case 'update':
$lead_id = (isset($_REQUEST['id'])) ? filter_var( $_REQUEST['id'], FILTER_VALIDATE_INT ) : false;
$note_id = (isset($_REQUEST['note_id'])) ? filter_var( $_REQUEST['note_id'], FILTER_VALIDATE_INT ) : false;
- $note_entry = (isset($_REQUEST['note_entry'])) ? filter_var( $_REQUEST['note_entry'], FILTER_SANITIZE_STRING ) : false;
+ $note_entry
+ = (isset($_REQUEST['note_entry']))
+ ? filter_var(
+ stripslashes( $_REQUEST['note_entry'] ),
+ FILTER_SANITIZE_STRING,
+ array( 'flags' => FILTER_FLAG_NO_ENCODE_QUOTES )
+ )
+ : false;
if ( $lead_id && $note_id && $note_entry ) {
$this->wpdb->update(
GLM_MEMBERS_TRAVEL_PLUGIN_DB_PREFIX . 'lead_notes',
case 'add':
$lead_id = filter_var( $_REQUEST['id'], FILTER_VALIDATE_INT );
if ( isset( $_REQUEST['new_log'] ) && $lead_id
- && $new_note = filter_var( $_REQUEST['new_log'], FILTER_SANITIZE_STRING )
- ) {
+ && $new_note = filter_var( stripslashes( $_REQUEST['new_log'] ), FILTER_SANITIZE_STRING, array( 'flags' => FILTER_FLAG_NO_ENCODE_QUOTES ) ) ) {
$this->wpdb->insert(
GLM_MEMBERS_TRAVEL_PLUGIN_DB_PREFIX . 'lead_notes',
projects / WP-Plugins / glm-member-db-travel.git / commitdiff