From ce6685e33ecec553646b7294a596179f7c841fc7 Mon Sep 17 00:00:00 2001
From: wibyweb <49052850+wibyweb@users.noreply.github.com>
Date: Wed, 10 Aug 2022 02:19:02 -0400
Subject: [PATCH] Add files via upload

---
 html/feedback/index.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/html/feedback/index.php b/html/feedback/index.php
index 666cb40..a4d717f 100755
--- a/html/feedback/index.php
+++ b/html/feedback/index.php
@@ -47,14 +47,14 @@
 		  exit(); 
 		}
  
-		$feedback = str_replace("\'", "\'\'", $_POST['feedback']); //single quotes must be handled correctly
-		$feedback = str_replace("\"", "\"\"", $feedback);//double quotes must be handled correctly
-	    	//$feedback = mysqli_real_escape_string($link, $_POST['feedback']);//doesn't read back properly
+		//$feedback = str_replace("\'", "\'\'", $_POST['feedback']); //single quotes must be handled correctly
+		//$feedback = str_replace("\"", "\"\"", $feedback);//double quotes must be handled correctly
+	    $feedback = mysqli_real_escape_string($link, $_POST['feedback']);
 
 		$feedback = substr($feedback,0,8000); //don't allow user to post a longer string than 8k (also limited in form)
 
 
-		$sql = 'INSERT INTO feedback (message) VALUES ("'.$feedback.'")';
+		$sql = "INSERT INTO feedback (message) VALUES ('".$feedback."')";
 
 
 		if (!mysqli_query($link, $sql))