From 0ae2316672e656ad9e241048e9bfab139db79286 Mon Sep 17 00:00:00 2001 From: Steve Sutton Date: Tue, 4 Sep 2018 12:51:04 -0400 Subject: [PATCH] Update for the notes field Get rid of extra slashes. --- models/admin/ajax/travelNotes.php | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/models/admin/ajax/travelNotes.php b/models/admin/ajax/travelNotes.php index e00e733..0a43769 100644 --- a/models/admin/ajax/travelNotes.php +++ b/models/admin/ajax/travelNotes.php @@ -85,7 +85,14 @@ class GlmMembersAdmin_ajax_travelNotes extends GlmDataTravelNotes case 'update': $lead_id = (isset($_REQUEST['id'])) ? filter_var( $_REQUEST['id'], FILTER_VALIDATE_INT ) : false; $note_id = (isset($_REQUEST['note_id'])) ? filter_var( $_REQUEST['note_id'], FILTER_VALIDATE_INT ) : false; - $note_entry = (isset($_REQUEST['note_entry'])) ? filter_var( $_REQUEST['note_entry'], FILTER_SANITIZE_STRING ) : false; + $note_entry + = (isset($_REQUEST['note_entry'])) + ? filter_var( + stripslashes( $_REQUEST['note_entry'] ), + FILTER_SANITIZE_STRING, + array( 'flags' => FILTER_FLAG_NO_ENCODE_QUOTES ) + ) + : false; if ( $lead_id && $note_id && $note_entry ) { $this->wpdb->update( GLM_MEMBERS_TRAVEL_PLUGIN_DB_PREFIX . 'lead_notes', @@ -104,8 +111,7 @@ class GlmMembersAdmin_ajax_travelNotes extends GlmDataTravelNotes case 'add': $lead_id = filter_var( $_REQUEST['id'], FILTER_VALIDATE_INT ); if ( isset( $_REQUEST['new_log'] ) && $lead_id - && $new_note = filter_var( $_REQUEST['new_log'], FILTER_SANITIZE_STRING ) - ) { + && $new_note = filter_var( stripslashes( $_REQUEST['new_log'] ), FILTER_SANITIZE_STRING, array( 'flags' => FILTER_FLAG_NO_ENCODE_QUOTES ) ) ) { $this->wpdb->insert( GLM_MEMBERS_TRAVEL_PLUGIN_DB_PREFIX . 'lead_notes', -- 2.17.1