remove unneeded escaping in label/add

This commit is contained in:
Andrew Dolgov 2005-11-20 08:21:17 +01:00
parent b6b535ca74
commit 4401bf04c3
1 changed files with 3 additions and 2 deletions

View File

@ -1202,7 +1202,7 @@
$regexp = db_escape_string(trim($_GET["regexp"])); $regexp = db_escape_string(trim($_GET["regexp"]));
$match = db_escape_string(trim($_GET["match"])); $match = db_escape_string(trim($_GET["match"]));
$result = db_query($link, $result = db_query($link,
"INSERT INTO ttrss_filters (reg_exp,filter_type,owner_uid) VALUES "INSERT INTO ttrss_filters (reg_exp,filter_type,owner_uid) VALUES
('$regexp', (SELECT id FROM ttrss_filter_types WHERE ('$regexp', (SELECT id FROM ttrss_filter_types WHERE
@ -1373,7 +1373,8 @@
if (!WEB_DEMO_MODE) { if (!WEB_DEMO_MODE) {
$exp = db_escape_string(trim($_GET["exp"])); // no escaping is done here on purpose
$exp = trim($_GET["exp"]);
$result = db_query($link, $result = db_query($link,
"INSERT INTO ttrss_labels (sql_exp,description,owner_uid) "INSERT INTO ttrss_labels (sql_exp,description,owner_uid)