|
|
@@ -51,6 +51,7 @@
|
|
|
}
|
|
|
|
|
|
$url = mysqli_real_escape_string($link, $_POST['url']);
|
|
|
+ $url = str_replace("''", "%27", $url);
|
|
|
//$url = str_replace("\"", "\"\"", $url); //not needed if using single quotes for query
|
|
|
$url = substr($url,0,400); //don't allow user to post a longer url than 400b (also limited in form)
|
|
|
$worksafe = mysqli_real_escape_string($link, $_POST['worksafe']);
|
wibyweb