From 4cfa74401cdfc5537dc232498ccaf9e13891fe3c Mon Sep 17 00:00:00 2001 From: Benjamin Sonntag Date: Thu, 5 Nov 2015 18:07:38 +0100 Subject: [PATCH] fixing missing value2 affectation --- bureau/class/variables.php | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/bureau/class/variables.php b/bureau/class/variables.php index ef47c96b..a99dc1bd 100644 --- a/bureau/class/variables.php +++ b/bureau/class/variables.php @@ -113,9 +113,11 @@ function variable_set($name, $value, $comment = null) { $err->log('variable', 'variable_set', '+' . serialize($value) . '+' . $comment . '+'); variable_init_maybe(); - + if (is_object($value) || is_array($value)) { $value2 = serialize($value); + } else { + $value2 = $value; } if (array_key_exists($name, $conf)) { $previous = $conf[$name]; @@ -125,10 +127,9 @@ function variable_set($name, $value, $comment = null) { if (!array_key_exists($name, $conf) || $value != $conf[$name]) { $conf[$name] = $value; if (empty($comment)) { - $query = "INSERT INTO variable (name, value) values ('" . $name . "', '" . addslashes($value2) . "') on duplicate key update name='$name', value='$value';"; + $query = "INSERT INTO variable (name, value) values ('" . $name . "', '" . addslashes($value2) . "') on duplicate key update name='" . $name . "', value='" . addslashes($value2) . "';"; } else { - $comment = mysql_real_escape_string($comment); - $query = "INSERT INTO variable (name, value, comment) values ('" . $name . "', '" . addslashes($value2) . "', '$comment') on duplicate key update name='$name', value='$value', comment='$comment';"; + $query = "INSERT INTO variable (name, value, comment) values ('" . $name . "', '" . addslashes($value2) . "', '$comment') on duplicate key update name='" . $name . "', value='" . addslashes($value2) . "', comment='" . addslashes($comment) . "';"; } $db->query($query); $hooks->invoke("hook_variable_set", array("name" => $name, "old" => $previous, "new" => $value));