7 @@
            $query = sprintf ("INSERT INTO person (name,email,project,nightplace,infomail,insurance,list,admin,"
                        ."login,password,comment) "
                        ."VALUES ('%s',%s,'%s','%s',%d,%d,%d,%d,%d,'%s','%s')",
-                      $name, $email, $project, $nightplace, $infomail, $insurance, $list,
+                      addslashes ($name), $email, $project, $nightplace, $infomail, $insurance, $list,
                        $admin, $login, strlen ($newpass)?md5 ($newpass):"", $comment);
           pg_exec ($dbh, $query) or die("Datenbank-Abfrage!");
          } else {
author	Joey Schulze <joey@infodrom.org>
	Thu, 26 Jun 2003 19:29:42 +0000 (19:29 +0000)
committer	Joey Schulze <joey@infodrom.org>
	Thu, 26 Jun 2003 19:29:42 +0000 (19:29 +0000)