function html_sanitize($str) { static $san = null; if (empty($san)) { $san = new HTML_Sanitizer(); } return $san->sanitize($str); }
} $name = $_GET['name']; $dbresult = $dbConnect->addName($name, $userId); die("Added"); break; case 2: if (!isset($_GET['n']) || !isset($_GET['a']) || !isset($_GET['mo']) || !isset($_GET['id']) || !isset($_GET['h']) || !isset($_GET['c'])) { die("invalid parameter"); } $id = $_GET['id']; $name = $_GET['n']; $author = $_GET['a']; $mods = $_GET['mo']; $hidden = $_GET['h']; $category = $_GET['c']; $description = $san->sanitize($_POST['d']); //$_GET['d']; $dbresult = $dbConnect->updateName($id, $name, $author, $mods, $description, $userId, $hidden, $category); die("Updated"); break; case 3: if (!isset($_GET['v'])) { die("invalid parameter"); } $ver = $_GET['v']; $nameId = $_GET['nId']; $dbresult = $dbConnect->addLuaVersion($ver, $nameId, $userId); echo $dbresult; die($dbresult); break; case 4: